On 07/03/14 21:39, Ian Stakenvicius wrote: > On 07/03/14 02:17 PM, Samuli Suominen wrote: > > - sys-fs/udev leaves it to root:root as: > > > KERNEL=="rfkill", MODE="0664" > > > - third party packages like mate-bluetooth, gnome-bluetooth install > > both their own udev .rules to adjust /dev/rfkill to plugdev: > > > KERNEL=="rfkill", GROUP="plugdev", MODE="0664" > > > So I'd like to propose some unification: > > > I don't have a system with /dev/rfkill unfortunately to test this, > > but I believe we should add this to 40-gentoo.rules and create > > group 'rfkill': > > > SUBSYSTEM=="rfkill", GROUP="rfkill", MODE="0664" > > > And this line would go as /lib/udev/rules.d/70-gentoo-acl.rules (as > > the original filename in upstream ConsoleKit is > > 70-udev-acl.rules): > > > SUBSYSTEM=="rfkill", TAG+="udev-acl" > > > > > As the other per-package rules already setting GROUP= are providing > an understandable legacy behaviour (iirc membership in plugdev is > still the de-facto way to provide access rights when no consolekit or > similar control method is installed), I wonder if we can skip the > group assignment. > > - From what I know about ACL's, the 70-gentoo-acl.rules would still work > fine even if the group remains ":root". > > Thoughts? >
I'm okay with leaving it as 'root' for now, since I haven't yet implemented my splitted "plugdev" idea: I've been waiting for the day PolicyKit upstream does something stupid like makes it work only with systemd-logind, so that ConsoleKit is no-op other than udev-acl still working If and when that happens, I doubt many would want ConsoleKit installed at all I've thought about this a lot, and the best contigency plan I've come up with is to ship vendor based PolicyKit .rules files for _split_ plugdev behavior, groups like ArchLinux has: 'power' for upower and related 'network' for networkmanager and related, and this is likely where 'rfkill' would belong then too 'storage' for udisks and related
