Package: systemd Version: 230-2 Severity: normal Dear Maintainer,
The behaviour of debian is currently quite confusing, if you want do set the permission of a device node, for which on-demand loading is in effect. Let's take uinput as an example. Assume you want it to be accessible by the input group. So you could add the following udev rule: KERNEL=="uinput", GROUP="input" But after booting you might get this: > ls -l /dev/uinput crw------- 1 root root 10, 223 Jun 13 10:49 /dev/uinput The udev rule has not been applied yet, as the uinput module is not loaded. Instead the creation of this node has been take care of by kmod-static-nodes.service and systemd-tmpfiles-setup-dev.service. These services cause the permissions to be set as above. So you can only access uinput as root. But if you do, this is what happens: > touch /dev/uinput > ls -l /dev/uinput crw-rw---- 1 root input 10, 223 Jun 13 11:04 /dev/uinput The access to /dev/uinput has triggered the on-demand load of the uinput module and therby the udev rule was applied resulting in the new node permission you can see above. The situation is not satisfactory either, if you didn't want to use an udev rule and just set the permissions temporarily by calling chgrp and chmod, while the module uinput has not been loaded yet. The directly after the first access to uinput the permissions are reverted back, as for example here: > touch /dev/uinput > ls -l /dev/uinput crw-rw---- 1 root input 10, 223 Jun 13 11:04 /dev/uinput One work around is to not make use of on-deman loading and load the uinput module at boot time or explicitely before first use. Another work around would be to copy /run/tmpfiles.d/kmod.conf (which was created by kmod-static-nodes.service) to /etc/tmpfiles.d/kmod.conf and edit the permissions to one's need. The configuration in /etc/... then overrides the one in /run/... Thus, the device node would have the desired permissions immediately after booting. But if the permissions should not be changed, when on-demand loading occurs, the permissions must also be set in the corresponding udev rule. So we have to set the same permissions in two different places. I think there should be one place, where the permissions of device node can be configures and which will be respected both by the creation of the nodes at boot time and later when loading the module. -- Package-specific info: -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (1001, 'testing'), (500, 'testing-updates'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, armhf Kernel: Linux 4.5.0-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd depends on: ii adduser 3.114 ii libacl1 2.2.52-3 ii libapparmor1 2.10-4 ii libaudit1 1:2.4.5-1+b1 ii libblkid1 2.27.1-6 ii libc6 2.21-9 ii libcap2 1:2.24-12 ii libcap2-bin 1:2.24-12 ii libcryptsetup4 2:1.7.0-2 ii libgcrypt20 1.7.0-2 ii libgpg-error0 1.21-2 ii libkmod2 21-1 ii liblzma5 5.1.1alpha+20120614-2.1 ii libmount1 2.27.1-6 ii libpam0g 1.1.8-3.2 ii libseccomp2 2.3.0-1 ii libselinux1 2.4-3+b1 ii libsystemd0 230-2 ii mount 2.27.1-6 ii util-linux 2.27.1-6 Versions of packages systemd recommends: ii dbus 1.10.8-1 ii libpam-systemd 230-2 Versions of packages systemd suggests: pn systemd-container <none> pn systemd-ui <none> Versions of packages systemd is related to: ii udev 229-3 -- Configuration Files: /etc/systemd/timesyncd.conf changed [not included] -- no debconf information _______________________________________________ Pkg-systemd-maintainers mailing list Pkg-systemd-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers
