X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=extras%2Fudev-acl%2F70-acl.rules;h=8300ec26d420d0983a785c523a532e5bd14cc362;hb=9fa68615bb0315501625c6cde3f3077257c740e7;hp=f135bff75cab0e8114baee70a8be6c2682fd372f;hpb=4fe41ac874afab5d152aff151cba896817a2ab1f;p=elogind.git diff --git a/extras/udev-acl/70-acl.rules b/extras/udev-acl/70-acl.rules index f135bff75..8300ec26d 100644 --- a/extras/udev-acl/70-acl.rules +++ b/extras/udev-acl/70-acl.rules @@ -1,58 +1,77 @@ # do not edit this file, it will be overwritten on update +# Do not use TAG+="udev-acl" outside of this file. This variable is private to +# udev-acl of this udev release and may be replaced at any time. + ENV{MAJOR}=="", GOTO="acl_end" -ENV{ACL_MANAGE}=="0", GOTO="acl_end" -ACTION!="add|change", GOTO="acl_apply" +ACTION=="remove", GOTO="acl_apply" # PTP/MTP protocol devices, cameras, portable media players SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="", ENV{DEVTYPE}=="usb_device", IMPORT{program}="usb_id --export %p" -SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="udev-acl" # digicams with proprietary protocol -ENV{ID_GPHOTO2}=="*?", ENV{ACL_MANAGE}="1" +ENV{ID_GPHOTO2}=="*?", TAG+="udev-acl" # SCSI scanners -KERNEL=="sg[0-9]*", ATTRS{type}=="6", ENV{ACL_MANAGE}="1" -KERNEL=="sg[0-9]*", ATTRS{type}=="3", ATTRS{vendor}=="HP|EPSON|Epson", ENV{ACL_MANAGE}="1" +KERNEL=="sg[0-9]*", ATTRS{type}=="6", TAG+="udev-acl" +KERNEL=="sg[0-9]*", ATTRS{type}=="3", ATTRS{vendor}=="HP|EPSON|Epson", TAG+="udev-acl" # USB scanners -ENV{libsane_matched}=="yes", ENV{ACL_MANAGE}="1" +ENV{libsane_matched}=="yes", TAG+="udev-acl" # HPLIP devices (necessary for ink level check and HP tool maintenance) -ENV{ID_HPLIP}=="1", ENV{ACL_MANAGE}="1" +ENV{ID_HPLIP}=="1", TAG+="udev-acl" # optical drives -SUBSYSTEM=="block", ENV{ID_CDROM}=="1", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="block", ENV{ID_CDROM}=="1", TAG+="udev-acl" # sound devices -SUBSYSTEM=="sound", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="sound", TAG+="udev-acl" # sound jack-sense -SUBSYSTEM=="input", SUBSYSTEMS=="sound", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="input", SUBSYSTEMS=="sound", TAG+="udev-acl" # webcams, frame grabber, TV cards -SUBSYSTEM=="video4linux", ENV{ACL_MANAGE}="1" -SUBSYSTEM=="dvb", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="video4linux", TAG+="udev-acl" +SUBSYSTEM=="dvb", TAG+="udev-acl" + +# IIDC devices: industrial cameras and some webcams +SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x00010*", TAG+="udev-acl" +# AV/C devices: camcorders, set-top boxes, TV sets, audio devices, and more +SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="udev-acl" + +# old style firewire devices +KERNEL=="dv1394-[0-9]*", TAG+="udev-acl" +KERNEL=="video1394-[0-9]*", TAG+="udev-acl" # fingerprint readers -SUBSYSTEM=="usb", ATTR{idVendor}=="0483", ATTR{idProduct}=="2016", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="usb", ATTR{idVendor}=="0483", ATTR{idProduct}=="2016", TAG+="udev-acl" + +# GPS devices + # Garmin GPSMap 60 +SUBSYSTEM=="usb", ATTR{idVendor}=="091e", ATTR{idProduct}=="0003", TAG+="udev-acl" + # DRI video devices -SUBSYSTEM=="drm", KERNEL=="card*", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="drm", KERNEL=="card*", TAG+="udev-acl" # KVM -SUBSYSTEM=="misc", KERNEL=="kvm", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="udev-acl" # smart-card readers -ENV{ID_SMARTCARD_READER}=="*?", ENV{ACL_MANAGE}="1" +ENV{ID_SMARTCARD_READER}=="*?", TAG+="udev-acl" # joysticks -SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", TAG+="udev-acl" # smart phones -SUBSYSTEM=="usb", ATTR{idVendor}=="0bb4", ATTR{idProduct}=="0c02", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="usb", ATTR{idVendor}=="0bb4", ATTR{idProduct}=="0c02", TAG+="udev-acl" + +# color measurement devices +ENV{COLOR_MEASUREMENT_DEVICE}=="*?", TAG+="udev-acl" # apply ACL for all locally logged in users -LABEL="acl_apply", ENV{ACL_MANAGE}=="?*", TEST=="/var/run/ConsoleKit/database", \ +LABEL="acl_apply", TAG=="udev-acl", TEST=="/var/run/ConsoleKit/database", \ RUN+="udev-acl --action=$env{ACTION} --device=$env{DEVNAME}" LABEL="acl_end"