X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=extras%2Fudev-acl%2F70-acl.rules;h=785b00f8abbdbd4f3a059e842951e0484b872c9e;hp=f135bff75cab0e8114baee70a8be6c2682fd372f;hb=53c5ceff0880279014b7c417d73322f6a266c551;hpb=4fe41ac874afab5d152aff151cba896817a2ab1f diff --git a/extras/udev-acl/70-acl.rules b/extras/udev-acl/70-acl.rules index f135bff75..785b00f8a 100644 --- a/extras/udev-acl/70-acl.rules +++ b/extras/udev-acl/70-acl.rules @@ -1,58 +1,71 @@ # do not edit this file, it will be overwritten on update +# Do not use TAG+="udev-acl" outside of this file. This variable is private to +# udev-acl of this udev release and may be replaced at any time. + ENV{MAJOR}=="", GOTO="acl_end" -ENV{ACL_MANAGE}=="0", GOTO="acl_end" -ACTION!="add|change", GOTO="acl_apply" +ACTION=="remove", GOTO="acl_apply" # PTP/MTP protocol devices, cameras, portable media players SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="", ENV{DEVTYPE}=="usb_device", IMPORT{program}="usb_id --export %p" -SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="udev-acl" # digicams with proprietary protocol -ENV{ID_GPHOTO2}=="*?", ENV{ACL_MANAGE}="1" - -# SCSI scanners -KERNEL=="sg[0-9]*", ATTRS{type}=="6", ENV{ACL_MANAGE}="1" -KERNEL=="sg[0-9]*", ATTRS{type}=="3", ATTRS{vendor}=="HP|EPSON|Epson", ENV{ACL_MANAGE}="1" +ENV{ID_GPHOTO2}=="*?", TAG+="udev-acl" -# USB scanners -ENV{libsane_matched}=="yes", ENV{ACL_MANAGE}="1" +# SCSI and USB scanners +ENV{libsane_matched}=="yes", TAG+="udev-acl" # HPLIP devices (necessary for ink level check and HP tool maintenance) -ENV{ID_HPLIP}=="1", ENV{ACL_MANAGE}="1" +ENV{ID_HPLIP}=="1", TAG+="udev-acl" # optical drives -SUBSYSTEM=="block", ENV{ID_CDROM}=="1", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="block", ENV{ID_CDROM}=="1", TAG+="udev-acl" # sound devices -SUBSYSTEM=="sound", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="sound", TAG+="udev-acl" # sound jack-sense -SUBSYSTEM=="input", SUBSYSTEMS=="sound", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="input", SUBSYSTEMS=="sound", TAG+="udev-acl" +# ffado is an userspace driver for firewire sound cards +SUBSYSTEM=="firewire", ENV{ID_FFADO}=="1", TAG+="udev-acl" # webcams, frame grabber, TV cards -SUBSYSTEM=="video4linux", ENV{ACL_MANAGE}="1" -SUBSYSTEM=="dvb", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="video4linux", TAG+="udev-acl" +SUBSYSTEM=="dvb", TAG+="udev-acl" -# fingerprint readers -SUBSYSTEM=="usb", ATTR{idVendor}=="0483", ATTR{idProduct}=="2016", ENV{ACL_MANAGE}="1" +# IIDC devices: industrial cameras and some webcams +SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x00010*", TAG+="udev-acl" +SUBSYSTEM=="firewire", ATTR{units}=="*0x00b09d:0x00010*", TAG+="udev-acl" +# AV/C devices: camcorders, set-top boxes, TV sets, audio devices, and more +SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="udev-acl" +SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="udev-acl" # DRI video devices -SUBSYSTEM=="drm", KERNEL=="card*", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="drm", KERNEL=="card*", TAG+="udev-acl" # KVM -SUBSYSTEM=="misc", KERNEL=="kvm", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="udev-acl" # smart-card readers -ENV{ID_SMARTCARD_READER}=="*?", ENV{ACL_MANAGE}="1" +ENV{ID_SMARTCARD_READER}=="*?", TAG+="udev-acl" + +# PDA devices +ENV{ID_PDA}=="*?", TAG+="udev-acl" # joysticks -SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", ENV{ACL_MANAGE}="1" +SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", TAG+="udev-acl" + +# color measurement devices +ENV{COLOR_MEASUREMENT_DEVICE}=="*?", TAG+="udev-acl" + +# DDC/CI device, usually high-end monitors such as the DreamColor +ENV{DDC_DEVICE}=="*?", TAG+="udev-acl" -# smart phones -SUBSYSTEM=="usb", ATTR{idVendor}=="0bb4", ATTR{idProduct}=="0c02", ENV{ACL_MANAGE}="1" +# media player raw devices (for user-mode drivers, Android SDK, etc.) +SUBSYSTEM=="usb", ENV{ID_MEDIA_PLAYER}=="?*", TAG+="udev-acl" # apply ACL for all locally logged in users -LABEL="acl_apply", ENV{ACL_MANAGE}=="?*", TEST=="/var/run/ConsoleKit/database", \ +LABEL="acl_apply", TAG=="udev-acl", TEST=="/var/run/ConsoleKit/database", \ RUN+="udev-acl --action=$env{ACTION} --device=$env{DEVNAME}" LABEL="acl_end"