After I upgraded to udev-056 the device /dev/capi20 is created with the permissions 0600 root:root 50-udev.permissions gives following line for capi: capi*:root:tty:0660 This is ignored completly. I checked /etc/security/console.perms but capi is not included there. Reproducible: Always Steps to Reproduce: 1. upgraded udev from 045 to 056 2. merged new configs with etc-update (no changes done before) 3. rebooting Actual Results: Capi20 Device with following permissions: crw-rw---- 1 root root 68, 0 13. Mai 00:36 capi20 Expected Results: Permissions like in permissions.d crw-rw---- 1 root tty 68, capi20 Everything worked with udev-045. fcpci and capi are marked stable. No testing packages on the system.
I already send a patch for this to the linux-hotplug-devel list. Unfortunately I did not get an answer and it was not applied :( http://thread.gmane.org/gmane.linux.hotplug.devel/7718 I think the group should be dialout, as capi20 is used for dialing.
But does changing the group from tty to dialout solve the problem? I wonder why the configuration of udev is ignored for this device and devices like /dev/isdn1 are set to root:dialout but permissions.d of udev says this: isdn*:root:tty:0660 isdnctrl*:root:tty:0660 capi*:root:tty:0660 I forgot to mention that I switched from devfsd to udev on the system three month ago. Maybe this is a reason?
permissions.d is obsolete and no longer interpreted by udev, you do better removing it to avoid confusion :)
Yep, thanks for this advice. It gave me the hint to look deeper into rules.d and I now extended the capi entries to group dialout there. I degraded the Severity since I think the package udev-054 should warn that the permissions.d is obsolete and rules.d must be used :)
Comment #4: Maybe you should have a look at the ChangeLog? :-)
You mean this? o initial merge of fedora udev.permissions into udev.rules o remove permissions file mentioning from the udev man page I saw it but did not link it to the problem I had and portage only mentioned: "If you are upgrading from a version of udev prior to 046" and you rely on the output of udevinfo for anything, please" either run 'udevstart' now, or reboot, in order to get a" up-to-date udev database."
No, I mean: <snip> *udev-051 (03 Feb 2005) 03 Feb 2005; Greg Kroah-Hartman <gregkh@gentoo.org> +files/udev.conf.post_050, +udev-051.ebuild: update to 051 release. This fixes (or should) the firmware oops. Also, please note that the .permissions files are now gone! If you had custom ones in the past, you need to move that logic into the .rules files (if not, you'll just get root only access to the devices, so it's not a security issue...) </snip>
Oh, I was looking into the changelog of udev :( But I still think portage should mention it during the upgrade and the standard group of capi20 should be tty or dialout in default.
No one reads portage messages, or changelog entries, so I can't win :) I'll apply this patch to the upstream tree and it will make it in here eventually.
@gregkh: I am afraid that we really need the ewarn - see Bug 92560.
The main problem is in my view that the new ruleset from 056 does not use the same default settings like the permissions.d had. I never changed the permissions on my own used the default settings always. Was there a reason to change the group of capidevices from tty to root?
I never changed the capi device permission, did I? And yes, I should add a ewarn, will do so next release.
Can you please really fix this in your next udev release? This is a bug and I provided a fix for it .. Look there if you forgot it: http://thread.gmane.org/gmane.linux.hotplug.devel/7718
Done, will be in the next release.