Hi, after updateing my both gentoo Systems (x86 and amd64) to the current portage I have problems with my digicam. Only access possible as root user. Both systems run udev instead of devfs. I found out, that the problem occurs after the update from pam-0.77-r6 to pam-0.78-r2. The new version have some new USE-Flags. I test the pam_console USE-Flag and configured hotplug which is described in the /etc/hotplug/usb/usbcam and README of pam_console. But also no success. I don't know if this is a BUG. I sure this problem is the pam update, because I try it on my second gentoo system (amd64). Hopefully you can help me to get the digicam device accessable for normal user accounts. P.S. a (German) thread in our gentoo forum where open: http://forums.gentoo.org/viewtopic-t-360032.html Thx, Ben Reproducible: Always Steps to Reproduce: 1. Update to pam-0.78-r2 2. Attach digicam 3. start digikam (KDE) and try to get access without root-rights 4. take a look in /proc/bus/usb/wehre your device is 5. ls -l shows that only root get access Actual Results: Only manually possible by change the rights with: chmod -R 777 /proc/bus/usb/ This works until your next reboot. Not a good workaround, but it works. Expected Results: pam should set device rights for the current user not only for root. emerge --info of my amd64 system: Portage 2.0.51.22-r1 (default-linux/amd64/2005.0, gcc-3.4.3, glibc-2.3.4.20041102-r1, 2.6.11-gentoo-r11 x86_64) ================================================================= System uname: 2.6.11-gentoo-r11 x86_64 AMD Athlon(tm) 64 Processor 3500+ Gentoo Base System version 1.6.12 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] dev-lang/python: 2.3.5 sys-apps/sandbox: 1.2.10 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.5 sys-devel/binutils: 2.15.92.0.2-r10 sys-devel/libtool: 1.5.16 virtual/os-headers: 2.6.8.1-r4 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O3 -march=athlon64" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O3 -march=athlon64" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks sandbox sfperms strict" GENTOO_MIRRORS="http://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo" LINGUAS="de" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="amd64 X alsa arts avi berkdb bitmap-fonts cdr crypt cups curl dvdr eds encode esd fam flac foomaticdb fortran gd gdbm gif gnome gphoto2 gpm gtk gtk2 imagemagick imlib ipv6 java jpeg kde ldap libwww lzw lzw-tiff mad mikmod motif mozilla mp3 mpeg ncurses nls ogg opengl oss pam pdflib perl php png python qt quicktime readline scanner sdl slang spell ssl tcpd tiff truetype-fonts type1-fonts usb userlocales video vorbis xine xml2 xmms xpm xv zlib linguas_de userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, MAKEOPTS, PORTDIR_OVERLAY
Do you *really* need pam_console? If not, then I'd strongly suggest avoiding it. You can easily test if that is the problem by recompiling pam without pam_console support.
Hi Jakub, <Do you *really* need pam_console? I'm not shure...I only need access as normal user to usb devices. In this case my digicam. <If not, then I'd strongly suggest avoiding it. <You can easily test if that is the problem by recompiling pam without <pam_console support. I try pam_console but without success. No I recompiled pam without the USE-Flag. But also no succes. The usb device get by default root-accees-rights. With the old pam version it works fine. Thx, Ben
Are you using media-libs/libgphoto2?
it is installed, but I never used entries in /etc/hotplug/usb.usermap. It works without any configuration (on amd64 and x86) before.
(In reply to comment #4) > it is installed, but I never used entries in /etc/hotplug/usb.usermap. It works > without any configuration (on amd64 and x86) before. I don't quite understand. Does your digital camera use gphoto2 or is it mass storage device?
> I don't quite understand. Does your digital camera use gphoto2 or is it mass > storage device? I connect using digikam and auto-detect function - this should be gphoto2. I don't use mass storage device for my digicam.
Reopen...
I just try to downgrade to pam-0.77-r6 and cracklib-2.7-r11 usind package.mask. But I wont run like before. The generated device only accessable as root. Hopefully you can help. Thx, Ben
I am going to assume udev issue .. what version of udev do you have installed?
udevinfo, version 058
Crap, I think its the usbfs stuff Mike added back recently? Can you try with baselayout-1.11.13 ?
For me it works with the following combination: [ebuild R ] media-gfx/digikam-0.7.3 -arts -debug -kdeenablefinal -xinerama [ebuild R ] media-libs/libgphoto2-2.1.6 -doc +exif +jpeg +nls -nousb [ebuild R ] sys-fs/udev-063 (-selinux) -static [ebuild R ] sys-apps/baselayout-1.11.13 -bootstrap -build -static -unicode [ebuild R ] sys-libs/pam-0.78-r2 +berkdb -nis -pam_chroot -pam_console -pam_timestamp -pwdb (-selinux) [ebuild R ] sys-apps/hotplug-20040923 I'm on ~amd64 and did the following steps to access my digicam as user: 1. /usr/lib/libgphoto2/print-usb-usermap >> /etc/hotplug/usermap 2. Had to edit /etc/hotplug/usb/usbcam to don't use pam_console lock files, commented out everything and only wrote if [ "${ACTION}" = "add" ] && [ -f "${DEVICE}" ] then chgrp video "${DEVICE}" chmod a+rw "${DEVICE}" fi into the usbcam file. I suggest to change the ebuild to don't use pam_console either since it's not enabled by default in gentoo. 3. Restarted hotplug /etc/init.d/hotplug restart
or maybe this is the usbfs issue ... try this: - add yourself to the usb group: `gpasswd -a <USER> usb` - umount /proc/bus/usb - mount -t usbfs usbfs /proc/bus/usb -o devmode=0664,devgid=85 then see if you can do it as non-root ... you will have to login / logout to make sure your group info is updated
Reverted the /etc/hotplug/usb/usbcam file from my changes and tested the three steps you provided, it works that way!
i see by your `emerge info` you're running baselayout-1.11.12 i just checked baselayout-1.11.13 and it should have this fix
<Crap, I think its the usbfs stuff Mike added back recently? Can you try with <baselayout-1.11.13 ? I upgraded baselayout, but also no success. @Timo Gurr: I follow you steps but the digicam can't readable as normal user. # ls -l /proc/bus/usb/004 total 0 -rw-r--r-- 1 root root 43 Jul 17 20:41 001 -rw-r--r-- 1 root root 57 Jul 17 21:04 003 <Reverted the /etc/hotplug/usb/usbcam file from my changes and tested the three <steps you provided, it works that way! It won't work on my system. Something goes wrong. <i see by your `emerge info` you're running baselayout-1.11.12 <i just checked baselayout-1.11.13 and it should have this fix I am now on baselayout 1.11.13. Below the emerge --info of my updated amd64 system: # emerge --info Portage 2.0.51.22-r1 (default-linux/amd64/2005.0, gcc-3.4.3, glibc-2.3.5-r0, 2.6.11-gentoo-r11 x86_64) ================================================================= System uname: 2.6.11-gentoo-r11 x86_64 AMD Athlon(tm) 64 Processor 3500+ Gentoo Base System version 1.6.13 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] dev-lang/python: 2.3.5 sys-apps/sandbox: 1.2.10 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.5 sys-devel/binutils: 2.15.92.0.2-r10 sys-devel/libtool: 1.5.18-r1 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O3 -march=athlon64" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/splash /etc/terminfo /etc/env.d" CXXFLAGS="-O3 -march=athlon64" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks sandbox sfperms strict" GENTOO_MIRRORS="http://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo" LINGUAS="de" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="amd64 X alsa arts avi berkdb bitmap-fonts cdr crypt cups curl dvdr eds encode esd fam flac foomaticdb fortran gd gdbm gif gnome gphoto2 gpm gtk gtk2 imagemagick imlib ipv6 java jpeg kde ldap libwww lzw lzw-tiff mad mikmod motif mozilla mp3 mpeg ncurses nls ogg opengl oss pam pdflib perl php png python qt quicktime readline scanner sdl slang spell ssl tcpd tiff truetype-fonts type1-fonts usb userlocales video vorbis xine xml2 xmms xpm xv zlib linguas_de userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, MAKEOPTS, PORTDIR_OVERLAY
(In reply to comment #13) > or maybe this is the usbfs issue ... > > try this: > - add yourself to the usb group: `gpasswd -a <USER> usb` > - umount /proc/bus/usb > - mount -t usbfs usbfs /proc/bus/usb -o devmode=0664,devgid=85 > > then see if you can do it as non-root ... you will have to login / logout to > make sure your group info is updated - I'm member of group "usb" - $ umount /proc/bus/usb umount: /proc/bus/usb is not in the fstab (and you are not root) - can't try
(In reply to comment #15) > i just checked baselayout-1.11.13 and it should have this fix Works for me. Thanks for the info.
the bug ist still unsolved for me. I upgraded to the masked by keyword packages suggested from Timo Gurr. See below: [ebuild R ] sys-apps/hotplug-20040923 0 kB [ebuild R ] sys-apps/baselayout-1.11.13 -bootstrap -build -static -unicode 0 kB [ebuild R ] sys-libs/pam-0.78-r2 +berkdb -nis -pam_chroot -pam_console -pam_timestamp -pwdb (-selinux) 0 kB [ebuild R ] sys-fs/udev-063 (-selinux) -static 0 kB [ebuild R ] media-gfx/digikam-0.7.3 +arts -debug -kdeenablefinal -xinerama 0 kB [ebuild R ] media-libs/libgphoto2-2.1.6 -doc -exif +jpeg +nls -nousb 0 kB Than I created the /etc/hotplug/usermap and edited /etc/hotplug/usb/usbcam. But also no success. I try the suggestion of SpanKY (unmount and re-mount of usbfs). Than all usb devices get the read/write rights for the group usb. But after the next restart I must manually unmount and re-mount /proc/bus/usb. This can't be the solution. Now I am on baselayout 1.11.13. Whats go wrong? Hopefully you can help me to get it usbfs worked on my maschine, like before. Thx, Ben Below my current emerge --info: emerge --info Portage 2.0.51.22-r1 (default-linux/amd64/2005.0, gcc-3.4.3, glibc-2.3.5-r0, 2.6.12-gentoo-r4 x86_64) ================================================================= System uname: 2.6.12-gentoo-r4 x86_64 AMD Athlon(tm) 64 Processor 3500+ Gentoo Base System version 1.6.13 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] dev-lang/python: 2.3.5 sys-apps/sandbox: 1.2.10 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.5 sys-devel/binutils: 2.15.92.0.2-r10 sys-devel/libtool: 1.5.18-r1 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O3 -march=athlon64" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/splash /etc/terminfo /etc/env.d" CXXFLAGS="-O3 -march=athlon64" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks sandbox sfperms strict" GENTOO_MIRRORS="http://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo" LINGUAS="de" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="amd64 X alsa arts avi berkdb bitmap-fonts cdr crypt cups curl dvdr eds encode esd fam flac foomaticdb fortran gd gdbm gif gnome gphoto2 gpm gtk gtk2 imagemagick imlib ipv6 java jpeg kde ldap libwww lzw lzw-tiff mad mikmod motif mozilla mp3 mpeg ncurses nls ogg opengl oss pam pdflib perl php png python qt quicktime readline scanner sdl slang spell ssl tcpd tiff truetype-fonts type1-fonts usb userlocales video vorbis xine xml2 xmms xpm xv zlib linguas_de userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, MAKEOPTS, PORTDIR_OVERLAY
if you read /etc/init.d/localmount you'll see that it attempts to mount usbfs as the usb group if one is found what does this show on your system: awk -F: '/^usb:/{print $3; exit}' /etc/group
> what does this show on your system: > awk -F: '/^usb:/{print $3; exit}' /etc/group Below the output # awk -F: '/^usb:/{print $3; exit}' /etc/group 85
Try this: # CONFIG_PROTECT_MASK=/etc/init.d emerge --oneshot baselayout # umount /proc/bus/usb # /etc/init.d/localmount pause start If still not working, attach your /etc/init.d/localmount.
(In reply to comment #22) > Try this: > > # CONFIG_PROTECT_MASK=/etc/init.d emerge --oneshot baselayout > # umount /proc/bus/usb > # /etc/init.d/localmount pause start After typing the three commands all usb devices are mounted inlude read/write rights for the group "usb". It works on boths systems - x86 & amd64. Many thanks to all of you. On additional quesiton: I'm not sure if this issue occurs because a bug in baselayout, missconfigured system or something else. May be you can answer this question. Thx, Ben
Its portage that do not update the init scripts for some reason (wonder if its the config protect stuff .. used to do some weird stuff with $Header: $).
Thanks you for the detailled description about this portage issue.
