| Summary: | sys-apps/gradm - Change udev actions in patches and ebuild | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Marvin Vek <laen> |
| Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
| Status: | RESOLVED WONTFIX | ||
| Severity: | minor | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: | [PATCH] Change udev actions in patches and ebuild | ||
|
Description
Marvin Vek
2013-02-18 12:56:07 UTC
Created attachment 339240 [details, diff]
[PATCH] Change udev actions in patches and ebuild
(In reply to comment #1) > Created attachment 339240 [details, diff] [details, diff] > [PATCH] Change udev actions in patches and ebuild udevadm trigger --action=add --sysname-match=grsec does not create /dev/grsec anymore. Try it. I'm going to remove that from the next rev bump. Can you test for me at your end and see if I'm right on this point. (In reply to comment #2) > udevadm trigger --action=add --sysname-match=grsec does not create > /dev/grsec anymore. Try it. I'm going to remove that from the next rev > bump. Can you test for me at your end and see if I'm right on this point. Still have a machine booting with udev, was able to try (and I'm afraid I can't confirm your expectations): # rm /dev/grsec # file /dev/grsec /dev/grsec: ERROR: cannot open `/dev/grsec' (No such file or directory) # udevadm trigger --action=add --sysname-match=grsec # file /dev/grsec /dev/grsec: character special (In reply to comment #3) > (In reply to comment #2) > > udevadm trigger --action=add --sysname-match=grsec does not create > > /dev/grsec anymore. Try it. I'm going to remove that from the next rev > > bump. Can you test for me at your end and see if I'm right on this point. > > Still have a machine booting with udev, was able to try (and I'm afraid I > can't confirm your expectations): > > # rm /dev/grsec > # file /dev/grsec > /dev/grsec: ERROR: cannot open `/dev/grsec' (No such file or directory) > # udevadm trigger --action=add --sysname-match=grsec > # file /dev/grsec > /dev/grsec: character special What version of udev? (In reply to comment #4) > What version of udev? That was 171-r9. Release 171-r10 that I just installed pulled in sys-apps/makedev-3.23.1 and sys-fs/static-dev-0.1, but that yielded the same result. Now, release sys-fs/udev-197-r8 (build without USE=kmod) pulled in sys-fs/udev-init-scripts-23, /etc/init.d/udev-postmount disappeared, I can confirm that udevadm doesn't create the /dev/grsec anymore. (In reply to comment #5) > (In reply to comment #4) > > What version of udev? > > That was 171-r9. Release 171-r10 that I just installed pulled in > sys-apps/makedev-3.23.1 and sys-fs/static-dev-0.1, but that yielded the same > result. > > Now, release sys-fs/udev-197-r8 (build without USE=kmod) pulled in > sys-fs/udev-init-scripts-23, /etc/init.d/udev-postmount disappeared, I can > confirm that udevadm doesn't create the /dev/grsec anymore. Since udev will not create device nodes anymore, its time to just drop udevadm from the ebuild which I did in -r1. I'm not so sure about not creating /lib/udev. I uderstand that its not used on a system without udev, but if one were ever to install udev after gradm, there would be a missing component. We'd have to introduce a USE flag to control this behaviour (eg USE="-udev" emerge gradm), and I'm inclined not to do that. If you feel strongly about it, reopen the bug with a patch and give me a rational. |
