1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

207 Commits

Author SHA1 Message Date
Fabian Henneke
d45ee2f31a udev: Add id program and rule for FIDO security tokens
Add a fido_id program meant to be run for devices in the hidraw
subsystem via an IMPORT directive. The program parses the HID report
descriptor and assigns the ID_SECURITY_TOKEN environment variable if a
declared usage matches the FIDO_CTAPHID_USAGE declared in the FIDO CTAP
specification. This replaces the previous approach of whitelisting all
known security token models manually.

This commit is accompanied by a test suite and a fuzzer target for the
descriptor parsing routine.

Fixes: #11996.
2019-09-07 02:23:58 +09:00
Lennart Poettering
48a81b20ab
Merge pull request #13360 from keszybz/udev-watch-more
udev: set "watch" for more devices
2019-08-20 13:55:47 +02:00
Zbigniew Jędrzejewski-Szmek
1f9290fcc4 tmpfiles: override permissions of static nodes that need this
Fixes #13350.
2019-08-19 12:08:14 +02:00
Zbigniew Jędrzejewski-Szmek
a71eb56788 udev: allow persistent storage rules work for ubi devices
Back in dbbf424c8b, we merged a rule to add
persistent storage for /dev/ubi*, but this rule could have never worked because
of the top-level exclude.

Also set "watch" for /dev/ubi*.
2019-08-16 14:34:16 +02:00
Zbigniew Jędrzejewski-Szmek
5492c62a25 udev: assume all devices which have persistent links also need to be watched
We had two similar lists, but one was accepting many more device types.
I assume that this is by mistake, simply because the lack of device links
is easier to notice than the lack of synthesized event after the device is
written to. This uses the same list in both places, effectively adding
"watch" attribute to /dev/nbd*, /dev/zd*, etc.
2019-08-16 14:34:10 +02:00
Zbigniew Jędrzejewski-Szmek
026f3d3b91 rules: enable hardware-related targets also for user instances
> the odd thing is that these units are also defined for the systemd user
> instance. However, because these are bound to SYSTEMD_USER_WANTS rather than
> SYSTEMD_WANTS they are effectively useless unless some other software
> installs the corresponding udev rules first.

This adds the rules and starts those targets also for user instances.
Fixes #12330.
2019-05-28 14:18:11 +02:00
Marc-André Lureau
0fde5a3591 udev-rules: add udmabuf to kvm group
It will have the default 0660 mode.

Fixes: #12283
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-04-23 13:00:21 +02:00
Andrzej Pietrasiewicz
2c633a821e units: add usb-gadget target
Linux can be run on a device meant to act as a USB peripheral. In order
for a machine to act as such a USB device it has to be equipped with
a UDC - USB Device Controller.

This patch adds a target reached when UDC becomes available. It can be used
for activating e.g. a service unit which composes a USB gadget with
configfs and activates it.
2019-02-15 18:16:27 +01:00
Tony Asleson
f82abfcda5 rules: watch metadata changes on nbd devices
Include nbd* in match for watch option assignment.

Signed-off-by: Tony Asleson <tasleson@redhat.com>
2019-02-15 11:30:33 +01:00
Vojtech Trefny
38397c8ce0 rules: watch metadata changes on DASD devices
To make sure the change event is emitted and udev db is updated
after metadata changes.
2018-12-04 20:57:47 +01:00
Lennart Poettering
5e3fc5730c
Merge pull request #7411 from joergsteffens/tapechanger
udev-rules: extend tape and tape changer rules
2018-10-22 21:43:58 +02:00
Harry Mallon
2c4370d66c rules: Add ID_REVISION environment var for NVMe devices 2018-10-16 10:20:31 +02:00
Marcin Skarbek
274f0dbeb5 don't ignore zd* block devices 2018-08-27 14:13:25 +02:00
Keith Busch
9eb0fc32d6 rules: Add by-id symlinks for persistent memory
This patch adds a by-id symlink to persistent memory namespace if it
exports a uuid attribute. The result looks like the following example:

 # ls -l /dev/disk/by-id/*
 lrwxrwxrwx 1 root root 13 Jul  9 15:24 pmem-206dcdfe-69b7-4e86-a01b-f540621ce62e -> ../../pmem1.2
 lrwxrwxrwx 1 root root 13 Jul  9 15:24 pmem-73840bf1-4e74-4ba4-a9c8-8248934c07c8 -> ../../pmem1.1
 lrwxrwxrwx 1 root root 13 Jul  9 15:24 pmem-8137bdfd-3c4d-4b26-b326-21da3d4cd4e5 -> ../../pmem1.4
 lrwxrwxrwx 1 root root 13 Jul  9 15:24 pmem-f43d1b6e-3300-46cb-8afc-06d66a7c16f6 -> ../../pmem1.3

Signed-off-by: Keith Busch <keith.busch@intel.com>
2018-07-10 09:55:57 +02:00
Zbigniew Jędrzejewski-Szmek
0cd41d4dff Drop my copyright headers
perl -i -0pe 's/\s*Copyright © .... Zbigniew Jędrzejewski.*?\n/\n/gms' man/*xml
git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/(#\n)?# +Copyright © [0-9, -]+ Zbigniew Jędrzejewski.*?\n//gms'
git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s*\/\*\*\*\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*?\s*\*\*\*\/\s*/\n\n/gms'
git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*//gms'
2018-06-14 13:03:20 +02:00
Lennart Poettering
96b2fb93c5 tree-wide: beautify remaining copyright statements
Let's unify an beautify our remaining copyright statements, with a
unicode ©. This means our copyright statements are now always formatted
the same way. Yay.
2018-06-14 10:20:21 +02:00
Milan Broz
f2bd752215 udev: create /dev/disk/by-label symlink for LUKS2 (#8998)
LUKS2 header supports to device label and blkid since 2.32 version
already supports this option.

Persistent udev storage rules should create symlink for this label.

For older devices this value is not set so changed rule should be compatible.
2018-05-15 16:51:07 +02:00
Zbigniew Jędrzejewski-Szmek
11a1589223 tree-wide: drop license boilerplate
Files which are installed as-is (any .service and other unit files, .conf
files, .policy files, etc), are left as is. My assumption is that SPDX
identifiers are not yet that well known, so it's better to retain the
extended header to avoid any doubt.

I also kept any copyright lines. We can probably remove them, but it'd nice to
obtain explicit acks from all involved authors before doing that.
2018-04-06 18:58:55 +02:00
Franck Bui
f8adf25d65 rules: skip btrfs check if devices are not ready in 64-btrfs.rules (#8304)
If any devices are marked with 'SYSTEMD_READY=0' then we shouldn't run any
btrfs check on them.

Indeed there's no point in running "btrfs ready" on devices that already have
SYSTEMD_READY=0 set. Most probably such devices are members of a higher layer
aggregate device such as dm-multipath or software RAID. Doing IO on them wastes
time at best, and may cause delays, timeouts, or even hangs at worst (think
active-passive multipath or degraded RAID, for example).

It was initially reported at:
https://bugzilla.opensuse.org/show_bug.cgi?id=872929
2018-02-28 10:36:06 +01:00
Thomas Huth
d35d6249d5 rules: Mark the kvm device as static_node (for s390x and ppc64) (#7795)
On s390x and ppc64, the permissions of the /dev/kvm device are currently
not right as long as the kvm kernel module has not been loaded yet. The
kernel module is using MODULE_ALIAS("devname:kvm") there, so the module
will be loaded on the first access to /dev/kvm. In that case, udev needs
to apply the permission to the static node already (which was created via
devtmpfs), i.e. we have to specify the option "static_node=kvm" in the
udev rule.

Note that on x86, the kvm kernel modules are loaded early instead (via the
MODULE_DEVICE_TABLE(x86cpu, ...) feature checking), so that the right module
is loaded for the Intel or AMD hypervisor extensions right from the start.
Thus the "static_node=kvm" is not required on x86 - but it also should not
hurt here (and using it here even might be more future proof in case the
module loading is also done delayed there one day), so we just add the new
option to the rule here unconditionally.
2018-01-08 10:49:15 +01:00
Joerg Steffens
8d0edd1172 udev-rules: make tape devices also accessable by ENV{ID_SCSI_SERIAL}
Tape and tape changer devices from Amazon Webservice Storage Gateway VTLs
and maybe other iSCSI VTLs all have the same ENV{ID_SERIAL}.
The results is, that only the last device is available in
/dev/tape/by-id/, as the former devices have been overwritten.
However, the devices can be distinguished by ENV{ID_SCSI_SERIAL}.

ENV{ID_SCSI_SERIAL} is not set on directly connected SCSI devices.

This rule additional creates links based on the ENV{ID_SCSI_SERIAL}, if
it is set.

In my case, it creates (ID_SCSI_SERIAL)
/dev/tape/by-id/scsi-AMZN_SGW-6BF81D02_MC_00001
/dev/tape/by-id/scsi-AMZN_SGW-6BF81D02_TD_00001
/dev/tape/by-id/scsi-AMZN_SGW-6BF81D02_TD_00002
...

instead of only (ID_SERIAL)
scsi-2414d5a4e5f5347572d364246
2017-12-27 11:37:18 +01:00
Zbigniew Jędrzejewski-Szmek
6b97bf2287 meson: re-attach rule-syntax-check.py test
39/248 rule-syntax-check                       OK     0.07 s

--- command ---
/home/zbyszek/src/systemd-work/test/rule-syntax-check.py \
    /home/zbyszek/src/systemd-work/build/../rules/60-block.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-cdrom_id.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-drm.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-evdev.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-input-id.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-alsa.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-input.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-storage.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-storage-tape.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-persistent-v4l.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-sensor.rules \
    /home/zbyszek/src/systemd-work/build/../rules/60-serial.rules \
    /home/zbyszek/src/systemd-work/build/../rules/70-joystick.rules \
    /home/zbyszek/src/systemd-work/build/../rules/70-mouse.rules \
    /home/zbyszek/src/systemd-work/build/../rules/70-touchpad.rules \
    /home/zbyszek/src/systemd-work/build/../rules/75-net-description.rules \
    /home/zbyszek/src/systemd-work/build/../rules/75-probe_mtd.rules \
    /home/zbyszek/src/systemd-work/build/../rules/78-sound-card.rules \
    /home/zbyszek/src/systemd-work/build/../rules/80-drivers.rules \
    /home/zbyszek/src/systemd-work/build/../rules/80-net-setup-link.rules \
    /home/zbyszek/src/systemd-work/build/rules/50-udev-default.rules \
    /home/zbyszek/src/systemd-work/build/rules/64-btrfs.rules \
    /home/zbyszek/src/systemd-work/build/rules/99-systemd.rules
--- stdout ---
...
-------

It got dropped by mistake in 72cdb3e783.
2017-11-22 12:46:08 +01:00
Joerg Steffens
7f8ddf96a2 udev-rules: make tape-changers also apprear in /dev/tape/by-path/
It is important to be able to access tape changer ("Medium Changers") by
persistant name.
While tape devices can be accessed via /dev/tape/by-id/ and
/dev/tape/by-path/, tape-changers could only be accessed by
/dev/tape/by-id/.
However, in some cases, especially when accessing Amazon Webservice
Storage Gateway VTLs (or accessing iSCSI VTLs in general?) this does not
work, as all tape devices and the tape changer have the same ENV{ID_SERIAL}.
The results is, that only the last device is available in
/dev/tape/by-id/, as the former devices have been overwritten.

As this behavior is hard to change without breaking consistentcy,
this additional device in /dev/tape/by-path/ can be used to access the medium changes.
The tape devices can also be accessed by this path.

The content of the directory will now look like:

  # SCSI tape device, rewind (unchanged)
  /dev/tape/by-path/$env{ID_PATH} -> ../../st*

  # SCSI tape device, no-rewind (unchanged)
  /dev/tape/by-path/$env{ID_PATH}-nst -> ../../nst*

  # SCSI tape changer device (newly added)
  /dev/tape/by-path/$env{ID_PATH}-changer -> ../../sg*

Tape devices and tape changer have different ID_PATHs.
SCSI tape changer get the suffix "-changer"
to make them better distinguishable from tape devices.
2017-11-21 12:21:49 +01:00
Zbigniew Jędrzejewski-Szmek
3a726fcd08 Add license headers and SPDX identifiers to meson.build files
So far I avoided adding license headers to meson files, but they are pretty
big and important and should carry license headers like everything else.
I added my own copyright, even though other people modified those files too.
But this is mostly symbolic, so I hope that's OK.
2017-11-19 19:08:15 +01:00
Zbigniew Jędrzejewski-Szmek
d9215cd838 Add SPDX license headers to various assorted files 2017-11-19 19:08:15 +01:00
Simon Arlott
6fcae8e4de rules: run all persistent-input rules for rmi and i8042 (#7287)
Commit 83b48159 set ID_BUS for these subsystems but copied the intent
of commit c49df207 by not creating symlinks for those devices.

Remove the GOTO so that the rest of the rules are still processed and
symlinks are created for rmi and i8042 devices.
2017-11-10 10:32:51 +01:00
Tom Stellard
f301622d84 udev-rules: Add rule for /dev/kfd 2017-11-08 08:22:05 -08:00
Tom Stellard
4e15a7343c udev-rules: Permission changes for /dev/dri/renderD*
- Remove the uaccess tag from /dev/dri/renderD*.
- Change the owning group from video to render.
- Change default mode to 0666.
- Add an option to allow users to set the access mode for these devices at
compile time.
2017-11-08 08:21:31 -08:00
Lennart Poettering
64d2753a87
Merge pull request #7212 from whot/master
hwdb: add a hwdb for custom ID_INPUT_* overrides
2017-10-30 10:12:12 +01:00
Maciej S. Szmigiero
27b8198e13 rules: add Freescale IMX serial ports name to serial port udev rule (#7203)
Freescale IMX SoCs serial ports driven by kernel "imx-uart" driver have
names of "ttymxcN", let's add this pattern to an udev rule for serial
ports so they will have proper ownership applied.
2017-10-30 09:59:31 +01:00
Peter Hutterer
ffac30349e hwdb: add a hwdb file to override ID_INPUT assignments
The input_id builtin assigns the various ID_INPUT based on the exported evdev
bits. In some cases, the device may not have the properties required to label
a device as one specific type but the physical form factor is clear.
e.g. in the case of #7197 it's a tablet pad that does not have x/y axes which
the kernel exports for pads for historical reasons.

A custom override is needed, best to be solved with a hwdb entry.

Related #7197
2017-10-30 10:57:18 +10:00
gwendalcr
e2c2d70ba7 rules: Add MODEL_ID for NVMe device (#7037)
To mimic MODEL_ID variable built for ATA and SCSI devices, add rules
to add MODEL_ID variable for NVMe devices.

TEST: Check on a system with NVMe device that MODEL_ID variable is
present:
 udevadm info --query=all -n /dev/nvme0n1p1 | grep ID_MODEL
and
 udevadm info --query=all -n /dev/nvme0n1p1 | grep ID_MODEL
return:
E: ID_MODEL=SAMSUNG...
2017-10-10 10:03:38 +02:00
Christian Hesse
d75b31837c fix path in btrfs rule (#6844)
Commit 0e8856d2 (assemble multidevice btrfs volumes without external
tools (#6607)) introduced a call to udevadm. That lives in @rootbindir@,
not @rootlibexecdir@. So fix the path.
2017-09-15 21:28:24 +02:00
Michael Grzeschik
dbbf424c8b rules: ubi mtd - add link to named partitions (#6750)
[zjs:
- rebase onto recent master
- drop signed-off-by]
2017-09-14 14:53:07 +02:00
Dmitry Torokhov
9b32afa9f2 rules: load drivers only on "add" events
Previously we were loading kernel modules on all device events save
for "remove". With the introduction of KOBJ_BIND/KOBJ_UNBIND this causes
issues, as driver modules that have devices bound to their drivers get
immediately reloaded, and it appears to the user that module unloading
does not work.

Let's change the rules to only load modules on "add" events instead.
2017-09-11 21:04:34 +02:00
g0tar
0e8856d25a assemble multidevice btrfs volumes without external tools (#6607)
assemble multidevice btrfs volumes without external tools

This self-contained approach introduce very little overhead, unless
someone has a large number of devices composing many btrfs volumes,
in which case btrfs device scan would be faster. Still, having robust
implementation is a nice to have alternative for btrfs-progs.
2017-09-07 09:58:12 +02:00
Xiang Fan
5aece00d45 rules: split the rfkill subsystem rule (#6556)
This patch makes sure both rules are applied to rfkill devices.
Otherwise the ENV rule may be skipped if path_id fails.

Fixes: #6528
2017-08-08 08:41:15 +02:00
Zbigniew Jędrzejewski-Szmek
e5f752082e build-sys: drop gitignore patterns for in-tree builds
... and other autotools-generated files.
2017-07-18 10:05:06 -04:00
Zbigniew Jędrzejewski-Szmek
72cdb3e783 build-sys: drop automake support
v2:
- also mention m4
2017-07-18 10:04:44 -04:00
Christian Hesse
816be2ba44 build-sys: install udev rule 70-joystick.{rules,hwdb} (#6363)
* meson: install udev files 70-joystick.{rules,hwdb}
* Makefile: install udev file 70-joystick.hwdb
2017-07-14 12:28:28 -04:00
Zbigniew Jędrzejewski-Szmek
43af16c99c build-sys: fix installation of new 60-input-id.rules
Fixup for 38887d1bd5.
2017-06-28 11:19:33 -04:00
Michal Suchanek
38887d1bd5 rules: move input_id rule to a separate file
This places the input_id call after the evdev hwdb calls. With this the
hwdb fixups in evdev can affect the device capabilities assigned in
input_id.

Remove the ID_INPUT_KEY dependency in atkbd rule because it is now not
assigned at this point.
2017-06-27 13:28:10 +02:00
hadess
c8ec393b25 hwdb: Add ID_INPUT_JOYSTICK_INTEGRATION property (#5413)
When the joystick is integrated directly into the machine, knowing
that the device is internal allows us to disable attached functionality
when the device is not used or inaccessible.

For example, this allows disabling rumble and accelerometer on
flip-console-like devices like the GPD-XD.
2017-06-26 12:17:36 +02:00
kjackiewicz
e74d0a9a5c rules: watch metadata changes in mmcblk devices (#6050)
Formatting sd-cards does not trigger "change" uevents. As a result clients
using udev API don't get any updates afterwards and get outdated information
about the device.

Include mmcblk* in a match for watch option assignment.
2017-05-30 15:19:03 +02:00
George McCollister
4e3f07029a rules: Handle MMC boot partitions by-path correctly (#6026)
Many eMMC devices have separate boot partitions that aren't part of the
normal partition table that show up as /dev/mmcblk[0-9]boot[0-9]. These
partitions are generally small (128KB to 16MB) and typically hold a boot
loader, boot loader data or a recovery image. Match these and create
-boot%n by-path symlinks.

Prior to this change by-path symlinks for the main device would be
incorrectly linked to one of the boot partitions.

For instance before:
/dev/disk/by-path/platform-219c000.usdhc linked to /dev/mmcblk1boot1

Now:
/dev/disk/by-path/platform-219c000.usdhc links to /dev/mmcblk1
/dev/disk/by-path/platform-219c000.usdhc-boot0 links to /dev/mmcblk1boot0
/dev/disk/by-path/platform-219c000.usdhc-boot1 links to /dev/mmcblk1boot1

On systems that support multiple SD/MMC devices it can be essential to
have by-path links to these devices since device names vary depending on
which other devices are connected.
2017-05-25 22:13:50 -04:00
Lennart Poettering
9bfc0df113 50-udev-default.rules.in: set correct group for mediaX/cecX (#5921)
The /dev/mediaX and /dev/cecX devices belong to the video group.
Add two default rules for that.

The /dev/cecX devices were introduced in kernel 4.8 in staging and moved
out of staging in 4.10. These devices support the HDMI CEC bus.

The /dev/mediaX devices are much older, but because they are not used very
frequently nobody got around to adding this rule to systemd. They let the
user control complex media pipelines.
2017-05-09 21:10:55 +02:00
Zbigniew Jędrzejewski-Szmek
37efbbd821 meson: reindent all files with 8 spaces
The indentation for emacs'es meson-mode is added .dir-locals.

All files are reindented automatically, using the lasest meson-mode from git.
Indentation should now be fairly consistent.
2017-04-23 21:47:29 -04:00
Zbigniew Jędrzejewski-Szmek
5c23128dab meson: build systemd using meson
It's crucial that we can build systemd using VS2010!

... er, wait, no, that's not the official reason. We need to shed old systems
by requring python 3! Oh, no, it's something else. Maybe we need to throw out
345 years of knowlege accumulated in autotools? Whatever, this new thing is
cool and shiny, let's use it.

This is not complete, I'm throwing it out here for your amusement and critique.

- rules for sd-boot are missing. Those might be quite complicated.

- rules for tests are missing too. Those are probably quite simple and
  repetitive, but there's lots of them.

- it's likely that I didn't get all the conditions right, I only tested "full"
  compilation where most deps are provided and nothing is disabled.

- busname.target and all .busname units are skipped on purpose.

  Otherwise, installation into $DESTDIR has the same list of files and the
  autoconf install, except for .la files.

It'd be great if people had a careful look at all the library linking options.
I added stuff until things compiled, and in the end there's much less linking
then in the old system. But it seems that there's still a lot of unnecessary
deps.

meson has a `shared_module` statement, which sounds like something appropriate
for our nss and pam modules. Unfortunately, I couldn't get it to work. For the
nss modules, we need an .so version of '2', but `shared_module` disallows the
version argument. For the pam module, it also didn't work, I forgot the reason.

The handling of .m4 and .in and .m4.in files is rather awkward. It's likely
that this could be simplified. If make support is ever dropped, I think it'd
make sense to switch to a different templating system so that two different
languages and not required, which would make everything simpler yet.

v2:
- use get_pkgconfig_variable
- use sh not bash
- use add_project_arguments

v3:
- drop required:true and fix progs/prog typo

v4:
- use find_library('bz2')
- add TTY_GID definition
- define __SANE_USERSPACE_TYPES__
- use join_paths(prefix, ...) is used on all paths to make them all absolute

v5:
- replace all declare_dependency's with []
- add more conf.get guards around optional components

v6:
- drop -pipe, -Wall which are the default in meson
- use compiler.has_function() and compiler.has_header_symbol instead of the
  hand-rolled checks.
- fix duplication in 'liblibsystemd' library name
- use the right .sym file for pam_systemd
- rename 'compiler' to 'cc': shorter, and more idiomatic.

v7:
- use ENABLE_ENVIRONMENT_D not HAVE_ENVIRONMENT_D
- rename prefix to prefixdir, rootprefix to rootprefixdir
  ("prefix" is too common of a name and too easy to overwrite by mistake)
- wrap more stuff with conf.get('ENABLE...') == 1
- use rootprefix=='/' and rootbindir as install_dir, to fix paths under
  split-usr==true.

v8:
- use .split() also for src/coredump. Now everything is consistent ;)
- add rootlibdir option and use it on the libraries that require it

v9:
- indentation

v10:
- fix check for qrencode and libaudit

v11:
- unify handling of executable paths, provide options for all progs

  This makes the meson build behave slightly differently than the
  autoconf-based one, because we always first try to find the executable in the
  filesystem, and fall back to the default. I think different handling of
  loadkeys, setfont, and telinit was just a historical accident.

  In addition to checking in $PATH, also check /usr/sbin/, /sbin for programs.
  In Fedora $PATH includes /usr/sbin, (and /sbin is is a symlink to /usr/sbin),
  but in Debian, those directories are not included in the path.

  C.f. https://github.com/mesonbuild/meson/issues/1576.

- call all the options 'xxx-path' for clarity.
- sort man/rules/meson.build properly so it's stable
2017-04-23 21:47:26 -04:00
Zbigniew Jędrzejewski-Szmek
5a664ca10f rules: add a rule to set /dev/kvm access mode and ownership (#5597)
Kernel default mode is 0600, but distributions change it to group kvm, mode
either 0660 (e.g. Debian) or 0666 (e.g. Fedora). Both approaches have valid
reasons (a stricter mode limits exposure to bugs in the kvm subsystem, a looser
mode makes libvirt and other virtualization mechanisms work out of the box for
unprivileged users over ssh).

In Fedora the qemu package carries the relevant rule, but it's nicer to have it
in systemd, so that the permissions are not dependent on the qemu package being
installed. Use of packaged qemu binaries is not required to make use of
/dev/kvm, e.g. it's possible to use a self-compiled qemu or some alternative.

https://bugzilla.redhat.com/show_bug.cgi?id=1431876

To accomodate both approaches, add a rule to set the mode in 50-udev-default.rules,
but allow the mode to be overridden with a --with-dev-kvm-mode configure rule.
The default is 0660, as the (slightly) more secure option.
2017-03-27 12:34:24 +02:00
John Paul Adrian Glaubitz
7c1ebe99b6 rules: allow SPARC vdisk devices when identifying CD drives (#5599) 2017-03-20 11:22:54 +01:00