From owner-freebsd-current@FreeBSD.ORG Mon Oct 20 04:35:35 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6F64516A4B3 for ; Mon, 20 Oct 2003 04:35:35 -0700 (PDT) Received: from srv1.cosmo-project.de (srv1.cosmo-project.de [213.83.6.106]) by mx1.FreeBSD.org (Postfix) with ESMTP id A660C43FBF for ; Mon, 20 Oct 2003 04:35:31 -0700 (PDT) (envelope-from andreas@klemm.apsfilter.org) Received: from srv1.cosmo-project.de (localhost [IPv6:::1]) h9KBZQt2030757 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Mon, 20 Oct 2003 13:35:29 +0200 (CEST) (envelope-from andreas@klemm.apsfilter.org) Received: (from uucp@localhost)h9KBZP0L030756; Mon, 20 Oct 2003 13:35:25 +0200 (CEST) (envelope-from andreas@klemm.apsfilter.org) Received: from titan.klemm.apsfilter.org (localhost.klemm.apsfilter.org [127.0.0.1]) by klemm.apsfilter.org (8.12.10/8.12.9) with ESMTP id h9KBZErM001413; Mon, 20 Oct 2003 13:35:19 +0200 (CEST) (envelope-from andreas@titan.klemm.apsfilter.org) Received: (from andreas@localhost)h9KBZEVK001412; Mon, 20 Oct 2003 13:35:14 +0200 (CEST) (envelope-from andreas) Date: Mon, 20 Oct 2003 13:35:14 +0200 From: Andreas Klemm To: Poul-Henning Kamp Message-ID: <20031020113514.GA875@titan.klemm.apsfilter.org> References: <200310201114.h9KBEFeN000429@titan.klemm.apsfilter.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <8775.1066645186@critter.freebsd.dk> X-Operating-System: FreeBSD 5.1-CURRENT X-Disclaimer: A free society is one where it is safe to be unpopular User-Agent: Mutt/1.5.4i cc: freebsd-current@freebsd.org Subject: Re: USB problem: /dev/ugen* dynamically auto-reconfigures to root:operator 644, so non-root user unable to access USB devices even if wanted X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Oct 2003 11:35:35 -0000 On Mon, Oct 20, 2003 at 12:19:46PM +0200, Poul-Henning Kamp wrote: > In message <20031020100547.GA1615@titan.klemm.apsfilter.org>, Andreas Klemm wri > tes: > >Hi, > > > >have severe problems accessing usb devices as non-root user. > >In this case a Canon Powershot G5 camera. > > > >I want to download pics from my digicam using digikam application > >as user "andreas". > > Use the devfs(8) command to request changes the owner or modes to > suit your needs. This works a bit like "firewall rules" and when > the device is created the modes/owner is set. Good idea. But no success and inexpected results. Well now I use both /etc/devfs.conf and "devfs rule add" in /etc/rc.local. It was 1st unclear to me after reading the devfs(8) manpage, that the devfs rule add - command 1st needs a command like devfs ruleset 100 So now I have 1) /etc/devfs.conf with: perm ugen1 0666 perm ugen1.1 0666 perm ugen1.2 0666 perm ugen1.3 0666 and 2) devfs rule show 100 path ugen mode 666 I halted system, turned camera off and on Booted FreeBSD. 1. Step, check permissions without having started any camersa application ls -l /dev/ugen* crw-r--r-- 1 root operator 114, 0 Oct 20 13:14 /dev/ugen0 crw-r--r-- 1 root operator 114, 2 Oct 20 13:14 /dev/ugen0.2 crw-rw-rw- 1 root operator 114, 16 Oct 20 13:14 /dev/ugen1 crw-rw-rw- 1 root operator 114, 17 Oct 20 13:14 /dev/ugen1.1 crw-rw-rw- 1 root operator 114, 18 Oct 20 13:14 /dev/ugen1.2 crw-rw-rw- 1 root operator 114, 19 Oct 20 13:14 /dev/ugen1.3 You see the camera is on, therefore the ugen1 devices have been created. Good so far. A bit strange is, that ugen0 (USB printer) still has mode 644, this is the printer... I would expect, that the devfs rule 100 would have been applied by the system and it should be active for this device as well ! Note: And later we see, that even the permission of the ugen1 interface change again to 644 after the 1st "access" or whatever ! Well lets repeat, the machine is freshly restarted, camera was on and ugen1 devices have 0666. 2. step: start digikam as user root@titan[ttyp2]{5} ~ ls -l /dev/ugen* crw-r--r-- 1 root operator 114, 0 Oct 20 13:14 /dev/ugen0 crw-r--r-- 1 root operator 114, 2 Oct 20 13:14 /dev/ugen0.2 crw-rw-rw- 1 root operator 114, 16 Oct 20 13:14 /dev/ugen1 crw-rw-rw- 1 root operator 114, 17 Oct 20 13:14 /dev/ugen1.1 crw-rw-rw- 1 root operator 114, 18 Oct 20 13:14 /dev/ugen1.2 crw-rw-rw- 1 root operator 114, 19 Oct 20 13:14 /dev/ugen1.3 The startup itself is "harmless" nothing happens and no access to camera. The digikam application has a config files and presents the camera found in the last session (from config file). 3. step, try to access camera by klick on the Canon PowerShot G5 line in digikam "failed to initialize the camera" root@titan[ttyp2]{6} ~ ls -l /dev/ugen* crw-r--r-- 1 root operator 114, 0 Oct 20 13:14 /dev/ugen0 crw-r--r-- 1 root operator 114, 2 Oct 20 13:14 /dev/ugen0.2 crw-rw-rw- 1 root operator 114, 16 Oct 20 13:14 /dev/ugen1 crw-r--r-- 1 root operator 114, 17 Oct 20 13:14 /dev/ugen1.1 crw-r--r-- 1 root operator 114, 18 Oct 20 13:14 /dev/ugen1.2 crw-r--r-- 1 root operator 114, 19 Oct 20 13:14 /dev/ugen1.3 And voila, ther permission are wrong again. Note: I think the lpd daemon accesses the printer on startup. Therefore the ugen0 device already had the new permission 644 which I observed in the previous step ! Any idea how to resolve this ? And BTW, shouldn't the devfs(8) manpage have a reference to devfs.conf ? I understand, that /etc/devfs.conf is only used by the /etc/rc.d/devfs startup script, to setup permissions via chmod commands and such .... so no real relationship to the devfs command. But I'd find it useful to have a reference to it. Or ... something like a devfs.conf(5) manpage is missing and a SEE ALSO devfs.conf(5) in devfs(8) is missing, what would probably be better ... Or what do you think ? -- Andreas Klemm - Powered by FreeBSD 5.1-CURRENT Need a magic printfilter today ? -> http://www.apsfilter.org/