Devices and permissions
Alain PORTAL
aportal at univ-montp2.fr
Wed Oct 20 11:48:23 UTC 2004
Hi Nils, thanks for your answer.
Le mercredi 20 Octobre 2004 11:32, Nils Philippsen a écrit :
> So is it a client or a server application?
Perhaps I need to tell more about this application: this is an IDE for the
developpement of Microchip PIC based applications. This IDE also can program
chip devices through serial or paralell ports programmers.
http://pikdev.free.fr/
So, logged user need to access to the serial/paralell ports in RW mode.
We should consider that is a client application.
> If it's a client application,
> all users who want to use it must have the permissions, either by
> belonging to a special group or /etc/security/console.perms trickeries.
Create a special group doesn't seem to me a good idea because if a new user is
added after the package installation, he won't belong to the new group and
administrator will need to add him manually.
I prefer a solution where all users can use the application by default.
So, using /etc/security/console.perms seems the best way.
Here is my purposal:
# device classes
<serialport>=/dev/ttyS[0-9]
<paralellport>=/dev/parport[0-7]
# permission definitions
<console> 0600 <serialport> 0660 root.uucp
<console> 0600 <paralellport> 0660 root.lp
Does it seem right for you?
How can I add/remove these lines via rpm (un)installation?
> If it's a server application, you could let it be run by e.g. the
> "myserverapp" user (with an exemplary uid/gid of 450 -- I don't know
> whom you should ask to get a fixed well known one assigned for FC) which
> would get added/removed like this in packages:
>
> %post
> # Don't fail if user/group already exist
> groupadd -g 450 myserverapp || :
> useradd -u 450 -g 450 -G uucp,lp myserverapp -d /usr/lib/myserverapp || :
>
> %postun
> if [ "$1" = "0" ]; then
> userdel -r myserverapp || :
> groupdel -r myserverapp || :
> fi
" || : " is the way to don't fail?
Regards.
--
Alain PORTAL -- Service Commun de Microscopie Électronique
Université de Montpellier II -- Case Courrier 087
Place Eugène Bataillon -- 34095 Montpellier Cedex 05
Tél. : 04 67 14 37 35 -- Fax. : 04 67 14 37 37
NO WORD ATTACHMENTS: http://www.fsf.org/philosophy/no-word-attachments.fr.html
http://www.giromini.org/usenet-fr/repondre.html
More information about the fedora-devel-list
mailing list