[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bastian Blank <waldi@debian.org> writes:

> On Sat, Dec 17, 2005 at 12:41:17PM +0000, Roger Leigh wrote:
>> > Which procedure? You seem to know something I don't know. ("Overwrite"
>> > means in my context: chmod of static devices or a MODE setting in the
>> > udev config)
>> A chown/chmod of the device is not scalable or practical.
>
> You recreate the complete /dev?

lvcreate/vgchange and related commands will create the devices with
the default ownership, and hence require *manual* correction after
their creation.  Thus chown/chmod are not practical for anything but
tiny and unchanging installations.

>> a new LV, the permissions will be wrong.  If I run vgchange, the
>> permissions will be wrong.  This is not a solution.
>
> And I don't speak about libdevmapper managed device.

Please could you clarify?  What *are* you speaking about.  I'm
referring to the fact that when I create or change an LVM LV, I have
to manually correct the permissions (on both static and udev managed
systems).

It would make this problem a whole lot easier if you could explain in
some detail about your reasoning and thoughts, so that we don't have
to guess.

>> What if the user isn't using udev?
>
> There are only 2 versions, static dev or udev, so which one is missing?

Let's examine the two cases, using the default setup Debian provides
after installation:

Static device nodes
- -------------------

* /dev is static, with devices created by MAKEDEV.

* /dev/mapper, and related symlinks are still not static, they are
  created and removed by devmapper (vgscan, vgchange, lvchange etc.),
  with the default ownership and permissions of root:root 0600.  If
  you don't like those permissions, you have to change them manually.

udev
- ----

* /dev is managed by udev, using udev rules

* /dev/mapper and related symlinks are ignored by udev (there are no
  rules), and it is still managed by devmapper (see below).

>> Do you have any example udev rules to do what you suggest?
>
> SUBSYSTEM=="block", MODE="0600"

That changes the default permissions for block devices, but this is
not what I meant.

How do I get device-mapper devices to be created by udev, along with
the related symlinks?  The rule you suggest above does not in any way
affect the *device-mapper* device permissions or ownership, which is
the problem at hand:

Take a look at the default udev behaviour in /etc/udev/udev.rules:
# device mapper creates its own device nodes, so ignore these
KERNEL=="dm-[0-9]*",            NAME=""
KERNEL=="device-mapper",        NAME="mapper/control"

Unless you have some udev rules that solve the problem, udev is not
the solution because it delegates all responsibility to devmapper.

Also, you have not addressed the case where udev is not in use: the
ownership and permissions are still wrong.


Regards,
Roger

- -- 
Roger Leigh
                Printing on GNU/Linux?  http://gimp-print.sourceforge.net/
                Debian GNU/Linux        http://www.debian.org/
                GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8+ <http://mailcrypt.sourceforge.net/>

iD8DBQFDpCosVcFcaSW/uEgRAjmwAJ49d+EnOywJpIRnGEENJ8h5W6BciwCgvcck
7vEzOSgyOVh7b027LImQUzg=
=CO41
-----END PGP SIGNATURE-----
Reply to: