Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices

To: Roger Leigh <rleigh@whinlatter.ukfsn.org>
Cc: 342455@bugs.debian.org, moth@debian.org
Subject: Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
From: Bastian Blank <waldi@debian.org>
Date: Fri, 23 Dec 2005 19:41:47 +0100
Message-id: <[🔎] 20051223184146.GA4385@wavehammer.waldi.eu.org>
Reply-to: Bastian Blank <waldi@debian.org>, 342455@bugs.debian.org
In-reply-to: <[🔎] 87d5jvpxou.fsf@hardknott.home.whinlatter.ukfsn.org>
References: <[🔎] d0461dbe0512111347r77ebec8p3f8389299bd730b9@mail.gmail.com> <[🔎] 17310.61141.261977.637517@davenant.relativity.greenend.org.uk> <[🔎] 20051214100007.GA31043@wavehammer.waldi.eu.org> <[🔎] 17312.9253.155145.637420@davenant.relativity.greenend.org.uk> <[🔎] 20051216130838.GA26196@wavehammer.waldi.eu.org> <[🔎] d0461dbe0512161143m48f3b9adt5b8d99170a09832f@mail.gmail.com> <[🔎] 20051217115726.GA15322@wavehammer.waldi.eu.org> <[🔎] 874q57rj4i.fsf@hardknott.home.whinlatter.ukfsn.org> <[🔎] 20051217125303.GA21104@wavehammer.waldi.eu.org> <[🔎] 87d5jvpxou.fsf@hardknott.home.whinlatter.ukfsn.org>

On Sat, Dec 17, 2005 at 03:09:37PM +0000, Roger Leigh wrote:
> Bastian Blank <waldi@debian.org> writes:
> 
> > On Sat, Dec 17, 2005 at 12:41:17PM +0000, Roger Leigh wrote:
> >> > Which procedure? You seem to know something I don't know. ("Overwrite"
> >> > means in my context: chmod of static devices or a MODE setting in the
> >> > udev config)
> >> A chown/chmod of the device is not scalable or practical.
> >
> > You recreate the complete /dev?
> 
> lvcreate/vgchange and related commands will create the devices with
> the default ownership, and hence require *manual* correction after
> their creation.  Thus chown/chmod are not practical for anything but
> tiny and unchanging installations.

Hu? lvcreate don't create static devices.

> 
> >> a new LV, the permissions will be wrong.  If I run vgchange, the
> >> permissions will be wrong.  This is not a solution.
> >
> > And I don't speak about libdevmapper managed device.
> 
> Please could you clarify?  What *are* you speaking about.  I'm
> referring to the fact that when I create or change an LVM LV, I have
> to manually correct the permissions (on both static and udev managed
> systems).

Lets quote myself:
|  means in my context: chmod of static devices or a MODE setting in the
| udev config)

This does not qualify dm devices.

> > SUBSYSTEM=="block", MODE="0600"
> 
> That changes the default permissions for block devices, but this is
> not what I meant.
> 
> How do I get device-mapper devices to be created by udev, along with
> the related symlinks?  The rule you suggest above does not in any way
> affect the *device-mapper* device permissions or ownership, which is
> the problem at hand:

KERNEL=="dm-[0-9]*", ACTION=="add", PROGRAM="/sbin/dmsetup info -c --noopencount --noheadings -o name -j %M -m %m", SYMLINK="disk/by-name/%c"

as shipped by suse.

> Also, you have not addressed the case where udev is not in use: the
> ownership and permissions are still wrong.

The settings are a secure default.

Anyway, what are the problems with a default of 666? It fixes any of the
problems.

Bastian

-- 
The heart is not a logical organ.
		-- Dr. Janet Wallace, "The Deadly Years", stardate 3479.4

Reply to:

Follow-Ups:
- Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Roger Leigh <rleigh@whinlatter.ukfsn.org>
- Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Raul Miller <moth.debian@gmail.com>

References:
- Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Raul Miller <moth.debian@gmail.com>
- Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Ian Jackson <ian@davenant.greenend.org.uk>
- Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Bastian Blank <waldi@debian.org>
- Re: Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Ian Jackson <ian@davenant.greenend.org.uk>
- Re: Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Bastian Blank <waldi@debian.org>
- Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Raul Miller <moth.debian@gmail.com>
- Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Bastian Blank <waldi@debian.org>
- Re: Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Roger Leigh <rleigh@whinlatter.ukfsn.org>
- Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Bastian Blank <waldi@debian.org>
- Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
  - From: Roger Leigh <rleigh@whinlatter.ukfsn.org>

Prev by Date: Bug#342455: Does anyone have anything more to say on the devmapper group/permissions issues?
Next by Date: Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
Previous by thread: Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
Next by thread: Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
Index(es):
- Date
- Thread