Bug#404927: Adaptec aacraid still w/ broken permissions on lenny
Hi,
this bug to me is still applying to several systems I installed
recently (using debian lenny 5.0.2). Please see the details for one of the
systems below.
I would like to see this bug fixed. Besides the obvious security issue
the floppy group imposes this bug triggers misbehaviour for the fai (fully
automated install) debian package. fai uses the device group to determine if a
device is a harddisk. With the server hardware outlined below, this detection
fails and fai can not successfully install them. I added a small change
to the udev rules used by fai on the newly installed machine to work
around this. Here my change:
--- /etc/udev/rules.d/91-permissions.rules 2008-08-08 11:43:53.000000000 +0200
+++ 91-permissions.rules 2009-07-01 11:59:33.000000000 +0200
@@ -13,6 +13,8 @@
# all block devices on these buses are "removable"
SUBSYSTEM=="block", SUBSYSTEMS=="usb|ieee1394|mmc|pcmcia", GROUP="floppy"
+KERNEL=="sd*", SUBSYSTEMS=="scsi", GROUP="disk"
+
KERNEL=="cbm", GROUP="floppy"
# IDE devices
We have three SUN X4240 servers, each equipped with a (lspci -vv):
04:00.0 RAID bus controller: Adaptec AAC-RAID (rev 09)
Subsystem: Sun Microsystems Computer Corp. STK RAID INT
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Interrupt: pin A routed to IRQ 19
Region 0: Memory at dfe00000 (64-bit, non-prefetchable) [size=2M]
Expansion ROM at dfd80000 [disabled] [size=512K]
Capabilities: [98] Power Management version 2
Flags: PMEClk- DSI- D1+ D2- AuxCurrent=0mA PME(D0-,D1-,D2-,D3hot-,D3cold-)
Status: D0 PME-Enable- DSel=0 DScale=0 PME-
Capabilities: [a0] Message Signalled Interrupts: Mask- 64bit+ Queue=0/1 Enable-
Address: 0000000000000000 Data: 0000
Capabilities: [d0] Express (v1) Endpoint, MSI 00
DevCap: MaxPayload 512 bytes, PhantFunc 0, Latency L0s unlimited, L1 <1us
ExtTag- AttnBtn- AttnInd- PwrInd- RBE+ FLReset-
DevCtl: Report errors: Correctable- Non-Fatal+ Fatal+ Unsupported-
RlxdOrd+ ExtTag- PhantFunc- AuxPwr- NoSnoop+
MaxPayload 128 bytes, MaxReadReq 128 bytes
DevSta: CorrErr+ UncorrErr- FatalErr- UnsuppReq+ AuxPwr- TransPend-
LnkCap: Port #0, Speed 2.5GT/s, Width x8, ASPM L0s, Latency L0 <128ns, L1 unlimited
ClockPM- Suprise- LLActRep- BwNot-
LnkCtl: ASPM Disabled; RCB 64 bytes Disabled- Retrain- CommClk-
ExtSynch- ClockPM- AutWidDis- BWInt- AutBWInt-
LnkSta: Speed 2.5GT/s, Width x8, TrErr- Train- SlotClk+ DLActive- BWMgmt- ABWMgmt-
Capabilities: [90] Vital Product Data <?>
Capabilities: [100] Advanced Error Reporting <?>
Kernel driver in use: aacraid
Kernel modules: aacraid
The devices that are created by udev have the following permissions
(ls -l /dev/sd*):
brw-rw---- 1 root floppy 8, 0 2009-06-29 13:04 /dev/sda
brw-rw---- 1 root floppy 8, 1 2009-06-29 13:04 /dev/sda1
brw-rw---- 1 root floppy 8, 2 2009-06-29 13:04 /dev/sda2
brw-rw---- 1 root floppy 8, 5 2009-06-29 13:04 /dev/sda5
brw-rw---- 1 root floppy 8, 16 2009-06-29 13:04 /dev/sdb
brw-rw---- 1 root floppy 8, 17 2009-06-29 13:04 /dev/sdb1
brw-rw---- 1 root floppy 8, 18 2009-06-29 13:04 /dev/sdb2
brw-rw---- 1 root floppy 8, 21 2009-06-29 13:04 /dev/sdb5
udevinfo give the following output for sda
(udevinfo --attribute-walk --name=/dev/sda):
Udevinfo starts with the device specified by the devpath and then
walks up the chain of parent devices. It prints for every device
found, all possible attributes in the udev rules key format.
A rule to match, can be composed by the attributes of the device
and the attributes from one single parent device.
looking at device '/block/sda':
KERNEL=="sda"
SUBSYSTEM=="block"
DRIVER==""
ATTR{range}=="16"
ATTR{removable}=="1"
ATTR{size}=="286494720"
ATTR{capability}=="13"
ATTR{stat}==" 1238 2126 95242 2672 17248 2279 278172 7864 0 9132 10532"
looking at parent device '/devices/pci0000:00/0000:00:0f.0/0000:04:00.0/host0/target0:0:0/0:0:0:0':
KERNELS=="0:0:0:0"
SUBSYSTEMS=="scsi"
DRIVERS=="sd"
ATTRS{device_blocked}=="0"
ATTRS{type}=="0"
ATTRS{scsi_level}=="3"
ATTRS{vendor}=="Sun "
ATTRS{model}=="hwraid0 "
ATTRS{rev}=="V1.0"
ATTRS{state}=="running"
ATTRS{timeout}=="45"
ATTRS{iocounterbits}=="32"
ATTRS{iorequest_cnt}=="0x4870"
ATTRS{iodone_cnt}=="0x4870"
ATTRS{ioerr_cnt}=="0x2"
ATTRS{modalias}=="scsi:t-0x00"
ATTRS{evt_media_change}=="0"
ATTRS{queue_depth}=="252"
ATTRS{queue_type}=="ordered"
ATTRS{level}=="Mirror"
looking at parent device '/devices/pci0000:00/0000:00:0f.0/0000:04:00.0/host0/target0:0:0':
KERNELS=="target0:0:0"
SUBSYSTEMS==""
DRIVERS==""
looking at parent device '/devices/pci0000:00/0000:00:0f.0/0000:04:00.0/host0':
KERNELS=="host0"
SUBSYSTEMS==""
DRIVERS==""
looking at parent device '/devices/pci0000:00/0000:00:0f.0/0000:04:00.0':
KERNELS=="0000:04:00.0"
SUBSYSTEMS=="pci"
DRIVERS=="aacraid"
ATTRS{vendor}=="0x9005"
ATTRS{device}=="0x0285"
ATTRS{subsystem_vendor}=="0x108e"
ATTRS{subsystem_device}=="0x0286"
ATTRS{class}=="0x010400"
ATTRS{irq}=="19"
ATTRS{local_cpus}=="ffffffff"
ATTRS{local_cpulist}=="0-31"
ATTRS{modalias}=="pci:v00009005d00000285sv0000108Esd00000286bc01sc04i00"
ATTRS{enable}=="1"
ATTRS{broken_parity_status}=="0"
ATTRS{msi_bus}==""
looking at parent device '/devices/pci0000:00/0000:00:0f.0':
KERNELS=="0000:00:0f.0"
SUBSYSTEMS=="pci"
DRIVERS=="pcieport-driver"
ATTRS{vendor}=="0x10de"
ATTRS{device}=="0x0375"
ATTRS{subsystem_vendor}=="0x0000"
ATTRS{subsystem_device}=="0x0000"
ATTRS{class}=="0x060400"
ATTRS{irq}=="0"
ATTRS{local_cpus}=="ffffffff"
ATTRS{local_cpulist}=="0-31"
ATTRS{modalias}=="pci:v000010DEd00000375sv00000000sd00000000bc06sc04i00"
ATTRS{enable}=="2"
ATTRS{broken_parity_status}=="0"
ATTRS{msi_bus}=="1"
looking at parent device '/devices/pci0000:00':
KERNELS=="pci0000:00"
SUBSYSTEMS==""
DRIVERS==""
Regards,
Philipp
--
Philipp Niemann DIMDI
UNIX-Systembetreuer Peripherie Waisenhausgasse 36-38a
Tel.: +49 221 4724 281 50676 Koeln
http://www.dimdi.de Germany
Reply to: