Re: UUIDs (and devfs and major/minor numbers)

david parsons (o.r.c@p.e.l.l.p.o.r.t.l.a.n.d.o.r.u.s)
18 Jun 1999 16:54:05 -0700

In article <linux.kernel.199906181303.JAA30600@pincoya.inf.utfsm.cl>,
Horst von Brand <vonbrand@inf.utfsm.cl> wrote:
>o.r.c@p.e.l.l.p.o.r.t.l.a.n.d.o.r.u.s (david parsons) said:
>
>[...]
>
>> Symlinks are your friend. If you can't live without the dubious
>> benefit of having the kernel not tell you information, but instead
>> have to guess about what devices are, you can do this with symlinks.
>
>Yet again: How do you manage permissions on this cleanly? It has to be
>persistent (no "OK, after we boot this tiny script fixes up the whole
>mess")? How do you propose to manage default permissions for devices that
>might suddenly appear out of nowhere (i.e., USB or hot-pluggable PCI or
>PCMCIA or...)? No, "one size fits all" won't do.

One size fits all fits an awful lot.

In a paranoid case (you're running a multiuser machine and you
know the world is out to get you, you certainly don't want new
devices to spring into life singing "Yoo hoo, sailors! I'm
Available!", so you set up the system to default new permissions
to nobody can touch them.

In a home-machine case (like a laptop) it's simpler to just give
the world access to everything new that pops up.

In the ultra-paranoid case, where you want to do fancy shuffling
of permissions for every device under the sun, but you want new
devices to populate themselves into /dev, you set up /dev in the
traditional pentagram and candles method, open devfs as /devices
(with major/minor number generation enabled), the write a little
daemon that simply carries the major and minor numbers across
into /dev. De facto policy (unless you're much more dedicated
at customising your system than I am, and I'm the person who's
made an all a.out Linux distribution that uses BSD tools in
preference to GNUware) means that your devices in /dev will be
named in a consistant fashion, so the daemon will carry the
majors and minors over via the device names, and when brand new
devices are created, they'll be created in /dev with
ultra-paranoia on, and you can hand- manipulate them at your
leisure.

The ultra-paranoid case is the scheme I was favoring when I was
doing my hacking away at a devfs way back when; I just wanted a
/devices directory that could be used to properly populate /dev.
But it didn't take too much reading to realize that Richard was
doing it in a much better fashion than I was, so I dropped my
horrible kludgery like a hot potato(e).

>I'm not against some devfs type scheme per se, but this is important, and
>devfs makes this problem _worse_ without solving much of the other problems
>that are there.

Devfs breaks nothing. It is not required that you mount a devfs
on dev, and it is not required (unless Richard Gooch has pretty
abruptly broken things) to not have major and minor numbers.

It's a pretty major convenience to have a devfs mounted on /dev,
but that's just a little something extra that comes on top of
the utter bliss that is the kernel actually telling me what
devices it knows about (in a fashion that standard tools can
manipulate it.)

____
david parsons \bi/ Not fond of the traditional methods of torture
\/ that are needed to get information out of regular
Unix kernels.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/