[argyllcms] Re: gnome-color-manager and argyllcms

  • From: Frederic Crozat <fred@xxxxxxxxxx>
  • To: argyllcms@xxxxxxxxxxxxx
  • Date: Sat, 31 Oct 2009 01:11:34 +0100

2009/10/31 Graeme Gill <graeme@xxxxxxxxxxxxx>:
> Richard Hughes wrote:
>>
>> # Huey
>> ATTR{idVendor}=="0971", ATTR{idProduct}=="2005", MODE="666"
>> (other devices here, perhaps 4 or 5)
>
> Hi, the most elegant solution I've come across is on
> Mandriva 2008, where by default anyone logging in on the console
> gets permission to read & write to USB devices. The user
> experience is then comparable to OS X and MS Windows - plug in
> and go.
>
> The above seems to be a udev config, but I was told that
> this is not the current way of doing this, and that instead
> PolicyKit is the current "Linux Way".
> See <http://www.argyllcms.com/doc/Installing_Linux.html#PolicyKit>
>
> Frederic Crozat wrote:
>
>> I've just modified it in Mandriva Linux 2010.0 to use new ACL
>> available in udev :
>>
>> MODE="666" for each line should be replaced by ENV{ACL_MANAGE}="1"
>
> The problem I have is that if I present a udev config that uses a new
> feature such as this, how do I recommend it's use ? Exactly what systems
> is this going to work on, or how does one tell what systems it's going
> to work on ?

It is going to work on all new distributions which are going to be
released this quarter : Mandriva 2010 (released next Tuesday), Ubuntu
9.10 (released yesterday), Fedora 12 (release soon), OpenSUSE 11.2
(release soon), which are now shipped with udev-ACL enabled (unless
I'm mistaken for SUSE, but I'm positive for all other distro).

You might want to check for /lib/udev/udev-acl (or
/lib/udev/rules.d/70-acl.rules)  presence. If it is there, ACL will be
used. Otherwise, you should use MODE="666" (not great, security wise)
or pam_console rules (but it is being replaced by udev acl and not
enabled in many recent distributions).

Maybe it would be a good idea to drop a mail on linux-hotplug mailing
list to get udev people to add a "argylllcms" rules in 70-acl.rules
which enable acl is a specific variable is set for a device (they
already did something similar for scanner / sane or libgphoto ).

-- 
Frederic Crozat

Other related posts: