FBSD-6 usb/scanner-access-rights

Roland Smith rsmith at xs4all.nl
Sun Nov 20 17:48:54 GMT 2005 

On Sun, Nov 20, 2005 at 05:37:36PM +0100, Holger Kipp wrote:
> Dear Roland,
> 
> thank you very much for your answer.
> 
> On Sun, Nov 20, 2005 at 03:04:22PM +0100, Roland Smith wrote:
> > On Sun, Nov 20, 2005 at 02:16:24PM +0100, Holger Kipp wrote:
> > > 
> > > Is there an easy way to name the devices a user might
> > > be allowed to access rw, without compromising the system?
> > > I don't want to give operator group to these users,
> > > and I don't want to blindly allow access to some 
> > > da- or pass-devices where I cannot determine the order
> > > of numbering easily.
> > 
> > One thing you could do is make the groups usb and cdrom and make them
> > the groups owning the relevant devices, e.g. by putting the following in
> > /etc/devfs.rules:
> > 
> > add path 'da*s*' mode 0660 group usb
> > add path 'uscanner*' mode 0660 group usb
> 
> ah, I had the entry 
> "add path 'uscanner*' mode 0660 group usb" 
> missing in the devfs.rules-file
> but this still does not help...
> 
> uscanner0 is here:
> 
> uscanner0: EPSON EPSON Scanner, rev 1.10/1.00, addr 2
> 
> 
> sane-find-scanner has the following to say:
> found USB scanner (UNKNOWN vendor and product) at device /dev/uscanner0

Doesn't matter that you get "UNKNOWN". It _will_ work with sane without
access to /dev/usb*. It does here.

<snip>
> Yes, but there is a problem with numbering of pass-devices:
> 
> with card-reader attached during boot, I have:
> <SMSC 223 U HS-CF 1.95>            at scbus0 target 0 lun 0 (da0,pass0)
> <SMSC 223 U HS-MS 1.95>            at scbus0 target 0 lun 1 (da1,pass1)
> <SMSC 223 U HS-SM 1.95>            at scbus0 target 0 lun 2 (da2,pass2)
> <SMSC 223 U HS-SD/MMC 1.95>        at scbus0 target 0 lun 3 (da3,pass3)
> <HL-DT-ST DVDRAM GSA-4163B A102>   at scbus2 target 0 lun 0 (pass4,cd0)
> <HL-DT-ST RW/DVD GCC-4120B 2.01>   at scbus2 target 1 lun 0 (pass5,cd1)
> 
> attaching card-reader afterwards gives different numbering:
> after boot:
> katrin# camcontrol devlist
> <HL-DT-ST DVDRAM GSA-4163B A102>   at scbus1 target 0 lun 0 (cd1,pass1)
> <HL-DT-ST RW/DVD GCC-4120B 2.01>   at scbus1 target 1 lun 0 (cd0,pass0)
> after attaching cardreader:
> katrin# camcontrol devlist
> <HL-DT-ST DVDRAM GSA-4163B A102>   at scbus1 target 0 lun 0 (cd1,pass1)
> <HL-DT-ST RW/DVD GCC-4120B 2.01>   at scbus1 target 1 lun 0 (cd0,pass0)
> <SMSC 223 U HS-CF 1.95>            at scbus4 target 0 lun 0 (da0,pass2)
> <SMSC 223 U HS-MS 1.95>            at scbus4 target 0 lun 1 (da1,pass3)
> <SMSC 223 U HS-SM 1.95>            at scbus4 target 0 lun 2 (da2,pass4)
> <SMSC 223 U HS-SD/MMC 1.95>        at scbus4 target 0 lun 3 (da3,pass5)
> 
> so allowing access to cd0/cd1 and corresponding pass0 and pass1 will
> break if computer is booted with usb-cardreader attached. not good.

It was an example. I don't have many usb devices, so it works for me. :-)

> > If that is not fine-grained enough, maybe ACLs might help. See setfacl(1).
> 
> so we currently have:
> 
> - rights needed not only for the device itself, but also for the bus
>   and or control devices (pass<x>, usb<x>, xpt0)

Yes, but ACL give fine-grained access control. And no matter how you
look at it, you _have_ to trust the person whom you give access to the
pass devices. It's in the FreeBSD architecture.

> - dynamic numbering (pass<x>).
> 
> I agree that usb is a nightmare and should never have happened.

:-)

For disc devices, you could use GEOM_LABEL. That'll give you consistent
/dev/label/ names.

Roland
-- 
R.F.Smith (http://www.xs4all.nl/~rsmith/) Please send e-mail as plain text.
public key: http://www.xs4all.nl/~rsmith/pubkey.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20051120/6dae0b06/attachment.bin

More information about the freebsd-stable mailing list