[arch-general] systemd sessions, su -l, and access to /dev/

Daniel Micay danielmicay at gmail.com
Sat Nov 24 18:20:35 EST 2012

On Sat, Nov 24, 2012 at 12:52 PM, MSal <msal at tormail.org> wrote:
> On Sat, Nov 24, 2012 at 02:48:14PM +0100, Joakim Hernberg wrote:
>> On Fri, 23 Nov 2012 21:33:23 +0300
>> MSal <msal at tormail.org> wrote:
>> > 70-uaccess.rules is not a backup file and AFAIK any modifications will
>> > be overwritten in the next update.
>> I have no  /etc/udev/rules.d/70-uaccess.rules on my system, i do have
>> a /usr/lib/udev/rules.d/70-uaccess.rules though.  I think creating
>> the /etc/udev/rules.d/70-uaccess.rules to /dev/null symlink will
>> override the standard rule and will not be overwritten by upgrading the
>> udev package.
> If /etc/udev/rules.d/70-uaccess.rules would be applied on top of
> /usr/lib/udev/rules.d/70-uaccess.rules , that would have been great. As
> one can try to revese the undesired rule and still incorporate all
> upgrades. But cancelling all the rules is a no go for me as I don't want
> to be running an almost unique setup just because udev/systemd/loginctl
> didn't think of group permissions.
> If systemd developers thought of supporting ACLs based on GIDs at least,
> this would have been a no issue.

Just to be clear, this isn't something the systemd developers came up with.

ConsoleKit was responsible applying the same ACLs for local sessions before.

It allows user-switching to work as expected by removing permissions
when the session isn't active.

More information about the arch-general mailing list