Changeset d20c871 for postlfs/config
- Timestamp:
- 03/06/2010 10:33:48 PM (14 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- bf157fc2
- Parents:
- a5a9ff8
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/config/devices.xml
ra5a9ff8 rd20c871 51 51 </sect2> 52 52 53 <sect2 id="usb-device-issues"> 54 <title>USB Device Issues</title> 55 56 <para>USB devices usually have two kinds of device nodes associated with 57 them.</para> 58 59 <para>The first kind is created by device-specific drivers (e.g., 60 usb_storage/sd_mod or usblp) in the kernel. For example, a USB mass storage 61 device would be /dev/sdb, and a USB printer would be /dev/usb/lp0. These 62 device nodes exist only when the device-specific driver is loaded.</para> 63 64 <para>The second kind of device nodes (/dev/bus/usb/BBB/DDD, where BBB is 65 the bus number and DDD is the device number) is created even if the device 66 doesn't have a kernel driver. By using these "raw" USB device nodes, an 67 application can exchange arbitrary USB packets with the device, i.e., 68 bypass the possibly-existing kernel driver.</para> 69 70 <para>Access to raw USB device nodes is needed when a userspace program is 71 acting as a device driver. However, for the program to open the device 72 successfully, the permissions have to be set correctly. By default, due to 73 security concerns, all raw USB devices are owned by user root and group 74 usb, and have 0664 permissions (the read access is needed, e.g., for lsusb 75 to work and for programs to access USB hubs). Packages (such as SANE and 76 libgphoto2) containing userspace USB device drivers also ship udev rules 77 that change the permissions of the controlled raw USB devices. That is, rules 78 installed by SANE change permissions for known scanners, but not printers. 79 If a package maintainer forgot to write a rule for your device, 80 report a bug to both BLFS (if the package is there) and upstream, and 81 ypu will need ot write your own rule.</para> 82 83 <para>There is one situation when such fine-grained access control with 84 pre-generated udev rules doesn't work. Namely, PC emulators such as KVM, 85 QEMU and VirtualBox use raw USB device nodes to present arbitrary USB 86 devices to the guest operating system (note: patches are needed in order to 87 get this to work without the obsolete /proc/bus/usb mount point described 88 below). Obviously, maintainers of these packages cannot know which USB 89 devices are going to be connected to the guest operating system. You can 90 either write separate udev rules for all needed USB devices yourself, or 91 use the default catch-all "usb" group, members of which can send 92 arbitrary commands to all USB devices. </para> 93 94 <para>Before Linux-2.6.15, raw USB device access was performed not with 95 /dev/bus/usb/BBB/DDD device nodes, but with /proc/bus/usb/BBB/DDD 96 pseudofiles. Some applications (e.g., VMware Workstation) still use only 97 this deprecated technique and can't use the new device nodes. For them to 98 work, use the "usb" group, but remember that members will have unrestricted 99 access to all USB devices. To create the fstab entry for the obsolete 100 usbfs filesystem:</para> 101 102 <screen><literal>usbfs /proc/bus/usb usbfs devgid=14,devmode=0660 0 0</literal></screen> 103 104 <note><para>Adding users to the "usb" group is inherently insecure, as they 105 can bypass access restrictions imposed through the driver-specific USB 106 device nodes. For instance, they can read sensitive data from USB hard drives 107 without being in the "disk" group. Avoid adding users to this group, if 108 you can.</para></note> 109 110 </sect2> 111 53 112 <sect2> 54 113 <title>Udev Device Attributes</title> … … 69 128 scanner <application>udev</application> rules are put into place when 70 129 installing <xref linkend='sane'/>.</para></note> 71 72 </sect2>73 74 <sect2>75 <title>USB Device Issues</title>76 77 <para>Some older applications, such as <application>VMware</application>,78 need the following deprecated entry in the <filename>/etc/fstab</filename>79 file. This is not normally needed.</para>80 81 <screen><literal>usbfs /proc/bus/usb usbfs devgid=14,devmode=0660 0 0</literal></screen>82 130 83 131 </sect2>
Note:
See TracChangeset
for help on using the changeset viewer.