summaryrefslogtreecommitdiff
path: root/share
authorkergoth <kergoth>2003-01-16 04:39:25 (UTC)
committer kergoth <kergoth>2003-01-16 04:39:25 (UTC)
commit21cee2677c4a480f00675cdc9160e5d7e97e7122 (patch) (side-by-side diff)
treea2e3b3f9675949fae2cf57e0f7b44441e7bfa06c /share
parent7ffd4623880396f07e34faf195f8c131218cf682 (diff)
downloadopie-21cee2677c4a480f00675cdc9160e5d7e97e7122.zip
opie-21cee2677c4a480f00675cdc9160e5d7e97e7122.tar.gz
opie-21cee2677c4a480f00675cdc9160e5d7e97e7122.tar.bz2
*** empty log message ***
Diffstat (limited to 'share') (more/less context) (ignore whitespace changes)
-rw-r--r--share/opie-login/pre-session42
1 files changed, 41 insertions, 1 deletions
diff --git a/share/opie-login/pre-session b/share/opie-login/pre-session
index 8219f94..6bf9e4c 100644
--- a/share/opie-login/pre-session
+++ b/share/opie-login/pre-session
@@ -1,16 +1,56 @@
#!/bin/sh
USER=$1
+# NOTE about permissions in OpenZaurus
+# The devices in question here by default
+# are accessible to everyone in the group in
+# question. We wish to ensure that, as a policy
+# choice, a login to opie makes access to these
+# devices exclusive by 1) changing device ownership
+# to the user, and 2) removing group access.
+#
+# A better implementation would probably be to store
+# existing device permissions at load time, and restore
+# them at exit, rather than making assumptions about
+# user/group ownership, or permissions.
+
+permin ()
+{
+ if [ -e $1 ]
+ then
+
+ chown $USER $1
+ chmod g-rw $1
+
+ else
+ return 1
+ fi
+}
+
+permout ()
+{
+ [ -e $1 ] && chown root $1
+ [ -e $1 ] && chmod g+rw $1
+}
+
if [ -e /proc/hal/model ]; then
# fix for misconfigured devfsd
chmod +x /dev/sound /dev/touchscreen /dev/fb /dev/vc
[ -e /dev/sound/dsp ] && chown $USER /dev/sound/dsp
[ -e /dev/sound/mixer ] && chown $USER /dev/sound/mixer
[ -e /dev/touchscreen/0 ] && chown $USER /dev/touchscreen/0
[ -e /dev/fb/0 ] && chown $USER /dev/fb/0
[ -e /dev/vc/0 ] && chown $USER /dev/vc/0
-fi
+else
+
+ for dev in /dev/dsp /dev/dsp1 /dev/mixer \
+ /dev/ts /dev/fb0
+ do
+ permin( $dev )
+ done
+
+fi