-rw-r--r-- | share/opie-login/pre-session | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/share/opie-login/pre-session b/share/opie-login/pre-session index 8219f94..6bf9e4c 100644 --- a/share/opie-login/pre-session +++ b/share/opie-login/pre-session @@ -4,2 +4,34 @@ USER=$1 +# NOTE about permissions in OpenZaurus +# The devices in question here by default +# are accessible to everyone in the group in +# question. We wish to ensure that, as a policy +# choice, a login to opie makes access to these +# devices exclusive by 1) changing device ownership +# to the user, and 2) removing group access. +# +# A better implementation would probably be to store +# existing device permissions at load time, and restore +# them at exit, rather than making assumptions about +# user/group ownership, or permissions. + +permin () +{ + if [ -e $1 ] + then + + chown $USER $1 + chmod g-rw $1 + + else + return 1 + fi +} + +permout () +{ + [ -e $1 ] && chown root $1 + [ -e $1 ] && chmod g+rw $1 +} + if [ -e /proc/hal/model ]; then @@ -14,3 +46,11 @@ if [ -e /proc/hal/model ]; then [ -e /dev/vc/0 ] && chown $USER /dev/vc/0 -fi +else + + for dev in /dev/dsp /dev/dsp1 /dev/mixer \ + /dev/ts /dev/fb0 + do + permin( $dev ) + done + +fi |