author | kergoth <kergoth> | 2003-01-16 04:39:25 (UTC) |
---|---|---|
committer | kergoth <kergoth> | 2003-01-16 04:39:25 (UTC) |
commit | 21cee2677c4a480f00675cdc9160e5d7e97e7122 (patch) (side-by-side diff) | |
tree | a2e3b3f9675949fae2cf57e0f7b44441e7bfa06c /share/opie-login | |
parent | 7ffd4623880396f07e34faf195f8c131218cf682 (diff) | |
download | opie-21cee2677c4a480f00675cdc9160e5d7e97e7122.zip opie-21cee2677c4a480f00675cdc9160e5d7e97e7122.tar.gz opie-21cee2677c4a480f00675cdc9160e5d7e97e7122.tar.bz2 |
*** empty log message ***
-rw-r--r-- | share/opie-login/pre-session | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/share/opie-login/pre-session b/share/opie-login/pre-session index 8219f94..6bf9e4c 100644 --- a/share/opie-login/pre-session +++ b/share/opie-login/pre-session @@ -2,6 +2,38 @@ USER=$1 +# NOTE about permissions in OpenZaurus +# The devices in question here by default +# are accessible to everyone in the group in +# question. We wish to ensure that, as a policy +# choice, a login to opie makes access to these +# devices exclusive by 1) changing device ownership +# to the user, and 2) removing group access. +# +# A better implementation would probably be to store +# existing device permissions at load time, and restore +# them at exit, rather than making assumptions about +# user/group ownership, or permissions. + +permin () +{ + if [ -e $1 ] + then + + chown $USER $1 + chmod g-rw $1 + + else + return 1 + fi +} + +permout () +{ + [ -e $1 ] && chown root $1 + [ -e $1 ] && chmod g+rw $1 +} + if [ -e /proc/hal/model ]; then # fix for misconfigured devfsd @@ -12,5 +44,13 @@ if [ -e /proc/hal/model ]; then [ -e /dev/touchscreen/0 ] && chown $USER /dev/touchscreen/0 [ -e /dev/fb/0 ] && chown $USER /dev/fb/0 [ -e /dev/vc/0 ] && chown $USER /dev/vc/0 -fi +else + + for dev in /dev/dsp /dev/dsp1 /dev/mixer \ + /dev/ts /dev/fb0 + do + permin( $dev ) + done + +fi |