FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 09-15-2010, 12:06 AM
 
Default HAL permissions? (k3b sees no device at all)

Hi,

while installing my 64bit Gentoo on base on the configuration
of 32bit system I came across the problem, that k3b did not
see any devices.

HAD was running, butL: When "hal-devices" was executed as user "no
devices found" (none! not single!) was reported, while executing the
same command as root works fine. With strace I found that this was
due to permissions problems dbus has.

I "fixed" this by removing a section (found by diffing a
configuration of and old but working version of dbus) from
/etc/dbus-1/system.conf, without really knowing the impact.

Now "hal-devices" also reports to a normal user.

I added both system.conf files for your information to this email.

"org.system.conf" is the file, which was originally installed and
which does not work. "system.conf" is the hacked one, which work,
but which may do other things (currently unkonw to me) things wrong.

What is the correct way to fix permission problems
(or access rights) in conjunction with dbus the correct way?

Thank you for your help in advance!

Best regards,
mcc


<!-- This configuration file controls the systemwide message bus.
Add a system-local.conf and edit that rather than changing this
file directly. -->

<!-- Note that there are any number of ways you can hose yourself
security-wise by screwing up this file; in particular, you
probably don't want to listen on any more addresses, add any more
auth mechanisms, run as a different user, etc. -->

<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

<!-- Our well-known bus type, do not change this -->
<type>system</type>

<!-- Run as special user -->
<user>messagebus</user>

<!-- Fork into daemon mode -->
<fork/>

<!-- We use system service launching using a helper -->
<standard_system_servicedirs/>

<!-- This is a setuid helper that is used to launch system services -->
<servicehelper>/usr/libexec/dbus-daemon-launch-helper</servicehelper>

<!-- Write a pid file -->
<pidfile>/var/run/dbus.pid</pidfile>

<!-- Only allow socket-credentials-based authentication -->
<auth>EXTERNAL</auth>

<!-- Only listen on a local socket. (abstract=/path/to/socket
means use abstract namespace, don't really create filesystem
file; only Linux supports this. Use path=/whatever on other
systems.) -->
<listen>unixath=/var/run/dbus/system_bus_socket</listen>

<policy context="default">
<!-- Deny everything then punch holes -->
<deny send_interface="*"/>
<deny receive_interface="*"/>
<deny own="*"/>
<!-- But allow all users to connect -->
<allow user="*"/>
<!-- Allow anyone to talk to the message bus -->
<!-- FIXME I think currently these allow rules are always implicit
even if they aren't in here -->
<allow send_destination="org.freedesktop.DBus"/>
<allow receive_sender="org.freedesktop.DBus"/>
<!-- valid replies are always allowed -->
<allow send_requested_reply="true"/>
<allow receive_requested_reply="true"/>
<!-- disallow changing the activation environment of system services -->
<deny send_destination="org.freedesktop.DBus"
send_interface="org.freedesktop.DBus"
send_member="UpdateActivationEnvironment"/>
</policy>

<!-- Config files are placed here that among other things, punch
holes in the above policy for specific services. -->
<includedir>system.d</includedir>

<!-- This is included last so local configuration can override what's
in this standard file -->
<include ignore_missing="yes">system-local.conf</include>

<include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>

</busconfig>
<!-- This configuration file controls the systemwide message bus.
Add a system-local.conf and edit that rather than changing this
file directly. -->

<!-- Note that there are any number of ways you can hose yourself
security-wise by screwing up this file; in particular, you
probably don't want to listen on any more addresses, add any more
auth mechanisms, run as a different user, etc. -->

<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

<!-- Our well-known bus type, do not change this -->
<type>system</type>

<!-- Run as special user -->
<user>messagebus</user>

<!-- Fork into daemon mode -->
<fork/>

<!-- We use system service launching using a helper -->
<standard_system_servicedirs/>

<!-- This is a setuid helper that is used to launch system services -->
<servicehelper>/usr/libexec/dbus-daemon-launch-helper</servicehelper>

<!-- Write a pid file -->
<pidfile>/var/run/dbus.pid</pidfile>

<!-- Enable logging to syslog -->
<syslog/>

<!-- Only allow socket-credentials-based authentication -->
<auth>EXTERNAL</auth>

<!-- Only listen on a local socket. (abstract=/path/to/socket
means use abstract namespace, don't really create filesystem
file; only Linux supports this. Use path=/whatever on other
systems.) -->
<listen>unixath=/var/run/dbus/system_bus_socket</listen>

<policy context="default">
<!-- All users can connect to system bus -->
<allow user="*"/>

<!-- Holes must be punched in service configuration files for
name ownership and sending method calls -->
<deny own="*"/>
<deny send_type="method_call"/>

<!-- Signals and reply messages (method returns, errors) are allowed
by default -->
<allow send_type="signal"/>
<allow send_requested_reply="true" send_type="method_return"/>
<allow send_requested_reply="true" send_type="error"/>

<!-- All messages may be received by default -->
<allow receive_type="method_call"/>
<allow receive_type="method_return"/>
<allow receive_type="error"/>
<allow receive_type="signal"/>

<!-- Allow anyone to talk to the message bus -->
<allow send_destination="org.freedesktop.DBus"/>
<!-- But disallow some specific bus services -->
<deny send_destination="org.freedesktop.DBus"
send_interface="org.freedesktop.DBus"
send_member="UpdateActivationEnvironment"/>
</policy>

<!-- Config files are placed here that among other things, punch
holes in the above policy for specific services. -->
<includedir>system.d</includedir>

<!-- This is included last so local configuration can override what's
in this standard file -->
<include ignore_missing="yes">system-local.conf</include>

<include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>

</busconfig>
 
Old 09-15-2010, 01:52 PM
Andrés Becerra Sandoval
 
Default HAL permissions? (k3b sees no device at all)

On Tue, Sep 14, 2010 at 7:06 PM, <meino.cramer@gmx.de> wrote:

Hi,



*while installing my 64bit Gentoo on base on the configuration

*of 32bit system I came across the problem, that k3b did not

*see any devices.



*HAD was running, butL: When "hal-devices" was executed as user "no

*devices found" (none! not single!) was reported, while executing the

*same command as root works fine. With strace I found that this was

*due to permissions problems dbus has.



*I "fixed" this by removing a section (found by diffing a

*configuration of and old but working version of dbus) from

*/etc/dbus-1/system.conf, without really knowing the impact.



*Now "hal-devices" also reports to a normal user.



*I added both system.conf files for your information to this email.



*"org.system.conf" is the file, which was originally installed and

*which does not work. "system.conf" is the hacked one, which work,

*but which may do other things (currently unkonw to me) things wrong.



*What is the correct way to fix permission problems

*(or access rights) in conjunction with dbus the correct way?



*Thank you for your help in advance!



*Best regards,

*mcc







Hello,
I had the same problem before migrating my kernel to use ATA instead of deprecated IDE support for disks and cd/dvd drives. After migration, everything is working just fine.

--
* Andrés Becerra Sandoval
 
Old 09-17-2010, 03:21 AM
 
Default HAL permissions? (k3b sees no device at all)

Andr??s Becerra Sandoval <andres.becerra@gmail.com> [10-09-15 18:25]:
> On Tue, Sep 14, 2010 at 7:06 PM, <meino.cramer@gmx.de> wrote:
>
> > Hi,
> >
> > while installing my 64bit Gentoo on base on the configuration
> > of 32bit system I came across the problem, that k3b did not
> > see any devices.
> >
> > HAD was running, butL: When "hal-devices" was executed as user "no
> > devices found" (none! not single!) was reported, while executing the
> > same command as root works fine. With strace I found that this was
> > due to permissions problems dbus has.
> >
> > I "fixed" this by removing a section (found by diffing a
> > configuration of and old but working version of dbus) from
> > /etc/dbus-1/system.conf, without really knowing the impact.
> >
> > Now "hal-devices" also reports to a normal user.
> >
> > I added both system.conf files for your information to this email.
> >
> > "org.system.conf" is the file, which was originally installed and
> > which does not work. "system.conf" is the hacked one, which work,
> > but which may do other things (currently unkonw to me) things wrong.
> >
> > What is the correct way to fix permission problems
> > (or access rights) in conjunction with dbus the correct way?
> >
> > Thank you for your help in advance!
> >
> > Best regards,
> > mcc
> >
> >
> >
>
> Hello,
>
> I had the same problem before migrating my kernel to use ATA instead of
> deprecated IDE support for disks and cd/dvd drives. After migration,
> everything is working just fine.
>
> --
> Andrés Becerra Sandoval

Hi,

Thanks fpr your reply !

I am using a IDE to USB bridge which connect my (older) IDE-based
burner to my USB port...

Its seems, no ATA/IDE driver is involved ?!

Best regards,
mcc
 
Old 09-17-2010, 02:30 PM
Paul Hartman
 
Default HAL permissions? (k3b sees no device at all)

On Thu, Sep 16, 2010 at 10:21 PM, <meino.cramer@gmx.de> wrote:
> I am using a IDE to USB bridge which connect my (older) IDE-based
> burner to my USB port...
>
> Its seems, no ATA/IDE driver is involved ?!

Probably is using some combination of things like SCSI generic, USB
mass storage, etc.
 
Old 09-18-2010, 10:21 AM
Florian Philipp
 
Default HAL permissions? (k3b sees no device at all)

Am 15.09.2010 02:06, schrieb meino.cramer@gmx.de:
> Hi,
>
> while installing my 64bit Gentoo on base on the configuration
> of 32bit system I came across the problem, that k3b did not
> see any devices.
>
[...]

There is a "cdrw" group in /etc/group. Try to add your user to that
group. You might also try the cdrom, disk and plugdev group.

After changing your groups, you have to log out and back in to apply the
changes.

Hope this helps,
Florian Philipp
 

Thread Tools




All times are GMT. The time now is 04:37 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org