Package: udev Version: 215-5+b1 Severity: important Tags: patch Dear Maintainer,
Noticed that when plugging a USB mass storage device in that the permissions on the block device were set incorrectly as: brw-rw---- 1 root disk 8, 16 Nov 20 10:20 /dev/sdb brw-rw---- 1 root disk 8, 17 Nov 20 10:20 /dev/sdb1 The expected ownership should have been set as brw-rw---- 1 root floppy 8, 16 Nov 20 10:54 /dev/sdb brw-rw---- 1 root floppy 8, 17 Nov 20 10:54 /dev/sdb1 The solution was to replace /lib/udev/rules.d/91-permissions.rules from an old host and run udevadm control --reload-rules, reinserting the USB device then has the desired ownership. A patch file is attached containing a copy of 91-permissions.rules from lenny, though getting the latest copy may be preferred. It appears that this file was removed as part of some systemd work, http://metadata.ftp-master.debian.org/changelogs//main/s/systemd/systemd_215-5_changelog (26 Apr 2014). -- Package-specific info: -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages udev depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.53 ii libacl1 2.2.52-2 ii libblkid1 2.25.2-2 ii libc6 2.19-13 ii libkmod2 18-3 ii libselinux1 2.3-2 ii libudev1 215-5+b1 ii lsb-base 4.1+Debian13+nmu1 ii procps 2:3.3.9-8 ii util-linux 2.25.2-2 udev recommends no packages. udev suggests no packages. -- debconf information: udev/reboot_needed: udev/new_kernel_needed: false udev/title/upgrade: udev/sysfs_deprecated_incompatibility: -- Best regards, Ed http://www.s5h.net/
diff -Naur lib.old/udev/rules.d/91-permissions.rules lib/udev/rules.d/91-permissions.rules --- lib.old/udev/rules.d/91-permissions.rules 1970-01-01 01:00:00.000000000 +0100 +++ lib/udev/rules.d/91-permissions.rules 2014-11-20 20:47:34.160828017 +0000 @@ -0,0 +1,126 @@ +ACTION=="remove", GOTO="permissions_end" + +# default permissions for block devices +SUBSYSTEM=="block", GROUP="disk" +SUBSYSTEM=="block", ATTRS{removable}=="1", GROUP="floppy" +# the aacraid driver is broken and reports the disks as removable (see #404927) +SUBSYSTEM=="block", DRIVERS=="aacraid", GROUP="disk" +# all block devices on these buses are "removable" +SUBSYSTEM=="block", SUBSYSTEMS=="usb|ieee1394|mmc|pcmcia", GROUP="floppy" + +KERNEL=="cbm", GROUP="floppy" + +# IDE devices +ENV{ID_CDROM}=="?*", GROUP="cdrom" +KERNEL=="ht[0-9]*", GROUP="tape" +KERNEL=="nht[0-9]*", GROUP="tape" + +# SCSI devices +SUBSYSTEM=="scsi_generic|scsi_tape", \ +SUBSYSTEMS=="scsi", ATTRS{type}=="1|8", GROUP="tape" +SUBSYSTEM=="scsi_generic", \ +SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", GROUP="cdrom" + +# USB devices +KERNEL=="legousbtower*", MODE="0666" +KERNEL=="lp[0-9]*", SUBSYSTEMS=="usb", GROUP="lp" +# hplip and cups 1.4+ use raw USB devices, so permissions should be similar to +# the ones from the old usblp kernel module +SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", \ + ENV{ID_USB_INTERFACES}=="", IMPORT{builtin}="usb_id" +SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", \ + ENV{ID_USB_INTERFACES}=="*:0701??:*", GROUP="lp" + +# usbfs-like devices +SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", \ + MODE="0664" + +# serial devices +SUBSYSTEM=="tty", GROUP="dialout" +SUBSYSTEM=="capi", GROUP="dialout" +SUBSYSTEM=="slamr", GROUP="dialout" +SUBSYSTEM=="zaptel", GROUP="dialout" +KERNEL=="mISDNtimer", GROUP="dialout" +KERNEL=="mwave", GROUP="dialout" +KERNEL=="hvc*|hvsi*", GROUP="dialout" + +# vc devices (all members of the tty subsystem) +KERNEL=="ptmx", MODE="0666", GROUP="root" +KERNEL=="console", MODE="0600", GROUP="root" +KERNEL=="tty", MODE="0666", GROUP="root" +KERNEL=="tty[0-9]*", GROUP="root" +KERNEL=="pty*", MODE="0666", GROUP="tty" + +# video devices +SUBSYSTEM=="video4linux", GROUP="video" +SUBSYSTEM=="drm", GROUP="video" +SUBSYSTEM=="dvb", GROUP="video" +SUBSYSTEM=="em8300", GROUP="video" +SUBSYSTEM=="graphics", GROUP="video" +SUBSYSTEM=="nvidia", GROUP="video" + +# misc devices +KERNEL=="random", MODE="0666" +KERNEL=="urandom", MODE="0666" +KERNEL=="mem", MODE="0640", GROUP="kmem" +KERNEL=="kmem", MODE="0640", GROUP="kmem" +KERNEL=="port", MODE="0640", GROUP="kmem" +KERNEL=="nvram", MODE="0640", GROUP="kmem" +KERNEL=="full", MODE="0666" +KERNEL=="null", MODE="0666" +KERNEL=="zero", MODE="0666" +KERNEL=="inotify", MODE="0666" +KERNEL=="sonypi", MODE="0666" +KERNEL=="cpu[0-9]*", MODE="0444" +KERNEL=="agpgart", GROUP="video" +KERNEL=="pmu", GROUP="video" +KERNEL=="kqemu", MODE="0666" +KERNEL=="tun", MODE="0666", OPTIONS+="static_node=net/tun" +KERNEL=="rfkill", MODE="0644" + +KERNEL=="cdemu[0-9]*", GROUP="cdrom" +KERNEL=="pktcdvd[0-9]*", GROUP="cdrom" +KERNEL=="pktcdvd", MODE="0644" + +# printers and parallel devices +SUBSYSTEM=="printer", GROUP="lp" +SUBSYSTEM=="ppdev", GROUP="lp" +KERNEL=="irlpt[0-9]*", GROUP="lp" +KERNEL=="pt[0-9]*", GROUP="tape" +KERNEL=="pht[0-9]*", GROUP="tape" + +# sound devices +SUBSYSTEM=="sound", GROUP="audio", + OPTIONS+="static_node=snd/seq", OPTIONS+="static_node=snd/timer" + +# ieee1394 devices +SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x00010*", GROUP="video" +SUBSYSTEM=="firewire", ATTR{units}=="*0x00b09d:0x00010*", GROUP="video" +SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", GROUP="video" +SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", GROUP="video" +KERNEL=="raw1394", GROUP="disk" +KERNEL=="dv1394-[0-9]*", GROUP="video" +KERNEL=="video1394-[0-9]*", GROUP="video" + +# input devices +KERNEL=="event[0-9]*", ATTRS{name}=="*dvb*|*DVB*|* IR *" \ + MODE="0664", GROUP="video" +KERNEL=="js[0-9]*", MODE="0664" +KERNEL=="event[0-9]*", ENV{ID_CLASS}=="joystick", \ + MODE="0664", GROUP="audio" +KERNEL=="lirc[0-9]*", GROUP="video" + +KERNEL=="mmtimer", MODE="0644" +KERNEL=="sgi_*", MODE="0666" +KERNEL=="z90crypt", MODE="0666" +KERNEL=="iseries/ibmsis*", GROUP="disk" +KERNEL=="iseries/nvt*", GROUP="disk" +KERNEL=="iseries/vt*", GROUP="disk" +KERNEL=="iseries/vtty*", GROUP="dialout" + +# AOE character devices +SUBSYSTEM=="aoe", MODE="0220", GROUP="disk" +SUBSYSTEM=="aoe", KERNEL=="err", MODE="0440", GROUP="disk" + +LABEL="permissions_end" +