Hi,
I've been doing some testing of Eduard Hasenleithner's Intuos4 LED and OLED
patch and have got it mostly working to my satisfaction (support for
wacom-config should be coming in the next few weeks) but one point I'm
unclear on is how best to handle the permissions required to update the oled
images.
As the patch currently stands you have to be root/have sudo access to run
the command to do the update. That's not so useful when considering
giving access to the ability to end users on the network you maintain who
are devoid of sudo/root permissions. (and not so good for wacom-config
since I sudo'ing the app would rather confuse the settings for other things)
I'm unclear from the notes I can find as to what the end plan is when the
patch is accepted upstream and people start looking at support in
xsetwacom. Is there some config file I've missed that can be used to set
permissions on sysfs items? or is the plan to just have people sudo
xsetwacom when they need to set an led? I was thinking based on past
experience the most security policy correct setup would be to give the files
you write to a group other than root and group write permissions, you could
then set the users who should have access to update the oleds to be in the
group? It doesn't look like that's the current plan though since the patch
only sets write permissions on the files for the owner (root).
My current hack I'm using for my users is to search and replace through the
patch to turn S_IWUSR into S_IWOTH which gives easy setting of the oleds via
my code without needing it to run with elevated permissions. I'd rather if
possible find a better supported option so users onside my network don't
have to do patch their modules if they want to set oleds via my code.
Can anybody more familiar with kernel permission policies etc comment on
which way I should be taking this?
Thanks for your time
-J
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Linuxwacom-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/linuxwacom-devel
