LOGINDEVPERM(5) File Formats and Configurations LOGINDEVPERM(5)
NAME
logindevperm, fbtab - login-based device permissions
SYNOPSIS
/etc/logindevpermDESCRIPTION
The
/etc/logindevperm file contains information that is used by
login(1) and
ttymon(8) to change the owner, group, and permissions of
devices upon logging into or out of a console device. By default,
this file contains lines for the keyboard, mouse, audio, and frame
buffer devices.
The owner of the devices listed in
/etc/logindevperm is set to the
owner of the console by
login(1). The group of the devices is set to
the owner's group specified in
/etc/passwd. The permissions are set
as specified in
/etc/logindevperm.
If the console is
/dev/vt/active, the owner of the devices is the
first user logged in on the consoles (
/dev/console or
/dev/vt/#).
Upon this first user's logout the owner and group of these devices is
reset by
ttymon(8) to owner root and root's group as specified in
/etc/passwd.
Fields are separated by a TAB or SPACE characters. Blank lines and
comments can appear anywhere in the file; comments start with a
hashmark, (
#), and continue to the end of the line.
The first field specifies the name of a console device (for example,
/dev/console). By default, it is
/dev/vt/active, which points to the
current active console, including
/dev/console and all virtual
consoles (
/dev/vt/#). The second field specifies the permissions to
which the devices in the
device_list field (third field) are set.
These permissions must be expressed in octal format, for example,
0774. A
device_list is a colon-separated list of device names. A
device name must be a
/dev link.
A directory or logical name in the device name can be either one of
the following:
o A fully qualified name, for example,
fbs.
o A regular expression, for example,
[a-z0-9.]+. See
regexp(7) for more information on regular expressions.
o The wildcard character
* specifying all directory or node
names (except
. and
.., for example,
/dev/fbs/* specifies
all frame buffer devices.
Some examples of
/etc/logindevperm file entries include:
/dev/usb/[0-9a-f]+[.][0-9a-f]+/[0-9]+/[a-z0-9.]+
/dev/usb/[0-9a-f]+[.][0-9a-f]+/[0-9]+/*
/dev/usb/[0-9a-f]+[.][0-9a-f]+/*/*
Specify all
ugen(4D) endpoints and status nodes.
Drivers can also be specified to limit the permission changes to
minor nodes owned by the specified drivers. For example,
/dev/console 0600 /dev/usb/[0-9a-f]+[.][0-9a-f]+/[0-9]+/* \
driver=usb_mid,scsa2usb,usbprn # libusb devices
Due to the persistence of
devfs(4FS) minor node management, the user
should be logged in as root if the list of minor nodes will be
reduced and the devices should all be plugged in.
Once the devices are owned by the user, their permissions and
ownership can be changed using
chmod(1) and
chown(1), as with any
other user-owned file.
Upon logout the owner and group of these devices are reset by
ttymon(8) to owner
root and root's group as specified in
/etc/passwd (typically
other). The permissions are set as specified in the
/etc/logindevperm file.
FILES
/etc/passwd File that contains user group information.
SEE ALSO
chmod(1),
chown(1),
login(1),
ugen(4D),
passwd(5),
regexp(7),
ttymon(8)NOTES
/etc/logindevperm provides a superset of the functionality provided
by
/etc/fbtab in SunOS 4.
x releases.
September 25, 2008 LOGINDEVPERM(5)
