1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
# do not edit this file, it will be overwritten on update
# taken/updated from:
# https://github.com/systemd/systemd/blob/master/src/login/70-uaccess.rules
# Do not use TAG+="udev-acl" outside of this file. This variable is private to
# udev-acl of this udev release and may be replaced at any time.
ENV{MAJOR}=="", GOTO="acl_end"
ACTION=="remove", GOTO="acl_apply"
# systemd replaces udev-acl entirely, skip if active
TEST=="/sys/fs/cgroup/systemd", TAG=="uaccess", GOTO="acl_end"
# PTP/MTP protocol devices, cameras, portable media players
SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="udev-acl"
# digicams with proprietary protocol
ENV{ID_GPHOTO2}=="*?", TAG+="udev-acl"
# SCSI and USB scanners
ENV{libsane_matched}=="yes", TAG+="udev-acl"
# HPLIP devices (necessary for ink level check and HP tool maintenance)
ENV{ID_HPLIP}=="1", TAG+="udev-acl"
# optical drives
SUBSYSTEM=="block", ENV{ID_CDROM}=="1", TAG+="udev-acl"
SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", TAG+="udev-acl"
# sound devices
SUBSYSTEM=="sound", TAG+="udev-acl" OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq"
# ffado is an userspace driver for firewire sound cards
SUBSYSTEM=="firewire", ENV{ID_FFADO}=="1", TAG+="udev-acl"
# webcams, frame grabber, TV cards
SUBSYSTEM=="video4linux", TAG+="udev-acl"
SUBSYSTEM=="dvb", TAG+="udev-acl"
# IIDC devices: industrial cameras and some webcams
SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x00010*", TAG+="udev-acl"
SUBSYSTEM=="firewire", ATTR{units}=="*0x00b09d:0x00010*", TAG+="udev-acl"
# AV/C devices: camcorders, set-top boxes, TV sets, audio devices, and more
SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="udev-acl"
SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="udev-acl"
# DRI video devices
SUBSYSTEM=="drm", KERNEL=="card*|renderD*", TAG+="udev-acl"
SUBSYSTEM=="graphics", KERNEL=="fb*", TAG+="udev-acl"
# KVM
SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="udev-acl"
# smart-card readers
ENV{ID_SMARTCARD_READER}=="*?", TAG+="udev-acl"
# (USB) authentication devices
ENV{ID_SECURITY_TOKEN}=="?*", TAG+="udev-acl"
# PDA devices
ENV{ID_PDA}=="*?", TAG+="udev-acl"
# Programmable remote control
ENV{ID_REMOTE_CONTROL}=="1", TAG+="udev-acl"
# joysticks
SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", TAG+="udev-acl"
# color measurement devices
ENV{COLOR_MEASUREMENT_DEVICE}=="*?", TAG+="udev-acl"
# DDC/CI device, usually high-end monitors such as the DreamColor
ENV{DDC_DEVICE}=="*?", TAG+="udev-acl"
# media player raw devices (for user-mode drivers, Android SDK, etc.)
SUBSYSTEM=="usb", ENV{ID_MEDIA_PLAYER}=="?*", TAG+="udev-acl"
# software-defined radio communication devices
ENV{ID_SOFTWARE_RADIO}=="?*", TAG+="udev-acl"
# apply ACL for all locally logged in users
LABEL="acl_apply", TAG=="udev-acl", TEST=="@RUNDIR@/ConsoleKit/database", \
RUN+="udev-acl --action=$env{ACTION} --device=$env{DEVNAME}"
LABEL="acl_end"
|