2 * manage device node user ACL
4 * Copyright 2010-2012 Kay Sievers <kay@vrfy.org>
5 * Copyright 2010 Lennart Poettering
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 2 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "systemd/sd-login.h"
26 #include "logind-acl.h"
30 static int builtin_uaccess(struct udev_device
*dev
, int argc
, char *argv
[], bool test
) {
32 const char *path
= NULL
, *seat
;
33 bool changed_acl
= false;
38 /* don't muck around with ACLs when the system is not running systemd */
39 if (!logind_running())
42 path
= udev_device_get_devnode(dev
);
43 seat
= udev_device_get_property_value(dev
, "ID_SEAT");
47 r
= sd_seat_get_active(seat
, NULL
, &uid
);
48 if (r
== -ENXIO
|| r
== -ENODATA
) {
49 /* No active session on this seat */
53 log_error("Failed to determine active user on seat %s.", seat
);
57 r
= devnode_acl(path
, true, false, 0, true, uid
);
59 log_full_errno(errno
== ENOENT
? LOG_DEBUG
: LOG_ERR
, r
, "Failed to apply ACL on %s: %m", path
);
67 if (path
&& !changed_acl
) {
70 /* Better be safe than sorry and reset ACL */
71 k
= devnode_acl(path
, true, false, 0, false, 0);
73 log_full_errno(errno
== ENOENT
? LOG_DEBUG
: LOG_ERR
, k
, "Failed to apply ACL on %s: %m", path
);
79 return r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
;
82 const struct udev_builtin udev_builtin_uaccess
= {
84 .cmd
= builtin_uaccess
,
85 .help
= "Manage device node user ACL",