Remove 51-mariux udev rules file

The rules in this file want to make sound, video and cdrom devices available to the locally logged in user by setting the device files to mode 0666, which in fact makes these available to all users. This is a privacy problem when applied to sound, input and video devices. However, this is unnecessary, as the access for the locally logged in user is already managed by udev and logind. The whole processes is more or less undocumented [1] Relevant rules files are /lib/udev/rules.d/70-uaccess.rules /lib/udev/rules.d/71-seat.rules /lib/udev/rules.d/83-seat-late.rules In the end, either the udev uaccess build [2] or logind [3] set a acl to the relevant device files so that the local user can access it. Remove the local rule file. [1] https://github.com/systemd/systemd/issues/4288 [2] https://github.com/systemd/systemd/blob/4d484e14bb9864cef1d124885e625f33bf31e91c/src/udev/udev-builtin-uaccess.c#L51 [3] https://github.com/systemd/systemd/blob/4d484e14bb9864cef1d124885e625f33bf31e91c/src/login/logind-seat.c#L216
mariux64 · Feb 19, 2021 · 96ec614 · 96ec614
1 parent 8968e0d
commit 96ec614
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 4 deletions.
diff --git a/install.sh b/install.sh
@@ -208,7 +208,6 @@ install_symlink /usr/bin/prun                             "$DESTDIR$usrlocal_pre
 install_symlink /usr/bin/ptype                            "$DESTDIR$usrlocal_prefix/package/bin/ptype"
 install_symlink /usr/bin/pman                             "$DESTDIR$usrlocal_prefix/package/bin/pman"
 install_data misc_etc_files/sysctl.conf                   "$DESTDIR$sysconfdir/sysctl.conf"
-install_data misc_etc_files/udev/rules.d/51-mariux.rules  "$DESTDIR$sysconfdir/udev/rules.d/51-mariux.rules"
 install_data misc_systemd_units/reboot-notify.service     "$DESTDIR$systemdunitdir/reboot-notify.service"
 
 postinstall

diff --git a/misc_etc_files/udev/rules.d/51-mariux.rules b/misc_etc_files/udev/rules.d/51-mariux.rules