[BRLTTY] BRLTTY, systemd and unprivileged user

Dave Mielke Dave at mielke.cc
Sun Aug 23 06:39:30 EDT 2020 

[quoted lines by Aura Kelloniemi on 2020/08/23 at 11:48 +0300]

>They are owned by uucp and that seems to be what Arch udev rules do. Therefore
>it would be nice if BRLTTY's install did not enforce creation of a dialout
>group, because it being present on the system might make some other
>application believe, that they should use this group (which does not have any
>permissions anywhere).

Fixed. Now, just the owning group of /dev/ttyS0 is used.

>Maybe using 'install -d -o brltty -g brltty -m0700 /var/run/brltty'. This does
>not fail if the directory already exists, but fixes its permissions if needed.

Fixed using this method, excwept that -m0770 is used.

> > That, however, may be why you aren't benefitting from the rule to fix the
> > /dev/uinput access problem.
>
>At that point I still had all the rules, so it should not be that.

Maybe, when updating systemd stuff, the new udev rules file wasn't picked up.
Anyway, from the latest brltty udev rules file:

   #############################################################################
   # The following rule adds read and write group permissions to /dev/uinput.  #
   # BRLTTY is now able to switch to running as an unprivileged user, using    #
   # only a few capabilities), and we don't want to be using CAP_DAC_OVERRIDE. #
   # It uses uinput in order to support some important features, including:    #
   # *  Keyboard Key Tables                                                    #
   # *  Injecting arbitrary key combinations typed on braille devices.         #
   #############################################################################
   KERNEL=="uinput", ACTION=="add", MODE="0660"

>The problem of systemd-udev-settle (according to a sourcw I found using a
>well-known search engine) is that it blocks the system bootup process. Because
>BRLTTY is wanted by sysinit.target and BRLTTY depends on systemd-udev-settle,
>then sysinit.target cannot be reached before /dev is ready, which might slow
>down the boot. I have BRLTTY now running without this dependency (it is only
>scheduled to be run before sysinit.target) and it works fine.

Thanks. That dependency has now been removed.

-- 
I believe the Bible to be the very Word of God: http://Mielke.cc/bible/
Dave Mielke            | 2213 Fox Crescent | WebHome: http://Mielke.cc/
EMail: Dave at Mielke.cc  | Ottawa, Ontario   | Twitter: @Dave_Mielke
Phone: +1 613 726 0014 | Canada  K2A 1H7   |

More information about the BRLTTY mailing list