'plugdev' considered harmful - affected packages and maintainers?
Martin Pitt
mpitt at debian.org
Tue Oct 11 07:58:17 BST 2016
Petter Reinholdtsen [2016-10-11 8:20 +0200]:
> Because in Jessie the pam_group trick to add plugdev to a console users
> groups seem to be in effect, while in Stretch it is not.
TTBOMK we never configured /etc/security/group.conf with any
non-comment default values. Before we got "uaccess" in squeeze or
wheezy (yes, it's that old), lenny used ConsoleKit to apply ACLs to
devices. Syntactically this was a bit different, but the principle was
exactly the same. The "plugdev" group was muuch earlier than that
-- we came up with it in the 2005 era (sarge, and still in etch I believe).
> Do you mean to tell that the uaccess preference has been in effect
> since before Jessie, and is still not documented? Until now I
> assumed it was a new policy for Stretch.
Yes, way before. In Lenny it was Consolekit, but basically the same
thing, and in that time we started cleaning up all those auxiliary
hardware access group (this was much easier to do in Ubuntu --
unfortunately Debian's installer *still* puts you into half a dozen
groups ☹ ).
Martin
--
Martin Pitt | http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
More information about the Pkg-systemd-maintainers
mailing list