From mboxrd@z Thu Jan  1 00:00:00 1970
From: Chris Marusich <cmmarusich@gmail.com>
Subject: bug#36335: Is /dev/kvm missing ACLs?
Date: Wed, 26 Jun 2019 23:32:37 -0700
Message-ID: <87d0izlere.fsf@gmail.com>
References: <87sgs1c4r0.fsf@gmail.com> <87v9wu4v3l.fsf@gnu.org>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:470:142:3::10]:43268)
 by lists.gnu.org with esmtp (Exim 4.86_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hgNxu-0004pm-TG
 for bug-guix@gnu.org; Thu, 27 Jun 2019 02:33:03 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hgNxt-0000Ee-Sf
 for bug-guix@gnu.org; Thu, 27 Jun 2019 02:33:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:52011)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1hgNxt-0000EV-P8
 for bug-guix@gnu.org; Thu, 27 Jun 2019 02:33:01 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hgNxt-0000Vj-KZ
 for bug-guix@gnu.org; Thu, 27 Jun 2019 02:33:01 -0400
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.36335.B36335.15616171681942@debbugs.gnu.org>
In-Reply-To: <87v9wu4v3l.fsf@gnu.org> ("Ludovic
 \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\=
 \=\?utf-8\?Q\?s\?\= message of "Mon, 24 Jun 2019 21:54:54 +0200")
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
To: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Cc: 36335@debbugs.gnu.org

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi Ludo,

Ludovic Court=C3=A8s <ludo@gnu.org> writes:

> Guix System doesn=E2=80=99t use ACLs at all.
>
> However, the udev rule for kvm sets it up like this:
>
>   crw-rw---- 1 root kvm 10, 232 Jun 24 08:38 /dev/kvm
>
> and the build users are part of the =E2=80=98kvm=E2=80=99 group.  I perso=
nally arrange
> to have my user account in that group too.

It's good to know that the "kvm" group is the right way to grant
permissions.  However, if Guix System doesn't use ACLs, then why do some
of my device files have ACLs on them, such as the video device file?

=2D-8<---------------cut here---------------start------------->8---
$ getfacl /dev/video0=20
getfacl: Removing leading '/' from absolute path names
# file: dev/video0
# owner: root
# group: video
user::rw-
user:marusich:rw-
group::rw-
mask::rw-
other::---
=2D-8<---------------cut here---------------end--------------->8---

=2D-=20
Chris

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEy/WXVcvn5+/vGD+x3UCaFdgiRp0FAl0UYwYACgkQ3UCaFdgi
Rp1dfxAAsK8bU+YALhclhjKNCJ6RiYbNK4PEMwnxtzpakqLyPAFc6y8fB3hpUge8
S+Pbgiz4LuSBY4iJQ/ZPSRHtyS4BtlmxLOEBe2opf7acXhXup1CelMk/RSHysIT6
sotZu1DhGJZliFsG8ksCjpJi17UCleBDNpIOOudzVZ5qf9oykuhIUh+4n05j8pX0
JXY+R5rfeaTPYBuqP1M4y0byk5ugwmIghh9Zbmq8hOOVg8Nbzj7hwD3CTtO8a3PJ
IhHvN0H7xXJIgzQtgJIkd1zG7mGXWwKdsZLgeDrEvOmWdEHac5+c2qxcnjRWViGM
GZsUWSYa+jlUXQLlM9JgtVpLXIZSK6DwdyK21J4gH5eYka8MRvBcRotk1lctqNGo
zemqvnFykt1Z4gzkZ3R3sSzRvHQG0rqyo7HtAxg7awoEt13YTV8aFoEBwJaIT1z+
ySFiSO449MMn81M3U4atJm6cVzGhtSSyQoiV+PcBXOmJmcZZ6gfm+oFheI6l54nZ
g/vdgftSNLeljwRT1jAlXkHHnzgxKBxTv3N4kvOtcPyuZUU2m6JwOiibhBVN0tCs
uWayKqXrZ+5mzotg+zf+fjNaP64OKu65saEYDhZv+mM5eRGrZMK/lzA8s68awM9e
Kh8DXB2jJJWQW8UhIpOjBhzDDvxLzlHPUk6M3E4E065V3Ht02Xg=
=LLpi
-----END PGP SIGNATURE-----
--=-=-=--