Table of Contents
hal-resmgr is an optional separate program that can be used as callout from hald and resmgrd to install ACLs on device files. It's linked against dbus and hal to be able to communicate with hald.
Devices that should be processed by
hal-resmgr need to be tagged. The fdi file
resmgr.fdi
(installed as
/etc/hal/fdi/policy/90osvendor/80-resmgr.fdi
)
does that by merging resmgr specific properties into hal.
The following properties are supported:
the resmgr class the device should added to
the path to the device node that should be used. If it's empty the properties block.device and linux.device_file are checked in that order instead.
To make hald actually run hal-resmgr one
needs to add hal-resmgr
to the strlist properties
info.callouts.add and
info.callouts.remove.
/etc/hal/fdi/policy/90osvendor/80-resmgr.fdi
does that automatically for all devices that have
resmgr.class set.
To tell hal-resmgr that a device with
vendor id 0x1234
and product id
0x5678
should be treated as
class scanner
, create a file
/etc/hal/fdi/policy/20user/50-scanner.fdi
(you may need to create the directory
/etc/hal/fdi/policy/20user
first) with
the following content:
<?xml version="1.0" encoding="ISO-8859-1"?> <deviceinfo version="0.2"> <device> <match key="info.bus" string="usb_device"> <match key="usb_device.vendor_id" int="0x0ccd"> <match key="usb_device.product_id" int="0x0038"> <merge key="resmgr.class" type="string">scanner</merge> </match> </match> </match> </device> </deviceinfo>
Another example for a fictional device that is known to hal:
# cat <<EOF > /etc/hal/fdi/policy/20user/50-missilelauncher.fdi <?xml version="1.0" encoding="ISO-8859-1"?> <deviceinfo version="0.2"> <device> <match key="linux.device_file" string="/dev/missilelauncher"> <merge key="resmgr.class" type="string">wmd</merge> </match> </device> </deviceinfo> EOF # cat <<EOF > /etc/resmgr.conf.d/50-wmd.conf ## define a new class 'wmd' class wmd ## grant access to class 'wmd' when access to 'desktop' is granted ## (ie everyone on a local console) class desktop includes wmd ## maybe you want to restrict access to 'wmd' to members of a group instead #allow wmd group=generals EOF # rcresmgr restart # rchal restart