Hi,
I am trying create a custom udev rule to change the group and permissions on /dev/net/tun. Some research indicated that rather than directly editing the rule in /etc/udev/rules.d/50-udev.rules that I should create my own local rules file something like 10-local.rules which contains KERNEL=="tun", NAME="net/%k", OWNER="root", GROUP="vboxusers", MODE="0660"
But unfortunately when I reboot the permissions are still
0 crw------- 1 root root 10, 200 Oct 24 14:09 /dev/net/tun
Can anyone tell me what I'm doing wrong? Or point me to some clear documentation about creating custom udev rules.
Thanks
Hi,
On Thu, Oct 23, 2008 at 21:28, Clint Dilks clintd@scms.waikato.ac.nz wrote:
something like 10-local.rules which contains KERNEL=="tun", NAME="net/%k", OWNER="root", GROUP="vboxusers", MODE="0660" But unfortunately when I reboot the permissions are still 0 crw------- 1 root root 10, 200 Oct 24 14:09 /dev/net/tun
Can anyone tell me what I'm doing wrong? Or point me to some clear documentation about creating custom udev rules.
I'm not 100% sure of why this is happening, but I believe that the rule to create /dev/net/tun in 50-udev.rules is overriding the one you created. Did you try to create it as 99-local.rules? What about creating a device with another name so that they do not conflict?
But in general I agree with you that udev is a little tricky and documentation could be improved...
HTH, Filipe
Hi,
A google search led me to: http://reactivated.net/writing_udev_rules.html
There it states that you generally will want your rules before the system default rules, but in any case it should apply all the rules, not only the first match, so putting your rule after the defaults could have some effect.
Also, it seems that the default permissions should be 0660, but for some reason /dev/net/tun is created with 0600, even though there is not setting for that in 50-udev.rules... still don't know why.
One other way that might go around this is to use the "last_rule" option. Apparently, if you add OPTIONS+="last_rule" to the rule it won't process the further down rules, so this might be one way to fix your specific problem.
Another useful information from that webpage is the reference to the "udevtest" command, that I believe could be used to trace exactly what is happening on your case.
Anyway, I still haven't tried any of those. If you do and find out what is happening, please share with us your results!
HTH, Filipe
Hi,
Found another interesting detail. net/tun is listed in /etc/udev/makedev.d/50-udev.nodes, which starts with this comment: # These device have to be created manually
I just didn't find who/what actually creates those, and using which permissions. Anyway, another clue in your puzzle.
HTH, Filipe
Filipe Brandenburger wrote:
Found another interesting detail. net/tun is listed in /etc/udev/makedev.d/50-udev.nodes, which starts with this comment: # These device have to be created manually
I just didn't find who/what actually creates those, and using which permissions. Anyway, another clue in your puzzle.
Hi Filipe,
This was a pointer in the right direction. This device file is actually created by /sbin/MAKEDEV and the configurations files it uses are found in /etc/makedev.d/ in particular for the device I am interested in it was the file 01linux-2.6.x.
I have changed this line c $ROOT 10 200 1 1 net/tun to c 0660 root vboxusers 10 200 1 1 net/tun
I am still confused as to why a udev rules exists for the device when it doesn't seem to ever be applied.
Thanks for the help, and have a nice day.
-
Clint Dilks -
Filipe Brandenburger