Enforce CONFIG_TMPFS_POSIX_ACL=y for proper /dev perms

Bug #575940 reported by Chase Douglas on 2010-05-05
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Low
Chase Douglas
Lucid
Low
Unassigned

Bug Description

SRU Jusitification:

Impact: Without this change, a flavour may be created without
POSIX ACL support in /dev. This prevents some devices from
functioning.

How Addressed: The change adds an enforcement statement.

Regression Potential: This is a build system change, so as
long as the kernel builds there is no regression.

=====

Ubuntu 10.04 (and possibly earlier releases) requires POSIX ACL support for some /dev nodes. For example:

cndougla@mini:~/Canonical/ubuntu-lucid$ getfacl /dev/dsp
getfacl: Removing leading '/' from absolute path names
# file: dev/dsp
# owner: root
# group: audio
user::rw-
user:cndougla:rw-
group::rw-
mask::rw-
other::---

I know that at least sound is broken without CONFIG_TMPFS_POSIX_ACL=y, so we need to enforce it for all flavours.

Chase Douglas (chasedouglas) wrote :
tags: added: lucid maverick patch
Changed in linux (Ubuntu):
status: New → In Progress
importance: Undecided → Low
assignee: nobody → Chase Douglas (chasedouglas)
milestone: none → lucid-updates
description: updated
Changed in linux (Ubuntu):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.34-1.6

---------------
linux (2.6.34-1.6) maverick; urgency=low

  [ Chase Douglas ]

  * enforce CONFIG_TMPFS_POSIX_ACL=y
    - LP: #575940
  * don't force module dependency checking
    - LP: #577029

  [ Kees Cook ]

  * SAUCE: mmap_min_addr check CAP_SYS_RAWIO only for write
    - LP: #568844

  [ Leann Ogasawara ]

  * Revert "SAUCE: ata: blacklist FUJITSU MHW2160BH PL"
  * rebase to v2.6.34-rc7
  * [Config] update configs following rebase to v2.6.34-rc7
  * [Config] update port configs following rebase to v2.6.34-rc7
  * Add btrfs to the udebs

  [ Tim Gardner ]

  * [Config] Add atl1c to nic-modules udeb
    - LP: #557130

  [ Upstream changes ]

  * rebased to v2.6.34-rc7

linux (2.6.34-1.5) UNRELEASED; urgency=low

  [ Leann Ogasawara ]

  * rebase to v2.6.34-rc6
  * [Config] update configs following rebase to v2.6.34-rc6
  * [Config] update port configs following rebase to v2.6.34-rc6

  [ Upstream changes ]

  * rebased to v2.6.34-rc6

linux (2.6.34-1.4) UNRELEASED; urgency=low

  [ Leann Ogasawara ]

  * rebase to v2.6.34-rc5
  * [Config] update ports configs following rebase to v2.6.34-rc5

  [ Upstream changes ]

  * rebased to v2.6.34-rc5

linux (2.6.34-1.3) UNRELEASED; urgency=low

  [ Leann Ogasawara ]

  * rebase to v2.6.34-rc4
  * [Config] update configs following rebase to v2.6.34-rc4
  * [Config] update port configs following rebase to v2.6.34-rc4
  * ubuntu: dm-raid4-5 -- update to compile with 2.6.34-rc4

  [ Upstream changes ]

  * rebased to v2.6.34-rc4

linux (2.6.34-1.2) UNRELEASED; urgency=low

  [ Leann Ogasawara ]

  * Temorarily disable building linux-doc
  * rebase to v2.6.34-rc3
  * [Config] update configs following rebase to v2.6.34-rc3
  * [Config] update port configs following rebase to v2.6.34-rc3

  [ Upstream changes ]

  * rebased to v2.6.34-rc3

linux (2.6.34-1.1) UNRELEASED; urgency=low

  [ Leann Ogasawara ]

  * rebase to v2.6.34-rc2
  * ubuntu: dm-raid4-5 -- update to compile with 2.6.34-rc2
  * [Config] update port configs following rebase to v2.6.34-rc2
  * [Config] update configs following rebase to v2.6.34-rc2

  [ Upstream changes ]

  * rebased to v2.6.34-rc2

linux (2.6.33-1.1) UNRELEASED; urgency=low

  [ Leann Ogasawara ]

  * ubuntu: dm-raid4-5 -- update to compile with 2.6.33
  * ubuntu: lirc -- drop explicit include of linux/autoconf.h
  * ubuntu: lirc -- pass kfifo to kfifo_alloc and move spinlock
  * ubuntu: lirc -- rename kfifo_put and kfifo_get
  * ubuntu: iscsitarget -- rename daddr inet_sock field
  * rebased to v2.6.33
  * [Config] update configs following rebase to v2.6.33
  * [Config] update ports configs following rebase to v2.6.33

  [ Upstream changes ]

  * rebased to v2.6.33
 -- Leann Ogasawara <email address hidden> Tue, 11 May 2010 11:29:08 +0200

Changed in linux (Ubuntu):
status: Fix Committed → Fix Released
Stefan Bader (smb) on 2010-06-10
Changed in linux (Ubuntu Lucid):
importance: Undecided → Low
status: New → Fix Committed

Accepted linux into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

tags: added: verification-needed
Chase Douglas (chasedouglas) wrote :

This is a build-time fix, and has no runtime affect as long as the kernel built. I can confirm it exists in the sources, so that's all the verification we can do.

Martin Pitt (pitti) on 2010-06-16
tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :
Download full text (25.2 KiB)

This bug was fixed in the package linux - 2.6.32-23.37

---------------
linux (2.6.32-23.37) lucid-proposed; urgency=low

  [ Alex Deucher ]

  * SAUCE: drm/radeon/kms/atom: fix dual-link DVI on DCE3.2/4.0
    - LP: #564559

  [ Andy Whitcroft ]

  * [Config] ports -- build in dm-mod to enable LVM boot
    - LP: #560717
  * tools -- fix perf version extraction for multi-part flavours
    - LP: #555130
  * SAUCE: ACPI: EC: Allow multibyte access to EC (v3)
    - LP: #526354
  * [Config] enforce -- ensure dm_mod is built-in for LVM
    - LP: #560717
  * update to ubuntu-debian:7e708d33054c373faf41da23b73e8b48c342d958
    - LP: #570500, #576274

  [ Chase Douglas ]

  * Revert "(pre-stable): input: ALPS - Add signature for HP Pavilion dm3
    laptops"
    - LP: #550625
  * Enable ftrace function profiler
    - LP: #570389
  * enforce CONFIG_TMPFS_POSIX_ACL=y
    - LP: #575940

  [ Leann Ogasawara ]

  * Revert "staging/comdi -- disable"
    - LP: #563436
  * [Config] Enable multicast routing for sparc
    - LP: #416266
  * [Config] Add ahci.ko to virtual sub-flavour
    - LP: #570542

  [ Stefan Bader ]

  * Revert "SAUCE: drm/i915: Disable FBC on 915GM and 945GM"
    - LP: #588832

  [ Tim Gardner ]

  * ubuntu: rtl8192se -- update to version 0015.0127.2010
    - LP: #567016
  * [Config] Add atl1c to nic-modules udeb
    - LP: #557130

  [ Upstream Kernel Changes ]

  * Revert "(pre-stable) iwlwifi: fix nfreed--"
    - LP: #575853
  * Revert "backlight: mbp_nvidia_bl - add five more MacBook variants"
    - LP: #575853
  * Revert "(pre-stable) pata_via: Add VIA VX900 support"
    - LP: #575853
  * Revert "(pre-stable) x86-32, resume: do a global tlb flush in S4
    resume"
    - LP: #575853
  * Revert "x86: disable IOMMUs on kernel crash"
    - LP: #575853
  * Revert "sunrpc: fix peername failed on closed listener"
    - LP: #575853
  * Revert "sunrpc: move the close processing after do recvfrom method"
    - LP: #575853
  * Revert "(pre-stable) drm/edid: allow certain bogus edids to hit a fixup
    path rather than fail"
    - LP: #575853
  * Revert "drm/radeon/kms: don't print error on -ERESTARTSYS."
    - LP: #575853
  * Revert "ath9k: fix lockdep warning when unloading module" on stable
    kernels
    - LP: #588832
  * Staging: comedi: removed "depricated" from COMEDI_CB_BLOCK
    - LP: #483343
  * fat: fix buffer overflow in vfat_create_shortname()
    - LP: #575853
  * xfs: simplify inode teardown
    - LP: #575853
  * xfs: fix mmap_sem/iolock inversion in xfs_free_eofblocks
    - LP: #575853
  * xfs: I/O completion handlers must use NOFS allocations
    - LP: #575853
  * xfs: Wrapped journal record corruption on read at recovery
    - LP: #575853
  * xfs: Fix error return for fallocate() on XFS
    - LP: #575853
  * xfs: check for not fully initialized inodes in xfs_ireclaim
    - LP: #575853
  * xfs: fix timestamp handling in xfs_setattr
    - LP: #575853
  * xfs: Don't flush stale inodes
    - LP: #575853
  * xfs: Ensure we force all busy extents in range to disk
    - LP: #575853
  * xfs: reclaim inodes under a write lock
    - LP: #575853
  * xfs: Avoid inodes in reclaim when flushing from inode cache
    - LP: #575853
  * xfs: recla...

Changed in linux (Ubuntu Lucid):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers