Comment 57 for bug 156085
Revision history for this message
| TJ (tj) wrote Re: [Bug 156085] Could not open /proc/bus/usb/devices | #57 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f33e652
(Get the code!)
On Fri, 2008-09-05 at 07:41 +0000, Martin Pitt wrote:
> shouldn't change anything. If the user can access those USB devices on
> the host, then he should equally be able to access them on the guest,
> since the kvm process runs under his user account and thus can use the
> ACLs?
The problem is, the user *doesn't* have permissions to the raw device
nodes - they've always been root:root. See Matt's explanation about raw
versus cooked.
On Fri, 2008-09-05 at 08:32 +0000, Matt Zimmerman wrote:
> On Fri, Sep 05, 2008 at 07:41:02AM -0000, Martin Pitt wrot
> KVM is something of a special case here.
KVM, Qemu, VirtualBox, and I suspect some other less well-used
hypervisors. I'm hoping we can find a generic solution so that
hypervisor packages don't conflict.
> For KVM USB pass-through, however, it needs access to the raw USB device
> (/dev/bus/usb/*/*) so that it can be presented as a virtual device to the
> guest OS.
Yes, this is the crux of the issue.
> Perhaps the raw device node permissions should be set to be the same as the
> cooked ones? This would at least avoid tweaking for devices recognized by
> the kernel.
Which cooked ones are you thinking about, Matt? From what I can see the
cooked group/permissions are mostly target-specific (e.g. block, video,
serial) whereas what the hypervisor needs is one group to cover all
device classes.
> Alternatively, we could punt and say that USB pass-through requires root
> privileges or manual tweaking of the device node permissions. I'm not sure
> to what extent this feature is used in typical KVM usage; I would think it's
> mostly useful for reverse engineering and such.
My experience, from watching the number of frustrated users posting in
forums on and off Ubuntu, is that there is a growing number of
non-technical users expecting that a VM guest 'will just work' with
their devices (mice, cameras, tablets, scanners (especially), printers,
etc.), and using the deprecated work-around
in /etc/init.
line 40.
This is true particularly when the guest is a Windows variant and their
purpose in using the Windows guest is to use the drivers to access a
device (esp. cameras, scanners and printers) that they find problematic
or unsupported in Linux.
This class of non-technical user:
* expect access to their USB devices in the VM guest the same as if it
were running on the the physical machine
* should not be using root access
The way hypervisors and VMs are promoted and talked about creates an
impression that this stuff should 'just work' - its not a small
corner-case away from the sever applications.
I have been trying to avoid a heavy-handed approach of some kind of
root-user proxy server - I can't see how that would be possible anyway,
since raw device access is required and we already have it but it 'would
be nice' to manage permissions so the VM itself isn't run as root.
Hence my suggestion of an optional generic package "vm-usb" that is a
depend or more likely, a recommends, of hypervisor packages like kvm and
whose only task is to install a udev rule that assigns a "vm" group to
the USB device nodes, and adds the group to the system.
How about a "trusted user device access" package that is more generic
than the "vm-usb" suggested, to cover other similar cases in the future,
with "vm-usb" as a virtual that depends on it?
If the raw device nodes in /dev/bus/usb/*/* are so unique in terms of
permissions then maybe this special-case is justifiable as a user-chosen
option (recommended but not a default package install) since it is
addressing a different scenario than the deprecated "plugdev" group?