An example mdev.conf

Rob Landley rob at landley.net
Sat Nov 7 04:56:43 UTC 2009


On Friday 06 November 2009 21:00:14 Denys Vlasenko wrote:
> On Thursday 05 November 2009 18:19, Natanael Copa wrote:
> > On Thu, 2009-11-05 at 01:52 -0600, Rob Landley wrote:
> > > So solar at gentoo has maintained his own mdev.conf for a while:
> > >
> > >   ftp://tinderbox.x86.dev.gentoo.org/misc/mdev.conf
> > >
> > > And Cross Linux From Scratch picked up a variant of it:
> > >
> > >   http://cross-lfs.org/view/clfs-embedded/x86/bootscripts/mdev.html
> > >
> > > It would be nice if busybox had an example mdev.conf in the examples
> > > directory, and these seem to be the main ones being used in the field.
> >
> > Have a look at this one too:
> > http://git.alpinelinux.org/cgit/aports/tree/main/busybox-initscripts/mdev
> >.conf
>
> # null may already exist; therefore ownership has to be changed with
> command
>
> I am not sure this is true.
>
>                         if (!delete && major >= 0) {
>                                 if (mknod(node_name, mode | type,
> makedev(major, minor)) && errno != EEXIST) bb_perror_msg("can't create %s",
> node_name); if (major == root_major && minor == root_minor)
> symlink(node_name, "root"); if (ENABLE_FEATURE_MDEV_CONF) {
>                                         chmod(node_name, mode);
>                                         chown(node_name, ugid.uid,
> ugid.gid); }
>                                 if (ENABLE_FEATURE_MDEV_RENAME && alias) {
>                                         if (aliaslink == '>')
>                                                 symlink(node_name,
> device_name); }
>                         }
>
> The code above does not skip chown() if the node exists,
> it still would do that.
>
> random          root:root 666
> urandom         root:root 444
> hwrandom        root:root 660
>
> random and urandom modes seem out of sync.

He took the write bit off of urandom, but you can also write to urandom to feed 
entropy back into the system (because lots of people use the urandom 
major/minor for /dev/random on servers and such, because a guaranteed denial 
of service hang is considered worse than going pseudo-random in a way that 
opens a purely theoretical vulnerability that would probably require root 
access on the box to even hope to _detect_, let alone exploit.)

(If you're doing e-commerce or some such, install a hardware random number 
source.  If not, live with urandom.)

Rob
-- 
Latency is more important than throughput. It's that simple. - Linus Torvalds


More information about the busybox mailing list