Udev rules installed by primesense allow public access to devices. I see that this is some kind of clock based on a web search, so most likely a separate group should be created and users which are supposed to access those devices should be added to the group. Also, /etc/udev/rules.d is administrator territory. Please move the rules file to /usr/lib/udev/rules.d (aka %{_udevrulesdir}). Version-Release number of selected component (if applicable): openambit-libs-0.3-5.git5f2b784.fc23.x86_64
Check the udev rules path issue [1], as for the access permissions: I don't think a separate group is desirable. This is just an application used to synchronize sports watches, having users first need to add themselves to some group is not very user friendly. Or am I missing something? [1] http://pkgs.fedoraproject.org/cgit/openambit.git/commit/?id=d75cac7ab11c14ccfca6dcecaaffbba94c942318
(In reply to Sandro Mani from comment #1) > Check the udev rules path issue [1] Looks correct, at least in the sense that if it doesn't work, rpm build will fail. > as for the access permissions: I don't > think a separate group is desirable. This is just an application used to > synchronize sports watches, having users first need to add themselves to > some group is not very user friendly. Or am I missing something? Ah, OK, so my google-fu failed me. If it is a pure "user" device (in the sense in which a USB-stick is, or webcam, or an input device), then it should be attached to the seat. I wrote a description of how that is implemented yesterday, it is pasted below. With a device like that, security indeed is not very important, so allowing write access to all users doesn't seem to be a problem. You still might want to modify the rules to attach the device to a seat because in a multi-seat setup, it is better for other users not to "see" the device at all. But it might be overkill here. > uaccess Afaik, this isn't really documented anywhere. The process is done in two parts: 1. some package ships rules which set some udev variable on the devices (for example ENV{ID_SOFTWARE_RADIO}="label") 2. 70-uaccess.rules as shipped by systemd has a matching line which adds the uaccess tag based on this variable (ENV{ID_SOFTWARE_RADIO}=="?*", TAG+="uaccess"). So if primesense devices would fit one of the existing groups which already have their variables (ID_SOFTWARE_RADIO, ID_MEDIA_PLAYER, COLOR_MEASUREMENT_DEVICE, ID_INPUT_JOYSTICK, etc), then your rules could make use of that variable. Otherwise, a new variable would be added upstream. For openambit devices, I don't see a good matching category in http://cgit.freedesktop.org/systemd/systemd/tree/src/login/70-uaccess.rules. ID_PDA comes closest I guess. It seems that we should add a more general tag upstream that can be used for "other" device types.
Ok. Perhaps even ID_WATCH would make sense, considering the increasing number of such devices in the wild. I'll start by pushing an update to fix the udev path issue.
openambit-0.3-6.git5f2b784.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/openambit-0.3-6.git5f2b784.fc21
openambit-0.3-6.git5f2b784.fc22 has been submitted as an update for Fedora 22. https://admin.fedoraproject.org/updates/openambit-0.3-6.git5f2b784.fc22
Package openambit-0.3-6.git5f2b784.fc22: * should fix your issue, * was pushed to the Fedora 22 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing openambit-0.3-6.git5f2b784.fc22' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2015-9412/openambit-0.3-6.git5f2b784.fc22 then log in and leave karma (feedback).
openambit-0.3-6.git5f2b784.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
openambit-0.3-6.git5f2b784.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.