Description of problem: After rebooting today many files in /dev were group owned by 'lego' that shouldn't have been and were set to mode 660 that shouldn't have been. Notably /dev/null was not accessible to world and neither /dev/random nor /dev/urandom were world readable. This prevented X from completing start up. I looked for references to lego in udev rules and found ones owned by nqc and nxt_python. Removing those two packages got things working again. However those packages haven't changed since last February. Since the udev change triggered the problem I am doing an initial assigment there, since the udev guys are more likely to know what changed and can advise the other package owners if they are doing something wrong. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
The rule in that package doesn't look right, nothing should ever try to replace a kernel-provided device name with a symlink, but it should not cause any damage. What does: udevadm test /sys/class/mem/random print?
Created attachment 529581 [details] This is with nqc and nxt_python uninstalled I had removed nqc and nxt_python in order to get things to work on boot. I figured I'd capture the requested output before reinstalling them for comparison. I'll the result with them installed shortly.
Created attachment 529582 [details] Output with nqc and nxt_python installed
That looks all fine: creating device node '/dev/random', devnum=1:8, mode=0666, uid=0, gid=0 did not notice, that not only nqc but also nxt_python install udev rules. The rules in nxt_python are broken. SYSFS= and BUS= are deprecated since years. The rule probably assigns the group 'lego' to all files in /dev. The rules file needs to move to /lib/udev/rules.d/ and be converted to: SUBSYSTEM=="usb", ATTRS{idVendor}=="0694", GROUP="lego", MODE="0660"
Since this bug causes serious issues for rawhide users that have it installed, I invoked provenpackager status to do a fix in rawhide. I'll let the maintainer decide if they want to apply the fix to older versions. There isn't a hurry to do anything with those as the depreciated parameters still work there.
Thanks for the fix. I'll check if we should ignore such rule lines entirely, instead of having them match on too many things.
This should make the broken rules less fatal to the rest of the system, they should just get ignored now. http://pkgs.fedoraproject.org/gitweb/?p=udev.git;a=commitdiff;h=4dfe0853b64444e1c5c8f0c7564909ce7b9ed81a http://koji.fedoraproject.org/koji/taskinfo?taskID=3452144