Description of problem: There's something wrong with applying permission udev rules (OWNER, GROUP, MODE) when these rules are applied conditionally based on an ENV rule. Even if the ENV variable is set and passes the condition used, the permissions are not applied. How reproducible: For example, by creating permission /etc/udev/rules.d/12-dm-permissions.rules: (with ENV) ENV{DM_NAME}=="mydev", OWNER:="peter", GROUP:="peter", MODE:="660" LABEL="dm_end" (with KERNEL) KERNEL=="dm-*", OWNER:="peter", GROUP:="peter", MODE:="660" In the former case with the "ENV" rule used, the permissions are not applied even though ENV{DM_NAME}=="mydev" exists (and which is set in 10-dm.rules). In the latter case with the "KERNEL" rule used, the permissions are correctly applied. So this seems to be a problem with processing the ENV rule. Attaching full logs: (with ENV) logs_with_env_used.tar.bz2 (with KERNEL) logs_with_kernel_used.tar.bz2 Additional info: Based on the logs, it seems the rule to set permissions while using the ENV comparison is correctly recognized for application though it's not applied, as the udevd log says: set permissions /dev/dm-73, 060660, uid=0, gid=6 ... OWNER 1000 /etc/udev/rules.d/12-dm-permissions.rules:1 GROUP 1000 /etc/udev/rules.d/12-dm-permissions.rules:1 Version: systemd-197-1.fc18.1.x86_64
Created attachment 686828 [details] lgos with ENV rule used
Created attachment 686829 [details] logs with KERNEL rule used
Recent udev versions only set the device node permissions and selinux context with "add" and never later. We need to find some fix here ...
*** This bug has been marked as a duplicate of bug 903716 ***