Changeset 63757 in vbox

Timestamp:

Sep 7, 2016 5:51:48 PM (8 years ago)

Author:

vboxsync

Message:

bugref:8569: Add SELinux rule to allow vboxdrv.sh access to /etc/udev/rules.d: create udev rules at installation time, not at boot time, to make SELinux happier.

Location:

trunk/src/VBox

Files:

• HostDrivers/linux/load.sh (modified) (1 diff)
• Installer/linux/vboxdrv.sh (modified) (4 diffs)

trunk/src/VBox/HostDrivers/linux/load.sh

@@ -33 +33 @@
 
 # Unload, but keep the udev rules.
-sudo "${MY_DIR}/vboxdrv.sh" stop_keep_udev
+sudo "${MY_DIR}/vboxdrv.sh" stop
 
 if [ -z "${OPT_UNLOAD_ONLY}" ]; then

trunk/src/VBox/Installer/linux/vboxdrv.sh

@@ -186 +186 @@
 
 ## Install udev rules and create device nodes for usb access
-install_device_node_setup() {
+setup_usb() {
     VBOXDRV_GRP="$1"      # The group that should own /dev/vboxdrv
     VBOXDRV_MODE="$2"     # The mode to be used for /dev/vboxdrv
@@ -213 +213 @@
 }
 
+cleanup_usb()
+{
+    # Remove udev description file
+    rm -f /etc/udev/rules.d/60-vboxdrv.rules
+    rm -f /etc/udev/rules.d/10-vboxdrv.rules
+
+    # Remove our USB device tree
+    rm -rf /dev/vboxusb
+}
+
 start()
 {
     begin_msg "Starting VirtualBox services" console
-    # Create udev rule and USB device nodes.
-    ## todo Wouldn't it make more sense to install the rule to /lib/udev?  This
-    ## is not a user-created configuration file after all.
-    ## todo Do we need a udev rule to create /dev/vboxdrv[u] at all?  We have
-    ## working fall-back code here anyway, and the "right" code is more complex
-    ## than the fall-back.  Unnecessary duplication?
-    install_device_node_setup "$GROUP" "$DEVICE_MODE" "$INSTALL_DIR"
     if [ -d /proc/xen ]; then
         failure "Running VirtualBox in a Xen environment is not supported"
@@ -286 +289 @@
 stop()
 {
-    if test ${#} -eq 0 || ! test "${1}" = "--keep-udev"; then
-        begin_msg "Stopping VirtualBox services" console
-
-        # Remove udev description file
-        rm -f /etc/udev/rules.d/60-vboxdrv.rules
-        rm -f /etc/udev/rules.d/10-vboxdrv.rules
-
-        # Remove our USB device tree
-        rm -rf /dev/vboxusb
-    else
-        begin_msg "Stopping VirtualBox services (keeping udev + usb)" console
-    fi
+    begin_msg "Stopping VirtualBox services" console
 
     if running vboxpci; then
@@ -471 +463 @@
     stop_vms
     ;;
-stop_keep_udev)
-    # This is used by src/VBox/HostDrivers/linux/load.sh.
-    stop_vms
-    stop --keep-udev
-    ;;
 restart)
     stop && start
     ;;
 setup)
+    # Create udev rule and USB device nodes.
+    ## todo Wouldn't it make more sense to install the rule to /lib/udev?  This
+    ## is not a user-created configuration file after all.
+    ## todo Do we need a udev rule to create /dev/vboxdrv[u] at all?  We have
+    ## working fall-back code here anyway, and the "right" code is more complex
+    ## than the fall-back.  Unnecessary duplication?
+    setup_usb "$GROUP" "$DEVICE_MODE" "$INSTALL_DIR"
     setup && start
     ;;
 cleanup)
     stop && cleanup
+    cleanup_usb
     ;;
 force-reload)