- remove default permissions set in 95-dm-notify.rules (and add a hint in 12-dm-permissions.rules to set it by the user directly)
- add multipath DM_ACTION=="PATH_FAILED" filter
- remove unnecessary filters in the headers of the rules (we can simply use DM_UDEV_RULES_VSN instead)
- fix symlink priorities in /dev/disk/ (snapshot volumes have low priority for FS UUID symlinks so it will not overwrite symlinks for the origin)
Version 1.02.39 -
=====================================
+ Remove strict default permissions for DM devices from 95-dm-notify.rules.
Add dmsetup udevflags command to decode udev flags in given cookie value.
Add udev flags support in libdevmapper.
Make libdm ABI consistent when built with/without selinux support.
TEST!="$env{DM_SBIN_PATH}/dmsetup", ENV{DM_SBIN_PATH}="/usr/sbin"
TEST!="$env{DM_SBIN_PATH}/dmsetup", GOTO="dm_end"
+# Decode udev control flags and set environment variables appropriately.
+ENV{DM_COOKIE}=="?*", IMPORT{program}="$env{DM_SBIN_PATH}/dmsetup udevflags $env{DM_COOKIE}"
+
ACTION!="add|change", GOTO="dm_end"
# Normally, we operate on "change" events only. But when
# possible future changes.
ENV{DM_UDEV_RULES_VSN}="1"
-ENV{DM_NAME}=="?*", NAME="$kernel", SYMLINK+="(DM_DIR)/$env{DM_NAME}"
+ENV{DM_NAME}=="?*", SYMLINK+="(DM_DIR)/$env{DM_NAME}"
-# We have to ignore further rule application for temporary
-# cryptsetup devices. But don't forget to send the notification!
+# We have to ignore further rule application for inappropriate events
+# and devices. But still send the notification if cookie exists.
+ENV{DM_UUID}=="mpath-?*", ENV{DM_ACTION}=="PATH_FAILED", GOTO="dm_last_rule"
ENV{DM_UUID}=="CRYPT-TEMP-?*", GOTO="dm_last_rule"
ENV{DM_UUID}!="?*", ENV{DM_NAME}=="temporary-cryptsetup-?*", GOTO="dm_last_rule"
# DM_VG_NAME - volume group name
# DM_LV_LAYER - logical volume layer (blank if not set)
-SUBSYSTEM!="block", GOTO="lvm_end"
-KERNEL!="dm-[0-9]*", GOTO="lvm_end"
+# "add" event is processed on coldplug only!
ACTION!="add|change", GOTO="lvm_end"
ENV{DM_UDEV_RULES_VSN}!="?*", GOTO="lvm_end"
ENV{DM_UUID}!="LVM-?*", GOTO="lvm_end"
-
-# Normally, we operate on "change" events only. But when
-# coldplugging, there's an "add" event present. We have
-# to recognize this and do our actions in this particular
-# situation, too.
-ACTION=="add", ENV{STARTUP}!="1", GOTO="lvm_end"
+ENV{DM_UDEV_DISABLE_SUBSYSTEM_RULES_FLAG}=="1", GOTO="lvm_end"
# Use DM name and split it up into its VG/LV/layer constituents.
IMPORT{program}="$env{DM_SBIN_PATH}/dmsetup splitname --nameprefixes --noheadings --rows $env{DM_NAME}"
# label and uuid are created only if the device is not
# suspended.
-SUBSYSTEM!="block", GOTO="dm_end"
-KERNEL!="dm-[0-9]*", GOTO="dm_end"
+# "add" event is processed on coldplug only!
ACTION!="add|change", GOTO="dm_end"
ENV{DM_UDEV_RULES_VSN}!="?*", GOTO="dm_end"
-
-# Normally, we operate on "change" events only. But when
-# coldplugging, there's an "add" event present. We have to
-# recognize this and do our actions in this particular
-# situation, too.
-ACTION=="add", ENV{STARTUP}!="1", GOTO="dm_end"
+ENV{DM_UDEV_DISABLE_DISK_RULES_FLAG}=="1", GOTO="dm_end"
SYMLINK+="disk/by-id/dm-name-$env{DM_NAME}"
ENV{DM_UUID}=="?*", SYMLINK+="disk/by-id/dm-uuid-$env{DM_UUID}"
ENV{DM_SUSPENDED}=="1", GOTO="dm_end"
IMPORT{program}="$env{DM_SBIN_PATH}/blkid -o udev -p $tempnode"
-OPTIONS="link_priority=-100"
-ENV{DM_LV_LAYER}=="?*", OPTIONS="link_priority=-90"
+ENV{DM_UDEV_LOW_PRIORITY_FLAG}=="1", OPTIONS="link_priority=-100"
ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{ID_FS_UUID_ENC}=="?*", SYMLINK+="disk/by-uuid/$env{ID_FS_UUID_ENC}"
ENV{ID_FS_USAGE}=="filesystem|other", ENV{ID_FS_LABEL_ENC}=="?*", SYMLINK+="disk/by-label/$env{ID_FS_LABEL_ENC}"
# DM_VG_NAME - volume group name (not set if LVM device not present)
# DM_LV_LAYER - logical volume layer (not set if LVM device not present)
-SUBSYSTEM!="block", GOTO="dm_end"
-KERNEL!="dm-[0-9]*", GOTO="dm_end"
-ACTION!="change", GOTO="dm_end"
+# "add" event is processed on coldplug only!
+ACTION!="add|change", GOTO="dm_end"
ENV{DM_UDEV_RULES_VSN}!="?*", GOTO="dm_end"
# A few demonstrational examples...
# listed at the beginning of this file (udev provides simple pattern matching by
# using *, ? and [] that you can use, see 'man udev' for more information).
+# Set default permissions for all DM devices if not set before.
+# OWNER:="root", GROUP:="root", MODE:="660"
+
LABEL="dm_end"
# waiting for completion of udev rules. The process is identified by
# a cookie value sent within "change" and "remove" events (the cookie
# value is set before by that process for every action requested).
-# Also, it sets default permissions for DM devices if not set already.
SUBSYSTEM!="block", GOTO="dm_end"
KERNEL!="dm-[0-9]*", GOTO="dm_end"
ACTION!="change|remove", GOTO="dm_end"
-ACTION=="change", OWNER:="root", GROUP:="root", MODE:="600"
ENV{DM_COOKIE}=="?*", RUN+="$env{DM_SBIN_PATH}/dmsetup udevcomplete $env{DM_COOKIE}"
LABEL="dm_end"