Re: Move u2f-devd into base?

On Mon, 8 Jan 2024 10:35:03 -0600
Kyle Evans <kevans@FreeBSD.org> wrote:

> On 1/8/24 10:30, Tomoaki AOKI wrote:
> > On Mon, 8 Jan 2024 08:18:38 -0700
> > Warner Losh <imp@bsdimp.com> wrote:
> > 
> >> On Mon, Jan 8, 2024, 7:55〓AM Christian Weisgerber <naddy@mips.inka.de>
> >> wrote:
> >>
> >>> We have FIDO/U2F support for SSH in base.
> >>>
> >>> We also have a group "u2f", 116, in the default /etc/group file.
> >>>
> >>> Why do we keep the devd configuration (to chgrp the device nodes)
> >>> in a port, security/u2f-devd?  Can't we just add this to base, too?
> >>> It's just another devd configuration file.
> >>>
> >>
> >> This properly belongs to devfs.conf no? Otherwise it's a race...
> >>
> >> Warner
> >>
> >> -- 
> >>> Christian "naddy" Weisgerber                          naddy@mips.inka.de
> > 
> > It's devd.conf materials. It actually is security/usf-devd/files
> > u2f.conf and its contents is sets of notify 100 { match "vendor" ...
> > match "product" ... action "chgrpy u2f ..." };.
> > Some hase more items in it, though.
> > 
> > So it should be in ports to adapt for latest products more quickly than
> > in base, I think.
> > 
> 
> I don't see any obvious reason that we can't compromise and have a 
> baseline of products in base and just use the port for new products not 
> yet known to base.  These vendors presumably aren't going to quickly 
> repurpose some PID for a non-u2f thing, much less in a way that we care 
> about.
> 
> Thanks,
> 
> Kyle Evans

Looks reasonable to me.

Regards.

-- 
Tomoaki AOKI    <junchoon@dec.sakura.ne.jp>