On 12/5/25 05:18, Alyssa Ross wrote: > Demi Marie Obenour writes: > >> On 12/4/25 10:04, Alyssa Ross wrote: >>> We don't really care about these groups, but if they don't exist, udev >>> will also not apply the "other" modes from rules, leaving >>> e.g. /dev/kvm root-only when it should be globally read/write. >>> >>> tty is set to 5, conforming with the systemd convention. >>> >>> Link: https://systemd.io/UIDS-GIDS/ >>> Signed-off-by: Alyssa Ross >>> --- >>> Demi, this should avoid the need to add a udev rule for /dev/kvm. >>> >>> host/rootfs/image/etc/group | 14 ++++++++++++++ >>> 1 file changed, 14 insertions(+) >>> >>> diff --git a/host/rootfs/image/etc/group b/host/rootfs/image/etc/group >>> index 18acc30..e3ade46 100644 >>> --- a/host/rootfs/image/etc/group >>> +++ b/host/rootfs/image/etc/group >>> @@ -1 +1,15 @@ >>> root:x:0:root >>> +clock:x:1: >>> +dialout:x:2: >>> +kmem:x:3: >>> +input:x:4: >>> +tty:x:5: >>> +video:x:6: >>> +render:x:7: >>> +sgx:x:8: >> >> Do we even need this? SGX needs userspace tools that Spectrum >> doesn't have. I presume that the need for this will go away once >> Spectrum's host is built without SGX. > > I think it's better to have it, because without it udev will continue to > warn about it when it reads the default rules. This happens regardless > of whether a matching device actually exists. Ah, I missed that part. Then keep it. -- Sincerely, Demi Marie Obenour (she/her/hers)