I have my
port ready but since i made the
/dev/nvram device owned by group
440, tpb has to run setgid
kmem which might not fly so well.
I looked at the code and I don't see any easy way to drop privileges since it
has to open
/dev/nvram, read it, and close it every time it polls.
I'll post it to
ports@ and see what people have to say.
tpb makes no mention of how the permissions should be handled and Linux's NVRAM
640, owned by
Maybe tpb needs privsep.