From 5a8b9fd49f7602c19b56deb8cc0efd23e0aa8e2a Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 1 Sep 2025 12:07:34 +0900
Subject: [PATCH] NEWS: mention ACLs by "uaccess" is always set by udevd

Follow-up for c960ca2be1cfd183675df581f049a0c022c1c802 (#36444).
Prompted by https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1112660.
---
 NEWS | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/NEWS b/NEWS
index ff55bbcaa3a..d51b5d5e03c 100644
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,18 @@ CHANGES WITH 258 in spe:
           option. (This effectively means "mesg n" is now the default, rather
           than "mesg y", see mesg(1) man page for help.)
 
+        * ACLs for device nodes requested by "uaccess" udev tag are now always
+          applied/updated by systemd-udevd through "uaccess" udev builtin, and
+          systemd-logind no longer applies/updates ACLs but triggers "change"
+          uevents to make systemd-udevd apply/update ACLs. Hence, the "uaccess"
+          udev tag should be set not only on "add" action but also on "change"
+          action, and it is highly recommended that the rule is applied all
+          actions except for "remove" action.
+          Recommended example:
+              ACTION!="remove", SUBSYSTEM=="hidraw", TAG+="uaccess"
+          The following example does not work since v258:
+              ACTION=="add", SUBSYSTEM=="hidraw", TAG+="uaccess"
+
         * systemd-run's --expand-environment= switch, which was disabled
           by default when combined with --scope, has been changed to be
           enabled by default. This brings cmdline expansion of transient
-- 
2.47.3