I have a series of tools to interface with embedded devices. One of them uses an AT91SAM7 CPU. When the device is running in normal mode it is recognized by the cdc_acm kernel device driver. The udev rule matches the following line in /etc/udev/rules.d/65-permissions.rules: KERNEL=="ippp*|isdn*|dcbri*|capi*|rfcomm*|ttyACM[0-9]*", GROUP="uucp" I need to modify the permissions to be MODE="666", adn would prefer to set this as a GROUP="plugdev". Simply adding the MODE to the following line works, but I would rather NOT modify 65-permissions.rules but make a new rule 99-at91.rules. I have been unable to override the 65-permissions.rules line above. Any pointers or suggestions would be appreciated. As a note, I posted this question a couple of times to #gentoo without response. That is why I am posting here (which I do not feel is the most appropriate location). Sorry for bothering you with this. EBo --
*** Bug 245040 has been marked as a duplicate of this bug. ***
1) Which version of sys-fs/udev are we talking about? (Specify it in the Summary.) 2) Please post your `emerge --info' too.
The version of udev is sys-fs/udev-124-r1 (which is the current stable version and my system info is as follows =============================== Portage 2.2_rc12 (default-linux/x86/2007.0/desktop, gcc-4.3.2, glibc-2.7-r2, 2.6.25-gentoo-r8 i686) ================================================================= System uname: Linux-2.6.25-gentoo-r8-i686-Intel-R-_Pentium-R-_Dual_CPU_T2330_@_1.60GHz-with-glibc2.0 Timestamp of tree: Sat, 01 Nov 2008 05:45:01 +0000 app-shells/bash: 3.2_p33 dev-java/java-config: 1.3.7, 2.1.6 dev-lang/python: 2.4.4-r14, 2.5.2-r7 dev-python/pycrypto: 2.0.1-r6 dev-util/cmake: 2.6.2 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r2 sys-devel/automake: 1.4_p6, 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="ccache distlocks metadata-transfer nostrip parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://gentoo.osuosl.org/ ftp://distro.ibiblio.org/pub/linux/distributions/gentoo/ http://distro.ibiblio.org/pub/linux/distributions/gentoo/ ftp://ftp.gtlib.gatech.edu/pub/gentoo http://www.gtlib.gatech.edu/pub/gentoo ftp://mirror.iawnet.sandia.gov/pub/gentoo/ ftp://ftp.ussg.iu.edu/pub/linux/gentoo http://cudlug.cudenver.edu/gentoo/ http://gentoo.mirrors.pair.com/ ftp://gentoo.mirrors.pair.com/ http://gentoo.mirrors.tds.net/gentoo ftp://gentoo.mirrors.tds.net/gentoo http://gentoo.netnitco.net ftp://gentoo.netnitco.net/pub/mirrors/gentoo/source/ http://mirror.espri.arizona.edu/gentoo/ http://prometheus.cs.wmich.edu/gentoo http://mirror.mcs.anl.gov/pub/gentoo/ ftp://mirror.mcs.anl.gov/pub/gentoo/ http://gentoo.cites.uiuc.edu/pub/gentoo/ ftp://gentoo.cites.uiuc.edu/pub/gentoo/ http://mirror.fslutd.org/linux/distributions/gentoo/ ftp://mirror.fslutd.org/linux/distributions/gentoo/ nehet" LDFLAGS="" LINGUAS="en" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/pd-overlay /usr/portage/local/layman/science /usr/local/portage_overlays /old_root/home/ebo/gtd/projects/computer/local_portage/ref/local-portage" SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage" USE="X a52 aac acl acpi alsa arts audiofile bash-completion berkdb blas blender-game bluetooth bzip2 cairo cdr cli cracklib crypt css cups curl cvs dbus divx dri dvd dvdr dvdread eds emacs emboss encode esd evo fam ffmpeg fftw firefox fortran ftp gd gdbm gif git gmedia gnome gpg gpm graphviz gstreamer gtk hal hddtemp hdf5 iconv ieee1394 ipv6 ipw3945 isdnlog jack java javascript jpeg jpeg2k kde kerberos lapack laptop latex ldap lm_sensors mad midi mikmod mp3 mpeg mudflap ncurses netcdf nls nptl nptlonly ogg openal opengl openmp osc oss pam pcre pdf perl png portaudio pppd python qt3 qt3support qt4 quicktime readline realmedia reflection sasl sdl session spell spl ssl subversion svg tcl tcpd threads tiff tk truetype unicode usb vorbis win32codecs wmf wmp x86 xine xml xorg xpm xv zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse synaptics evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="i810 vesa" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
plugdev is not the right group for this at all. You're trying to hack something to use a group that shouldn't have permissions to those devices. In the future, plugdev will be removed from systems as well. You really want to reconsider doing things the right way.
> plugdev is not the right group for this at all. You're trying to hack something > to use a group that shouldn't have permissions to those devices. In the future, > plugdev will be removed from systems as well. You really want to reconsider > doing things the right way. fair enough but I have two questions with the above: 1) where is the "right way" documented, and 2) I doubt that requiring me to modify the system defined udev 65-permissions.rules as the right way, so how do I override something that is recognized by the system? So, maybe I should try again. I am trying to set up the udev rules so that I do not have to require users to run as root to access the device. When I plug the USB device in it is recognized as a ttyACM by a line in udev's 65-permissions.rules. I have tried various variants of the following: ACTION!="add", GOTO="at91_rules_end" SUBSYSTEM!="usb*", GOTO="at91_rules_end" ATTRS{idVendor}=="eb03",ATTRS{idProduct}=="0920",MODE="0666" LABEL="at91_rules_end" to no avail. The original rule in 65-permissions.rules always sets the definitions for the device. As a note, I doubt this is a honest to god bug, but after putting up with this for over a year and periodically asking questions in various forms, etc., I decied I would finally ask for a pointer here. My apologies for that. EBo --
You should be adding the user to the uucp group that you want to have access to this device. If the users that should have access change and need permission based on a set of conditions, you should check out the pam_group module for granting this group access dynamically. It should be documented under man pam_group.
I discourage changing the permissions of these devices. But: it should work to create 80-my-permission-stuff.rules that contains your rule. You should mind that rules are loaded in alphabetical order.
(In reply to comment #7) > I discourage changing the permissions of these devices. I agree whole heartedly! That is why I am trying to find another solution > But: it should work to create 80-my-permission-stuff.rules that contains > your rule. > > You should mind that rules are loaded in alphabetical order. Actually, I have tried putting my rules in both 99-at91.rules and 45-at91.rules and neither works unless I remove or modify the line in 65-permissions.rules. That is what motivated my posting here. ... hmmm... I played around some more and got it to work by removing the ACTION!="add", etc. Here is the relevant code: #ACTION!="add", GOTO="at91_rules_end" #SUBSYSTEM!="usb*", GOTO="at91_rules_end" # unprogrammed board ATTRS{idVendor}=="03eb",ATTRS{idProduct}=="6124",MODE="0666" # programmed board ATTRS{idVendor}=="eb03",ATTRS{idProduct}=="0920",MODE="0666" #LABEL="at91_rules_end" Can anyone suggest why the action and subsystem branches always fail? Secondly, do I really need it when I am specifying both the product and vendor ID's? I thought that was the proper way to set up the udev rules...
(In reply to comment #8) > (In reply to comment #7) > > I discourage changing the permissions of these devices. > > I agree whole heartedly! That is why I am trying to find another solution > > > But: it should work to create 80-my-permission-stuff.rules that contains > > your rule. > > > > You should mind that rules are loaded in alphabetical order. > > Actually, I have tried putting my rules in both 99-at91.rules and 45-at91.rules > and neither works unless I remove or modify the line in 65-permissions.rules. > That is what motivated my posting here. > > ... hmmm... I played around some more and got it to work by removing the > ACTION!="add", etc. > > Here is the relevant code: > > #ACTION!="add", GOTO="at91_rules_end" > #SUBSYSTEM!="usb*", GOTO="at91_rules_end" > > # unprogrammed board > ATTRS{idVendor}=="03eb",ATTRS{idProduct}=="6124",MODE="0666" > > # programmed board > ATTRS{idVendor}=="eb03",ATTRS{idProduct}=="0920",MODE="0666" > > #LABEL="at91_rules_end" > > Can anyone suggest why the action and subsystem branches always fail? > Secondly, do I really need it when I am specifying both the product and vendor > ID's? I thought that was the proper way to set up the udev rules... That depends what device node you want to set the permissions for. Your device is usb, so it will have /dev/bus/usb/*/*/* node. It also will have a /dev/ttyACM* device. So your rule will match both. With subsys you can restrict this (if done correctly). Best is you attach also the output of udevinfo -a -n /dev/ttyACM0
(In reply to comment #7) > I discourage changing the permissions of these devices. > But: it should work to create 80-my-permission-stuff.rules that contains > your rule. > > You should mind that rules are loaded in alphabetical order. > Err, wrong. AFAIK, they are loaded in numerical order so the best betyis to create a file '10MyRules' and place them in there. The rules are applied in first served, first used.
Matthias Schwarzott, Sorry for taking so long to reply. I found that my system became unstable after having to switch experimental compilers to solve another problem. HAT because generally unstable and died after unplugging the device in question. Rebuilding the system (which takes a couple of days solved that problem)... Your suggestion of running "udevinfo -a -n /dev/ttyACM0" showed that I was setting the incorrect subsystem (usb instead of tty). That did the trick. re: ordering... regardless if the ordering is numerical vs. alphabetical ordering, in this case I think it is the same as ASCII '0' - '9' is < 'A', etc. Regardless, what I found after testing is that when I named the rule 99-at91.rules that it overwrote the rules first set in 65-permissions.rules. During testing I added "GROUP="plugdev"" to the rules. When I moved the same to 10-at91.rules the GROUP was reset to "uucp" even though I specifically set it. So, the rules can be over written and to get this to function as expected it my come after 65-*. Thanks all for the help! EBo --
Closing as INVALID, as there is no bug in the package itself.