Skip to content

Commit

Permalink
fix udev rule
Browse files Browse the repository at this point in the history 
Do not set MODE and GROUP but give access to useres with console access.
  • Loading branch information
@eworm-de
eworm-de committed Oct 27, 2014
1 parent 949a983 commit 21e9de4
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion 70-u2f.rules
View file
Original file line number Diff line number Diff line change
@@ -1 +1,5 @@
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120"
ACTION!="add|change", GOTO="u2f_end"

KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|120", ENV{ID_SECURITY_TOKEN}="1"

LABEL="u2f_end"

3 comments on commit 21e9de4

@klali
Copy link

@klali klali commented on 21e9de4 Oct 28, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this drops off the 0 on 0120 again..

is ID_SECURITY_TOKEN supported on enough versions of udev? I know that we for yubikey-personalization keep two files around, one with that and one without..

@eworm-de
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure when this was introduced, will have to take a look at the git history. But using GROUP="plugdev" fails if the system does not have a group with that name. Perhaps we should provide both files for libu2f-host as well.

@klali
Copy link

@klali klali commented on 21e9de4 Oct 28, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ykpers indicates that ID_SECURITY_TOKEN was introduced in udev 188. I think we can go with this approach for now and see what breaks.
(this is also discussed in issue Yubico#2)

Please # to comment.