What is udev?
udev is a device manager for the Linux kernel that dynamically manages device nodes in the /dev directory. It handles events triggered by the kernel when devices are added, removed, or changed. One of udev’s powerful features is its ability to apply rules based on device attributes, allowing users to define custom actions for specific devices.
Using udev rules
When working with USB devices in development environments, it’s common to encounter situations where non-root users need access to these devices. This is often the case with hardware development boards, IoT devices, or peripherals. To grant access to USB devices to non-root users, we can create custom udev rules that define the permissions and ownership of device nodes when they are detected.
When configuring udev rules to grant access to USB devices for non-root users, specifying a group is a common practice. Groups in Linux provide a way to manage user access to resources by grouping users with similar permissions together. By assigning a group to a device, you can grant access to all users belonging to that group while maintaining security and control over who can access the device.
Benefits of groups in udev rules
- Access Control: By specifying a group in a udev rule, you can restrict access to the device to users who belong to that group. This allows for more granular control over device access, ensuring that only authorized users can interact with the device.
- Group Management: Using groups allows for easier management of device access permissions. You can add or remove users from the group as needed without modifying individual udev rules. This simplifies administration and ensures consistent access control across multiple devices.
- Security: Assigning access to a specific group rather than using general permissions (e.g., MODE=”0666″) enhances security by limiting access to authorized users only. This reduces the risk of unauthorized access or tampering with the device by users who do not require access.
- Collaborative Environments: In collaborative development environments or shared systems, specifying a group in udev rules enables multiple users to collaborate on projects that involve accessing USB devices without relying on root privileges. This fosters collaboration and streamlines development workflows.
Granting access to a USB device
Type here
Identifying the USB device attributes
The lsusb command-line utitity in Linux is used to list information about USB devices connected to the system. It provides detailed information about each USB device, including its vendor ID, product ID, manufacturer, and product name. We will need the vendor and product IDs in order to create our udev rule.
We can see above that we have two different ESP32 boards one that uses the Silicon Labs CP210x UART Bridge on one board and the other board relies on the DFU (Devices Firmware Upgrade) protocol on the ESP32 chip. We need the vendor and product IDs so that we can make a rule allowing access to the USB devices.
Create udev rules
sudo vim /etc/udev/rules.d/40-espressif.rules
SUBSYSTEMS==”usb”, ATTRS{idVendor}==”10c4″, ATTRS{idProduct}==”ea60″, GROUP=”espressif”, MODE=”0666″
SUBSYSTEMS==”usb”, ATTRS{idVendor}==”303a”, ATTRS{idProduct}==”00??”, GROUP=”espressif”, MODE=”0666″
Setup udev group
sudo groupadd espressif
sudo usermod -aG espressif <username>
newgrp espressif
Restarting udev
sudo udevadm control –reload-rules
sudo udevadm trigger
sudo systemctl restart systemd-udevd.service