diff --git a/docs/solo/udev.md b/docs/solo/udev.md index ddf8350..6866f99 100644 --- a/docs/solo/udev.md +++ b/docs/solo/udev.md @@ -1,24 +1,31 @@ -# tl;dr +# Summary -Create a file like [`/etc/udev/rules.d/99-solo.rules`](https://github.com/solokeys/solo/blob/master/99-solo.rules), for instance the following rules should cover access in all cases: +On Linux, by default USB dongles can't be accessed by users, for security reasons. To allow user access, so-called "udev rules" must be installed. (Under Fedora, your key may work without such a rule.) + +Create a file like [`70-solokeys-access.rules`](https://github.com/solokeys/solo/blob/master/udev/70-solokeys-access.rules) in your `/etc/udev/rules.d` directory, for instance the following rule should cover normal access (it has to be on one line): ``` -# Solo bootloader + firmware -ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess", GROUP="plugdev" - -# ST DFU bootloader -ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", TAG+="uaccess", GROUP="plugdev" - -# U2F Zero -ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="8acf", TAG+="uaccess", GROUP="plugdev" +SUBSYSTEM=="hidraw", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess", MODE="0660", GROUP="plugdev" ``` -Then run +Additionally, run the following command after you create this file (it is not necessary to do this again in the future): ``` sudo udevadm control --reload-rules && sudo udevadm trigger ``` +A simple way to setup both the udev rule and the udevadm reload is: + +``` +git clone git@github.com:solokeys/solo.git +cd solo/udev +make setup +``` + +We are working on getting user access to Solo keys enabled automatically in common Linux distributions: . + + + # How do udev rules work and why are they needed In Linux, `udev` (part of `systemd`, read `man 7 udev`) handles "hot-pluggable" devices, of which Solo and U2F Zero are examples. In particular, it creates nodes in the `/dev` filesystem (in Linux, everything is a file), which allow accessing the device. diff --git a/udev/Makefile b/udev/Makefile index f408e9b..7bf6961 100644 --- a/udev/Makefile +++ b/udev/Makefile @@ -19,10 +19,10 @@ activate: sudo udevadm trigger install: - sudo ln -sf $(PWD)/70-solokeys-access.rules ${RULES_PATH}/70-solokeys-access.rules + sudo cp $(PWD)/70-solokeys-access.rules ${RULES_PATH}/70-solokeys-access.rules install-legacy: - sudo ln -sf $(PWD)/70-solokeys-legacy-access.rules ${RULES_PATH}/70-solokeys-access.rules + sudo cp $(PWD)/70-solokeys-legacy-access.rules ${RULES_PATH}/70-solokeys-access.rules # install-symlinks: # sudo cp $(PWD)/71-solokeys-symlinks.rules ${RULES_PATH}/71-solokeys-symlinks.rules diff --git a/udev/README.md b/udev/README.md new file mode 100644 index 0000000..e043854 --- /dev/null +++ b/udev/README.md @@ -0,0 +1,14 @@ +This is for Linux systems only. + +To install the official SoloKeys udev rules, allowing access to your key, run + +``` +make install +``` + +This should work assuming your system is reasonably up-to-date. If not, try + +``` +make install-legacy +``` +