From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ricardo Wurmus Subject: Re: Nitrokey and udev rules Date: Tue, 22 May 2018 14:41:35 +0200 Message-ID: <87lgcbooao.fsf@elephly.net> References: <87603gj70o.fsf@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:56846) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fL7Jy-00015S-Fj for help-guix@gnu.org; Tue, 22 May 2018 09:27:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fL7Jv-00031u-9r for help-guix@gnu.org; Tue, 22 May 2018 09:27:22 -0400 Received: from sender-of-o51.zoho.com ([135.84.80.216]:21121) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fL7Ju-0002yh-Vp for help-guix@gnu.org; Tue, 22 May 2018 09:27:19 -0400 In-reply-to: <87603gj70o.fsf@gmail.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org Sender: "Help-Guix" To: Pierre Neidhardt Cc: "help-guix@gnu.org" Pierre Neidhardt writes: > I'm trying to use my nitrokey on GuixSD. > > --8<---------------cut here---------------start------------->8--- >> gpg --card-status > gpg: selecting openpgp failed: No such device > gpg: OpenPGP card not available: No such device > --8<---------------cut here---------------end--------------->8--- > > It turns out that the nitrokey needs some udev rules to be driven by > gpg: > > =09https://www.nitrokey.com/documentation/installation#p:nitrokey-start&o= s:linux > > Thus I tried to configure the following rule: > > --8<---------------cut here---------------start------------->8--- > (define %nitrokey-udev-rule > (udev-rule > "41-nitrokey.rules" > (string-append "ACTION=3D=3D\"add\", SUBSYSTEM=3D=3D\"usb\", " > "ATTR{idVendor}=3D=3D\"20a0\", ATTR{idProduct}=3D=3D\"4= 211\", " > "ENV{ID_SMARTCARD_READER}=3D\"1\", ENV{ID_SMARTCARD_REA= DER_DRIVER}=3D\"gnupg\", GROUP+=3D\"users\", TAG+=3D\"uaccess\""))) > > ; ... > (modify-services > %desktop-services > (udev-service-type config =3D> > (udev-configuration > (inherit config) > (rules (append (udev-configuration-rules config) > (list %nitrokey-udev-rule)))))) > --8<---------------cut here---------------end--------------->8--- This looks correct to me. I do something similar for udev rules for my digital oscilloscope, the Axoloti audio development board, and an AVR programmer. > I've tried the "plugdev" (as suggested on the website) and "users" > GROUP, to no avail: I get the same error from `gpg --card-status`. > > I tried testing the rule with udevadm: > > --8<---------------cut here---------------start------------->8--- > sudo udevadm test ${udevadm info -q path -n /dev/bus/usb/001/008} [=E2=80=A6] > Reading rules file: /gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2= .5/lib/udev/rules.d/[=E2=80=A6] [=E2=80=A6] > As you can see, 41-nitrokey.rules does not show here. In fact I can't > find it on the filesystem. I don't understand how GuixSD manages the > udev rules. Am I missing something? FWIW, udevadm on my machine also doesn=E2=80=99t show all udev rules, becau= se it only seems to look in the rules.d directory of the eudev package. When you reconfigure your system you actually get a directory like this: /gnu/store/crjkqwqsc42sq8zmd1slgpb4jhx9h524-udev-rules/lib/udev/rules.d/ that is the union of all rules, including your custom rules. -- Ricardo