Chris Marusich writes: > Arun Isaac writes: > >> I am trying to get my FST-01 gnuk security token working on >> GuixSD. According to their documentation >> (https://www.fsij.org/doc-gnuk/udev-rules.html), I need to add a custom >> udev-rule. I am trying to use the configuration shown below to achieve >> the same. But, I don't see any file by the name "60-gnupg.rules" created >> in my /run/current-system/profile/lib/udev/rules.d/. Am I doing >> something wrong or is my expectation incorrect? Has anyone successfully >> used a FST-01 gnuk security token in GuixSD? >> >> (use-modules (gnu)) >> >> (define %gnuk-udev-rule >> (udev-rule >> "60-gnupg.rules" >> "ATTR{idVendor}==\"234b\", ATTR{idProduct}==\"0000\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\"")) >> >> (operating-system >> (host-name "adamantium") >> (timezone "Asia/Kolkata") >> (locale "en_US.utf8") >> (bootloader (bootloader-configuration >> (bootloader grub-bootloader) >> (target "/dev/sda"))) >> (file-systems (cons (file-system >> (device "my-root") >> (mount-point "/") >> (type "ext4")) >> %base-file-systems)) >> (users %base-user-accounts) >> (packages %base-packages) >> (services >> (modify-services %base-services >> (udev-service-type >> config => >> (udev-configuration >> (inherit config) >> (rules >> (append (udev-configuration-rules config) >> (list %gnuk-udev-rule)))))))) >> > > I was able to reproduce your issue by using "guix system build" and > inspecting the profile of the built system. It's missing the udev rule > you added, like you said. What's more concerning is the fact that it's > missing the file "90-kvm.rules", which are supposed to be part of the > default rules included in our udev service (see gnu/services/base.scm). > > Maybe it's a bug. Could you open a bug report by emailing bug-guix@? I understand what's happening, now. It isn't a bug. In short, your rules are being used. It's just a little confusing because Guix starts udevd in a way that causes it to use a specific configuration directory in the store, which is built to contain the union of all the specified rules. I'll explain more below. If you run a VM with your OS configuration (via "guix system vm my-os.scm"), you can follow along. You have the following directories: /run/current-system/profile/lib/udev/rules.d /run/current-system/profile/etc/udev/rules.d These come from the eudev package, as shown here (store item hash abbreviated, since I cannot easily copy/paste from QEMU at the moment): --8<---------------cut here---------------start------------->8--- # readlink /run/current-system/profile/lib/udev/rules.d /gnu/store/...hv9c-eudev-3.2.5/etc/udev # readlink /run/current-system/profile/etc/udev/rules.d /gnu/store/...hv9c-eudev-3.2.5/etc/udev --8<---------------cut here---------------end--------------->8--- However, udevd doesn't use these directories. Examine its arguments: --8<---------------cut here---------------start------------->8--- # ps -wwfe | grep udevd root 251 1 0 10:12 ? 00:00:00 /gnu/store/...hv9c-eudev-3.2.5/sbin/udevd --8<---------------cut here---------------end--------------->8--- It doesn't have any arguments. In fact, we configure it via environment variables. Check them: --8<---------------cut here---------------start------------->8--- # cat /proc/251/environ | tr '\000' '\n' ... UDEV_CONFIG_FILE=/gnu/store/...f32r-udev.conf EUDEV_RULES_DIRECTORY=/gnu/store/...cx44-udev-rules/lib/udev/rules.d --8<---------------cut here---------------end--------------->8--- If you check that rules.d directory, you'll find your rules: --8<---------------cut here---------------start------------->8--- # ls /gnu/store/...cx44-udev-rules/lib/udev/rules.d | grep gnupg 60-gnupg.rules --8<---------------cut here---------------end--------------->8--- So, all is well. If you run tools like udevadm to test the rules, you should be able to confirm that your custom rules are being used. By the way, the kvm rules are here, too (thank goodness!): --8<---------------cut here---------------start------------->8--- # ls /gnu/store/...cx44-udev-rules/lib/udev/rules.d | grep kvm 90-kvm.rules --8<---------------cut here---------------end--------------->8--- But why does your system have rules.d directories in /run/current/system/profile, if udevd isn't using them? It's because eudev happens to be included in the %base-packages (defined in (gnu system)), which causes eudev (and its rules.d directories) to be installed into your system profile. The purpose of installing eudev into the system profile is probably not to add these rules.d directories, but rather to make things like the usual tools (e.g., udevadm) available to all users. For more details on how all of this fits together, check out gnu/services/base.scm and gnu/system.scm in the Guix source. I hope that helps! -- Chris