1. Forum
  2. Usenet
  3. LINUX.GENTOO.USER

  • Re: [gentoo-user] permissions for /dev/uinput

    From =?iso-8859-1?Q?Ho=EBl_B=E9zier?=@21:1/5 to All on Wed Mar 5 22:10:01 2025
    Am Mi, Mär 05, 2025 am 08:30:44 -0000 schrieb Grant Edwards:
    I'm working on an application that allows you to remap/mix/reconfigure
    the channels/buttons on a USB joystick/game-controller device. That
    requires access to /dev/uinput which is used to create a "synthetic"
    joystick device and feed data to it.

    On Gentoo /dev/uinput is accessible only to root.

    $ ls -l /dev/uinput
    crw------- 1 root root 10, 223 Mar 5 09:36 /dev/uinput

    What's the best way to make that available to specific users?

    Add a "uinput" group, change the group of /dev/uinput to "uinput",
    chmod g+wr, then make specific users part of that group?

    That’s a way to do that, probably the easiest. If you go that way, you might want to write that as part of your device manager rules, probably udev.

    I’ve noticed recently on a Debian system, that /dev/hidraw* devices were root:root 0600, but the one for my yubikey had an acl on it that gave my user write access. This acl was set by elogind at login time (the idea being that only the user behind the screen should be able to read from that device at any time).

    That could be another way to do that, although in your case the security implications are probably not the same as for sensitive devices like yubikeys and as such may not require such a setup.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From karl@aspodata.se@21:1/5 to All on Thu Mar 6 00:00:01 2025
    Grant Edwards:
    ...
    $ ls -l /dev/uinput
    ...
    What's the best way to make that available to specific users?
    ...

    If you look att <kernel-source-tree>/Documentation/admin-guide/devices.txt
    you have:

    10 char Non-serial mice, misc features
    ...
    149 = /dev/input/mouse Linux/SGI Irix emulation mouse
    150 = /dev/input/keyboard Linux/SGI Irix emulation keyboard
    ...
    223 = /dev/input/uinput User level driver support for input
    ...
    13 char Input core
    0 = /dev/input/js0 First joystick
    1 = /dev/input/js1 Second joystick
    ...
    32 = /dev/input/mouse0 First mouse
    33 = /dev/input/mouse1 Second mouse
    ...
    63 = /dev/input/mice Unified mouse
    64 = /dev/input/event0 First event queue
    65 = /dev/input/event1 Second event queue
    ...

    Each device type has 5 bits (32 minors).

    So I suggest you look how thoose files are handled, which seems to be
    a similar problem.

    Regards,
    /Karl Hammar

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From netfab@21:1/5 to All on Thu Mar 6 07:20:01 2025
    Le 05/03/25 à 21:30, Grant Edwards a tapoté :
    What's the best way to make that available to specific users?

    Add a "uinput" group, change the group of /dev/uinput to "uinput",
    chmod g+wr, then make specific users part of that group?


    There's already a group for input devices (acct-group/input), no need
    to create another one. Please also remember that you're not the only one application that want to access uinput. Creating a « foo » group may
    create problems on a system where two different applications wants to
    change /dev/uinput permissions.

    https://github.com/netfab/GLogiK/blob/master/data/udev/99-GLogiK.rules.in#L7

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From netfab@21:1/5 to All on Thu Mar 6 07:50:02 2025
    Also, for the TAG="uaccess" part of the udev rule :

    https://wiki.archlinux.org/title/Udev#Allowing_regular_users_to_use_devices

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)