help-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Nitrokey and udev rules


From: Pierre Neidhardt
Subject: Nitrokey and udev rules
Date: Tue, 22 May 2018 12:53:43 +0200
User-agent: mu4e 1.0; emacs 26.1

I'm trying to use my nitrokey on GuixSD.

--8<---------------cut here---------------start------------->8---
> gpg --card-status
gpg: selecting openpgp failed: No such device
gpg: OpenPGP card not available: No such device
--8<---------------cut here---------------end--------------->8---

It turns out that the nitrokey needs some udev rules to be driven by
gpg:

        
https://www.nitrokey.com/documentation/installation#p:nitrokey-start&os:linux

Thus I tried to configure the following rule:

--8<---------------cut here---------------start------------->8---
(define %nitrokey-udev-rule
  (udev-rule
   "41-nitrokey.rules"
   (string-append "ACTION==\"add\", SUBSYSTEM==\"usb\", "
                  "ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4211\", "
                  "ENV{ID_SMARTCARD_READER}=\"1\", 
ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", GROUP+=\"users\", 
TAG+=\"uaccess\"")))

; ...
 (modify-services
   %desktop-services
   (udev-service-type config =>
                      (udev-configuration
                       (inherit config)
                       (rules (append (udev-configuration-rules config)
                                      (list %nitrokey-udev-rule))))))
--8<---------------cut here---------------end--------------->8---

I've tried the "plugdev" (as suggested on the website) and "users"
GROUP, to no avail: I get the same error from `gpg --card-status`.

I tried testing the rule with udevadm:

--8<---------------cut here---------------start------------->8---
sudo udevadm test ${udevadm info -q path -n /dev/bus/usb/001/008}
calling: test
version 3.2.5
This program is for debugging only, it does not run any program
specified by a RUN key. It may show incorrect results, because
some values may be different, or not available at a simulation run.

=== trie on-disk ===
tool version:          3
file size:         7431994 bytes
header size             80 bytes
strings            1901394 bytes
nodes              5530520 bytes
Load module index
timestamp of 
'/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/etc/udev/rules.d' 
changed
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/50-udev-default.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-block.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-cdrom_id.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-drm.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-evdev.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-persistent-alsa.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-persistent-input.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-persistent-storage-tape.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-persistent-storage.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-persistent-v4l.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-sensor.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/60-serial.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/64-btrfs.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/70-mouse.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/70-touchpad.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/75-net-description.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/75-probe_mtd.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/78-sound-card.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/80-drivers.rules
Reading rules file: 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/80-net-name-slot.rules
rules contain 24576 bytes tokens (2048 * 12 bytes), 8930 bytes strings
1035 strings (15626 bytes), 649 de-duplicated (7083 bytes), 387 trie nodes used
IMPORT builtin 'usb_id' 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/50-udev-default.rules:13
IMPORT builtin 'hwdb' 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/50-udev-default.rules:13
MODE 0664 
/gnu/store/if6kkgnbwx1lmb5wp8p8g68i8s9hqs58-eudev-3.2.5/lib/udev/rules.d/50-udev-default.rules:43
handling device node '/dev/bus/usb/001/008', devnum=c189:7, mode=0664, uid=0, 
gid=0
preserve permissions /dev/bus/usb/001/008, 020664, uid=0, gid=0
preserve already existing symlink '/dev/char/189:7' to '../bus/usb/001/008'
created db file '/run/udev/data/c189:7' for 
'/devices/pci0000:00/0000:00:14.0/usb1/1-4'
ACTION=add
BUSNUM=001
DEVNAME=/dev/bus/usb/001/008
DEVNUM=008
DEVPATH=/devices/pci0000:00/0000:00:14.0/usb1/1-4
DEVTYPE=usb_device
DRIVER=usb
ID_BUS=usb
ID_MODEL=Nitrokey_Start
ID_MODEL_ENC=Nitrokey\x20Start
ID_MODEL_ID=4211
ID_REVISION=0200
ID_SERIAL=Nitrokey_Nitrokey_Start_FSIJ-1.2.6-67143146
ID_SERIAL_SHORT=FSIJ-1.2.6-67143146
ID_USB_INTERFACES=:0b0000:
ID_VENDOR=Nitrokey
ID_VENDOR_ENC=Nitrokey
ID_VENDOR_FROM_DATABASE=Clay Logic
ID_VENDOR_ID=20a0
MAJOR=189
MINOR=7
PRODUCT=20a0/4211/200
SUBSYSTEM=usb
TYPE=0/0/0
USEC_INITIALIZED=924747532
Unload module index
--8<---------------cut here---------------end--------------->8---

As you can see, 41-nitrokey.rules does not show here.  In fact I can't
find it on the filesystem.  I don't understand how GuixSD manages the
udev rules.  Am I missing something?

-- 
Pierre Neidhardt

Jenkinson's Law:
        It won't work.

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]