UDEV rules seem to be ott

Hi guys
I installed the cli on linux and as it was a new system I got the suggestion to change the udev rules.
This approarch is a bit ott IMHO
It opens all the usb devices to the world.

might I suggest that the script reads the port ownership.
specifically the group of ttyACM?
I think this is generally dialout these days
then suggests

sudo usermod -a -G dialout $USER

Hi @greg_dickson, sorry for the late reply - added to the backlog!

I’ve been working with udev for the better part of a decade and I’m still struggling with getting it work reliably across distros, permissions and users.

Yes it is a little of a dark art. A lot like AI. :slight_smile:

But adding the user to the same group seems to work fine on Ubuntu and it’s derivatives. As in these systems the device is writable for the group and the group gets set to Dialout.
As far as the security goes any process run by the user has write access obviously. However opening to all means that any process run on the system has write access. It punches a rather big hole.
Having run linux servers a long time ago I am very cautious of this sort of thing for a single user system the risque is probably very minimal though.

One way

stat -c ‘%a’ /dev/ttyACM?
-> permissions
so if this returns 660 the idea will work
stat -c ‘%G’ /dev/ttyACM?
-> dialout

GRP=stat -c '%G' /dev/ttyACM0
sudo usermod -a -G $GRP $USER
should then work

check with
groups $USER | grep -o stat -c "%G" /dev/ttyACM0
-> dialout if the user is in the group

this would need to loop through each ttyACM? if there are more than one device though.
However it completely bypasses the udev issue and uses the existing setup. Yes I played with UDEV and bluetooth a long time ago and it’s a nightmare. My fingers were severely burnt. :slight_smile:

It was not a criticism just a heads up.
I am very grateful for your work and really enjoy being able to work with AI so simply.

Thank you so much for this platform/site.

NB. the backticks required are not shown here as the MARKUP removes them I could not find a way around that.