On Fri, 31 Aug 2018 at 20:58:46 -0400, Evan Goers wrote:
> It seems that changing the permissions MODE from 0660 to 0666 for
> Valve's devices in /lib/udev/rules.d/99-steam-controller-perms.rules allows
> the
> devices to work as expected. It may be necessary to change them all to 0666 to
> allow them to function normally. I can only test the Steam Controller as I
> don't have any of the rest listed.
I believe the way devices like this are meant to work on modern Linux
systems is that the various device nodes are owned by root:root, have 0660
permissions, and are tagged as "uaccess" so that udev and systemd-logind
will cooperate to grant rw access for whichever user is currently the
foreground active user. 0666 permissions would let any other user on
the system read input events from all devices, even if they are logged
in remotely or are on a background virtual console, which seems less
desirable than uaccess.
I'm not sure whether udev's default rules set this up or whether
steam-devices needs to do it. It can be achieved by adding
"TAG+=uaccess" to each udev rule that is applicable to Steam devices.
I'm currently using a local version of the udev rules
(in /etc/udev/rules.d/99-steam-controller-perms-more.rules) with that
change applied to all its rules.
For example, here's my Steam Controller dongle:
% ls -l /dev/hidraw*
crw------- 1 root root 247, 0 Sep 2 12:20 /dev/hidraw0
crw-rw----+ 1 root root 247, 1 Sep 2 15:52 /dev/hidraw1
crw-rw----+ 1 root root 247, 2 Sep 2 15:52 /dev/hidraw2
crw-rw----+ 1 root root 247, 3 Sep 2 15:52 /dev/hidraw3
crw-rw----+ 1 root root 247, 4 Sep 2 15:52 /dev/hidraw4
crw-rw----+ 1 root root 247, 5 Sep 2 15:52 /dev/hidraw5
% getfacl /dev/hidraw1
getfacl: Removing leading '/' from absolute path names
# file: dev/hidraw1
# owner: root
# group: root
user::rw-
user:smcv:rw-
group::rw-
mask::rw-
other::---
% udevadm info -n /dev/hidraw1
P:
/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/0003:28DE:1142.000D/hidraw/hidraw1
N: hidraw1
E: DEVNAME=/dev/hidraw1
E:
DEVPATH=/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/0003:28DE:1142.000D/hidraw/hidraw1
E: ID_FOR_SEAT=hidraw-pci-0000_00_14_0-usb-0_1_1_0
E: ID_PATH=pci-0000:00:14.0-usb-0:1:1.0
E: ID_PATH_TAG=pci-0000_00_14_0-usb-0_1_1_0
E: MAJOR=247
E: MINOR=1
E: SUBSYSTEM=hidraw
E: TAGS=:uaccess:seat:
E: USEC_INITIALIZED=31547379213
(hidraw0 is some other device, hidraw1..hidraw5 are the Steam Controller.)
The udev rules suggested by Valve have to work on all sorts of systems,
including systems without systemd-logind or with arbitrarily old versions
of user-space, so they tend to err on the side of being very permissive
to make the devices work as often as possible. In Debian, knowing what
we do about how Debian systems are set up, we can hopefully do better
than that.
Regards,
smcv
