HOW-TO control /proc permissions to USB devices

[Headrush]

With the new libusb packages, many USB devices are accessed through it and not through a device node in /dev.
Udev can not be used to set permissions for these devices since a /dev node doesn't exist.

This small HOW-TO will help to explain how to allow non-root access to these devices using the events generated by hotplug.

Requirements: I don't know the exact requirements, but hotplug is needed and probably libusb.

All these steps are run as root.

1. Make sure usbfs is mounted.

   Code:

   mount

   
   Should list a line like this:

   Code:

   usbfs on /proc/bus/usb type usbfs (rw)

   
   If it's not listed, you have a problem that needs to be fixed first.
   Make sure you have script /etc/init.d/localmount running on boot. To check use

   Code:

   rc-update -s

   
   If it isn't, add it like this:

   Code:

   rc-update add localmount boot

   
   and start it now.

   Code:

   /etc/init.d/localmount start

   
   
2. emerge usbutils
   
   
3. Plug the usb device in you want to setup permissions for.
   
   
4. Run lsusb and note the vender id and product id for your device.
   Here is a sample output of my device in this example

   Code:

   Bus 001 Device 002: ID 045a:500d SONICblue, Inc.

   
   The first value after ID is the Vendor ID, and the second value after ID is the Product ID.
   
   
5. Change to /etc/hotplug/usb/

   Code:

   cd /etc/hotplug/usb/

   
   
   
6. We are going to make a usermap file for your device. You can choose any name for the file as long as it ends in .usermap. For my example, I am setting up my Rio USB player. It's vender ID is 0x045a and it's product ID is 0x500d. So I created the file rio.usermap with the following contents:

   Code:

   rio 0x0003 0x045a 0x500d 0x0000 0x0000 0x00 0x00 0x00 0x00 0x00 0x00 0x00

   
   The first word, (rio is my case), is a program that we make that is called when the device is attached. You can chose any name but I like to keep the same name as the beginning as usermap file.
   
   Leave the second value, (0x0003), but replace the second and third values with your vender ID and product ID.
   
   
7. Now we are going to create the program that correctly fixes the permissions. Remember to create the file with the name you used as the first word in your .usermap file. (In my case rio)
   
   Past the following into the file you just created.

   Code:

   #!/bin/sh # This file is part of sane-backends. # # This script changes the permissions and ownership of a USB device under # /proc/bus/usb to grant access to this device to users in the scanner group. # # Ownership is set to root:scanner, permissions are set to 0660. # # Arguments : # ----------- # ACTION=[add|remove] # DEVICE=/proc/bus/usb/BBB/DDD # TYPE=usb if [ -z "${DEVICE}" ] ; then         IF=$(echo ${DEVPATH} | sed 's:\(bus/usb/devices/\)\(.*\)-\(.*\):\2:')         if [ -r /sys/${DEVPATH}/devnum ]; then              DEV=$(cat /sys/${DEVPATH}/devnum)         else              DEV=1 # you'll have to adjust this manually for kernel < 2.6.6         fi         DEVICE=$(printf '/proc/bus/usb/%.03d/%.03d' ${IF} ${DEV}) fi if [ "$ACTION" = "add" -a "$TYPE" = "usb" ]; then   chown root:rio "$DEVICE"   chmod 0660 "$DEVICE" fi

   
   This code is orginally from the sane-backends package.
   
   
8. These lines

   Code:

   chown root:rio "$DEVICE"              # set owner=root and group=rio chmod 0660 "$DEVICE"                  # root access=rw, group access=rw

   
   set the owner, group and permissions. Change these as required for your needs.
   (For those noobies, 660 is common and allows read and write access to root and members of the group)
   
   In my case root is owner and the group is rio. Both owner and group members have read-write access.
   
   
9. Make sure this file is executable. In my case

   Code:

   chmod a+x rio

   
   
10. Create the new group which you will allow access to this device. (Matches the group you set in file above) In my case, rio.

    Code:

    groupadd rio

    
    
    
11. Now use the gpasswd command to add users to the group you created in /etc/group.
    In my example, I am going to add user fred to group rio.

    Code:

    gpasswd -a fred rio

    
    
    
12. Logout of account. Login again. (Forces changes to group membership to be recognized. There is another method to source some files, but I can't remember which.
    
    
13. If you check /proc/bus/usb/... you device should have the owner, group, and permissions you set. If you properly included yourself in the group and gave write access, you should be able to access the device as the user.
    

This should work with all devices that use libusb and don't use device nodes.

[Caustiq]

Hey, thank you! My Nomad Zen Xtra MP3 player couldn't be read by gnomad2 after I updated libusb. Your HOW-TO helped me fix the problem, and taught me a few new things.

[Isaiah]

This worked for me too One thing I noticed that may help someone - in /proc/bus/usb/ the device number changes incremently (3,4,5...) everytime I turn my camera off and on or reboot the computer (must remove and redetect camera for digikam to work in either case).

Thanks

P.S. Digikam's auto-detect was the culprit - manually adding the camera just points to the usb port.

port with auto-detect - usb:001,003 (the last number is the one that changes)

port when adding manually - usb: (all that is required - works here everytime)

[inha]

I tried this approach to my usb issues (http://forums.gentoo.org/viewtopic-t-361665.html) but couldn't get it to work.

mount output gives me: usbfs on /proc/bus/usb type usbfs (rw,devmode=0664,devgid=85), do the permissions look right?

[Headrush]

[inha]

Yes I followed it.

I plug the player in and lsusb gives me: Bus 001 Device 003: ID 041e:411e Creative Technology, Ltd

In /etc/hotplug/usb I created a file nomad.usermap

[Headrush]

[inha]

from /proc/bus/usb/001

-rw-rw-r-- 1 root usb
-rw-rw---- 1 root nomad

[Headrush]

[inha]

100% sure. Thanks anyways.

[M104]

Nice guide, though I got to step 6 and decided to take a detour. Instead of making a rule and new script just for the particular camera you have, why not modify what's already there and just simplify it for your needs? This is what I did:

1. same as above...
   
2. same as above...
   
3. Rewrite the "usbcam" script:
   

   Code:

   # cd /etc/hotplug/usb # cat > usbcam

   
   Then copy and paste this:
   

   Code:

   #!/bin/bash if [ "${ACTION}" = "add" ] && [ -f "${DEVICE}" ] then     chmod 0000 "${DEVICE}"     chown root:usb "${DEVICE}"     chmod 0660 "${DEVICE}" fi

   
   Then finish off the paste with a CTRL+D.
   
   
4. Add yourself to the "usb" group. If you're already in "usb", skip this step.
   

   Code:

   # gpasswd -a <username> usb

   
   Then log your user out and back in again to update your user.
   
   
5. Remove your USB camera and plug it back in.
   
   
6. Test away!
   

The nice thing here is that all cameras listed in /etc/hotplug/usb/usbcam-gphoto2.usermap are now going to be given the 660 root:usb permissions since the "usbcam" script is set to execute for each of them.

Edit: If I'd looked longer, I would have seen this topic which recommends basically the same thing.
_________________
"Pulling together is the aim of despotism and tyranny. Free men pull in all kinds of directions."
Terry Pratchett, The Truth

[Headrush]

You could do that.

This was just a general guide for any device. More and more scripts and usermaps are being added automatically also.

Plus, if you don't use ghoto2 like me, you won't have a usbcam script.

[M104]

[Headrush]

[kly84g]

I have gone through all the threads I can find on this subject, and I still have the same problem that many others seem to have had, but none of the suggested solutions work.

The Problem
I have a Canon Powershot A630 camera. When I first tried it in October, it worked with gphoto2 as a generic PTP camera, without any special settings or tweaks.

But after several system upgrades in the last month, I can no longer access it except as root, unless I manually change permissions and/or group and/or owner of /proc/bus/xxx/yyy. It works perfectly when I run gphoto2 or gtkam as root.

The versions of relevant packages are:

[Headrush]

So what have you done? Did you follow this howto?

Unless something has recently changed in hotplugging I'm not away of, this should work.

[kly84g]

[kly84g]

The answer is: