linux_input_permissions

By default your distro (hopefully) has read/write access to the input devices disabled on user accounts. If these were allowed it would be a tremendous security hole, as any user on the system could see every input event (including keyboard events such as you typing your banking password, etc).

One may be inclined to run swift as root, or to `chmod 777 /dev/input/event*`, however this is not advisable for the aforementioned reasons.

The approach we will take is to create an co\`input\` group, add yourself to it, and then create a udev rule that provides the necessary settings.

# Creating an Input Group

This is simple stuff. Create a group and add yourself to it:

``` {.} sudo groupadd input sudo gpasswd -a username input ```

Now log out of your shell, and log back in, so that you are part of the input group. You can verify that the change took place by running the `groups` command.

# Creating a udev Rule

Unfortunately this may vary by distro, however the concepts will likely be exactly the same or highly similar - this method is known to be true for openSUSE. You need to locate the udev rules.d directory, which is usually in [/etc/udev/rules.d]{.title-ref}. Next create a rule file for the input device nodes. Your distro may already have a rule file for this purpose, however we still want to create our own since their file may get replaced during a distro upgrade. Make sure that the new file has a priority higher than that of any other file with an event rule in it. For example as root, create the file \`/etc/udev/rules.d/99-input.rules\`:

``` {.} KERNEL==“event*”, NAME=“input/%k”, MODE=“660”, GROUP=“input” KERNEL==“js*”, NAME=“input/%k”, MODE=“664”, GROUP=“input” ```

In Ubuntu, you need to add colons like this:

``` {.} KERNEL==“event*”, NAME=“input/%k”, MODE:=“660”, GROUP=“input” KERNEL==“js*”, NAME=“input/%k”, MODE:=“664”, GROUP=“input” ```

Then you just need to reload udev rules so that the permissions get updated.

``` {.} udevadm control –reload-rules udevadm trigger ```

Note that on my system, reloading udev had no effect. I ended up having to reboot, which did the trick. If anyone knows of a way to make the changes take place without a reboot, please fix this section!

Now check the permissions on `/dev/input/event*` and verify that the group ownership on the device nodes are set to \`input\`:

``` {.} $ ls -al /dev/input/ total 0 drwxr-xr-x 4 root root 440 Jun 6 12:32 . drwxr-xr-x 21 root root 4480 Jun 10 09:00 .. drwxr-xr-x 2 root root 120 Jun 6 12:32 by-id drwxr-xr-x 2 root root 140 Jun 6 12:32 by-path crw-rw—- 1 root input 13, 64 Jun 10 09:00 event0 crw-rw—- 1 root input 13, 65 Jun 10 09:00 event1 crw-rw—- 1 root input 13, 74 Jun 10 09:00 event10 crw-rw—- 1 root input 13, 75 Jun 10 09:00 event11 crw-rw—- 1 root input 13, 76 Jun 10 09:00 event12 crw-rw—- 1 root input 13, 77 Jun 10 09:00 event13 crw-rw—- 1 root input 13, 78 Jun 10 09:00 event14 crw-rw—- 1 root input 13, 79 Jun 10 09:00 event15 crw-rw—- 1 root input 13, 66 Jun 10 09:00 event2 crw-rw—- 1 root input 13, 67 Jun 10 09:00 event3 crw-rw—- 1 root input 13, 68 Jun 10 09:00 event4 crw-rw—- 1 root input 13, 69 Jun 10 09:00 event5 crw-rw—- 1 root input 13, 70 Jun 10 09:00 event6 crw-rw—- 1 root input 13, 71 Jun 10 09:00 event7 crw-rw—- 1 root input 13, 72 Jun 10 09:00 event8 crw-rw—- 1 root input 13, 73 Jun 10 09:00 event9 crw-r—– 1 root root 13, 63 Jun 10 09:00 mice crw-r—– 1 root root 13, 32 Jun 10 09:00 mouse0 ```

  • linux_input_permissions.txt
  • Last modified: 2020/08/20 19:19
  • by larst