search

Julusian / node-elgato-stream-deck

A Node.js library for interfacing with the Elgato Stream Deck. https://julusian.github.io/node-elgato-stream-deck/
https://www.npmjs.com/org/elgato-stream-deck
MIT License
159 stars 22 forks source link

Update Linux Directions to Reference use of Dynamic User ACLs #88

Closed erin-allison closed 3 months ago

erin-allison commented 3 months ago

The directions described to allow access to the Stream Deck devices on Linux are written in a manner specific to how Ubuntu and Debian are configured, with a statically assigned group owning the device nodes. As noted in the Archwiki page for udev, this has been discouraged by the systemd developers and use of the plugdev group is classified as a bug for Archlinux packages.

The recommended solution on machines using systemd (aka most popular distros) is to tag the devices with a special tag "uaccess", which coordinates with systemd-logind to dynamically grant access when the user is logged in. The only caveat here is that access to the system over SSH doesn't apply the ACL, though given the nature of the devices this library interfaces with, I don't see that as a common issue.

Implementing this as an alternative to the currently documented rules would have the rules file looking like this:

SUBSYSTEM=="input", GROUP="input", MODE="0660", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0060", MODE="660", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0063", MODE="660", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="006c", MODE="660", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="006d", MODE="660", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0080", MODE="660", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0084", MODE="660", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0086", MODE="660", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0090", MODE="660", TAG+="uaccess"
KERNEL=="hidraw*", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0060", MODE="660", TAG+="uaccess"
KERNEL=="hidraw*", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0063", MODE="660", TAG+="uaccess"
KERNEL=="hidraw*", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="006c", MODE="660", TAG+="uaccess"
KERNEL=="hidraw*", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="006d", MODE="660", TAG+="uaccess"
KERNEL=="hidraw*", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0080", MODE="660", TAG+="uaccess"
KERNEL=="hidraw*", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0084", MODE="660", TAG+="uaccess"
KERNEL=="hidraw*", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0086", MODE="660", TAG+="uaccess"
KERNEL=="hidraw*", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="0090", MODE="660", TAG+="uaccess"
Julusian commented 3 months ago

I've moved the rules around a bit (into files instead of part of the readme), and included the two versions. I hate that we have to do this, but in my experience headless environments are not uncommon. Streamdecks with a pi make for a great always on control system for things.

erin-allison commented 3 months ago

Mmmm good point, I didn't think about a headless control unit. :+1: