Score:1

App permissions overriding usb symbolic link permissions

mh flag

My goal is to limit access to FPGA dev board (connected by usb) to certain users. We normally access these dev boards using Vivado or Quartus Prime. For some reason, Vivado seems to be overriding the permissions, and still allows any user to read/write to the board despite the permissions I updated using udev rules. I'm not sure how to prevent this application from superseding the rules I made.

This is what I tried to do below:

I placed a rules file under /etc/udev/rules.d with the following contents

SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6010", ATTRS{serial}=="210328AD3B1E", OWNER:="username", MODE:="0600"

This was the resulting permissions from the symbolic link under /dev

crw------- 1 username dialout 188, 1 Jan 13 18:14 ttyUSB1

I'm also curious what the "1" before the username and the "188" subsequently means.

Any help or advice would be appreciated.

FPGA_Student_Driver avatar
mh flag
After some deep searching, I've come to the conclusion that Ubuntu does not have the capabilities I need to resolve this. As far as I can tell, I am unable to dynamically alter permissions for usb devices unless I cycle power, and that is not something I can do with Ubuntu. Furthermore, I don't think there is a way to prevent my application from overriding permissions If it has its own read/write privileges.
Score:0
ng flag
  • For the column meaning of ls check this post from SE Unix.

  • You can use a group to filter users. However as long the application is run read-write permission, it will override the permissions.

    Better to look how that app is resetting the permission, may be it is just another custom udev rule.

    udevadm info -a /dev/ttyUSB1
    udevadm test /sys/bus/usb/devices/...
    
FPGA_Student_Driver avatar
mh flag
So I found that the permission were being overwritten by another rules file, and I added another rule to address it, but it didn't seem to resolve the problem. Is there a way to run the application tied to user permissions?
user.dz avatar
ng flag
@FPGA_Student_Driver, yes you can run the app as another user or group too, using `su` or `sudo` . You may check man page for command options
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.