Cannot read/write to usb device [libusb][hidapi]
Bug #1598266 reported by
Szczepan
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Snappy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Hi!
I am trying to use Nitrokey Stick with snapped Nitrokey App (https:/
Snapcraft yaml repo: https:/
App store adress: https:/
I believe this is different than #1591839 Can't read/write to USB devices
App is working correctly in --devmode. However in strict mode I am blocked from read/write to usb and unable to even recognize that device is connected. Application is using hidapi (libusb).
I am attaching log from apparmor, taken with:
/snap/bin/
description: | updated |
tags: |
added: snapd-interface removed: snapd-interfaces |
To post a comment you must log in.
This looks like raw USB access is required.
From the source code referenced above it seems that the following USB vid/pid pairs are used.
#define VID_STICK_OTP 0x20A0
#define PID_STICK_OTP 0x4108
#define VID_STICK_20 0x20A0
#define PID_STICK_20 0x4109 // MSD + CCID + HID production id
#define VID_STICK_ 20_UPDATE_ MODE 0x03EB 20_UPDATE_ MODE 0x2FF1
#define PID_STICK_
I think we'd have to craft a new interface that would somehow let those specific devices be allowed but I'd have to discuss with the team on how this could be done. I think it would require the ongoing hook support to land before we could attempt this (so that we could interrogate udev and find the appropriate devices).
As another approach we could use the udev security backend to inject an udev rule that makes those devices accessible.