How to create a linux user group that grants access to USB devices?

Question

How can I create a new user group that will grant the group members access to USB devices connected to the system?

a.) to all connected USB devices?
b.) only to USB devices with VID=0x1234?
c.) only to USB devices with VID=0x1234 and PID=0xABCD?

The OS version is: Raspbian GNU/Linux 10 (buster)

I have a C++ program that connects to an USB acceleration sensor. The program uses libusb and can communicate with the sensor when started with sudo ./myprogram. Without sudo the program has permission problems.

Answer 1

you can use udev rules to set things like file mode bits and user/group for the devices - so for point c) in your question it's fairly simple - maybe point b) as well, but not point a)

e.g. create file /etc/udev/rules.d/mydevices.rules with the content

SUBSYSTEMS=="usb", ATTRS{idVendor}=="1234", ATTRS{idProduct}=="abcd", MODE="0660", GROUP="mygroup"

Create group mygroup (-r makes it a "system" group)

groupadd -r mygroup

Then add mygroup group to any user that would require access to that device

usermod -a -G mygroup someuser

I'm not sure if you omit ATTRS{idProduct}=="abcd" if it would apply to all products from vendor 1234 - but, you probably don't want that anyway

By the way, there's a group called plugdev which is standard in all my pi's and user pi is a member of it - I mention this because when adding SDR support, the install creates a udev rules file with rules such as

SUBSYSTEMS=="usb", ATTRS{idVendor}=="1f4d", ATTRS{idProduct}=="a803", ENV{ID_SOFTWARE_RADIO}="1", MODE="0660", GROUP="plugdev"