Creating a udev rule and adding a user to the dialout group

I would like to create a udev rule in ubuntu core for a usb stick that presents itself as a virtual com port.

Normally in ubuntu, I would:

add a rule to /lib/udev/rules.d/10-local.rules:
ACTION=="add", KERNEL=="ttyACM*", ATTRS{idProduct}=="0200", ATTRS{idVendor}=="0659", GROUP="dialout", SYMLINK+="mynewdevicename"


add the user to the dialout group:
sudo usermod -a -G dialout a_username

In ubuntu core, you cannot access /lib/udev/ or /etc/group as it is read only. Is there a way to include the rule in my snapcraft.yaml file and to add a user to the dialout group?

Currently I am running my snap in dev mode on a raspberry pi 3.

1 Like

Official support for this is not currently implemented. The design of the feature is listed here: Multiple users and groups in snaps and your use case falls under ‘use case #2’ of that design. The feature is on the roadmap and will hopefully be prioritized within the coming months.

At this point, the easiest path forward is to access the device as root instead of non-root. Alternatively, note that /etc/udev/rules.d is writable and you can put your rule in there. You will not be able to add users to the dialout group, but you can create a different group using the addgroup command:

$ sudo addgroup --extrausers my-group
$ sudo grep my-group /var/lib/extrausers/group

At this point, you are supposed to be able to add users to that group with this command:

$ sudo adduser --extrausers my-user my-group

but there appears to be a bug in adduser where it doesn’t respect --extrausers with this invocation (cc @ogra). You can simply update /var/lib/extrausers/group yourself though to have:


Also, delgroup doesn’t support --extrausers at this time.

Please note, when the aforementioned official support is in place, all of these tools should be expected to work correctly and there will be a proper, documented mechanism for all of this. Hopefully what I’ve outlined can help you until it is.

1 Like

yes there is an open bug somewhere.

the above will not help for system groups like dialout if this group is already defined inside /etc/group which is readonly.

i’m not sure if adding it a second time to extrausers (to be able to append the user name) will actually work or if the dialout entry from /etc/group will simply take precedence …

[Edit]: i belive this was

ok cool thanks for that, i’ll give it a try

The adduser command does not work from with in the install hook. Is this expected. I get : adduser: Permission denied while running install hook during snap install. My install hook looks something like this

set -e
if [ $(getent passwd $IEQAPP_USER) ] ; then
        echo user $IEQAPP_USER exists
        echo "user $IEQAPP_USER doesn\'t exists, Creating "
        adduser --extrausers --disabled-password --gecos "" --shell /bin/bash ieqapp