From 6ab4b0faef22b4fda4b6a3b45dca4c3858eb8802 Mon Sep 17 00:00:00 2001 From: sommerfeld Date: Wed, 13 May 2026 13:43:39 +0100 Subject: feat(udev,flatpak): allow ungoogled-chromium to talk to ZSA keyboards usevia.app uses WebHID to talk to /dev/hidraw* directly. Two layers were blocking it: 1. Host: no udev rule existed for ZSA boards, so /dev/hidraw nodes were root-only. Add etc/udev/rules.d/50-zsa.rules covering the ZSA VID 3297 (ErgoDox EZ / Moonlander / Voyager) with TAG+=uaccess so logind grants the active session user access. Also include the two bootloader VIDs used during firmware flashing for completeness. 2. Sandbox: the chromium flatpak only sees /dev/dri by default. Add a --device=all override (flatpak has no finer-grained device knob). The host udev rule still gates which hidraw nodes the user can actually open, so this isn't a meaningful escalation. Also wire `udevadm control --reload && udevadm trigger` into the etc deploy script so rule changes apply without a reboot or replug. --- run_onchange_after_deploy-etc.sh.tmpl | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'run_onchange_after_deploy-etc.sh.tmpl') diff --git a/run_onchange_after_deploy-etc.sh.tmpl b/run_onchange_after_deploy-etc.sh.tmpl index d08f989..ec53c99 100755 --- a/run_onchange_after_deploy-etc.sh.tmpl +++ b/run_onchange_after_deploy-etc.sh.tmpl @@ -31,6 +31,11 @@ sudo ln -sfT sudo /etc/pam.d/sudo-i # (e.g. HandlePowerKey overrides) take effect without dropping sessions. sudo systemctl kill -s HUP systemd-logind +# Reload udev rules and re-trigger so changes in etc/udev/rules.d/ apply +# to already-plugged devices without a reboot or replug. +sudo udevadm control --reload +sudo udevadm trigger + # Make sudo-rs the system-wide sudo via /usr/local/bin precedence. # Targets may not exist yet on first bootstrap (sudo-rs is installed by # the subsequent pkg-apply step); the symlinks resolve once it lands. -- cgit v1.3.1