7.3 About Udev Rules

Udev uses rules files that determine how it identifies devices and creates device names. The udev daemon (udevd) reads the rules files at system startup and stores the rules in memory. If you add or remove a device, the kernel sends an event action (uevent) notification to udevd, which matches the in-memory rules against the device attributes in /sys to identify the device. As part of device event handling, rules can specify additional programs that should run to configure a device. Rules files, which have the file extension .rules, are located in the following directories:

/lib/udev/rules.d

Contains default rules files. Do not edit these files.

/etc/udev/rules.d/*.rules

Contains customized rules files. You can modify these files.

/dev/.udev/rules.d/*.rules

Contains temporary rules files. Do not edit these files.

udevd processes the rules files in lexical order, regardless of which directory they are located. Rules files in /etc/udev/rules.d override files of the same name in /lib/udev/rules.d.

The following rules are extracted from the file /lib/udev/rules.d/50-udev- default.rules and illustrate the syntax of udev rules.

# do not edit this file, it will be overwritten on update

SUBSYSTEM=="block", SYMLINK{unique}+="block/%M:%m"
SUBSYSTEM!="block", SYMLINK{unique}+="char/%M:%m"

KERNEL=="pty[pqrstuvwxyzabcdef][0123456789abcdef]", GROUP="tty", MODE="0660"
KERNEL=="tty[pqrstuvwxyzabcdef][0123456789abcdef]", GROUP="tty", MODE="0660"
...
# mem
KERNEL=="null|zero|full|random|urandom", MODE="0666"
KERNEL=="mem|kmem|port|nvram",  GROUP="kmem", MODE="0640"
...
# block
SUBSYSTEM=="block", GROUP="disk"
...
# network
KERNEL=="tun",                  MODE="0666"
KERNEL=="rfkill",               MODE="0644"

# CPU
KERNEL=="cpu[0-9]*",            MODE="0444"
...
# do not delete static device nodes
ACTION=="remove", NAME=="", TEST=="/lib/udev/devices/%k", \
    OPTIONS+="ignore_remove"
ACTION=="remove", NAME=="?*", TEST=="/lib/udev/devices/$name", \
    OPTIONS+="ignore_remove"

Comment lines begin with a # character. All other non-blank lines define a rule, which is a list of one or more comma-separated key-value pairs. A rule either assigns a value to a key or it tries to find a match for a key by comparing its current value with the specified value. The following table shows the assignment and comparison operators that you can use.

Operator

Description

=

Assign a value to a key, overwriting any previous value.

+=

Assign a value by appending it to the key's current list of values.

:=

Assign a value to a key. This value cannot be changed by any further rules.

==

Match the key's current value against the specified value for equality.

!=

Match the key's current value against the specified value for equality.

You can use the following shell-style pattern matching characters in values.

Character

Description

?

Matches a single character.

*

Matches any number of characters, including zero.

[]

Matches any single character or character from a range of characters specified within the brackets. For example, tty[sS][0-9] would match ttys7 or ttyS7.

The following table lists commonly used match keys in rules.

Match Key

Description

ACTION

Matches the name of the action that led to an event. For example, ACTION="add" or ACTION="remove".

ENV{key}

Matches a value for the device property key. For example, ENV{DEVTYPE}=="disk".

KERNEL

Matches the name of the device that is affected by an event. For example, KERNEL=="dm-*" for disk media.

NAME

Matches the name of a device file or network interface. For example, NAME="?*" for any name that consists of one or more characters.

SUBSYSTEM

Matches the subsystem of the device that is affected by an event. For example, SUBSYSTEM=="tty".

TEST

Tests if the specified file or path exists. For example, TEST=="/lib/udev/devices/$name", where $name is the name of the currently matched device file.

Other match keys include ATTR{filename}, ATTRS{filename}, DEVPATH, DRIVER, DRIVERS, KERNELS, PROGRAM, RESULT, SUBSYSTEMS, and SYMLINK.

The following table lists commonly used assignment keys in rules.

Assignment Key

Description

ENV{key}

Specifies a value for the device property key. For example, GROUP="disk".

GROUP

Specifies the group for a device file. For example, GROUP="disk".

IMPORT{type}

Specifies a set of variables for the device property, depending on type:

cmdline

Import a single property from the boot kernel command line. For simple flags, udevd sets the value of the property to 1. For example, IMPORT{cmdline}="nodmraid".

db

Interpret the specified value as an index into the device database and import a single property, which must have already been set by an earlier event. For example, IMPORT{db}="DM_UDEV_LOW_PRIORITY_FLAG".

file

Interpret the specified value as the name of a text file and import its contents, which must be in environmental key format. For example, IMPORT{file}="keyfile".

parent

Interpret the specified value as a key-name filter and import the stored keys from the database entry for the parent device. For example IMPORT{parent}="ID_*".

program

Run the specified value as an external program and imports its result, which must be in environmental key format. For example IMPORT{program}="usb_id --export %p".

MODE

Specifies the permissions for a device file. For example, MODE="0640".

NAME

Specifies the name of a device file. For example, NAME="eth0".

OPTIONS

Specifies rule and device options. For example, OPTIONS+="ignore_remove", which means that the device file is not removed if the device is removed.

OWNER

Specifies the owner for a device file. For example, GROUP="root".

RUN

Specifies a command to be run after the device file has been created. For example, RUN+="/usr/bin/eject $kernel", where $kernel is the kernel name of the device.

SYMLINK

Specifies the name of a symbolic link to a device file. For example, SYMLINK+="disk/by-uuid/$env{ID_FS_UUID_ENC}", where $env{} is substituted with the specified device property.

Other assignment keys include ATTR{key}, GOTO, LABEL, RUN, and WAIT_FOR.

The following table shows string substitutions that are commonly used with the GROUP, MODE, NAME, OWNER, PROGRAM, RUN, and SYMLINK keys.

String Substitution

Description

$attr{file} or

%s{file}

Specifies the value of a device attribute from a file under /sys. For example, ENV{MATCHADDR}="$attr{address}".

$devpath or

%p

The device path of the device in the sysfs file system under /sys. For example, RUN+="keyboard-force-release.sh $devpath common-volume-keys".

$env{key} or

%E{key}

Specifies the value of a device property. For example, SYMLINK+="disk/by-id/md-name-$env{MD_NAME}-part%n".

$kernel or

%k

The kernel name for the device.

$major or

%M

Specifies the major number of a device. For example, IMPORT{program}="udisks-dm-export %M %m".

$minor or

%m

Specifies the minor number of a device. For example, RUN+="$env{LVM_SBIN_PATH}/lvm pvscan --cache --major $major --minor $minor".

$name

Specifies the device file of the current device. For example, TEST=="/lib/udev/devices/$name".

Udev expands the strings specified for RUN immediately before its program is executed, which is after udev has finished processing all other rules for the device. For the other keys, udev expands the strings while it is processing the rules.

For more information, see the udev(7) manual page.