nixos/i2c: add module to set up i2c permissions

This is a very simple module that installs a single udev rule.
The rule set the ownership of all /dev/i2c-* devices to a
group, "i2c" by default but can be changed. The "uaccess" tag
also makes systemd add an ACL for users with a seat[1].

Fix issue #91771

[1]: https://enotty.pipebreaker.pl/2012/05/23/linux-automatic-user-acl-management/
This commit is contained in:
rnhmjoj 2021-02-05 08:52:51 +01:00
parent 64c1248464
commit afde028672
No known key found for this signature in database
GPG Key ID: BFBAF4C975F76450
2 changed files with 44 additions and 0 deletions

View File

@ -0,0 +1,43 @@
{ config, lib, ... }:
with lib;
let
cfg = config.hardware.i2c;
in
{
options.hardware.i2c = {
enable = mkEnableOption ''
i2c devices support. By default access is granted to users in the "i2c"
group (will be created if non-existent) and any user with a seat, meaning
logged on the computer locally.
'';
group = mkOption {
type = types.str;
default = "i2c";
description = ''
Grant access to i2c devices (/dev/i2c-*) to users in this group.
'';
};
};
config = mkIf cfg.enable {
boot.kernelModules = [ "i2c-dev" ];
users.groups = mkIf (cfg.group == "i2c") {
i2c = { };
};
services.udev.extraRules = ''
# allow group ${cfg.group} and users with a seat use of i2c devices
ACTION=="add", KERNEL=="i2c-[0-9]*", TAG+="uaccess", GROUP="${cfg.group}", MODE="660"
'';
};
meta.maintainers = [ maintainers.rnhmjoj ];
}

View File

@ -46,6 +46,7 @@
./hardware/cpu/intel-microcode.nix
./hardware/digitalbitbox.nix
./hardware/device-tree.nix
./hardware/i2c.nix
./hardware/sensor/hddtemp.nix
./hardware/sensor/iio.nix
./hardware/keyboard/zsa.nix