1UDEV(7) udev UDEV(7)
2
6 udev - Dynamic device management
7
9 udev supplies the system software with device events, manages
10 permissions of device nodes and may create additional symlinks in the
11 /dev directory, or renames network interfaces. The kernel usually just
12 assigns unpredictable device names based on the order of discovery.
13 Meaningful symlinks or network device names provide a way to reliably
14 identify devices based on their properties or current configuration.
15 The udev daemon, systemd-udevd.service(8), receives device uevents
17 directly from the kernel whenever a device is added or removed from the
18 system, or it changes its state. When udev receives a device event, it
19 matches its configured set of rules against various device attributes
20 to identify the device. Rules that match may provide additional device
21 information to be stored in the udev database or to be used to create
22 meaningful symlink names.
23 All device information udev processes is stored in the udev database
25 and sent out to possible event subscribers. Access to all stored data
26 and the event sources is provided by the library libudev.
27
29 The udev rules are read from the files located in the system rules
30 directory /usr/lib/udev/rules.d, the volatile runtime directory
31 /run/udev/rules.d and the local administration directory
32 /etc/udev/rules.d. All rules files are collectively sorted and
33 processed in lexical order, regardless of the directories in which they
34 live. However, files with identical filenames replace each other. Files
35 in /etc have the highest priority, files in /run take precedence over
36 files with the same name in /usr/lib. This can be used to override a
37 system-supplied rules file with a local file if needed; a symlink in
38 /etc with the same name as a rules file in /usr/lib, pointing to
39 /dev/null, disables the rules file entirely. Rule files must have the
40 extension .rules; other extensions are ignored.
41 Every line in the rules file contains at least one key-value pair.
43 Except for empty lines or lines beginning with "#", which are ignored.
44 There are two kinds of keys: match and assignment. If all match keys
45 match against their values, the rule gets applied and the assignment
46 keys get the specified values assigned.
47 A matching rule may rename a network interface, add symlinks pointing
49 to the device node, or run a specified program as part of the event
50 handling.
51 A rule consists of a comma-separated list of one or more key-value
53 pairs. Each key has a distinct operation, depending on the used
54 operator. Valid operators are:
55 "=="
57 Compare for equality.
58 "!="
60 Compare for inequality.
61 "="
63 Assign a value to a key. Keys that represent a list are reset and
64 only this single value is assigned.
65 "+="
67 Add the value to a key that holds a list of entries.
68 "-="
70 Remove the value from a key that holds a list of entries.
71 ":="
73 Assign a value to a key finally; disallow any later changes.
74 The following key names can be used to match against device properties.
76 Some of the keys also match against properties of the parent devices in
77 sysfs, not only the device that has generated the event. If multiple
78 keys that match a parent device are specified in a single rule, all
79 these keys must match at one and the same parent device.
80 ACTION
82 Match the name of the event action.
83 DEVPATH
85 Match the devpath of the event device.
86 KERNEL
88 Match the name of the event device.
89 NAME
91 Match the name of a network interface. It can be used once the NAME
92 key has been set in one of the preceding rules.
93 SYMLINK
95 Match the name of a symlink targeting the node. It can be used once
96 a SYMLINK key has been set in one of the preceding rules. There may
97 be multiple symlinks; only one needs to match.
98 SUBSYSTEM
100 Match the subsystem of the event device.
101 DRIVER
103 Match the driver name of the event device. Only set this key for
104 devices which are bound to a driver at the time the event is
105 generated.
106 ATTR{filename}
108 Match sysfs attribute values of the event device. Trailing
109 whitespace in the attribute values is ignored unless the specified
110 match value itself contains trailing whitespace.
111 KERNELS
113 Search the devpath upwards for a matching device name.
114 SUBSYSTEMS
116 Search the devpath upwards for a matching device subsystem name.
117 DRIVERS
119 Search the devpath upwards for a matching device driver name.
120 ATTRS{filename}
122 Search the devpath upwards for a device with matching sysfs
123 attribute values. If multiple ATTRS matches are specified, all of
124 them must match on the same device. Trailing whitespace in the
125 attribute values is ignored unless the specified match value itself
126 contains trailing whitespace.
127 TAGS
129 Search the devpath upwards for a device with matching tag.
130 ENV{key}
132 Match against a device property value.
133 TAG
135 Match against a device tag.
136 TEST{octal mode mask}
138 Test the existence of a file. An octal mode mask can be specified
139 if needed.
140 PROGRAM
142 Execute a program to determine whether there is a match; the key is
143 true if the program returns successfully. The device properties are
144 made available to the executed program in the environment. The
145 program's standard output is available in the RESULT key.
146 This can only be used for very short-running foreground tasks. For
148 details, see RUN.
149 RESULT
151 Match the returned string of the last PROGRAM call. This key can be
152 used in the same or in any later rule after a PROGRAM call.
153 Most of the fields support shell glob pattern matching and alternate
155 patterns. The following special characters are supported:
156 "*"
158 Matches zero or more characters.
159 "?"
161 Matches any single character.
162 "[]"
164 Matches any single character specified within the brackets. For
165 example, the pattern string "tty[SR]" would match either "ttyS" or
166 "ttyR". Ranges are also supported via the "-" character. For
167 example, to match on the range of all digits, the pattern "[0-9]"
168 could be used. If the first character following the "[" is a "!",
169 any characters not enclosed are matched.
170 "|"
172 Separates alternative patterns. For example, the pattern string
173 "abc|x*" would match either "abc" or "x*".
174 The following keys can get values assigned:
176 NAME
178 The name to use for a network interface. See systemd.link(5) for a
179 higher-level mechanism for setting the interface name. The name of
180 a device node cannot be changed by udev, only additional symlinks
181 can be created.
182 SYMLINK
184 The name of a symlink targeting the node. Every matching rule adds
185 this value to the list of symlinks to be created.
186 The set of characters to name a symlink is limited. Allowed
188 characters are "0-9A-Za-z#+-.:=@_/", valid UTF-8 character
189 sequences, and "\x00" hex encoding. All other characters are
190 replaced by a "_" character.
191 Multiple symlinks may be specified by separating the names by the
193 space character. In case multiple devices claim the same name, the
194 link always points to the device with the highest link_priority. If
195 the current device goes away, the links are re-evaluated and the
196 device with the next highest link_priority becomes the owner of the
197 link. If no link_priority is specified, the order of the devices
198 (and which one of them owns the link) is undefined.
199 Symlink names must never conflict with the kernel's default device
201 node names, as that would result in unpredictable behavior.
202 OWNER, GROUP, MODE
204 The permissions for the device node. Every specified value
205 overrides the compiled-in default value.
206 SECLABEL{module}
208 Applies the specified Linux Security Module label to the device
209 node.
210 ATTR{key}
212 The value that should be written to a sysfs attribute of the event
213 device.
214 ENV{key}
216 Set a device property value. Property names with a leading "." are
217 neither stored in the database nor exported to events or external
218 tools (run by, for example, the PROGRAM match key).
219 TAG
221 Attach a tag to a device. This is used to filter events for users
222 of libudev's monitor functionality, or to enumerate a group of
223 tagged devices. The implementation can only work efficiently if
224 only a few tags are attached to a device. It is only meant to be
225 used in contexts with specific device filter requirements, and not
226 as a general-purpose flag. Excessive use might result in
227 inefficient event handling.
228 RUN{type}
230 Add a program to the list of programs to be executed after
231 processing all the rules for a specific event, depending on "type":
232 "program"
234 Execute an external program specified as the assigned value. If
235 no absolute path is given, the program is expected to live in
236 /usr/lib/udev; otherwise, the absolute path must be specified.
237 This is the default if no type is specified.
239 "builtin"
241 As program, but use one of the built-in programs rather than an
242 external one.
243 The program name and following arguments are separated by spaces.
245 Single quotes can be used to specify arguments with spaces.
246 This can only be used for very short-running foreground tasks.
248 Running an event process for a long period of time may block all
249 further events for this or a dependent device.
250 Starting daemons or other long-running processes is not appropriate
252 for udev; the forked processes, detached or not, will be
253 unconditionally killed after the event handling has finished.
254 LABEL
256 A named label to which a GOTO may jump.
257 GOTO
259 Jumps to the next LABEL with a matching name.
260 IMPORT{type}
262 Import a set of variables as device properties, depending on
263 "type":
264 "program"
266 Execute an external program specified as the assigned value and
267 import its output, which must be in environment key format.
268 Path specification, command/argument separation, and quoting
269 work like in RUN.
270 "builtin"
272 Similar to "program", but use one of the built-in programs
273 rather than an external one.
274 "file"
276 Import a text file specified as the assigned value, the content
277 of which must be in environment key format.
278 "db"
280 Import a single property specified as the assigned value from
281 the current device database. This works only if the database is
282 already populated by an earlier event.
283 "cmdline"
285 Import a single property from the kernel command line. For
286 simple flags the value of the property is set to "1".
287 "parent"
289 Import the stored keys from the parent device by reading the
290 database entry of the parent device. The value assigned to
291 IMPORT{parent} is used as a filter of key names to import (with
292 the same shell glob pattern matching used for comparisons).
293 This can only be used for very short-running foreground tasks. For
295 details see RUN.
296 WAIT_FOR
298 Wait for a file to become available or until a timeout of 10
299 seconds expires. The path is relative to the sysfs device; if no
300 path is specified, this waits for an attribute to appear.
301 OPTIONS
303 Rule and device options:
304 link_priority=value
306 Specify the priority of the created symlinks. Devices with
307 higher priorities overwrite existing symlinks of other devices.
308 The default is 0.
309 string_escape=none|replace
311 Usually control and other possibly unsafe characters are
312 replaced in strings used for device naming. The mode of
313 replacement can be specified with this option.
314 static_node=
316 Apply the permissions specified in this rule to the static
317 device node with the specified name. Also, for every tag
318 specified in this rule, create a symlink in the directory
319 /run/udev/static_node-tags/tag pointing at the static device
320 node with the specified name. Static device node creation is
321 performed by systemd-tmpfiles before systemd-udevd is started.
322 The static nodes might not have a corresponding kernel device;
323 they are used to trigger automatic kernel module loading when
324 they are accessed.
325 watch
327 Watch the device node with inotify; when the node is closed
328 after being opened for writing, a change uevent is synthesized.
329 nowatch
331 Disable the watching of a device node with inotify.
332 The NAME, SYMLINK, PROGRAM, OWNER, GROUP, MODE, and RUN fields support
334 simple string substitutions. The RUN substitutions are performed after
335 all rules have been processed, right before the program is executed,
336 allowing for the use of device properties set by earlier matching
337 rules. For all other fields, substitutions are performed while the
338 individual rule is being processed. The available substitutions are:
339 $kernel, %k
341 The kernel name for this device.
342 $number, %n
344 The kernel number for this device. For example, "sda3" has kernel
345 number "3".
346 $devpath, %p
348 The devpath of the device.
349 $id, %b
351 The name of the device matched while searching the devpath upwards
352 for SUBSYSTEMS, KERNELS, DRIVERS, and ATTRS.
353 $driver
355 The driver name of the device matched while searching the devpath
356 upwards for SUBSYSTEMS, KERNELS, DRIVERS, and ATTRS.
357 $attr{file}, %s{file}
359 The value of a sysfs attribute found at the device where all keys
360 of the rule have matched. If the matching device does not have such
361 an attribute, and a previous KERNELS, SUBSYSTEMS, DRIVERS, or ATTRS
362 test selected a parent device, then the attribute from that parent
363 device is used.
364 If the attribute is a symlink, the last element of the symlink
366 target is returned as the value.
367 $env{key}, %E{key}
369 A device property value.
370 $major, %M
372 The kernel major number for the device.
373 $minor, %m
375 The kernel minor number for the device.
376 $result, %c
378 The string returned by the external program requested with PROGRAM.
379 A single part of the string, separated by a space character, may be
380 selected by specifying the part number as an attribute: "%c{N}". If
381 the number is followed by the "+" character, this part plus all
382 remaining parts of the result string are substituted: "%c{N+}".
383 $parent, %P
385 The node name of the parent device.
386 $name
388 The current name of the device. If not changed by a rule, it is the
389 name of the kernel device.
390 $links
392 A space-separated list of the current symlinks. The value is only
393 set during a remove event or if an earlier rule assigned a value.
394 $root, %r
396 The udev_root value.
397 $sys, %S
399 The sysfs mount point.
400 $devnode, %N
402 The name of the device node.
403 %%
405 The "%" character itself.
406 $$
408 The "$" character itself.
409
411 systemd-udevd.service(8), udevadm(8), systemd.link(5)
412systemd 219 UDEV(7)