-<?xml version='1.0'?>
+<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<refnamediv>
<refname>udev</refname>
- <refpurpose>Linux dynamic device management</refpurpose>
+ <refpurpose>Dynamic device management</refpurpose>
</refnamediv>
<refsect1><title>Description</title>
sources is provided by the library libudev.</para>
</refsect1>
- <refsect1><title>Rules files</title>
+ <refsect1><title>Rules Files</title>
<para>The udev rules are read from the files located in the
system rules directory <filename>/usr/lib/udev/rules.d</filename>,
the volatile runtime directory <filename>/run/udev/rules.d</filename>
and the local administration directory <filename>/etc/udev/rules.d</filename>.
All rules files are collectively sorted and processed in lexical order,
regardless of the directories in which they live. However, files with
- identical file names replace each other. Files in <filename>/etc</filename>
+ identical filenames replace each other. Files in <filename>/etc</filename>
have the highest priority, files in <filename>/run</filename> take precedence
- over files with the same name in <filename>/lib</filename>. This can be
+ over files with the same name in <filename>/usr/lib</filename>. This can be
used to override a system-supplied rules file with a local file if needed;
a symlink in <filename>/etc</filename> with the same name as a rules file in
- <filename>/lib</filename>, pointing to <filename>/dev/null</filename>,
- disables the rules file entirely.</para>
-
- <para>Rule files must have the extension <filename>.rules</filename>; other
- extensions are ignored.</para>
+ <filename>/usr/lib</filename>, pointing to <filename>/dev/null</filename>,
+ disables the rules file entirely. Rule files must have the extension
+ <filename>.rules</filename>; other extensions are ignored.</para>
<para>Every line in the rules file contains at least one key-value pair.
Except for empty lines or lines beginning with <literal>#</literal>, which are ignored.
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><literal>-=</literal></term>
+ <listitem>
+ <para>Remove the value from a key that holds a list of entries.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term><literal>:=</literal></term>
<listitem>
<para>Execute a program to determine whether there
is a match; the key is true if the program returns
successfully. The device properties are made available to the
- executed program in the environment. The program's stdout
- is available in the RESULT key.</para>
- <para>This can only be used for very short-running foreground tasks. For details
+ executed program in the environment. The program's standard output
+ is available in the <varname>RESULT</varname> key.</para>
+ <para>This can only be used for very short-running foreground tasks. For details,
see <varname>RUN</varname>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>RESULT</varname></term>
<listitem>
- <para>Match the returned string of the last PROGRAM call. This key can
- be used in the same or in any later rule after a PROGRAM call.</para>
+ <para>Match the returned string of the last <varname>PROGRAM</varname> call.
+ This key can be used in the same or in any later rule after a
+ <varname>PROGRAM</varname> call.</para>
</listitem>
</varlistentry>
</variablelist>
- <para>Most of the fields support shell-style pattern matching. The following
- pattern characters are supported:</para>
+ <para>Most of the fields support shell glob pattern matching and
+ alternate patterns. The following special characters are supported:</para>
<variablelist>
<varlistentry>
<term><literal>*</literal></term>
example, the pattern string <literal>tty[SR]</literal>
would match either <literal>ttyS</literal> or <literal>ttyR</literal>.
Ranges are also supported via the <literal>-</literal> character.
- For example, to match on the range of all digits, the pattern [0-9] could
- be used. If the first character following the <literal>[</literal> is a
- <literal>!</literal>, any characters not enclosed are matched.</para>
+ For example, to match on the range of all digits, the pattern
+ <literal>[0-9]</literal> could be used. If the first character
+ following the <literal>[</literal> is a <literal>!</literal>,
+ any characters not enclosed are matched.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><literal>|</literal></term>
+ <listitem>
+ <para>Separates alternative patterns. For example, the pattern string
+ <literal>abc|x*</literal> would match either <literal>abc</literal>
+ or <literal>x*</literal>.</para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term><varname>NAME</varname></term>
<listitem>
- <para>The name to use for a network interface. The name of a device node
- cannot be changed by udev, only additional symlinks can be created.</para>
+ <para>The name to use for a network interface. See
+ <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ for a higher-level mechanism for setting the interface name.
+ The name of a device node cannot be changed by udev, only additional
+ symlinks can be created.</para>
</listitem>
</varlistentry>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>SECLABEL{<replaceable>module</replaceable>}</varname></term>
+ <listitem>
+ <para>Applies the specified Linux Security Module label to the device node.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>ATTR{<replaceable>key</replaceable>}</varname></term>
<listitem>
<listitem>
<para>Set a device property value. Property names with a leading <literal>.</literal>
are neither stored in the database nor exported to events or
- external tools (run by, say, the PROGRAM match key).</para>
+ external tools (run by, for example, the <varname>PROGRAM</varname>
+ match key).</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>RUN{<replaceable>type</replaceable>}</varname></term>
<listitem>
- <para>Add a program to the list of programs to be executed after processing all the
- rules for a specific event, depending on <literal>type</literal>:</para>
+ <para>Add a program to the list of programs to be executed after
+ processing all the rules for a specific event, depending on
+ <literal>type</literal>:</para>
<variablelist>
<varlistentry>
<term><literal>program</literal></term>
<listitem>
<para>Execute an external program specified as the assigned
- value. If no absolute path is given, the program is expected to live in
- /usr/lib/udev, otherwise the absolute path must be specified.</para>
- <para>This is the default if no <replaceable>type</replaceable> is
- specified.</para>
+ value. If no absolute path is given, the program is expected
+ to live in <filename>/usr/lib/udev</filename>; otherwise, the
+ absolute path must be specified.</para>
+ <para>This is the default if no <replaceable>type</replaceable>
+ is specified.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>builtin</literal></term>
<listitem>
- <para>As <varname>program</varname>, but use one of the built-in programs rather
- than an external one.</para>
+ <para>As <varname>program</varname>, but use one of the
+ built-in programs rather than an external one.</para>
</listitem>
</varlistentry>
</variablelist>
<para>This can only be used for very short-running foreground tasks. Running an
event process for a long period of time may block all further events for
this or a dependent device.</para>
- <para>Starting daemons or other long running processes is not appropriate
+ <para>Starting daemons or other long-running processes is not appropriate
for udev; the forked processes, detached or not, will be unconditionally
killed after the event handling has finished.</para>
</listitem>
<varlistentry>
<term><varname>LABEL</varname></term>
<listitem>
- <para>A named label to which a GOTO may jump.</para>
+ <para>A named label to which a <varname>GOTO</varname> may jump.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>GOTO</varname></term>
<listitem>
- <para>Jumps to the next LABEL with a matching name.</para>
+ <para>Jumps to the next <varname>LABEL</varname> with a matching name.</para>
</listitem>
</varlistentry>
<para>Import the stored keys from the parent device by reading
the database entry of the parent device. The value assigned to
<option>IMPORT{parent}</option> is used as a filter of key names
- to import (with the same shell-style pattern matching used for
+ to import (with the same shell glob pattern matching used for
comparisons).</para>
</listitem>
</varlistentry>
priorities overwrite existing symlinks of other devices. The default is 0.</para>
</listitem>
</varlistentry>
- <varlistentry>
- <term><option>event_timeout=</option></term>
- <listitem>
- <para>Number of seconds an event waits for operations to finish before
- giving up and terminating itself.</para>
- </listitem>
- </varlistentry>
<varlistentry>
<term><option>string_escape=<replaceable>none|replace</replaceable></option></term>
<listitem>
<varlistentry>
<term><option>static_node=</option></term>
<listitem>
- <para>Apply the permissions specified in this rule to the static device node with
- the specified name. Static device node creation can be requested by kernel modules.
- These nodes might not have a corresponding kernel device at the time systemd-udevd is
- started; they can trigger automatic kernel module loading.</para>
+ <para>Apply the permissions specified in this rule to the
+ static device node with the specified name. Also, for every
+ tag specified in this rule, create a symlink
+ in the directory
+ <filename>/run/udev/static_node-tags/<replaceable>tag</replaceable></filename>
+ pointing at the static device node with the specified name.
+ Static device node creation is performed by systemd-tmpfiles
+ before systemd-udevd is started. The static nodes might not
+ have a corresponding kernel device; they are used to trigger
+ automatic kernel module loading when they are accessed.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>watch</option></term>
<listitem>
- <para>Watch the device node with inotify; when the node is closed after being opened for
- writing, a change uevent is synthesized.</para>
+ <para>Watch the device node with inotify; when the node is
+ closed after being opened for writing, a change uevent is
+ synthesized.</para>
</listitem>
</varlistentry>
<varlistentry>
</varlistentry>
</variablelist>
- <para>The <varname>NAME</varname>, <varname>SYMLINK</varname>, <varname>PROGRAM</varname>,
- <varname>OWNER</varname>, <varname>GROUP</varname>, <varname>MODE</varname> and <varname>RUN</varname>
- fields support simple string substitutions. The <varname>RUN</varname>
- substitutions are performed after all rules have been processed, right before the program
- is executed, allowing for the use of device properties set by earlier matching
- rules. For all other fields, substitutions are performed while the individual rule is
- being processed. The available substitutions are:</para>
+ <para>The <varname>NAME</varname>, <varname>SYMLINK</varname>,
+ <varname>PROGRAM</varname>, <varname>OWNER</varname>,
+ <varname>GROUP</varname>, <varname>MODE</varname>, and
+ <varname>RUN</varname> fields support simple string substitutions.
+ The <varname>RUN</varname> substitutions are performed after all rules
+ have been processed, right before the program is executed, allowing for
+ the use of device properties set by earlier matching rules. For all other
+ fields, substitutions are performed while the individual rule is being
+ processed. The available substitutions are:</para>
<variablelist class='udev-directives'>
<varlistentry>
<term><option>$kernel</option>, <option>%k</option></term>
<term><option>$number</option>, <option>%n</option></term>
<listitem>
<para>The kernel number for this device. For example,
- <literal>sda3</literal> has kernel number <literal>3</literal>.</para>
+ <literal>sda3</literal> has kernel number <literal>3</literal>.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>$id</option>, <option>%b</option></term>
<listitem>
- <para>The name of the device matched while searching the devpath upwards for
- <option>SUBSYSTEMS</option>, <option>KERNELS</option>, <option>DRIVERS</option> and <option>ATTRS</option>.
+ <para>The name of the device matched while searching the devpath
+ upwards for <option>SUBSYSTEMS</option>, <option>KERNELS</option>,
+ <option>DRIVERS</option>, and <option>ATTRS</option>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>$driver</option></term>
<listitem>
- <para>The driver name of the device matched while searching the devpath upwards for
- <option>SUBSYSTEMS</option>, <option>KERNELS</option>, <option>DRIVERS</option> and <option>ATTRS</option>.
+ <para>The driver name of the device matched while searching the
+ devpath upwards for <option>SUBSYSTEMS</option>,
+ <option>KERNELS</option>, <option>DRIVERS</option>, and
+ <option>ATTRS</option>.
</para>
</listitem>
</varlistentry>
<term><option>$attr{<replaceable>file</replaceable>}</option>, <option>%s{<replaceable>file</replaceable>}</option></term>
<listitem>
<para>The value of a sysfs attribute found at the device where
- all keys of the rule have matched. If the matching device does not have
- such an attribute, and a previous KERNELS, SUBSYSTEMS, DRIVERS, or
- ATTRS test selected a parent device, then the attribute from that
- parent device is used.</para>
- <para>If the attribute is a symlink, the last element of the symlink target is
- returned as the value.</para>
+ all keys of the rule have matched. If the matching device does not
+ have such an attribute, and a previous <option>KERNELS</option>,
+ <option>SUBSYSTEMS</option>, <option>DRIVERS</option>, or
+ <option>ATTRS</option> test selected a parent device, then the
+ attribute from that parent device is used.
+ </para>
+ <para>If the attribute is a symlink, the last element of the
+ symlink target is returned as the value.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>$result</option>, <option>%c</option></term>
<listitem>
- <para>The string returned by the external program requested with PROGRAM.
+ <para>The string returned by the external program requested with
+ <varname>PROGRAM</varname>.
A single part of the string, separated by a space character, may be selected
by specifying the part number as an attribute: <literal>%c{N}</literal>.
If the number is followed by the <literal>+</literal> character, this part plus all remaining parts
<refsect1>
<title>See Also</title>
- <para><citerefentry>
+ <para>
+ <citerefentry>
<refentrytitle>systemd-udevd.service</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>udevadm</refentrytitle><manvolnum>8</manvolnum>
- </citerefentry></para>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>
+ </para>
</refsect1>
</refentry>