How to grant non-root user access to device files

Yes, you may write an udev rule.

In /etc/udev/rules.d make a file 30-mydevice.rules (number has to be from 0 to 99 and decides only about the script running order; name doesn't really matter, it has just to be descriptive; .rules extension is required, though)

In this example I'm assuming your device is USB based and you know it's vendor and product id (can be checked using lsusb -v), and you're using mydevice group your user has to be in to use the device. This should be file contents in that case:

SUBSYSTEM=="usb", SYSFS{idVendor}=="0123", SYSFS{idProduct}=="4567", ACTION=="add", GROUP="mydevice", MODE="0664"

MODE equal to 0664 allows device to be written to by it's owner (probably root) and the defined group.


One way is to add the user to the corresponding "device-group". There are a whole range of groups for various sorts of devices (disk, floppy, tty, video, cdrom, ...) under Linux, so you can add the user to the corresponding group in /etc/group.

Another way is to make a "pseudo-user" (eg. the games-user). You add this user to the device-groups it should have. Finally you change the owner of certain programs (like a program for scanning images) to this user, and set chmod u+s . This will cause the program to be run as the pseudo-user - not the real user, thus having access to the devices. You can use the group of the programs to limit which user may execute the program.

Finally, you can set the group of programs needing a specific device to the device-group and set chmod g+s. This will cause the program to run with the rights of the group (in addition to the right of the normal user running it), thus allowing extended access to the device.