udev rules seem ignored; can not prevent modem manager from grabbing device

While there may be a way to do this with udev, I found a much simpler working solution at this AskUbuntu question.

To summarize, you can tell Network Manager not to manage certain devices by adding a line to its .conf file.

First, find your cell phone's mac address. Run dmesg from the terminal after you plug it in; one of the print outs should have the mac. The line for me was:

[ 4691.112016] cdc_ether 3-1:1.3 usb0: register 'cdc_ether' at usb-0000:00:14.0-1, CDC Ethernet Device, de:1a:28:c7:db:e6

Next, open /etc/NetworkManager/NetworkManager.conf with super user privledges, and add a your phone's mac as an unmanaged device. This is my NetworkManager.conf; I added the last two lines.

[main]
plugins=ifupdown,keyfile
dns=dnsmasq

[ifupdown]
managed=false

[keyfile]
unmanaged-devices=mac:de:1a:28:c7:db:e6

Modem Manager can be configured to use different filter policies, and the udev tags such as ID_MM_DEVICE_IGNORE have no effect under the strict filter policy.

You can determine which policy Modem Manager is using on your system by viewing its status:

> sudo systemctl status ModemManager
● ModemManager.service - Modem Manager
   Loaded: loaded (/lib/systemd/system/ModemManager.service...
   Active: active (running) since ...
   ...
   CGroup: /system.slice/ModemManager.service
           └─644 /usr/sbin/ModemManager --filter-policy=strict

This also shows that the relevant service file is /lib/systemd/system/ModemManager.service. We can edit this file in different ways to disable probing of a particular device.

To use a different policy which will refer to the udev blacklist rules we can change the command in the service:

ExecStart=/usr/sbin/ModemManager --filter-policy=default

Options are default (just use the blacklist rules) or paranoid (like strict but also use the blacklist rules). The documentation mentions this is not recommended as support for blacklist rules may be obsoleted in the future.

Another option is to filter a class of devices using one of several TTY-specific environment variables. This can be achieved by appending a line to the [Service] section of the service file. For example, to prohibit probing of ACM TTY devices:

[Service]
...
Environment="MM_FILTER_RULE_TTY_ACM_INTERFACE=0"

After changing the service file, reload the systemctl configuration and restart ModemManager:

sudo systemctl daemon-reload
sudo systemctl restart ModemManager

For debugging purposes it may be useful to watch modem manager logs when connecting your device. To enable debug logging, run:

sudo mmcli -G DEBUG;

To watch the filter log messages, run:

journalctl -f | grep "ModemManager.*\[filter\]"

Now when you connect your device you should see lines like:

# Device allowed with strict filter policy
[filter] (tty/...): port allowed:... 

# Device filtered with default filter policy and udev tags
[filter] (tty/...): port filtered: device is blacklisted

# Device filtered with strict filter policy and environment variables
[filter] (tty/...) port filtered: forbidden

To return ModemManager logging to its prior state, run:

sudo mmcli -G ERR