udev makes the GPG keys owned by root
in the most recent Fedoras for some reason; I have to install a udev
rule to make sure they are properly owned.
- name: yubikey udev rules in place
lineinfile:
create: yes
dest: /etc/udev/rules.d/99-yubikeys.rules
regexp: '0111'
line: 'SUBSYSTEMS=="usb", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0111", OWNER="{{local_account}}"'
tags:
- yubikeys
- name: yubikey udev rules in place
lineinfile:
create: yes
dest: /etc/udev/rules.d/99-yubikeys.rules
regexp: '0407'
line: 'SUBSYSTEMS=="usb", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0407", OWNER="{{local_account}}"'
tags:
- yubikeysand in My NixOS configuration this is simple:
{ pkgs, ... }:
{
services.udev.packages = [ pkgs.yubikey-personalization ];
}