So I setup a minimal(just a console, no gui) Fedora virtual machine with KVM/QEMU, it has libnitrokey installed and I downloaded the udev rule from github and placed it in /etc/udev/rules.d. sytemd-udevd is actively running as well. For whatever reason I can’t access the nitrokey 3 as a user, only as root and I don’t understand why, it works just fine on my host(which is the same setup with libnitrokey and the github udev rule), but not in my guest os. I figure it’s a permission issue since ls -l /dev/hidraw0 says that only the root account has rw access, but the udev rules should’ve made this not an issue from what I understand… I’m not sure what else I can troubleshoot as everything appears to be fine from what I can tell.
The host has to grant access for the device (device passthrough). Have a look at the example here.
Yes it is being passed through to the virtual machine. The host loses access and the vm has access as the NitroKey shows up in lsusb and is accessible to the root user(inside the guest). The problem is that I cannot access the Nitrokey as a regular user(inside the guest) despite being able to access the same Nitrokey as a regular user in a meaningfully similar setup on the host operating system(when the guest os is powered off and releases the Nitrokey back to the host). I hope this clears up the dilemma.
Ok, now it is.
Perhaps, you can simply add a permission, e.g. MODE="0660",
to the udev rule for the guest. (alternatively, you could add OWNER and GROUP, but it should not be necessary).
Just find the correct model you use in the udev file and MODE="0660",
before the TAG+=
Then execute udevadm control --reload
in the guest and see if it works. If it does not, run udevadm monitor --property --udev
before plugging it in again and see what happens.