[mdlug] Custom udev rule for USB flash drive

Michael ORourke mrorourke at earthlink.net
Thu Feb 4 00:52:39 EST 2016 

Lug Nuts,

I ran into a weird problem the other day and was wondering if anyone 
else has run into this before.  First off, it's probably better to give 
some history into what I am trying to do and then explain what I have 
run into.  Okay, I wrote a custom udev rule which launches a script to 
backup some archive files from a server to the inserted USB flash 
drive.  Basically the udev rule has to match the manufacturer and serial 
number of the USB flash drive, then it creates an alias in /dev and 
finally launches the backup script. For added security, I used an 
encrypted volume on top of the partition in case the flashdrive get's 
lost or stolen.   Suppose the device alias is called MyFlashDrive.  So 
when the udev rule fires, it creates /dev/MyFlashDrive, then kicks off 
/usr/local/sbin/USB-backup.sh script.  The script will do various checks 
to verify that the flashdrive can be decrypted and mounted properly and 
it has the correct volume label (for rotation purposes).  The cryptsetup 
utility will create a new device node, example: /dev/mapper/MySecureVol, 
which then allows me to write a filesystem on it then mount it.  Okay, 
here is where the weirdness starts.  If I try to manually troubleshoot 
my script by running the cryptsetup command to decrypt the flashdrive 
(/dev/MyFlashDrive), it will then trigger the execution of the 
/usr/local/sbin/USB-backup.sh script.  I have confirmed this behavior on 
two separate servers. Even though I never unplugged and plugged the 
flashdrive back in, it still launches the backup script all over again.  
Clearly this is related to the custom udev rule that was setup.

The udev rule looks like:
SUBSYSTEM=="block", KERNEL=="???1", ATTRS{idVendor}=="xxxx", 
ATTRS{idProduct}=="yyyy", ATTRS{serial}=="zzzzzzzzzzzzzzzz", 
SYMLINK+="flashdrive", RUN+="/usr/local/sbin/USB-backup.sh"

My guess is udev does not care if anyone physically touched the 
flashdrive.  All it cares is that it sees a new block device 
(MySecureVol) that matches the idVendor, idProduct, and serial numbers, 
so it re-launches the script.  Any ideas how to tweak this behavior so 
that the script will fire each time the device is plugged in, but 
exclude any /dev/mapper/MySecureVol devices?

Thanks,
Mike

More information about the mdlug mailing list