docs: Linux device permissions (udev rule for Bolt + Bluetooth-direct)

[recchia]

Part of #148 (Finding 1).

On Linux every hidraw node is root:root 0600 by default, so the CLI/device
layer fails with PermissionDenied (os error 13) without a udev rule. The common
ATTRS{idVendor}=="046d" rule covers the Bolt receiver (USB) but not
Bluetooth-direct devices: those hang off uhid
(/devices/virtual/misc/uhid/0005:046D:XXXX.NNNN), which exposes no USB
idVendor attribute — the vendor only appears in the HID id 0005:046D:*.

This adds:

• udev/70-openlogi.rules with both matchers + a uinput rule for the event hook.
• A "Linux device permissions (preview)" section in the README.

Uses systemd uaccess (group-free; works under X11 and Wayland/GNOME).

Verified on Ubuntu 26.04 / GNOME Wayland: after reload + power-cycling the device,
the node becomes crw-rw----+ with CURRENT_TAGS=…:uaccess: and openlogi list
runs without sudo — for both the Bolt and Bluetooth-direct paths.

Docs-only; no code changes.

[greptile-apps]

Greptile Summary

This PR adds udev/70-openlogi.rules and a corresponding README section to fix PermissionDenied (os error 13) on Linux by granting the active local-seat user access to Logitech hidraw nodes and uinput via systemd uaccess. Two separate matchers are needed because the Bolt/USB path exposes a sysfs idVendor attribute while the Bluetooth-direct path (uhid) only surfaces the vendor in the HID kernel name.

• udev/70-openlogi.rules: Three rules covering USB/Bolt (ATTRS{idVendor}==\"046d\"), Bluetooth-direct (KERNELS==\"0005:046D:*\"), and uinput (for the evdev event hook), all tagged with uaccess and a static_node option for uinput.
• README.md: Adds a "Linux device permissions (preview)" section with copy/reload instructions and a note that a device power-cycle is required to apply the ACL.

Confidence Score: 5/5

Safe to merge — documentation and a udev rules file with no code changes; the rules follow standard systemd uaccess patterns and have been tested on Ubuntu/GNOME Wayland.

The change is purely additive: a new udev rules file and a README section. The udev rules are technically correct (separate matchers for USB and Bluetooth-direct, appropriate uaccess tagging, static_node for uinput). The only notable trade-off — uinput access for all local-seat users — is an intentional and well-understood consequence of supporting the evdev event hook, not an oversight.

No files require special attention; the udev rules file is the more novel piece but its logic is sound.

Important Files Changed

Filename	Overview
udev/70-openlogi.rules	New udev rules file granting hidraw and uinput access via TAG+="uaccess"; rules are technically correct, but the uinput rule grants arbitrary input-injection capability to any logged-in local-seat user.
README.md	Adds a "Linux device permissions (preview)" section with clear installation instructions; copy path, reload command, and power-cycle note are all accurate.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Logitech HID device connected] --> B{Transport type?}
    B -->|USB / Bolt receiver| C[Device on USB tree<br/>ATTRS idVendor == 046d]
    B -->|Bluetooth-direct| D[Device on uhid virtual bus<br/>KERNELS == 0005:046D:star]
    C --> E[Rule 1: KERNEL==hidraw-star<br/>TAG+=uaccess]
    D --> F[Rule 2: KERNEL==hidraw-star<br/>TAG+=uaccess]
    E --> G[logind applies ACL to /dev/hidrawN]
    F --> G
    G --> H[openlogi runs without sudo]
    I[uinput node] --> J[Rule 3: KERNEL==uinput<br/>TAG+=uaccess + static_node]
    J --> K[ACL granted on /dev/uinput]

Loading

_{Reviews (2): Last reviewed commit: "docs: add udev/70-openlogi.rules (refere..." | Re-trigger Greptile}