Access devices from buildFHSUserEnv

I am trying to use Platformio with ESP-IDF to build firmware for an ESP-S3.
For this platform, Platformio downloads a lot of binaries that depend on libraries under /usr/lib, so I have a shell.nix with buildFHSUserEnv and use a virtualenv in that.
Now the thing is that if I try to upload to my board, I get “permission denied.” This is because in the environment, the USB UART is not accessible:

platformio-chrootenv:alex@nixos:~/omitted$ ls -al /dev/ttyUSB0
crw-rw---- 1 nobody nogroup 188, 0 Feb  6 20:21 /dev/ttyUSB0

How do I get access to these devices from a FHS environment?


Workaround (in my case):

  • Run pio run -t upload -v.
  • Copy the arguments of the command that fails.
  • Exit the chrootenv.
  • nix-shell -p esptool
  • <paste the arguments here>

Can you try if this still happens with buildFHSUserEnvBubblewrap?

Yes it does still happen.

by the way this is now my shell.nix:

{ pkgs ? import <nixpkgs> {} }:
(pkgs.buildFHSUserEnvBubblewrap {  
  name = "platformio";
  targetPkgs = (pkgs: with pkgs; [  
    (python3.withPackages (p: with p; [  

and I am on nixos 22.11 (I also tried the shell.nix with unstable).

It’s weird. As far as I understand it, bwrap and the nixpkgs chrootenv do a bind mount of /dev, and mount -o bind /dev ... works as expected.

Okay, so while the devices in the directory listing are still owned by nobody, it now works, with both buildFHSUserEnv and buildFHSUserEnvBubblewrap.
I believe the only thing that I changed was adding myself to the dialout group, after which I did su - alex, a reboot and some nix-collect-garbage and retries. So the problem is probably just my own dumbness, maybe I did the su it in the wrong shell …