Add Linux MTP USB permission error handling

- Detect EACCES from nusb on Linux, emit mtp-permission-error event
- Add PermissionDenied variant to MtpConnectionError
- New MtpPermissionDialog with copyable udev install command
- Wire up event listener in layout and mtp-store

Author: vdavid

apps/desktop/coverage-allowlist.json

@@ -63,6 +63,7 @@
         "icon-cache.ts": { "reason": "Depends on Tauri APIs" },
         "licensing/licensing-store.svelte.ts": { "reason": "Depends on Tauri store APIs" },
         "logging/logger.ts": { "reason": "LogTape config, initialization code only" },
+        "mtp/MtpPermissionDialog.svelte": { "reason": "UI modal for Linux MTP udev rules" },
         "mtp/PtpcameradDialog.svelte": { "reason": "UI modal for macOS MTP workaround" },
         "mtp/mtp-store.svelte.ts": { "reason": "Depends on Tauri APIs, tests planned in Phase 6" },
         "licensing/AboutWindow.svelte": { "reason": "UI component" },

apps/desktop/src-tauri/src/linux_distro.rs

@@ -10,6 +10,7 @@ use std::sync::OnceLock;
 pub struct LinuxDistro {
     pub id: String,
     pub id_like: Vec<String>,
+    #[allow(dead_code, reason = "Parsed for future UI use (e.g. about dialog)")]
     pub pretty_name: String,
 }
 

apps/desktop/src-tauri/src/mtp/CLAUDE.md

@@ -51,6 +51,7 @@ Event loop (event_loop.rs)
 - **Cache-only path resolution**: `resolve_path_to_handle()` fails if the path has not appeared in a prior `list_directory()` call. There is no on-demand path walk.
 - **Write capability probe**: `probe_write_capability()` creates a hidden `.cmdr_write_probe` folder to detect cameras that advertise write support but reject writes at runtime (`StoreReadOnly`). Timeout or non-fatal errors are treated as writable (benefit of the doubt).
 - **ExclusiveAccess errors**: on macOS, when `ptpcamerad` claims a device, `connect()` emits `mtp-exclusive-access-error` with the blocking process name (from `ioreg`) so the frontend can show a dialog with the workaround command. On Linux, the blocking process is reported as `None`.
+- **PermissionDenied errors (Linux)**: when `open_device()` fails with "permission denied" (missing udev rules), `connect()` emits `mtp-permission-error`. Frontend shows `MtpPermissionDialog` with a copyable udev install command. Rules file at `resources/99-cmdr-mtp.rules`.
 - **Async recursion**: all recursive operations in `bulk_ops.rs` use `Box::pin(async move { ... })`.
 - **Event loop shutdown**: uses a biased `tokio::select!` so the shutdown signal (broadcast channel) is always checked first.
 - **Volume IDs**: MTP storage volumes use `"{device_id}:{storage_id}"` (e.g., `"mtp-336592896:65537"`).

apps/desktop/src-tauri/src/mtp/connection/errors.rs

@@ -33,6 +33,10 @@ pub enum MtpConnectionError {
     StorageFull {
         device_id: String,
     },
+    /// Linux: USB device file not accessible (missing udev rules).
+    PermissionDenied {
+        device_id: String,
+    },
     ObjectNotFound {
         device_id: String,
         path: String,
@@ -77,6 +81,9 @@ impl MtpConnectionError {
             }
             Self::DeviceBusy { .. } => "Device is busy. Wait a moment and try again.".to_string(),
             Self::StorageFull { .. } => "Device storage is full. Free up some space.".to_string(),
+            Self::PermissionDenied { .. } => {
+                "Can't access the USB device. Install udev rules and reconnect.".to_string()
+            }
             Self::ObjectNotFound { path, .. } => {
                 format!("File or folder not found: {}. It may have been deleted.", path)
             }
@@ -119,6 +126,9 @@ impl std::fmt::Display for MtpConnectionError {
             Self::StorageFull { device_id } => {
                 write!(f, "Storage full on device: {device_id}")
             }
+            Self::PermissionDenied { device_id } => {
+                write!(f, "Permission denied for device: {device_id}")
+            }
             Self::ObjectNotFound { device_id, path } => {
                 write!(f, "Object not found on {device_id}: {path}")
             }
@@ -188,13 +198,16 @@ pub(super) fn map_mtp_error(e: mtp_rs::Error, device_id: &str) -> MtpConnectionE
             message: format!("I/O error: {}", io_err),
         },
         mtp_rs::Error::Usb(usb_err) => {
-            // Check for exclusive access errors
             let msg = usb_err.to_string().to_lowercase();
             if msg.contains("exclusive access") || msg.contains("device or resource busy") {
                 MtpConnectionError::ExclusiveAccess {
                     device_id: device_id.to_string(),
                     blocking_process: None,
                 }
+            } else if msg.contains("permission denied") || msg.contains("access denied") {
+                MtpConnectionError::PermissionDenied {
+                    device_id: device_id.to_string(),
+                }
             } else {
                 MtpConnectionError::Other {
                     device_id: device_id.to_string(),
@@ -378,6 +391,9 @@ mod tests {
             MtpConnectionError::StorageFull {
                 device_id: "test".to_string(),
             },
+            MtpConnectionError::PermissionDenied {
+                device_id: "test".to_string(),
+            },
             MtpConnectionError::ObjectNotFound {
                 device_id: "test".to_string(),
                 path: "/path".to_string(),
@@ -448,6 +464,19 @@ mod tests {
         assert!(!err.is_retryable());
     }
 
+    #[test]
+    fn test_permission_denied_error() {
+        let err = MtpConnectionError::PermissionDenied {
+            device_id: "mtp-1-5".to_string(),
+        };
+        assert!(err.to_string().contains("Permission denied"));
+        assert!(err.user_message().contains("udev"));
+        assert!(!err.is_retryable());
+
+        let json = serde_json::to_string(&err).unwrap();
+        assert!(json.contains("\"type\":\"permissionDenied\""), "JSON: {}", json);
+    }
+
     #[test]
     fn test_other_error() {
         let err = MtpConnectionError::Other {

apps/desktop/src-tauri/src/mtp/connection/mod.rs

@@ -228,6 +228,20 @@ impl MtpConnectionManager {
                     });
                 }
 
+                // Check for permission errors (Linux: missing udev rules)
+                #[cfg(target_os = "linux")]
+                {
+                    let msg = e.to_string().to_lowercase();
+                    if msg.contains("permission denied") || msg.contains("access denied") {
+                        if let Some(app) = app {
+                            let _ = app.emit("mtp-permission-error", serde_json::json!({ "deviceId": device_id }));
+                        }
+                        return Err(MtpConnectionError::PermissionDenied {
+                            device_id: device_id.to_string(),
+                        });
+                    }
+                }
+
                 // Map other errors
                 return Err(map_mtp_error(e, device_id));
             }

apps/desktop/src/lib/mtp/CLAUDE.md

@@ -36,6 +36,17 @@ On macOS, `ptpcamerad` daemon auto-claims devices. When exclusive access error:
     ```
 4. User runs command, clicks "Retry connection"
 
+### Linux USB permission handling
+
+On Linux, USB device files need udev rules to grant user access. When `open_device()` fails with EACCES:
+
+1. Backend detects "permission denied" in the USB error string (`#[cfg(target_os = "linux")]`)
+2. Emits `mtp-permission-error` event
+3. Frontend shows `MtpPermissionDialog` with a copyable command to install udev rules and reload them
+4. User runs command, replugs device, clicks "Retry connection"
+
+The udev rules file is at `src-tauri/resources/99-cmdr-mtp.rules` (for deb/rpm packaging).
+
 ### No Volume trait integration (yet)
 
 MTP operations use dedicated Tauri commands (`listMtpDirectory`, `uploadToMtp`, `downloadFromMtp`, etc.) instead of

apps/desktop/src/lib/mtp/MtpPermissionDialog.svelte

@@ -0,0 +1,89 @@
+<script lang="ts">
+    import ModalDialog from '$lib/ui/ModalDialog.svelte'
+    import CommandBox from '$lib/ui/CommandBox.svelte'
+    import Button from '$lib/ui/Button.svelte'
+
+    interface Props {
+        /** Called when the dialog is closed. */
+        onClose: () => void
+        /** Called when user wants to retry connecting. */
+        onRetry: () => void
+    }
+
+    const { onClose, onRetry }: Props = $props()
+
+    const installCommand = `echo 'SUBSYSTEM=="usb", ATTR{bInterfaceClass}=="06", MODE="0664", TAG+="uaccess"\nSUBSYSTEM=="usb", ATTR{bInterfaceClass}=="ff", ATTR{bInterfaceSubClass}=="ff", ATTR{bInterfaceProtocol}=="00", MODE="0664", TAG+="uaccess"' | sudo tee /etc/udev/rules.d/99-cmdr-mtp.rules > /dev/null && sudo udevadm control --reload-rules && sudo udevadm trigger`
+
+    function handleKeydown(event: KeyboardEvent) {
+        if (event.key === 'Enter') {
+            onRetry()
+        }
+    }
+</script>
+
+<ModalDialog
+    titleId="dialog-title"
+    onkeydown={handleKeydown}
+    blur
+    dialogId="mtp-permission"
+    onclose={onClose}
+    containerStyle="min-width: 480px; max-width: 560px"
+>
+    {#snippet title()}Can't access USB device{/snippet}
+
+    <div class="dialog-body">
+        <p class="description">
+            Cmdr doesn't have permission to access this device. Linux needs udev rules to grant MTP device access.
+        </p>
+
+        <p class="explanation">Run this command in your terminal to install the rules and reload them:</p>
+
+        <div class="command-wrapper">
+            <CommandBox command={installCommand} />
+        </div>
+
+        <p class="help-text">After running the command, unplug and replug the device, then retry.</p>
+
+        <div class="actions">
+            <Button variant="secondary" onclick={onClose}>Close</Button>
+            <Button variant="primary" onclick={onRetry}>Retry connection</Button>
+        </div>
+    </div>
+</ModalDialog>
+
+<style>
+    .dialog-body {
+        padding: 0 var(--spacing-2xl) var(--spacing-xl);
+    }
+
+    .description {
+        margin: 0 0 var(--spacing-md);
+        font-size: var(--font-size-md);
+        color: var(--color-text-secondary);
+        line-height: 1.5;
+    }
+
+    .explanation {
+        margin: 0 0 var(--spacing-lg);
+        font-size: var(--font-size-md);
+        color: var(--color-text-tertiary);
+        line-height: 1.6;
+    }
+
+    .command-wrapper {
+        margin-bottom: var(--spacing-md);
+    }
+
+    .help-text {
+        margin: 0 0 20px;
+        font-size: var(--font-size-sm);
+        color: var(--color-text-tertiary);
+        line-height: 1.5;
+    }
+
+    .actions {
+        display: flex;
+        gap: var(--spacing-md);
+        justify-content: flex-end;
+    }
+</style>

apps/desktop/src/lib/mtp/index.ts

@@ -1,5 +1,6 @@
 // MTP (Android device) support components
 
+export { default as MtpPermissionDialog } from './MtpPermissionDialog.svelte'
 export { default as PtpcameradDialog } from './PtpcameradDialog.svelte'
 
 // MTP store for device state management

apps/desktop/src/lib/mtp/mtp-store.svelte.ts

@@ -18,6 +18,7 @@ import {
     onMtpDeviceDisconnected,
     onMtpDeviceRemoved,
     onMtpExclusiveAccessError,
+    onMtpPermissionError,
 } from '$lib/tauri-commands'
 import { getAppLogger } from '$lib/logging/logger'
 
@@ -58,6 +59,7 @@ let state = $state<MtpStoreState>({
 let unlistenConnected: UnlistenFn | undefined
 let unlistenDisconnected: UnlistenFn | undefined
 let unlistenExclusiveAccess: UnlistenFn | undefined
+let unlistenPermissionError: UnlistenFn | undefined
 let unlistenDeviceDetected: UnlistenFn | undefined
 let unlistenDeviceRemoved: UnlistenFn | undefined
 
@@ -324,6 +326,17 @@ export async function initialize(): Promise<void> {
         }
     })
 
+    unlistenPermissionError = await onMtpPermissionError((event) => {
+        const deviceState = state.devices.get(event.deviceId)
+        if (deviceState) {
+            state.devices.set(event.deviceId, {
+                ...deviceState,
+                connectionState: 'error',
+                error: 'USB permission denied — install udev rules and reconnect',
+            })
+        }
+    })
+
     // USB hotplug: device detected
     unlistenDeviceDetected = await onMtpDeviceDetected((event) => {
         logger.info('MTP device detected via hotplug: {deviceId}', { deviceId: event.deviceId })
@@ -359,6 +372,7 @@ export function cleanup(): void {
     unlistenConnected?.()
     unlistenDisconnected?.()
     unlistenExclusiveAccess?.()
+    unlistenPermissionError?.()
     unlistenDeviceDetected?.()
     unlistenDeviceRemoved?.()
 

apps/desktop/src/lib/tauri-commands/index.ts

@@ -190,6 +190,7 @@ export {
     onMtpDeviceDetected,
     onMtpDeviceRemoved,
     onMtpExclusiveAccessError,
+    onMtpPermissionError,
     onMtpDeviceConnected,
     onMtpDeviceDisconnected,
     listMtpDirectory,
@@ -213,6 +214,7 @@ export type {
     MtpDeviceDetectedEvent,
     MtpDeviceRemovedEvent,
     MtpExclusiveAccessErrorEvent,
+    MtpPermissionErrorEvent,
     MtpDeviceConnectedEvent,
     MtpDeviceDisconnectedEvent,
     MtpOperationResult,