[Pkg-raspi-maintainers] Bug#1001469: rpi.gpio-common: root privileges needed despite of unprivileged user in dialout
Erkki Lintunen
ebirdie at iki.fi
Fri Dec 10 16:58:24 GMT 2021
Package: rpi.gpio-common
Version: 0.7.1~a4-1+b1
Severity: normal
Tags: upstream
Dear Maintainer,
using a GPIO-line from a Python script as an unprivileged user gives:
ebirdie at rpi4-1:~$ python3 relelähtö12.py
Traceback (most recent call last):
File "/home/ebirdie/relelähtö12.py", line 18, in <module>
GPIO.setup(gpiopin,GPIO.OUT,initial=GPIO.HIGH) # pin gpiopin
RuntimeError: No access to /dev/mem. Try running as root!
ebirdie at rpi4-1:~$ groups
ebirdie adm dialout sudo gpio
Works fine with root privileges.
ebirdie at rpi4-1:~$ sudo python3 relelähtö12.py
Did a bit of investigation, may it be for any help:
Seems that current upstream source does not support GPIO device model in Debian kernel. The Debian kernel does not provide device /dev/gpiomem as rpi.gpio needs it for unprivileged operation. rpi.gpio source code does not make use of the newer GPIO model with /dev/gpiochipX devices and thus resorts to access /dev/kmem with root privileges. See:
<https://salsa.debian.org/raspi-team/rpi.gpio/-/blob/master/source/c_gpio.c>
Also did tweak udev rules in addition to the rule rpi.gpio-common provides.
ebirdie at rpi4-1:~$ diff -u /usr/lib/udev/rules.d/60-rpi.gpio-common.rules /etc/udev/rules.d/99-rpi.gpio-common.rules
--- /usr/lib/udev/rules.d/60-rpi.gpio-common.rules 2021-09-30 17:41:27.000000000 +0300
+++ /etc/udev/rules.d/99-rpi.gpio-common.rules 2021-11-10 17:40:48.481080516 +0200
@@ -1,3 +1,4 @@
-SUBSYSTEM=="bcm2835-gpiomem", KERNEL=="gpiomem", GROUP="dialout", MODE="0660"
+SUBSYSTEM=="bcm2711-gpiomem", KERNEL=="gpiomem", GROUP="dialout", MODE="0660"
SUBSYSTEM=="gpio", KERNEL=="gpiochip*", ACTION=="add", PROGRAM="/bin/sh -c 'chown root:dialout /sys/class/gpio/export /sys/class/gpio/unexport ; chmod 220 /sys/class/gpio/export /sys/class/gpio/unexport'"
+SUBSYSTEM=="gpio", KERNEL=="gpiochip*", ACTION=="add", PROGRAM="/bin/sh -c 'chown root:dialout /dev/gpiochip* ; chmod 0660 /dev/gpiochip*'"
SUBSYSTEM=="gpio", KERNEL=="gpio*", ACTION=="add", PROGRAM="/bin/sh -c 'chown root:dialout /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value ; chmod 660 /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value'"
Didn't help. So, the conclusions from source code reading comprehension above holds until otherwise proven.
My last take I became aware of while on my investigations. Maybe the Python library should morph from a board specific lib to a generic non-board specific Python library with the new kernel API for GPIO? I don't know, should it be in a bug report or not, decided to include it.
<https://embeddedbits.org/new-linux-kernel-gpio-user-space-interface/>
<https://git.kernel.org/pub/scm/libs/libgpiod/libgpiod.git/about/>
Best regards,
Erkki
PS. Although reportbug tells 5.15 as a running kernel, the above tests were made on a 5.10 Debian kernel from bullseye release as well.
-- System Information:
Debian Release: 11.1
APT prefers stable-security
APT policy: (990, 'stable-security'), (990, 'stable'), (500, 'unstable')
Architecture: arm64 (aarch64)
Kernel: Linux 5.15.0-2-arm64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_CRAP
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
-- no debconf information
More information about the Pkg-raspi-maintainers
mailing list