| 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 <2021> 2022 2023 2024 2025 | Index | 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 <2021> 2022 2023 2024 2025 |
| <== Date ==> | <== Thread ==> |
|---|
| Subject: | Re: setcap and nosuid |
| From: | "Siddons, David via Tech-talk" <tech-talk at aps.anl.gov> |
| To: | EPICS Tech-Talk <tech-talk at aps.anl.gov>, Michael Davidsaver <mdavidsaver at gmail.com> |
| Date: | Tue, 2 Feb 2021 16:21:44 +0000 |
|
Hi David,
I believe I'm hitting the same issue. In an embedded IOC I need to access /dev/mem, which requires privilege. The system is Debian 10, on a ZynQ processor. I want to run this IOC as a regular user, not root. I tried setcap, but always get:
Failed to get capabilities of file `./regrw' (Operation not supported)
whatever file I try it on.
I also tried putting the user in the kmem group, like /dev/mem:
ls -l /dev/mem
crw-r----- 1 root kmem 1, 1 Feb 1 21:05 /dev/mem
groups hera
hera : hera kmem sudo i2c
Although that worked for /dev/i2c, it did not for /dev/mem. Is this a symptom of what you described? How do I fix it?
Pete.
From: Tech-talk <tech-talk-bounces at aps.anl.gov> on behalf of Michael Davidsaver via Tech-talk <tech-talk at aps.anl.gov>
Sent: Sunday, January 24, 2021 4:47 PM To: EPICS Tech-Talk <tech-talk at aps.anl.gov> Subject: setcap and nosuid A tip to anyone messing around with Linux file capabilities (and myself in future).
These are silently ignored when the underlying file system is mounted with 'nosuid'. In retrospect not surprising, but I've just spent more time than I would care to admit in finding this out. |