element14 Community
element14 Community
    Register Log In
  • Site
  • Search
  • Log In Register
  • Members
    Members
    • Benefits of Membership
    • Achievement Levels
    • Members Area
    • Personal Blogs
    • Feedback and Support
    • What's New on element14
  • Learn
    Learn
    • Learning Center
    • eBooks
    • STEM Academy
    • Webinars, Training and Events
    • More
  • Technologies
    Technologies
    • 3D Printing
    • FPGA
    • Industrial Automation
    • Internet of Things
    • Power & Energy
    • Sensors
    • More
  • Challenges & Projects
    Challenges & Projects
    • Design Challenges
    • element14 presents
    • Project14
    • Arduino Projects
    • Raspberry Pi Projects
    • More
  • Products
    Products
    • Arduino
    • Dev Tools
    • Manufacturers
    • Raspberry Pi
    • RoadTests & Reviews
    • Avnet Boards Community
    • More
  • Store
    Store
    • Visit Your Store
    • Choose Another Store
      • Europe
      •  Austria (German)
      •  Belgium (Dutch, French)
      •  Bulgaria (Bulgarian)
      •  Czech Republic (Czech)
      •  Denmark (Danish)
      •  Estonia (Estonian)
      •  Finland (Finnish)
      •  France (French)
      •  Germany (German)
      •  Hungary (Hungarian)
      •  Ireland
      •  Israel
      •  Italy (Italian)
      •  Latvia (Latvian)
      •  
      •  Lithuania (Lithuanian)
      •  Netherlands (Dutch)
      •  Norway (Norwegian)
      •  Poland (Polish)
      •  Portugal (Portuguese)
      •  Romania (Romanian)
      •  Russia (Russian)
      •  Slovakia (Slovak)
      •  Slovenia (Slovenian)
      •  Spain (Spanish)
      •  Sweden (Swedish)
      •  Switzerland(German, French)
      •  Turkey (Turkish)
      •  United Kingdom
      • Asia Pacific
      •  Australia
      •  China
      •  Hong Kong
      •  India
      •  Korea (Korean)
      •  Malaysia
      •  New Zealand
      •  Philippines
      •  Singapore
      •  Taiwan
      •  Thailand (Thai)
      • Americas
      •  Brazil (Portuguese)
      •  Canada
      •  Mexico (Spanish)
      •  United States
      Can't find the country/region you're looking for? Visit our export site or find a local distributor.
  • Translate
  • Profile
Raspberry Pi
  • Products
  • More
Raspberry Pi
Forum Anyone know how to access RasPi GPIO without sudo?
  • Blog
  • Forum
  • Documents
  • Events
  • Members
  • Mentions
  • Sub-Groups
  • Tags
  • More
  • Cancel
  • New
Raspberry Pi requires membership for participation - click to join
Actions
  • Share
  • More
  • Cancel
Forum Thread Details
  • State Verified Answer
  • Replies 14 replies
  • Answers 2 answers
  • Subscribers 148 subscribers
  • Views 2105 views
  • Users 0 members are here
  • raspberry_pi
Related

Anyone know how to access RasPi GPIO without sudo?

johnbeetem
johnbeetem over 9 years ago

I've finally gotten around to playing with RasPi GPIOs, using Gert van Loo and Dom's C code at the RasPi Wiki.  It works fine, except that you have to run the executable as root or use sudo to access /dev/mem.

 

Does anyone here know how to access /dev/mem as a normal user?

  • Reply
  • Cancel
  • Cancel

Top Replies

  • johnbeetem
    johnbeetem over 7 years ago in reply to Former Member +2

    Roger Wolff wrote:

     

    Now back to your problem...
    If you make a little program that allows you to manipulate just the GPIO outputs, that won't allow you to cause all the other mischief you'd be able to…

  • rew
    rew over 9 years ago in reply to Arjan +1 verified

    Unix has a "security model". As a normal users you can do stuff, but you should not be able to access other people's files on the same computer. And as a user you should not be able to cause the computer…

  • Former Member
    Former Member over 9 years ago in reply to Former Member +1 suggested

    Keith Chiem wrote:

     

    $ sudo chown pi /dev/mem

    That will not work.  As well as any access controls imposed by the filesystem, you also need to have capability CAP_SYS_RAWIO to open the /dev/mem device.  So you…

Parents
  • Former Member
    0 Former Member over 9 years ago

    Not sure what you have against running as root--either via su, sudo $SHELL, or setuid--but you could try:

     

    $ sudo chown pi /dev/mem

    • Cancel
    • Up 0 Down
    • Reply
    • Verify Answer
    • Cancel
Reply
  • Former Member
    0 Former Member over 9 years ago

    Not sure what you have against running as root--either via su, sudo $SHELL, or setuid--but you could try:

     

    $ sudo chown pi /dev/mem

    • Cancel
    • Up 0 Down
    • Reply
    • Verify Answer
    • Cancel
Children
  • johnbeetem
    0 johnbeetem over 9 years ago in reply to Former Member

    Keith Chiem wrote:

     

    Not sure what you have against running as root--either via su, sudo $SHELL, or setuid--but you could try:

     

    $ sudo chown pi /dev/mem

    I like to run as a normal user most of the time so that I don't accidentally destroy system files.  I'll try your suggestion with /dev/mem, and if it doesn't work I'll take a closer look at permissions for /dev/mem.

     

    One think that's a bit different in my case is that I'm editing and running programs within the XXICC programming environment (xxicc.org).  I'm not generating a stand-alone GPIO program which I can then run using sudo.  I currently have to run XXICC using sudo, so I'm not protected form destroying system files.

    • Cancel
    • Up 0 Down
    • Reply
    • Verify Answer
    • Cancel
  • Former Member
    0 Former Member over 9 years ago in reply to Former Member

    Keith Chiem wrote:

     

    $ sudo chown pi /dev/mem

    That will not work.  As well as any access controls imposed by the filesystem, you also need to have capability CAP_SYS_RAWIO to open the /dev/mem device.  So you do need to be setuid root (or setcap).

     

    Note that you do not need any special permissions for any of the later steps, however.  So you can start as root, open /dev/mem, drop privileges with set(res)uid, mmap just the registers you need, close the device to make it impossible to map any more, and then continue with the rest of your code safely.

    • Cancel
    • Up +1 Down
    • Reply
    • Verify Answer
    • Reject Answer
    • Cancel
  • johnbeetem
    0 johnbeetem over 7 years ago in reply to Former Member

    Roger Wolff wrote:

     

    Now back to your problem...
    If you make a little program that allows you to manipulate just the GPIO outputs, that won't allow you to cause all the other mischief you'd be able to make with "/dev/mem" access, then you can install that program with superuser permissions (setuid) and then you can use that program as a normal user.

     

    I have written such a program. IIRC, it is contained in this package:

    http://www.bitwizard.nl/software/gpio_spi_i2c_20120419.tgz

     

    The program can be made setuid by doing:

      sudo chown root <program name>

      sudo chmod 4755 <program name>

     

    jopaji wrote:

     

    Keith Chiem wrote:

     

    $ sudo chown pi /dev/mem

    That will not work.  As well as any access controls imposed by the filesystem, you also need to have capability CAP_SYS_RAWIO to open the /dev/mem device.  So you do need to be setuid root (or setcap).

     

    Note that you do not need any special permissions for any of the later steps, however.  So you can start as root, open /dev/mem, drop privileges with set(res)uid, mmap just the registers you need, close the device to make it impossible to map any more, and then continue with the rest of your code safely.

    Well, I finally got around to testing these suggestions.  I got CAP_SYS_RAWIO to work (mostly), but decided that it was too dangerous.  So I went with a combination of Roger's suggestion to use chown and chmod so that my programs starts as root, and jopaji's suggestion to call setuid(getuid()) to drop superuser access after using mmap() so as to become a normal user.

     

    This scheme is also described by nroff-man at the Raspberry Pi Forum: http://www.raspberrypi.org/forums/viewtopic.php?f=29&t=22515

     

    I also learned that you should close /dev/mem once you have done the mmap() so that you don't have a dangerous file descriptor lying around.  Here's my final code, which sets global pointer RasPiGPIO to the virtual address of the GPIO registers or NULL on failure:

     

    // Attempt to map RasPi GPIO registers to a virtual address.

    // Set RasPiGPIO to that address, or NULL if unable to map (print warning).

    static void AccessRasPiGPIO(void)

    {

        int fd = open("/dev/mem", O_RDWR);

        if (fd < 0)

        {

            fprintf(stderr, "Cannot access Raspberry Pi GPIOs: you probably need sudo.\n");

            return;

        };

        // 0x20200000 is the Debian base for mapping RasPi GPIOs using /dev/mem.

        RasPiGPIO = mmap(NULL, 0x1000, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0x20200000);

        if (RasPiGPIO == MAP_FAILED)

        {

            fprintf(stderr, "Cannot access Raspberry Pi GPIOs: mmap() failed.\n");

            RasPiGPIO = NULL;

        } else printf("XXICC can access Raspberry Pi GPIOs.\n");

        close(fd);    // No longer need /dev/map once we have the virtual address.

    }

     

    After I call this function, I set the user ID back to the original user with the code: setuid(getuid());

    Thank you to everyone for their suggestions!

    • Cancel
    • Up +2 Down
    • Reply
    • Verify Answer
    • Cancel
  • Former Member
    0 Former Member over 7 years ago in reply to Former Member

    If you are the only one with access it is no real problem. I don't particularly wish to give sudo access to the kids.

    • Cancel
    • Up +1 Down
    • Reply
    • Verify Answer
    • Cancel
Element14

element14 is the first online community specifically for engineers. Connect with your peers and get expert answers to your questions.

  • Members
  • Learn
  • Technologies
  • Challenges & Projects
  • Products
  • Store
  • About Us
  • Feedback & Support
  • FAQs
  • Terms of Use
  • Privacy Policy
  • Legal and Copyright Notices
  • Sitemap
  • Cookies

An Avnet Company © 2022 Premier Farnell Limited. All Rights Reserved.

Premier Farnell Ltd, registered in England and Wales (no 00876412), registered office: Farnell House, Forge Lane, Leeds LS12 2NE.

ICP 备案号 10220084.

Follow element14

  • Facebook
  • Twitter
  • linkedin
  • YouTube