David Ryan
Posts: 10
Joined: Wed May 16, 2018 3:53 pm

System file permissions best practices

Tue Jun 25, 2019 4:48 pm

Hello all,

I have an app running on a pi that toggles the a system led. Presently I can achieve this by:

1 - running the app as root (no bueno)
2 - Setting permissions chmod 733 /sys/class/leds/led0 (This would let anyone do it)
3- Adding the app user to root group (also no bueno)

What I would like to do is give just the user special permissions to this folder, but not add user to root group.

Is it possible to create another group and allow shared privileges to that file? Is this a good practice. What would be the best way to handle this scenario?

Thanks in advance.

DarkElvenAngel
Posts: 166
Joined: Tue Mar 20, 2018 9:53 pm

Re: System file permissions best practices

Thu Jun 27, 2019 10:45 pm

David Ryan wrote: Hello all,

I have an app running on a pi that toggles the a system led. Presently I can achieve this by:

1 - running the app as root (no bueno)
2 - Setting permissions chmod 733 /sys/class/leds/led0 (This would let anyone do it)
3- Adding the app user to root group (also no bueno)

What I would like to do is give just the user special permissions to this folder, but not add user to root group.

Is it possible to create another group and allow shared privileges to that file? Is this a good practice. What would be the best way to handle this scenario?

Thanks in advance.
The group gpio is supposed to have access to gpio pins.

User avatar
scruss
Posts: 2480
Joined: Sat Jun 09, 2012 12:25 pm
Location: Toronto, ON
Contact: Website

Re: System file permissions best practices

Thu Jun 27, 2019 10:54 pm

The system LED devices are owned by root. Must you use the built-in ones? Any user can access GPIO-attached LEDs safely. Fiddling with the system LEDs for non-system purposes could confuse a user.
‘Remember the Golden Rule of Selling: “Do not resort to violence.”’ — McGlashan.

Return to “Advanced users”