Lost Posted November 23, 2017 Posted November 23, 2017 (edited) Hi guys! After moving my project from Raspberry to Orange i`ve got an issue with gpio access. I`m using Lighttpd as webserver and running python scripts from touching buttons there. But on armbian it doesn`t work because of permissions settings. here is screenshot of simple script that turns on led tried lots of google finds, but without any success. What is wrong? oh, i`m using pyA20 library Edited November 23, 2017 by Lost 1
Lost Posted November 23, 2017 Author Posted November 23, 2017 script works fine from terminal with sudo But after i add root rights to www-data - same result
chwe Posted November 23, 2017 Posted November 23, 2017 IMHO, sudo right scripts in your WWW folder (which is open to the internet I guess) is a nightmare, especially if the whole system is maintained by a beginner (don't get me wrong), it's not about your skills but you should also keep security in mind when you start to play with such thingies..
Lost Posted November 23, 2017 Author Posted November 23, 2017 I understand that, thanks, but even this couldn`t help. And it`s okay, i am really just a beginner in linux On RPi this problem was easily solved by: sudo usermod -a -G gpio www-data i`ve checked /etc/groups and /etc/gshadow files - there is no even gpio group
chwe Posted November 23, 2017 Posted November 23, 2017 IMOH Armbians use case is more focused on server applications than on all this IoT stuff (whenever I do mostly IoT-stuff on my armbian boards, or maybe 'Localnet of Things'. ). You might check which rights pyA20 needs (don't need 'full sudo' I guess) to play with your GPIOs and give the user which runs your script these rights... I'm interested in your findings too (cause pyGPIO which is, in fact, pyA20 + board detection + mapping for various boards could maybe benefit from it).
Lost Posted November 23, 2017 Author Posted November 23, 2017 so, just find the solution Not the best way, but worked for me. For example, we need to run from web page "script.py" that uses gpio first, i make new executable file "*cgi" - for example "script.cgi". Inside of it just this: #!/bin/bash sudo ./script.py after that use $sudo visudo and change line # Allow members of group sudo to execute any command # Allow members of group sudo to execute any command %sudo ALL=(ALL) NOPASSWD: ALL Now you can run "script.cgi" from WEB and python script will be executed. this is wrong way if you care about security, i actually don`t like this finding, but for my underwater camera with step motor to look around, i think it is ok Any time, if somebody know how to give access to gpio from python and web, i`m still interested in. also found OPi.GPIO library that is similar to RPi.GPIO: just type ~$ sudo pip install OPi.GPIO
chwe Posted November 23, 2017 Posted November 23, 2017 11 minutes ago, Lost said: this is wrong way if you care about security, i actually don`t like this finding, but for my underwater camera with step motor to look around, i think it is ok As long as you don't have your underwater camera in a network open to others... It might be 'ok'. But otherwise, your OPi can end as part of this various IoT-Botnets... Someone has access to a Linux machine (your OPi) inside your local network from the internet might be harmful to your next online banking bill...
Recommended Posts