[SDK] Run SDK without sudo rights or setcap #84
Comments
|
Hi @MaximilienNaveau I agree that having to run controllers as root is not very nice. Brainstorming here is a good idea, I think the proper way to do things is to write a Linux driver in kernel land, but I'm far from being an expert on this topic. I did look at it quickly when writing the first version of the MB SDK but quickly gave up. |
thomasfla
added
enhancement
I do not know what that means I will read on this. I also considered a ip-table mapping the internet port to a none protected one. pros:
cons:
|
|
Unfortunately we are not using the TCP/IP protocol so there is no notion of Port or IP table. We are working at MAC layer. The reason for not using TCP/IP but only raw socket, was motivated by the real time wifi connection needs. If we decide to use IP (with UDP packets for example), we will need to drop realtime wifi feature, and also spend quite some time on the MB firmware again. Also we need to benchmark the latency. |
|
So it looks like we want to use raw sockets for speed and because we have settled on them in the past. In this case we need to run an executable as root. I wonder if we could write a small "odri_relay" executable. This one runs with I also though about using shared memory. However, I think shared memory has the same access privileges as the program creating the shared memory object. That means, if the executable needs to run as In addition, this executeable could pop-open a basic gui to give insight about the traffic quality, raw readings etc to monitor the communication. What do you think? |
|
I think the proper way to drive hardware from linux with elevated privileges is to write a kernel module, and package it with DKMS. I already started to work on that a long time ago, but it was aborted after some discussions with @thomasfla, and I can't remember why. @jviereck : your solution would also work, and be easier to implement. But I don't understand why you want to add UDP : I think we could just use a named fifo, which would remove the need for a transport layer. |
|
I just didn't knew about named fifos... Looks indeed simpler than UDP!
However, if you launch the process as root and create a named fifo, can other processes with less privileges access it? Just checking.
On June 13, 2021 4:50:07 AM EDT, Guilhem Saurel ***@***.***> wrote:
I think the proper way to drive hardware from linux with elevated
privileges is to write a kernel module, and package it with DKMS.
I already started to work on that a long time ago, but it was aborted
after some discussions with @thomasfla, and I can't remember why.
***@***.*** : your solution would also work, and be easier to implement.
…But I don't understand why you want to add UDP : I think we could just
use a named fifo, which would remove the need for a transport layer.
--
You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub:
#84 (comment)
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
|
This comment has been minimized.
This comment has been minimized.
|
@jviereck : the fifo will just be a special file on the file system, and other processes will be able to write to it if they have the permission for this. So I guess we would want it to have a meaningful owner group, with permissions g+w, and add the authorized users in that group. Or, just simply put it @wxmerkt : I think you misread the title of the issue ;) edit: there was an old habit to put fifos in |
|
@wxmerkt : I think you misread the title of the issue ;) You're right, apologies! I'll hide the previous comment |
|
I think @wxmerkt comment was super helpful! What I would like to do is enable the user to run the robot setup completely without sudo rights. What we should be able to do is this: Then as the user: Because the What do you think? |
|
I am also in favor for a solution here, I am willing to spend time on this as this is particularly annoying... |
Awesome! Thank you so much @MaximilienNaveau :) Let me know if you need any help with this or want me to test/look at some code. |
|
@MaximilienNaveau : I think we could start with a version of what @jviereck suggested, as this would make a good first step toward having a kernel module later. This would basically be the same code for the 2 versions ; except for the driver, we'll have to follow the kernel API, and the fifo would more probably go into a fixed place in Especially if we don't already have someone proeficient at both writing kernel modules and handling the network as @thomasfla designed it for this project, decoupling both parts seems a good idea to me. |
|
Hi, To give a little more context about the raw Ethernet choice vs UDP, it was motivated by the wireless packet compatibility. Indeed, in wireless, we do not use the TCP/IP stack since it will require an active connection, handshaking etc. In case of loss of connection, we can not recover instantaneously as we do with the raw packet. |
|
I took a look today at how this could get implemented. Right now the master board SDK supports two types of links - ethernet and wireless. See the code here: https://github.com/open-dynamic-robot-initiative/master-board/blob/master/sdk/master_board_sdk/src/master_board_interface.cpp#L58-L78 My proposal is to add a new third link type / class that inherits from LINK_manager that does the communication via the named pipes towards the |
|
That's right! |
|
https://github.com/acontis/atemsys This might be interesting, A kernel module that allows to directly access the MAC layer from userland (developed for EtherCAT). I don't know yet if this would allow us to access Ethernet as well as Wi-Fi MAC. |
|
DKMS would help a lot in the long term. Also that project is GPL, which would contaminate everything else. |
The fact of running the connection through a protected socket is problematic as we need sudo rights to run the low level controllers on the robot.
I would like to start here a brainstorming on how to fix it.
I am ready to invest time to fix this issue.
The text was updated successfully, but these errors were encountered: