The "safest" way I can think of is put a very specific line in the sudoers file ( via visudo ). What this does, is allow you to issue a command, using sudo, potentially without using a passwd. So for example:
sudo sh -c "echo '1' > /sys/class/gpio/gpio67/value" The above can be made to run without using a passwd. So what this **is** is a way to allow a very specific command to be run as root, without using a passwd. What this **is not** is a way to secure somethign similar on a multi user system. So this method does have it's perks, e.g. allowing a very specific command, say read a GPIO value, that is not really a security risk, while the rest of the GPIO bank could represent an issue. I do believe one can achieve something very similar to what I suggest above using udev rules, but I'm honestly not all that well versed with udev. . . On Fri, Feb 5, 2016 at 3:35 PM, jmelson <[email protected]> wrote: > > > On Friday, February 5, 2016 at 4:13:34 PM UTC-6, Drew Fustini wrote: >> >> I noticed that the Raspberry Pi kernel adopted /dev/gpiomem to provide a >> way for non-root users to access GPIO: >> >> >> The poor man's way is to make the executable file be owned by root, and > then set the S bit so it takes execute permissions from the file owner. > You do this with : > > sudo chown root:root filename > sudo chmod u+s filename > > This requires a valid root user to be set up. > > > Jon > > -- > For more options, visit http://beagleboard.org/discuss > --- > You received this message because you are subscribed to the Google Groups > "BeagleBoard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
