https://github.com/wphermans/Bonejs/blob/master/permissions.md is the link to the file where I discuss what I personally do for permissions, etc.
One thing to point out though. sudo can be more exact, in that you can specify an exact command( including parameters ) that a normal user can use ( with sudo of course ), and can make it so those user do not need to provide a passwd - If you so wish. I think the absolute best way to secure a system is use a supervisor / worker "technique". Basically, a form of IPC, where the worker application is required to ask a supervisor service to perform various tasks . . . but who has time to implement all that in the short term ? Not I . . . On Fri, Jun 24, 2016 at 3:22 PM, William Hermans <[email protected]> wrote: > I pasted my udev rule here last night, but also I have it listed in the > permissions.md file of my bonejs github project. I'm going through > changing my documentation structure. So hopefully I can cover more, and > hopefully cleaner / clearer. > > You, Robert, or anyone can just grab that udev rule, and use it how you > see fit. > > On Fri, Jun 24, 2016 at 3:03 PM, Charles Steinkuehler < > [email protected]> wrote: > >> On 6/24/2016 4:42 PM, William Hermans wrote: >> > Charles, >> > >> > So, a minor complaint. None of your overlays configures *ALL* pins not >> used by >> > hdmi( audio and video ) and all other pins not in use by the system ( >> eMMC, >> > i2c-0/2, etc ). I had to use a cape I suppose Robert created: >> >> Robert is really the maintainer of these capes, since he's pulled the >> overlay into the kernel source and keeps it updated for newer kernels. >> >> > Here is the whole story. I was able to use config-pin to load the >> overlay that >> > exports all hdmi pins, and all that. The problem is, I modified your >> version of >> > config-pin because I do not wish to setup a sudo "rule". Instead, I use >> a udev >> > rule to change the group for the pin files, and loading that overlay >> through >> > config-pin was not working. Since parts of that udev rule *HAS* to be >> done at boot. >> >> The config-pin script was written for the desktop images. Since >> you're starting from a console image, the sudo configuration isn't >> working "out of the box". That said, tweaking the udev rules to >> change ownership (and/or modifying the supplemental groups for the >> default user) seems like a better fix, with no sudo required. I'm >> sure Robert would appreciate a PR against the image creation scripts >> to clean this up! ;-) >> >> Great work! >> >> -- >> Charles Steinkuehler >> [email protected] >> >> -- >> For more options, visit http://beagleboard.org/discuss >> --- >> You received this message because you are subscribed to the Google Groups >> "BeagleBoard" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/beagleboard/ee786198-98fd-4ac5-a6f1-db6730bdd213%40steinkuehler.net >> . >> For more options, visit https://groups.google.com/d/optout. >> > > -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/beagleboard/CALHSORogAscXY89HYLLrqY7WAJ25E0S7846n4VtkkxwwTNQ7ew%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
