1

I would like to write to a Device File (of a printer) located at /dev/usb/lp0. The file is owned by lp user and group. This file is created whenever I connect my printer device to the system.

I tried adding myself to the lp group. However the lp0 file doesn't appear when the printer is connected. Removing myself from the group fixes the issue.

One solution to get write permission is to -

  1. Detect whenever the device is connected
  2. Trigger a shell script that runs sudo chmod 0666 /dev/usb/lp0

This led me to the answer at https://unix.stackexchange.com/a/28711

The shell script is successfully triggered but it doesn't run the sudo command*, since the shell script was not executed from the terminal. I have tried using sudo and gksudo, both have failed to prompt me to enter password i.e, I am unable to escalate permissions through a background shell script.

What I have tried?

  1. setuid from Unix & Linux @ StackExchange, but it seems to be a very bad idea.
  2. echo 'my_insecure_password' | sudo -S command, it didn't work*.

I did not try Polkit, which was suggested in other answers, due to the level of its complexity. But I am willing to go for it with proper directions.

Community
  • 1
Suraj
  • 113

2 Answers2

6

Adding yourself to the lp group is probably the best solution here. That would not cause the lp0 file not to appear. (It's theoretically possible that your system has been configured to cause lp0 not to appear if you're in the lp group, but 1. that would have to be a local configuration, not a default setup from a distribution; and 2. I don't see why someone would have set this up.)

What follows is for academic interest only. In your scenario, you don't need this.

If you needed to change the permissions on the device file, then How to run custom scripts upon USB device plug-in? is not exactly what you need — that's for more complex cases that require a script. To change the Unix permissions or the ownership on a device file, use OWNER, GROUP and MODE assignments directly in the udev rule. That is, do create a file under /etc/udev/rules.d, but the line in that file should have something like GROUP="mygroup" instead of RUN="/path/to/script".

If you want to do something more complex, such as setting an access control list, you'll need to run a script. You don't need to escalate permissions in that script: it's already running as root! Just call the program you need to run as root, e.g. setfacl.

Community
  • 1
Gilles 'SO- stop being evil'
  • 829,060
2

I do not recommend this solution, for this problem.

You can edit /etc/sudoers to configure sudo to allow execution of a script without a password.

ctrl-alt-delor
  • 27,993
  • includedir /dev/usb/ is this a correct entry to /etc/sudoers? – Suraj Jul 09 '16 at 21:32
  • 2
    NOOOOOOOOO: That will read in the files in dev/usb and try to interpret them as rules for sudo. Also what I guess you are trying to do also looks like a bad idea: telling sudo to allow any operation on a directory, especially such a sensitive one, will not end well. – ctrl-alt-delor Jul 09 '16 at 21:57
  • 1
    I think I should go for steeldriver's solution for this. Thanks – Suraj Jul 09 '16 at 22:01