1

I'm building a system, using buildroot, that will have a webpage to control a raspberry's GPIO pins, using php. To do so, I'm writing (and reading) the kernel files located in /sys/class/gpio/.. the problem is that apache doesn't have permission to write or read in such directories and files. I can make it work by changing all directories permissions to:

chmod a+rx dir_name

But this has to be executed everytime the system is turned on since that the /sys/... permissions are reset to default when the system is turned off.

So I would like to know what's the easiest way to solve this problem? Not forgetting that at some point I might write into /sys/class/gpio/export a GPIO number creating a new directory (/sys/class/gpio/gpioN/ where N is the pin number) with new files wich permissions need to be changed aswell.

I'm not very skilled in this kind of stuff but the only way I can think of making it work is to run a script at boot that would export all GPIO pins (write in /sys/class/gpio/export) and then change the permissions of all directories and files. The problem is that I have no clue how to do such scripts, besides that it needs to be in /etc/init.d directory. I've looked in some of the files in this directory but can't understand them, what language is it written?

EDIT 1

I found in a post that to find the apache user I can run the following command:

ps aux | egrep '(apache|httpd)'

Wich outputs the following:

135   root     /usr/bin/httpd -k start
138   daemon   /usr/bin/httpd -k start
139   daemon   /usr/bin/httpd -k start
140   daemon   /usr/bin/httpd -k start
1133  root     egrep (apache|http)
Hello World
  • 11
  • Related: How to set permissions in /sys/ permanenty – Mark Plotnick Dec 27 '17 at 23:19
  • @MarkPlotnick, thanks for answering but I saw that thread before but I can't see how it can help me. First of all what is the "ALL ALL = (ALL) NOPASSWD...." given in the solution is it a shell command? Because my system always gives a syntax error unexpected "(" and if I remove the parentheses it says "ALL: not found". In that thread it's also suggested to use a service in the systemd directory, the problem is that my system doesn't has a systemd directory. – Hello World Dec 28 '17 at 09:22
  • "ALL ALL = (ALL) NOPASSWD...." is an entry in the sudo config file. sudo is a program that lets you configure things so that sudo command, when run by an ordinary user, runs command as root. This question has more details; allowing writes to /sys by ordinary users is a common question. An init script would be easier, except that you said you'll need to chmod the files and directories at arbitrary times after booting. – Mark Plotnick Dec 28 '17 at 11:05
  • @MarkPlotnick but I don't have a sudo config file because this a very simple build and the only user is root. And even if I manage to insert that entry somewhere that will make it work, will this entry allow apache to read and write these files using fread and fwrite in php? And if I export the pins will the new directories and files writable and readable by the apache? – Hello World Dec 28 '17 at 11:11
  • From what I've read, if you cause the kernel to create new files and directories under /sys, there's no way to have the kernel automatically give them alternative owners or modes (unless they trigger an event that udev handles, but you might not have that); you'll need to run more chmod or chown commands. Hopefully someone familiar with your specific type of small system can offer a convenient way to do what you want. – Mark Plotnick Dec 28 '17 at 12:27
  • @MarkPlotnick ok, thanks for the help. I actually just managed to make a script to change the permissions at boot just like I said in the original post. Just one quick question do you know how to only allow apache to access the directories and files? Because at the moment I'm using 'chmod 777 dir_or_file_name' wich I think is not very correct. – Hello World Dec 28 '17 at 13:46
  • Sure, run ps -eo pid,fsuid,cmd|grep httpd to see the uid the httpd processes are using to access files, and use chown to change the owner of the files and directories to that. Then you can make the permissions on those files and directories as restrictive as you want - readable and writable by owner for files, rwx by owner for directories, and no access for anyone else. – Mark Plotnick Dec 28 '17 at 14:57

0 Answers0