Can the default permissions and ownership of /sys/class/gpio/ files be set, e.g. by configuring udev? The point would be to have a real gid for processes that can access GPIO pins on a board.
Most "solutions" include suid wrappers, scripts with chown and trusted middleman binaries. Web searches turn up failed attempts to write udev rules.
(related: Q1)
I added the /etc/udev/rules.d/99-gpio.rules to set all permission correctly and cleanly:
SUBSYSTEM=="bcm2835-gpiomem", KERNEL=="gpiomem", GROUP="gpio", MODE="0660"
SUBSYSTEM=="gpio", KERNEL=="gpiochip*", ACTION=="add", RUN+="/bin/sh -c 'chown root:gpio /sys/class/gpio/export /sys/class/gpio/unexport ; chmod 220 /sys/class/gpio/export /sys/class/gpio/unexport'"
SUBSYSTEM=="gpio", KERNEL=="gpio*", ACTION=="add", RUN+="/bin/chown root:gpio /sys%p/active_low /sys%p/edge /sys%p/direction /sys%p/value", RUN+="/bin/chmod 660 /sys%p/active_low /sys%p/edge /sys%p/direction /sys%p/value"
For Ubuntu run.
sudo apt install rpi.gpio-common
I use this (assuming gpio group already created):
/etc/udev/rules.d/99-gpio.rules
SUBSYSTEM=="gpio", KERNEL=="gpiochip*", GROUP:="gpio", MODE:="0660"
SUBSYSTEM=="gpio", KERNEL=="gpiochip[0-4]", GROUP="gpiod", MODE="0660"
– Richard Chambers
Nov 09 '23 at 16:02
The GPIO interface seems to be built for system (uid root) use only and doesn't have the features a /dev interface would for user processes. This includes creation permissions.
In order to allow user processes (including daemons and other system services) access, the permissions need to be granted by a root process at some point. It could be an init script, a middleman, or a manual (sudo) command.
