Hey Everyone,
Using Ubuntu Core 18
Just wondering if it’s possible to have strict confinement with a nodejs snap that has control over a raspberry pi gpio. My example is below. I can control GPIO4 in this case, but the command requires sudo, and I have been installing it in classic mode. Eventually, I want to setup a service that listens to a remote database to control the gpio, but I’m concerned I do not have confinement / permissions setup correctly, since these commands error without sudo. (see commands at bottom).
Is there anything I am doing that inherently requires sudo? Is there something I’m missing?
After installation, I make a connection to the gpio interface via:
snap connect raspberry-pi-node-gpio:gpio pi:bcm-gpio-4
snapcraft.yaml
name: raspberry-pi-node-gpio
base: core18
version: '0.0.2'
summary: Control Raspberry Pi GPIO Pins With Node On Ubuntu Core 18
description: |
This boilerplate snap shows how to control the GPIO pins of a raspberry pi
running Ubuntu Core 18 with a snap that follows strict confinement.
grade: devel
confinement: strict
architectures:
- build-on: arm64
run-on: arm64
apps:
main:
command: main
plugs:
- network-bind
- gpio
parts:
raspberry-pi-node-gpio:
source: .
plugin: nodejs
scripts:
source: ./scripts
plugin: dump
Main.js - allows the gpio4 to be “on” or “off” based on the argument sent.
#!/usr/bin/env node
var fs = require("fs");
console.log("Reading / writing state of pin gpio4...");
if(typeof process.argv[2] === "undefined" || (process.argv[2] !== 'on' && process.argv[2] !== 'off')) {
console.log("Indicate 'on' or 'off' as an argument.");
}
// Perform reads
fs.readFile('/sys/class/gpio/gpio4/value', 'utf8', (err, contents) => {
if(err) {
console.log("Error: ", err);
}
console.log("Initial Value: ", contents);
});
fs.readFile('/sys/class/gpio/gpio4/direction', 'utf8', (err, contents) => {
if(err) {
console.log("Error: ", err);
}
console.log("Initial Direction: ", contents);
});
if(process.argv[2] === "on") {
// Perform Writes
fs.writeFile('/sys/class/gpio/gpio4/direction', 'out', (err) => {
if(err) {
console.log("Error: ", err);
}
console.log("Wrote direction out.");
});
fs.writeFile('/sys/class/gpio/gpio4/value', '0', (err) => {
if(err) {
console.log("Error: ", err);
}
console.log("Wrote value 0.");
});
}
if(process.argv[2] === "off") {
// Perform Writes
fs.writeFile('/sys/class/gpio/gpio4/direction', 'out', (err) => {
if(err) {
console.log("Error: ", err);
}
console.log("Wrote direction out.");
});
fs.writeFile('/sys/class/gpio/gpio4/value', '1', (err) => {
if(err) {
console.log("Error: ", err);
}
console.log("Wrote value 1.");
});
}
console.log("Reading / writing complete.");
Command Examples
raspberry-pi-node-gpio.main off
raspberry-pi-node-gpio.main on