SNAP Manual Review

benny · February 11, 2019, 3:50pm

Hi,

It seems my SNAP needs a manual review can someone please look into it ?

Snap: https://dashboard.snapcraft.io/snaps/voilaiot/revisions/14/

I’m trying to give it access to the interface system-files to fix a permission issue:
IOError: [Errno 13] Permission denied: '/sys/class/gpio/export

Thanks

ogra · February 11, 2019, 4:18pm

this path is covered by the gpio interface …

github.com

snapcore/snapd/blob/master/interfaces/builtin/gpio.go

// -*- Mode: Go; indent-tabs-mode: t -*-

/*
 * Copyright (C) 2016-2017 Canonical Ltd
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 3 as
 * published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 */

package builtin

This file has been truncated. show original

(once you connect to a certain gpio number it will automatically export it …)

benny · February 11, 2019, 4:32pm

All these are GPIO connected :

orangepi-zero-gadget:opi-gpio-10 voilaiot:gpio
orangepi-zero-gadget:opi-gpio-11 voilaiot:gpio
orangepi-zero-gadget:opi-gpio-12 voilaiot:gpio
orangepi-zero-gadget:opi-gpio-13 voilaiot:gpio
orangepi-zero-gadget:opi-gpio-14 -
orangepi-zero-gadget:opi-gpio-15 voilaiot:gpio
orangepi-zero-gadget:opi-gpio-16 voilaiot:gpio
orangepi-zero-gadget:opi-gpio-18 voilaiot:gpio
orangepi-zero-gadget:opi-gpio-19 voilaiot:gpio

but it keeps on giving me a permission error

chipaca · February 11, 2019, 6:07pm

what’s the permission error?

benny · February 11, 2019, 7:28pm

IOError: [Errno 13] Permission denied: '/sys/class/gpio/export

ogra · February 12, 2019, 10:14am

are you writing to it as root (or via sudo) … note that all normal file permissions apply, even in the snap world if you use interfaces…

$ ls -lh /sys/class/gpio/export
--w------- 1 root root 4.0K Jan  1  1970 /sys/class/gpio/export

by default only root can write to that file …

benny · February 12, 2019, 11:30am

My SNAP is accessing it like this:

GPIO.setup(10, GPIO.OUT)

In Dev mode I don’t get this issue, it runs as expected (just connecting the interfaces)

pedronis · February 12, 2019, 11:45am

Unless I’m confused, I don’t think the gpio interface gives direct access to /sys/class/gpio/export, it does exporting on its own on behalf of the snap afaict.

This seems a case of a snap that wants to manage/access all possible GPIOs on its own?

@jdstrand any input on this?

jdstrand · February 12, 2019, 9:20pm

You are not confused. The gadget is meant to specify the slots and snapd sets up a oneshot systemd unit to export them. With devmode for this snap I would expect to see policy violations in the logs (but are otherwise allowed).

benny · February 24, 2019, 5:44pm

I finally managed to get it working using a different library to access the GPIO.

Thanks all for your help.