Ubuntu
util-linux package

how to give group access to a device

Asked by LEGOManiac

I'm trying to change the group ownership on a device to give four users access. Here are the details:

The device is /dev/usb/legousbtower0

By default the ownership is root:root

I have four students programming robots under the usernames: black, white, blue, yellow

I have created a group called "nqc" and added all four users to it.

When a user tries to use the device it says:

Downloading Program:error
Could not open serial port or USB device

When use "chown root:nqc legousbtower0" with the expectation that this will allow the nqc group to access the device, it gives the same error.

If I use "chown blue:blue legousbtower0" then user blue can use the device but no one else can.

How do I set the ownership so that all the users (ie. the nqc group) can access it?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu util-linux Edit question
Assignee:
No assignee Edit question
Solved by:
mycae
Solved:
Last query:
Last reply:
Revision history for this message
Theodotos Andreou (theodotos) said : 		#1

I assume that you have used the "sudo" command before chown. I also suggest to use the full path to the file. If not then do this:

  sudo chgrp nqc /dev/usb/legousbtower0

Then add your users to the nqc group:

  sudo usermod -a -G nqc user

Revision history for this message
LEGOManiac (bzflaglegomaniac) said : 		#2

I get the same results.

ls -l /dev/usb
total 0
crw------- 1 root nqc 180, 160 2011-01-14 08:25 legousbtower0

One thing I do see is that the permissions don't allow group access so I tried

sudo chmod 777 /dev/usb/legousbtower0

which now gets me:

ls -l /dev/usb
total 0
crwxrwxrwx 1 root nqc 180, 160 2011-01-14 08:25 legousbtower0

but I still get the same error

Revision history for this message
Best mycae (mycae) said : 		#3

You could setuid the programming executable, which would mean users running that program gain root permissons, just for that program.

Its a hack, yes, but it could work.

Revision history for this message
LEGOManiac (bzflaglegomaniac) said : 		#4

I can try mycae's suggestion, but I know that regular users can use the device (ie. you don't have to be root) but I can only let one user at a time use it. I'm sure there must be some way to allow a named group to use it.

If no one can point out what I'm doing wrong, I'll try this hack.

Revision history for this message
Ubfan (ubfan1) said : 		#5

When the group is set to ncq on the device, the students may still need to explicitly change their effective group to ncq via the newgrp ncq command

Revision history for this message
LEGOManiac (bzflaglegomaniac) said : 		#6

>When the group is set to ncq on the device, the students may still need to explicitly change their effective group to ncq via the >newgrp ncq command

I added the group, the users and the users to the group using the GUI interface (System->Administration->Users and Groups). Was that not sufficient? I had assumed that's all that was needed.

I'm not on the appropriate computer right now, so I can't test it, but when I type ls -l of the /dev/usb directory, I get:

crw------- 1 root nqc 180, 160 2011-01-14 08:25 legousbtower0

Looking at this again, I'm noticing that (if I'm interpreting it correctly) only root has read and write permissions. I'm not sure what the "c" indicates. It dawns on me now that perhaps I should use "sudo chmod g+rw /dev/usb/legousbtower0" in an effort to give group read and write permissions.

Then again, I seem to recall trying "sudo chmod 666 /dev/usb/legousbtower0" earlier and it didn't work. I'm not on the appropriate computer so I can't check it right now.

Am I barking up the wrong tree?

Revision history for this message
mycae (mycae) said : 		#7

The "c" indicates that the device is a character device (as opposed to a block device).

The permissions will probably be reset if you cycle the device; setting permissions on /dev/ devices can be odd.

>Was that not sufficient? I had assumed that's all that was needed.

Should be fine, you can cross-check by looking at the contents of /etc/group

Revision history for this message
mycae (mycae) said : 		#8

I thought of another potential solution.

You could create a bidirectional named pipe in readable userspace somewhere that is group owned, and then use a process to simply pass-through to your actual device. The pass-through process could be root owned, and then you could simply use the pipe to perform device access.

Its not straightforward, and its another hack, but one that does not require root access. The intermediate program should be fairly trivial.

http://www.linux.com/news/software/developer/17942-socat-the-general-bidirectional-pipe-handler

Revision history for this message
LEGOManiac (bzflaglegomaniac) said : 		#9

Thanks mycae, that solved my question.