[clue-tech] Parallel port access as non root user?
Ed
eddythejekyll at gmail.com
Thu Sep 21 11:13:07 MDT 2006
Here ya go Jim. The lp device is loaded according to the /proc table.
This is a RH ES4 system. I threw in a call to lsmod at the bottom.
Sorry about the html before.
Thanks a ton.
Ed
[root at denali ed]# ls -al /dev/port
crw------- 1 root kmem 1, 4 Sep 20 09:26 /dev/port
[root at denali ed]# ls -al /dev/lp*
crw-rw-rw- 1 root lp 6, 0 Sep 20 09:26 /dev/lp0
crw-rw-rw- 1 root lp 6, 1 Sep 20 09:26 /dev/lp1
crw-rw-rw- 1 root lp 6, 2 Sep 20 09:26 /dev/lp2
crw-rw-rw- 1 root lp 6, 3 Sep 20 09:26 /dev/lp3
[root at denali ed]# ls -al /dev/parport*
crw-rw-rw- 1 root lp 99, 0 Sep 20 09:26 /dev/parport0
crw-rw-rw- 1 root lp 99, 1 Sep 20 09:26 /dev/parport1
crw-rw-rw- 1 root lp 99, 2 Sep 20 09:26 /dev/parport2
crw-rw-rw- 1 root lp 99, 3 Sep 20 09:26 /dev/parport3
[root at denali ed]# cat /proc/devices
Character devices:
1 mem
4 /dev/vc/0
4 tty
4 ttyS
5 /dev/tty
5 /dev/console
5 /dev/ptmx
6 lp
7 vcs
10 misc
13 input
14 sound
29 fb
36 netlink
89 i2c
116 alsa
128 ptm
136 pts
162 raw
180 usb
226 drm
Block devices:
1 ramdisk
3 ide0
8 sd
9 md
65 sd
66 sd
67 sd
68 sd
69 sd
70 sd
71 sd
128 sd
129 sd
130 sd
131 sd
132 sd
133 sd
134 sd
135 sd
253 device-mapper
254 mdp
[root at denali ed]# /sbin/lsmod
Module Size Used by
i915 81541 2
parport_pc 27905 1
lp 15405 0
parport 37641 2 parport_pc,lp
autofs4 22597 0
i2c_dev 14273 0
i2c_core 25921 1 i2c_dev
sunrpc 142757 1
button 10449 0
battery 12869 0
ac 8773 0
md5 8001 1
ipv6 240225 64
joydev 14209 0
uhci_hcd 32729 0
ehci_hcd 31813 0
hw_random 9557 0
snd_intel8x0 34921 2
snd_ac97_codec 65169 1 snd_intel8x0
snd_pcm_oss 52345 0
snd_mixer_oss 21825 2 snd_pcm_oss
snd_pcm 91973 2 snd_intel8x0,snd_pcm_oss
snd_timer 27973 1 snd_pcm
snd_page_alloc 13641 2 snd_intel8x0,snd_pcm
snd_mpu401_uart 11329 1 snd_intel8x0
snd_rawmidi 27749 1 snd_mpu401_uart
snd_seq_device 11849 1 snd_rawmidi
snd 56997 11
snd_intel8x0,snd_ac97_codec,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_timer,snd_mpu401_uart,snd_rawmidi,snd_seq_device
soundcore 12961 2 snd
tg3 95173 0
dm_snapshot 20837 0
dm_zero 6337 0
dm_mirror 28449 0
ext3 118729 2
jbd 59481 1 ext3
dm_mod 59973 6 dm_snapshot,dm_zero,dm_mirror
ata_piix 13381 2
libata 57885 1 ata_piix
sd_mod 20545 3
scsi_mod 116941 2 libata,sd_mod
Ed
On 9/21/06, Jim Ockers <ockers at ockers.net> wrote:
> Ed,
>
> I'm top-posting on purpose. In the strace output below I saw this
> line:
>
> open("/dev/port", O_RDWR) = -1 EACCES (Permission denied)
>
> Could you please issue the following commands for me:
>
> ls -al /dev/port
> ls -al /dev/lp*
> ls -al /dev/parport*
> cat /proc/devices
>
> I want to see the major & minor device numbers for each of those. It
> could be that your error message is due to opening a nonexistent
> device or device for which the device driver is not loaded, or
> something.
>
> By the way Ed can you just send text e-mails please? The HTML isn't
> necessary.
>
> Thanks,
> Jim
>
> Ed Young wrote:
> >
> > ------=_Part_13109_30312243.1158856981302
> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> > Content-Transfer-Encoding: 7bit
> > Content-Disposition: inline
> >
> > Jim,
> >
> > I've set /dev/lp0-3 and /dev/parport0-3 up as 0x666 and added myself to the
> > lp group in /etc/group
> >
> > Check it out:
> >
> > [ed at denali k74-1.0]$ strace ./k74 all set
> > execve("./k74", ["./k74", "all", "set"], [/* 30 vars */]) = 0
> > uname({sys="Linux", node="denali.comcast.com", ...}) = 0
> > brk(0) = 0x9bfd000
> > access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or
> > directory)
> > open("/etc/ld.so.cache", O_RDONLY) = 3
> > fstat64(3, {st_mode=S_IFREG|0644, st_size=98174, ...}) = 0
> > old_mmap(NULL, 98174, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f37000
> > close(3) = 0
> > open("/lib/tls/libc.so.6", O_RDONLY) = 3
> > read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20_\251"..., 512) =
> > 512
> > fstat64(3, {st_mode=S_IFREG|0755, st_size=1454546, ...}) = 0
> > old_mmap(0xa81000, 1219772, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> > 3, 0) = 0xa81000
> > old_mmap(0xba5000, 16384, PROT_READ|PROT_WRITE,
> > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x124000) = 0xba5000
> > old_mmap(0xba9000, 7356, PROT_READ|PROT_WRITE,
> > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xba9000
> > close(3) = 0
> > old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> > = 0xb7f36000
> > mprotect(0xba5000, 4096, PROT_READ) = 0
> > mprotect(0xa7d000, 4096, PROT_READ) = 0
> > set_thread_area({entry_number:-1 -> 6, base_addr:0xb7f36940, limit:1048575,
> > seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1,
> > seg_not_present:0, useable:1}) = 0
> > munmap(0xb7f37000, 98174) = 0
> > fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 6), ...}) = 0
> > mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
> > 0xb7f4e000
> > write(1, "main start\n", 11main start
> > ) = 11
> > write(1, "OpenIO start\n", 13OpenIO start
> > ) = 13
> > open("/dev/port", O_RDWR) = -1 EACCES (Permission denied)
> > write(1, "past open\n", 10past open
> > ) = 10
> > dup(2) = 3
> > fcntl64(3, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
> > brk(0) = 0x9bfd000
> > brk(0x9c1e000) = 0x9c1e000
> > fstat64(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 6), ...}) = 0
> > mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
> > 0xb7f4d000
> > _llseek(3, 0, 0xbffc81c0, SEEK_CUR) = -1 ESPIPE (Illegal seek)
> > write(3, "/dev/port: Permission denied\n", 29/dev/port: Permission denied
> > ) = 29
> > close(3) = 0
> > munmap(0xb7f4d000, 4096) = 0
> > munmap(0xb7f4e000, 4096) = 0
> > exit_group(29) = ?
> > Process 7617 detached
> >
> > Thanks,
> >
> > Ed
> >
> >
> > On 9/21/06, Jim Ockers <ockers at ockers.net> wrote:
> > >
> > > Hi Ed,
> > >
> > > > I'm trying to access the parallel port (/dev/lp0) from a non root
> > > process.
> > > >
> > > > Basically I have a program that can only access the port if it runs as
> > > root.
> > > >
> > > > Here's what happens when I run as root:
> > > > root at falcon:~/src/k74- 1.0# ./pprxtx all set
> > > > root at falcon:~/src/k74-1.0# ./pprxtx read
> > > > 255
> > > > root at falcon:~/src/k74-1.0# ./pprxtx all clear
> > > > root at falcon:~/src/k74-1.0# ./pprxtx read
> > > > 0
> > > >
> > > > Here's what happens when I run as a non root user (ed):
> > > > ed at falcon:~/src/k74-1.0$ ./pprxtx all set
> > > > /dev/port: Permission denied
> > > > ed at falcon:~/src/k74-1.0$ ./pprxtx read
> > > > /dev/port: Permission denied
> > >
> > > Could you please run your pprxtx inside strace (maybe strace -f if it
> > > forks) and let us know what system call fails with an EPERM?
> > >
> > > > /dev/lp0 I thought that all I had to do was to add my non rootport user
> > > to
> > > > the device group (lp) in /etc/group and then that user would have
> > > > permissions to read and write to that device.
> > > > lp:x:7:cupsys, ed
> > > >
> > > > I also changed the device permissions to
> > > > /dev:
> > > > crw-rw-rw- 1 root lp 6, 0 2006-09-21 04:56 lp0
> > > >
> > > > I still can't access the port unless I run as root.
> > > >
> > > > If I change the /dev/port (I know,dangerously insecure) permissions to
> > > > /dev:
> > > > crw-rw-rw- 1 root kmem 1, 4 2006-09-21 04:56 port
> > > >
> > > > I then get:
> > > > ed at falcon:~/src/k74-1.0$ ./pprxtx read
> > > > /dev/port: Operation not permitted
> > > > ed at falcon:~/src/k74-1.0$ ./pprxtx all set
> > > > /dev/port: Operation not permitted
> > >
> > > Same for this - strace should expose the problem.
> > >
> > > --
> > > Jim Ockers, P.Eng. (ockers at ockers.net)
> > > Contact info: please see http://www.ockers.net/
> > >
> >
> >
> >
> > --
> > Ed
> >
> > ------=_Part_13109_30312243.1158856981302
> > Content-Type: text/html; charset=ISO-8859-1
> > Content-Transfer-Encoding: 7bit
> > Content-Disposition: inline
> >
> > Jim, <br><br>I've set /dev/lp0-3 and /dev/parport0-3 up as 0x666 and added myself to the lp group in /etc/group<br><br>Check it out:<br><br>[ed at denali k74-1.0]$ strace ./k74 all set<br>execve("./k74", ["./k74", "all", "set"], [/* 30 vars */]) = 0
> > <br>uname({sys="Linux", node="<a href="http://denali.comcast.com">denali.comcast.com</a>", ...}) = 0<br>brk(0) = 0x9bfd000<br>access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
> > <br>open("/etc/ld.so.cache", O_RDONLY) = 3<br>fstat64(3, {st_mode=S_IFREG|0644, st_size=98174, ...}) = 0<br>old_mmap(NULL, 98174, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f37000<br>close(3) = 0
> > <br>open("/lib/tls/libc.so.6", O_RDONLY) = 3<br>read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20_\251"..., 512) = 512<br>fstat64(3, {st_mode=S_IFREG|0755, st_size=1454546, ...}) = 0<br>old_mmap(0xa81000, 1219772, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xa81000
> > <br>old_mmap(0xba5000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x124000) = 0xba5000<br>old_mmap(0xba9000, 7356, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xba9000<br>
> > close(3) = 0<br>old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f36000<br>mprotect(0xba5000, 4096, PROT_READ) = 0<br>mprotect(0xa7d000, 4096, PROT_READ) = 0
> > <br>set_thread_area({entry_number:-1 -> 6, base_addr:0xb7f36940, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0<br>munmap(0xb7f37000, 98174) = 0
> > <br>fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 6), ...}) = 0<br>mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f4e000<br>write(1, "main start\n", 11main start<br>) = 11
> > <br>write(1, "OpenIO start\n", 13OpenIO start<br>) = 13<br>open("/dev/port", O_RDWR) = -1 EACCES (Permission denied)<br>write(1, "past open\n", 10past open<br>) = 10
> > <br>dup(2) = 3<br>fcntl64(3, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)<br>brk(0) = 0x9bfd000<br>brk(0x9c1e000) = 0x9c1e000
> > <br>fstat64(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 6), ...}) = 0<br>mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f4d000<br>_llseek(3, 0, 0xbffc81c0, SEEK_CUR) = -1 ESPIPE (Illegal seek)
> > <br>write(3, "/dev/port: Permission denied\n", 29/dev/port: Permission denied<br>) = 29<br>close(3) = 0<br>munmap(0xb7f4d000, 4096) = 0<br>munmap(0xb7f4e000, 4096) = 0
> > <br>exit_group(29) = ?<br>Process 7617 detached<br><br>Thanks, <br><br>Ed<br><br><br><div><span class="gmail_quote">On 9/21/06, <b class="gmail_sendername">Jim Ockers</b> <<a href="mailto:ockers at ockers.net">
> > ockers at ockers.net</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi Ed,<br><br>> I'm trying to access the parallel port (/dev/lp0) from a non root process.
> > <br>><br>> Basically I have a program that can only access the port if it runs as root.<br>><br>> Here's what happens when I run as root:<br>> root at falcon:~/src/k74- 1.0# ./pprxtx all set<br>> root at falcon
> > :~/src/k74-1.0# ./pprxtx read<br>> 255<br>> root at falcon:~/src/k74-1.0# ./pprxtx all clear<br>> root at falcon:~/src/k74-1.0# ./pprxtx read<br>> 0<br>><br>> Here's what happens when I run as a non root user (ed):
> > <br>> ed at falcon:~/src/k74-1.0$ ./pprxtx all set<br>> /dev/port: Permission denied<br>> ed at falcon:~/src/k74-1.0$ ./pprxtx read<br>> /dev/port: Permission denied<br><br>Could you please run your pprxtx inside strace (maybe strace -f if it
> > <br>forks) and let us know what system call fails with an EPERM?<br><br>> /dev/lp0 I thought that all I had to do was to add my non rootport user to<br>> the device group (lp) in /etc/group and then that user would have
> > <br>> permissions to read and write to that device.<br>> lp:x:7:cupsys, ed<br>><br>> I also changed the device permissions to<br>> /dev:<br>> crw-rw-rw- 1 root lp 6, 0 2006-09-21 04:56 lp0<br>><br>
> > > I still can't access the port unless I run as root.<br>><br>> If I change the /dev/port (I know,dangerously insecure) permissions to<br>> /dev:<br>> crw-rw-rw- 1 root kmem 1, 4 2006-09-21 04:56 port<br>
> > ><br>> I then get:<br>> ed at falcon:~/src/k74-1.0$ ./pprxtx read<br>> /dev/port: Operation not permitted<br>> ed at falcon:~/src/k74-1.0$ ./pprxtx all set<br>> /dev/port: Operation not permitted<br><br>Same for this - strace should expose the problem.
> > <br><br>--<br>Jim Ockers, P.Eng. (<a href="mailto:ockers at ockers.net">ockers at ockers.net</a>)<br>Contact info: please see <a href="http://www.ockers.net/">http://www.ockers.net/</a><br></blockquote></div><br><br clear="all">
> > <br>-- <br>Ed
> >
> > ------=_Part_13109_30312243.1158856981302--
> >
>
>
--
Ed
More information about the clue-tech
mailing list