Open serial port without root priviledges on Ubuntu (udev rules)

nvidia udev user-space

I was following this tutorial to setup access to Flir Boson camera serial port from userspace:

https://www.forecr.io/blogs/connectivity/how-to-integrate-flir-boson-thermal-camera-to-nvidia-jetson-modules

The camera installs as /dev/ttyACM0 and in the tutorial there's a .rules file you're supposed to download and copy to: /etc/udev/rules.d/. And then reboot.

This is the content of the file:

ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="09cb", OWNER="nvidia", MODE="0777", GROUP="nvidia"

But it does not work for me. Even after reboot, my application still requires sudo to be able to communicate with the camera.

Now it seems to me, that the tutorial assumes you have a certain username, in this case possibly "nvidia". So I also tried to change OWNER to my actual username, but that does not help either.

A part of the problem may be that I don't really understand what OWNER and GROUP fields are exactly for, I am only guessing. Of course I have been trying to Google that, but for some reason, I am obviously not able to phrase the query correctly.

This is nVidia Jetson Xavier NX with JetpackSDK 4.6, which is in fact Ubuntu 18.04.

Thanks!


Solution 1:

Your rules file alters the user and group to the nonexistent user and group nvidia - this is not going to solve your problem in fact it'll just not work because the user and group nvidia isn't a default group, and your user isn't in it. You also shouldn't set your sockets to 777 permissions - for the same reason you don't give it to files (see this post regarding why you shouldn't give 777 to /var/www for similar security concerns). There are additional access controls to devices as part of AppArmor isolation rules for different applications as well, which you can't overcome as a standard user. Which is why the dialout group exists to give access to those devices.

The nVidia tutorial is likely for some other system, or outdated - you shouldn't need to use their rules, instead just give yourself access with dialout.

When working with user level privileges, special devices such as serial port communications require extra privileges. These are granted by the dialout group (for devices such as dialup modems, USB Serial Adapters, etc.)

Simply add your group to the dialout group, reboot, and you'll have access. Use this command on the command line:

sudo usermod -a -G dialout $USER

Replace $USER with your username on the computer, then when you reboot and relogon to your session you'll have access to that device and other devices. Serial communication ports require dialout permissions, which is easy to put yourself into.

That should be all you or any other user needs to do to access the device. You should leave the default permissions alone, unless you have some very specific use case that is not specified in your question.

Related

Unable to install nvidia-driver-495 and nvidia-dkms-495
How to remove ubuntu and install windows 10 on Thinkbook 15 G2 ITL [duplicate]
How can I keep terminal running after closing app?
How to start a specific service when Ubuntu is started on WSL2
(Xubuntu) How to set the wallpaper using the command line?
What is the term for the part of a jingle that states the company name?
Adverbial form of "timely"
Does the use of "port" for one side of ship relate to the word "port" meaning harbour?
Is "times" really a plural noun?
Why "sovereignty" instead of "sovereignity"?
Use of 'female' and 'male' (in science fiction)
Where did "a racist bone in [one's] body" and "a mean bone in [one's] body" come from?