I have tested to set capabilities on the node binary within a custom recipe (custom layer) but that failed.
pkg_postinst_${PN} () { setcap cap_net_raw+eip $D${bindir}/node } PACKAGE_WRITE_DEPS = "libcap-native" RDEPENDS_${PN} = "libcap" The error message: ERROR: core-image-full-cmdline-1.0-r0 do_rootfs: [log_check] core-image-full-cmdline: found 1 error message in the logfile: [log_check] Failed to set capabilities on file `/home/ubuntu/yocto-sumo/build/tmp/work/raspberrypi3-poky-linux-gnueabi/core-image-full-cmdline/1.0-r0/rootfs/usr/bin/node' (No such file or directory) When I check the node binary is there in the rootfs directory. It seems that when the the pkg_postinst function is executed the node binary is not there. What am I missing? Any answer is much appreciated! Regards, Markus On Wed, 7 Nov 2018 at 11:32, Markus W <markus4...@gmail.com> wrote: > Hi! > > Background: > In my raspberry project I am developing a nodejs app that needs access to > bluetooth/ble device. I want to run the node application as non root user > for security reasons. In order to get access from within the app, the node > binary need to have the following capability cap_net_raw+eip set. I am > using the nodejs recipe from meta-oe and added it in my local.conf: > > IMAGE_INSTALL_append = " nodejs i2c-tools bluez5 kernel-image > kernel-devicetree" > > Question: > Where should I apply the following command? setcap cap_net_raw+eip > /usr/bin/node > > What are my options? Can I create a recipe in a different package that > will apply the above command on the meta-oe package for the nodejs recipe? > > I have been following this thread ( > https://lists.yoctoproject.org/pipermail/yocto/2016-June/030811.html), > but the node binaries and my node-app are in different layers and packages. > > Any advice how to do this is much appreciated? > > Regards, > Markus >
-- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto