From 6f97932ea29c06e03cdda72f8df626005f1f1daa Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sun, 12 Apr 2015 19:13:22 +0200 Subject: [PATCH 1/2] README.md: add instructions to run under unprivileged user --- README.md | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b0137fc..a3781ea 100644 --- a/README.md +++ b/README.md @@ -8,9 +8,6 @@ ffmap-backend gathers information on the batman network by invoking : * alfred-json and * batadv-vis -In order to use alfred-json and batadv-vis make sure the user running this -backend is allowed to access alfred's socket. - The output will be written to a directory (`-d output`). Run `backend.py --help` for a quick overview of all available options. @@ -21,6 +18,32 @@ For the script's regular execution add the following to the crontab: * * * * * backend.py -d /path/to/output -a /path/to/aliases.json --vpn ae:7f:58:7d:6c:2a d2:d0:93:63:f7:da +# Running as unprivileged user + +Some information collected by ffmap-backend requires access to specific system resources. + +Make sure the user you are running this under is part of the group that owns the alfred socket, so +alfred-json can access the alfred daemon. + + # ls -al /var/run/alfred.sock + srw-rw---- 1 root alfred 0 Mar 19 22:00 /var/run/alfred.sock= + # adduser map alfred + Adding user `map' to group `alfred' ... + Adding user map to group alfred + Done. + $ groups + map alfred + +Running batctl requires passwordless sudo access, because it needs to access the debugfs to retrive +the gateway list. + + # echo 'map ALL = NOPASSWD: /usr/sbin/batctl' | tee /etc/sudoers.d/map + map ALL = NOPASSWD: /usr/sbin/batctl + # chmod 0440 /etc/sudoers.d/map + +That should be everything. The script automatically detects if it is run in unprivileged mode and +will prefix `sudo` where necessary. + # Data format ## nodes.json From 3ec0874b774b29e3bdbc10102b8650f6c97a7d91 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sun, 12 Apr 2015 19:26:45 +0200 Subject: [PATCH 2/2] Update --aliases (-a) switch to use nargs=+ This breaks calls with multiple --aliases params specified and introduces --aliases FILE1 FILE2 FILE3 [...] instead --- backend.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/backend.py b/backend.py index 392d931..7cd6630 100755 --- a/backend.py +++ b/backend.py @@ -147,8 +147,7 @@ if __name__ == '__main__': parser.add_argument('-a', '--aliases', help='Read aliases from FILE', - default=[], action='append', - metavar='FILE') + nargs='+', metavar='FILE') parser.add_argument('-m', '--mesh', default=['bat0'], nargs='+', help='Use given batman-adv mesh interface(s) (defaults'