From 6f97932ea29c06e03cdda72f8df626005f1f1daa Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sun, 12 Apr 2015 19:13:22 +0200 Subject: [PATCH] README.md: add instructions to run under unprivileged user --- README.md | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b0137fc..a3781ea 100644 --- a/README.md +++ b/README.md @@ -8,9 +8,6 @@ ffmap-backend gathers information on the batman network by invoking : * alfred-json and * batadv-vis -In order to use alfred-json and batadv-vis make sure the user running this -backend is allowed to access alfred's socket. - The output will be written to a directory (`-d output`). Run `backend.py --help` for a quick overview of all available options. @@ -21,6 +18,32 @@ For the script's regular execution add the following to the crontab: * * * * * backend.py -d /path/to/output -a /path/to/aliases.json --vpn ae:7f:58:7d:6c:2a d2:d0:93:63:f7:da +# Running as unprivileged user + +Some information collected by ffmap-backend requires access to specific system resources. + +Make sure the user you are running this under is part of the group that owns the alfred socket, so +alfred-json can access the alfred daemon. + + # ls -al /var/run/alfred.sock + srw-rw---- 1 root alfred 0 Mar 19 22:00 /var/run/alfred.sock= + # adduser map alfred + Adding user `map' to group `alfred' ... + Adding user map to group alfred + Done. + $ groups + map alfred + +Running batctl requires passwordless sudo access, because it needs to access the debugfs to retrive +the gateway list. + + # echo 'map ALL = NOPASSWD: /usr/sbin/batctl' | tee /etc/sudoers.d/map + map ALL = NOPASSWD: /usr/sbin/batctl + # chmod 0440 /etc/sudoers.d/map + +That should be everything. The script automatically detects if it is run in unprivileged mode and +will prefix `sudo` where necessary. + # Data format ## nodes.json