null issue when listing ykush boards about ykush HOT 8 OPEN

What actual permissions does an account using ykush actually need? It works for me with sudo, but I prefer not to run scripts over the web with root level access, even using suid approaches. It would be far better to use a privelege separation approach, but for that I would need to know what groups/permissions to define for the user running the ykush script. (user of the web-server)

from ykush.

I revisited this issue some time ago. I suggest you look into writing a udev rule for when a ykush device is plugged into you ubuntu machine which adds the device to a group that has permission to access it. You can then add your user to that group and you should not require privileges to access the device anymore.

You can create the group using:

groupadd ykushdev

Here is an example rules file (it should work for your case):

# /etc/udev/rules.d/99-ykush.rules
SUBSYSTEM=="usb", ATTRS{idVendor}=="04d8", ATTRS{idProduct}=="f2f7", MODE="0664", GROUP="ykushdev"

This file should have 644 permissions which would keep any non-root user from changing them allowing for arbitrary code execution with the PROGRAM and RUN keywords. You can change the permissions using:

chmod 644 /etc/udev/rules.d/99-ykush.rules

Then add yourself to the ykushdev group using:

usermod -a -G ykushdev <your username>

Reload the rules file:

udevadm control --reload

Finally, log out and in again to let the addition of the user account to the ykushdev group take effect.

Setting this up will require sudo permissions, however, once it is set up you should not require privileges anymore to access any ykush device plugged into the ubuntu machine.

Let me know if that works for you.

from ykush.

Hi, can you please send the output of lsusb command with the board connected.

Thanks

from ykush.

This is the output of lsusb

Bus 001 Device 015: ID 2b3e:ace2  
Bus 001 Device 003: ID 0e0f:0002 VMware, Inc. Virtual USB Hub
Bus 001 Device 014: ID 2b3e:ace2  
Bus 001 Device 013: ID 2b3e:ace2  
Bus 001 Device 012: ID 2b3e:ace2  
Bus 001 Device 011: ID 2b3e:ace2  
Bus 001 Device 010: ID 2b3e:ace2  
Bus 001 Device 009: ID 2b3e:ace2  
Bus 001 Device 002: ID 0e0f:0002 VMware, Inc. Virtual USB Hub
Bus 001 Device 008: ID 2b3e:ace2  
Bus 001 Device 007: ID 2b3e:ace2  
Bus 001 Device 006: ID 2b3e:ace2  
Bus 001 Device 005: ID 2b3e:ace2  
Bus 001 Device 004: ID 2b3e:ace2  
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 008: ID 04d8:f2f7 Microchip Technology, Inc. 
Bus 002 Device 007: ID 04d8:f2f7 Microchip Technology, Inc. 
Bus 002 Device 006: ID 04d8:f2f7 Microchip Technology, Inc. 
Bus 002 Device 005: ID 04d8:f2f7 Microchip Technology, Inc. 
Bus 002 Device 004: ID 0e0f:0008 VMware, Inc. 
Bus 002 Device 003: ID 0e0f:0002 VMware, Inc. Virtual USB Hub
Bus 002 Device 002: ID 0e0f:0003 VMware, Inc. Virtual Mouse
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub

from ykush.

I have this issue also (Ubuntu 16.04). Sudo corrects the issue but I am trying to use this from a process without sudo access.

$ ykushcmd -l

Attached YKUSH Boards

YKUSH device found with Serial Number: (null)
Manufacturer: (null)
Product: (null)

$ sudo ykushcmd -l

Attached YKUSH Boards

YKUSH device found with Serial Number: XXXXXX
Manufacturer: Yepkit Lda.
Product: YKUSH

$ykushcmd ykushxs -l

Attached YKUSH XS Boards:

(null)

$ sudo ykushcmd ykushxs -l

Attached YKUSH XS Boards:

XXXXXX

from ykush.

Did anyone figure out what to do to run without sudo? I had this issue but I made something and it was working but right now we are setting up a new Ubuntu machine and there is again the same issue.

from ykush.

That worked for me. Thanks Franz! I used the command “groupadd” with no space and I deleted the “productId” portion of the rule.

from ykush.

Great news. Glad I could help. I will edit my previous comment to correct that mistake. Thank you.

from ykush.