First some interesting fact. Earlier I wrote that performed limited user permissions setup according to reply in the How do I let an SDL app (not running as root) use the console StackExchange post. Today I discovered that rights change on /dev/console doesn’t survive reboot. I changed rights back and immediately, without rebooting, tried pygame example again. No visible changes, same “Unable to open console terminal” error for the limited user.
> I already changed permissions for the limited user (pi) according to this instruction: How do I let an SDL app (not running as root) use the console, but to no avail :(
I just wanted to suggest you make sure permissions in /dev are
granted, but you appear to have arrived at that conclusion yourself.
Of course now you have to figure out which device is being opened
unsuccessfully. /dev/console only applies to text i/o and not
framebuffer and graphics. /dev/fb0 maybe? Maybe use strace instead?
cheers!
mar77i
I tried running under strace and got 2 log files: one of running under root and one for running under limited user (pi). Here is the different part:
ssh terminal, run as root | ssh terminal, run as limited user | Comment |
open("/dev/tty0", O_WRONLY) = 5 ioctl(5, VIDIOC_QUERYCAP or VT_OPENQRY, 0x1e5f89c) = 0 close(5) = 0 | open("/dev/tty0", O_WRONLY) = 5 ioctl(5, VIDIOC_QUERYCAP or VT_OPENQRY, 0x776e1c) = 0 close(5) = 0 | Visible match, but I don’t know whether ioctl output data was the same, looking at subsequent system calls I suppose it wasn’t. Frankly speaking, I don’t understand what does ioctl call with 2 OR’ed requests mean… According to this article (it’s 1994!!! But there is no reason not to believe…), ioctl VT_OPENQRY is something like “kernel, give me some number of the free terminal I could use” |
geteuid32() = 0 | geteuid32() = 1000 | Mismatch: got user ID we are running behind of |
open("/dev/vc/2", O_RDWR) = -1 ENOENT (No such file or directory) | Mismatch: there was no try to open "/dev/vc/2" under limited user | |
open("/dev/tty2", O_RDWR) = 5 | Mismatch: there was no try to open "/dev/tty2" under limited user Looking at this and previous system calls I suppose ioctl VT_OPENQRY returned terminal number 2 for the case when pygame was run under root. For the limited-user case it’s not clear what was the result of that ioctl. | |
open("/dev/tty", O_RDWR) = 6 | open("/dev/tty", O_RDWR) = 5 | Match: opened current terminal device |
ioctl(6, TIOCNOTTY) = 0 close(6) = 0 | Root version detached itself from the current terminal. As I could find using Google, this is what usually daemon processes started from terminal do. | |
ioctl(5, VT_GETSTATE, 0x7ee7da28) = -1 ENOTTY (Inappropriate ioctl for device) | According to article mentioned above, ioctl VT_GETSTATE query is something like “kernel, give me list of terminals available and their use state” | |
ioctl(5, KDGKBMODE, 0x7eaf2078) = 0 | ioctl(5, KDGKBMODE, 0x7ee7da28) = -1 ENOTTY (Inappropriate ioctl for device) | “Kernel, give me keyboard mode associated with this tty” Limited-user version run this request on /dev/tty and root-user version run on /dev/tty2. |
ioctl(5, KDGKBENT, 0x7eaf2078) = 0 | close(5) = 0 munmap(0x74340000, 3145728) = 0 close(3) = 0 rt_sigaction(SIGINT, NULL, {0x127304, [], SA_RESTORER, 0x76d18180}, 8) = 0 rt_sigaction(SIGTERM, NULL, {SIG_DFL, [], 0}, 8) = 0 write(2, "Traceback (most recent call last"..., 35) = 35 | Seems previous ioctl result was fatal for limited-user version. |
Despite large amount of data from strace, it’s really not clear to me what permissions and on what files should I set to allow limited user to run pygame from ssh terminal...