From 08b11d424dd9f961b96bbc1f62b508ee2b5b20d2 Mon Sep 17 00:00:00 2001 From: "Martine S. Lenders" Date: Tue, 23 Jul 2019 13:26:18 +0200 Subject: [PATCH 1/5] tapsetup: require to be executed with sudo --- dist/tools/tapsetup/tapsetup | 61 +++++++++++++++++------------------- 1 file changed, 29 insertions(+), 32 deletions(-) diff --git a/dist/tools/tapsetup/tapsetup b/dist/tools/tapsetup/tapsetup index 539a19fbcb..f79bca93d7 100755 --- a/dist/tools/tapsetup/tapsetup +++ b/dist/tools/tapsetup/tapsetup @@ -35,15 +35,15 @@ create_bridge() { case "${PLATFORM}" in FreeBSD) - sudo kldload if_bridge - sudo ifconfig ${BRNAME} create || exit 1 ;; + kldload if_bridge + ifconfig ${BRNAME} create || exit 1 ;; Linux) - sudo ip link add name ${BRNAME} type bridge || exit 1 + ip link add name ${BRNAME} type bridge || exit 1 if [ -n "${DEACTIVATE_IPV6}" ]; then - sudo -s sh -c "echo 1 > /proc/sys/net/ipv6/conf/${BRNAME}/disable_ipv6" || exit 1 + echo 1 > /proc/sys/net/ipv6/conf/${BRNAME}/disable_ipv6 || exit 1 fi ;; OSX) - sudo ifconfig ${BRNAME} create || exit 1 ;; + ifconfig ${BRNAME} create || exit 1 ;; *) ;; esac @@ -52,9 +52,9 @@ create_bridge() { up_bridge() { case "${PLATFORM}" in FreeBSD|OSX) - sudo ifconfig ${BRNAME} up || exit 1 ;; + ifconfig ${BRNAME} up || exit 1 ;; Linux) - sudo ip link set ${BRNAME} up || exit 1 ;; + ip link set ${BRNAME} up || exit 1 ;; *) ;; esac @@ -65,17 +65,17 @@ delete_bridge() { case "${PLATFORM}" in FreeBSD) - sudo sysctl net.link.tap.user_open=0 - sudo kldunload if_tap || exit 1 - sudo kldunload if_bridge || exit 1 ;; + sysctl net.link.tap.user_open=0 + kldunload if_tap || exit 1 + kldunload if_bridge || exit 1 ;; Linux) for IF in $(ls /sys/class/net/${BRNAME}/brif); do - sudo ip link delete "${IF}" + ip link delete "${IF}" done - sudo ip link delete ${BRNAME} || exit 1 ;; + ip link delete ${BRNAME} || exit 1 ;; OSX) - sudo ifconfig ${BRNAME} destroy || exit 1 ;; + ifconfig ${BRNAME} destroy || exit 1 ;; *) ;; esac @@ -84,8 +84,8 @@ delete_bridge() { begin_tap() { case "${PLATFORM}" in FreeBSD) - sudo kldload if_tap || exit 1 - sudo sysctl net.link.tap.user_open=1 ;; + kldload if_tap || exit 1 + sysctl net.link.tap.user_open=1 ;; *) ;; esac @@ -95,24 +95,24 @@ create_tap() { case "${PLATFORM}" in FreeBSD) echo "creating ${TAPNAME}${N}" || exit 1 - sudo ifconfig tap${N} create || exit 1 - sudo chown ${USER} /dev/tap${N} || exit 1 - sudo ifconfig ${BRNAME} addm tap${N} || exit 1 - sudo ifconfig tap${N} up || exit 1 ;; + ifconfig tap${N} create || exit 1 + chown ${SUDO_USER} /dev/tap${N} || exit 1 + ifconfig ${BRNAME} addm tap${N} || exit 1 + ifconfig tap${N} up || exit 1 ;; Linux) echo "creating ${TAPNAME}${N}" - sudo ip tuntap add dev ${TAPNAME}${N} mode tap user ${USER} || exit 1 + ip tuntap add dev ${TAPNAME}${N} mode tap user ${SUDO_USER} || exit 1 if [ -n "${DEACTIVATE_IPV6}" ]; then - sudo -s sh -c "echo 1 > /proc/sys/net/ipv6/conf/${TAPNAME}${N}/disable_ipv6" || exit 1 + echo 1 > /proc/sys/net/ipv6/conf/${TAPNAME}${N}/disable_ipv6 || exit 1 fi - sudo ip link set dev ${TAPNAME}${N} master ${BRNAME} || exit 1 - sudo ip link set ${TAPNAME}${N} up || exit 1 ;; + ip link set dev ${TAPNAME}${N} master ${BRNAME} || exit 1 + ip link set ${TAPNAME}${N} up || exit 1 ;; OSX) - sudo chown ${USER} /dev/tap${N} || exit 1 + chown ${SUDO_USER} /dev/tap${N} || exit 1 echo "start RIOT instance for tap${N} now and hit enter" read - sudo ifconfig ${BRNAME} addm tap${N} || exit 1 - sudo ifconfig tap${N} up || exit 1 ;; + ifconfig ${BRNAME} addm tap${N} || exit 1 + ifconfig tap${N} up || exit 1 ;; *) ;; esac @@ -174,12 +174,9 @@ while true ; do esac done -if [ -z "${USER}" ]; then - export USER=$(id -un) - if [ -z "${USER}" ]; then - echo 'need to export $USER' - exit 1 - fi +if [ -z "${SUDO_USER}" ]; then + echo 'Environment variable $SUDO_USER required; Please run with `sudo`' + exit 1 fi if [ -z "${COMMAND}" ]; then COMMAND="create" From a68db256046213c78f8d6a7e6337ba53d86d37b7 Mon Sep 17 00:00:00 2001 From: "Martine S. Lenders" Date: Tue, 23 Jul 2019 13:30:20 +0200 Subject: [PATCH 2/5] README.md: adapt doc on tapsetup for new sudo requirement --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7854d20941..588cfc585d 100644 --- a/README.md +++ b/README.md @@ -91,7 +91,7 @@ you can use to create a network of tap interfaces. To create a bridge and two (or `count` at your option) tap interfaces: - ./dist/tools/tapsetup/tapsetup [-c []] + sudo ./dist/tools/tapsetup/tapsetup [-c []] ## CONTRIBUTE From bacef290865a8fe7222e4d8f9602fb4cb66b2ba6 Mon Sep 17 00:00:00 2001 From: "Martine S. Lenders" Date: Tue, 23 Jul 2019 13:30:59 +0200 Subject: [PATCH 3/5] native: adapt doc on tapsetup for new sudo requirement --- cpu/native/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpu/native/README.md b/cpu/native/README.md index 1648ae761e..90dfa765bd 100644 --- a/cpu/native/README.md +++ b/cpu/native/README.md @@ -53,17 +53,17 @@ can use to create a network of tap interfaces. Usage: To create a bridge and two (or count at your option) tap interfaces: - ../../dist/tools/tapsetup/tapsetup [-c []] + sudo ../../dist/tools/tapsetup/tapsetup [-c []] On OSX you need to start the RIOT instance at some point during the script's execution. The script will instruct you when to do that. To delete the bridge and all tap interfaces: - ../../dist/tools/tapsetup/tapsetup -d + sudo ../../dist/tools/tapsetup/tapsetup -d For OSX you **have** to run this after killing your RIOT instance and rerun -`../../dist/tools/tapsetup [-c []]` before restarting. +`sudo ../../dist/tools/tapsetup [-c []]` before restarting. **Please note:** If you want to communicate between RIOT and your host operating system, you must not use the `tapsetup` script, but create and From 38f76f951d7103c88b48652085a494be753491e0 Mon Sep 17 00:00:00 2001 From: "Martine S. Lenders" Date: Tue, 23 Jul 2019 13:31:16 +0200 Subject: [PATCH 4/5] doc: adapt doc on tapsetup for new sudo requirement --- doc/doxygen/src/mainpage.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/doxygen/src/mainpage.md b/doc/doxygen/src/mainpage.md index 7f8de24488..543d98ba95 100644 --- a/doc/doxygen/src/mainpage.md +++ b/doc/doxygen/src/mainpage.md @@ -62,7 +62,7 @@ call this the `native` port). Try it right now in your terminal window: git clone git://github.com/RIOT-OS/RIOT.git # assumption: git is pre-installed cd RIOT git checkout -./dist/tools/tapsetup/tapsetup # create virtual Ethernet +sudo ./dist/tools/tapsetup/tapsetup # create virtual Ethernet # interfaces to connect multiple # RIOT instances cd examples/default/ From 64a0d73a0a7639ce0a7778a4ae0eecbf699dfb8b Mon Sep 17 00:00:00 2001 From: "Martine S. Lenders" Date: Tue, 23 Jul 2019 13:31:33 +0200 Subject: [PATCH 5/5] examples: adapt doc on tapsetup for new sudo requirement --- examples/ccn-lite-relay/README.md | 2 +- examples/dtls-echo/README.md | 2 +- examples/emcute_mqttsn/README.md | 2 +- examples/gnrc_networking/README.md | 4 ++-- examples/gnrc_tftp/README.md | 2 +- examples/ndn-ping/README.md | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/examples/ccn-lite-relay/README.md b/examples/ccn-lite-relay/README.md index 012cdb50f8..c8326bb347 100644 --- a/examples/ccn-lite-relay/README.md +++ b/examples/ccn-lite-relay/README.md @@ -39,7 +39,7 @@ RIOT provides three shell to interact with the CCN-Lite stack: An example usage of this application could be setup like this: 1. Open a terminal window, navigate to the RIOT directory, and enter - `dist/tools/tapsetup/tapsetup -c`. + `sudo dist/tools/tapsetup/tapsetup -c`. 2. Open a second terminal window and navigate to this directory in both of windows. 3. Call `make -B clean all term` in the first terminal and `PORT=tap1 make diff --git a/examples/dtls-echo/README.md b/examples/dtls-echo/README.md index 616d065eca..047a11b6be 100644 --- a/examples/dtls-echo/README.md +++ b/examples/dtls-echo/README.md @@ -12,7 +12,7 @@ Linux version of TinyDTLS. However, this is not tested yet. Preparing the logical interfaces: - ./../../dist/tools/tapsetup/tapsetup --create 2 + sudo ./../../dist/tools/tapsetup/tapsetup --create 2 For the server instance: diff --git a/examples/emcute_mqttsn/README.md b/examples/emcute_mqttsn/README.md index 57ccc6565d..c3acdb9cbc 100644 --- a/examples/emcute_mqttsn/README.md +++ b/examples/emcute_mqttsn/README.md @@ -58,7 +58,7 @@ single RIOT native instance, we can do the following: 1. Setup `tap` and `tapbr` devices using RIOT's `tapsetup` script: ``` -./RIOTDIR/dist/tools/tapsetup/tapsetup +sudo ./RIOTDIR/dist/tools/tapsetup/tapsetup ``` 2. Assign a site-global prefix to the `tapbr0` interface (the name could be diff --git a/examples/gnrc_networking/README.md b/examples/gnrc_networking/README.md index fa9f0a1d1f..5f3073b3b5 100644 --- a/examples/gnrc_networking/README.md +++ b/examples/gnrc_networking/README.md @@ -104,7 +104,7 @@ you first need to set up two tap devices and a bridge that connects them. This constitutes a virtual network that the RIOT instances can use to communicate. - ./../../dist/tools/tapsetup/tapsetup --create 2 + sudo ./../../dist/tools/tapsetup/tapsetup --create 2 Then, make sure you've compiled the application by calling `make` and start the first RIOT instance by invoking `make term`. In the RIOT @@ -156,4 +156,4 @@ In your first terminal, you should now see output that looks like this. dst_l2addr: 62:fc:3c:5e:40:df ~~ PKT - 4 snips, total size: 79 byte -[sso]: https://stackoverflow.com/questions/14478167/bind-socket-to-network-interface#14478657 \ No newline at end of file +[sso]: https://stackoverflow.com/questions/14478167/bind-socket-to-network-interface#14478657 diff --git a/examples/gnrc_tftp/README.md b/examples/gnrc_tftp/README.md index 2627976a2e..19b5a499a9 100644 --- a/examples/gnrc_tftp/README.md +++ b/examples/gnrc_tftp/README.md @@ -12,7 +12,7 @@ however show up in Wireshark, which can be confusing). So be sure to adjust your First, create a tap interface (to which RIOT will connect) and a bridge (to which Linux will connect) from the RIOT main directory run: - ./dist/tools/tapsetup/tapsetup -c 1 + sudo ./dist/tools/tapsetup/tapsetup -c 1 Now you can start the `gnrc_tftp` example by invoking `make term`. This should automatically connect to the `tap0` interface. If this doesn't work for some reason, run `make` without any arguments, and then run the binary manually like so (assuming you are in the `examples/gnrc_tftp` directory): diff --git a/examples/ndn-ping/README.md b/examples/ndn-ping/README.md index d8335a9740..54dced636b 100644 --- a/examples/ndn-ping/README.md +++ b/examples/ndn-ping/README.md @@ -8,7 +8,7 @@ Any board with a default netdev can be used to run this example. Create `tap` and `tapbr` devices using RIOT's `tapsetup` script before stating the application: ```bash -./RIOTDIR/dist/tools/tapsetup/tapsetup +sudo ./RIOTDIR/dist/tools/tapsetup/tapsetup ``` Then run the application on 2 different terminals :