[Feature Request]: [native] Run meshtasticd as an unprivileged user #6157
Assignees
Labels
3.0
Planned for next major release
enhancement
New feature or request
linux-native
related to running meshtastic as daemon on native linux
pinned
Exclude from stale processing
Comments
vidplace7
added
3.0
fifieldt
added
the
linux-native
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Platform
Linux Native
Description
As it stands, on a linux native node, meshtasticd is running as root. This could be troublesome if the right kind of bugs are discovered in the future. Discussed with @vidplace7 on discord and, though it may be something for 3.0, it seems worth addressing.
The resolution would involve at least: setting up udev rules or similar to allow unprivileged spi access, creating a user to run the service, with the proper permissions and home to store vfs, without the ability to login, and modifying the service to run as this user. I believe this should be possible in the packaging for most if not all pre-built package distros in the opensuse builder and hopefully openwrt as well.
The text was updated successfully, but these errors were encountered: