From 6ff52df8bdafcea893a084d8799ee32cac742e74 Mon Sep 17 00:00:00 2001 From: Gilles Boccon-Gibod Date: Mon, 10 Oct 2022 20:11:55 -0700 Subject: [PATCH] better/safer Linux recommendations --- docs/mkdocs/src/platforms/linux.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/docs/mkdocs/src/platforms/linux.md b/docs/mkdocs/src/platforms/linux.md index 300b7b7c..338908cb 100644 --- a/docs/mkdocs/src/platforms/linux.md +++ b/docs/mkdocs/src/platforms/linux.md @@ -69,11 +69,17 @@ You can bring a HCI controller `UP` or `DOWN` with `hciconfig hci up` and `hc By default, when running as a regular user, you won't have the permission to use an HCI socket to a Bluetooth controller (you may see an exception like `PermissionError: [Errno 1] Operation not permitted`). - If you want to run without using `sudo`, you can use the `setcap` command to grant your python runtime the permissions required for raw HCI sockets: + If you want to run without using `sudo`, you need to manage the capabilities by adding the appropriate entries in `/etc/security/capability.conf` to grant a user or group the `cap_net_admin` capability. + See [this manpage](https://manpages.ubuntu.com/manpages/bionic/man5/capability.conf.5.html) for details. + + Alternatively, if you are just experimenting temporarily, the `capsh` command may be useful in order + to execute a single command with enhanced permissions, as in this example: + + ``` - $ sudo setcap 'cap_net_raw,cap_net_admin=eip' ' + $ sudo capsh --caps="cap_net_admin+eip cap_setpcap,cap_setuid,cap_setgid+ep" --keep=1 --user=$USER --addamb=cap_net_admin -- -c " " ``` - Where `` on your system (ex: `/usr/bin/python3.10`) + Where `` is the path to your `python3` executable or to one of the Bumble bundled command-line applications. !!! tip "List all available controllers" The command