diff --git a/README.md b/README.md index ff4ea151..1ca5ddf4 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,15 @@ Chat with us on [Telegram](http://t.me/nymeacommunity) or [Discord](https://disc A detailed documentation on how to develop with *nymea* is available on the [nymea | developer documentation](https://nymea.io/documentation/developers/). +## Network discovery + +When starting nymead as user without root privileges, the network device discovery will not available due to missing raw socket permission. +If you still want to make use of this feature, the binary capabilities need to be adjusted. + + sudo setcap cap_net_admin,cap_net_raw=eip /usr/bin/nymead + +This will allow nymead to create raw sockets for ARP and ICMP network discovery tools even when nymead gets started as user without root privileges. + ## License -------------------------------------------- > nymea is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License. diff --git a/debian/control b/debian/control index 6882da39..f87afa28 100644 --- a/debian/control +++ b/debian/control @@ -59,6 +59,7 @@ Depends: libqt5network5, libqt5websockets5, libqt5bluetooth5, libqt5sql5-sqlite, + libcap2-bin, logrotate, bluez, tar, diff --git a/debian/nymead.postinst b/debian/nymead.postinst index 0c5f1b3e..faf9f178 100755 --- a/debian/nymead.postinst +++ b/debian/nymead.postinst @@ -2,7 +2,7 @@ # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # -# Copyright (C) 2015-2016 Simon Stuerz # +# Copyright (C) 2015 - 2021 nymea GmbH # # # # This file is part of nymea. # # # @@ -20,6 +20,15 @@ # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # +# Make sure user will be able to perform a networkdiscovery +# using ARP and ICMP sockets (raw_sock). +setcap cap_net_admin,cap_net_raw=eip /usr/bin/nymead +if [ $? -eq 0 ]; then + echo "Set raw socket network capabilities successfully for nymead." +else + echo "Failed to set raw socket network capabilities for nymead. Network device discovery will not be available for non root users." +fi + # Restart the nymea daemon after update if it's running systemctl daemon-reload systemctl status nymead > /dev/null 2>&1 diff --git a/libnymea/network/networkdevicediscovery.cpp b/libnymea/network/networkdevicediscovery.cpp index cf870490..54e26064 100644 --- a/libnymea/network/networkdevicediscovery.cpp +++ b/libnymea/network/networkdevicediscovery.cpp @@ -44,8 +44,8 @@ NetworkDeviceDiscovery::NetworkDeviceDiscovery(QObject *parent) : // Create ARP socket m_arpSocket = new ArpSocket(this); connect(m_arpSocket, &ArpSocket::arpResponse, this, &NetworkDeviceDiscovery::onArpResponseRceived); - if (!m_arpSocket->openSocket()) { - qCWarning(dcNetworkDeviceDiscovery()) << "Network discovery will not make use of ARP packages."; + bool arpAvailable = m_arpSocket->openSocket(); + if (!arpAvailable) { m_arpSocket->closeSocket(); } @@ -56,8 +56,6 @@ NetworkDeviceDiscovery::NetworkDeviceDiscovery(QObject *parent) : // Init MAC database if available m_macAddressDatabase = new MacAddressDatabase(this); - if (!m_macAddressDatabase->available()) - qCWarning(dcNetworkDeviceDiscovery()) << "The mac address database is not available. Network discovery will not lookup mac address manufacturer"; // Timer for max duration af a discovery m_discoveryTimer = new QTimer(this); @@ -69,7 +67,11 @@ NetworkDeviceDiscovery::NetworkDeviceDiscovery(QObject *parent) : } }); - qCDebug(dcNetworkDeviceDiscovery()) << "Created successfully"; + if (!arpAvailable && !m_ping->available()) { + qCWarning(dcNetworkDeviceDiscovery()) << "Network device discovery is not available on this system."; + } else { + qCDebug(dcNetworkDeviceDiscovery()) << "Created successfully"; + } } NetworkDeviceDiscoveryReply *NetworkDeviceDiscovery::discover()