My Python3 script running over Ubuntu 22 in Docker on a Raspberry Pi 5 is denied access to the SPI device unless run Python3 with sudo. I have configured the device, the groups, and udev rules the same as was needed for the underlying PiOS (64-bit Bookworm Desktop). What am I missing?
- docker is invoked in privileged mode
#!/bin/bash
cd ~/GoPi5Go/ros2ws
# --rm remove container after running
docker run -it --net=host \
-v ~/GoPi5Go/ros2ws:/ros2ws \
-v /dev/snd:/dev/snd \
-v /dev/input:/dev/input \
-v /home/pi:/home/pi \
-v /dev/bus/usb:/dev/bus/usb \
-e TZ=America/New_York \
-w /ros2ws \
--privileged \
--rm \
gopi5gor2hdp
- spi group added (with group id matching underlying OS)
- user belongs to spi group (with user id matching underlying OS)
pi@GoPi5Go:/ros2ws $ groups pi
pi : pi sudo audio spi i2c gpio
Dockerfile:
RUN useradd -s /bin/bash pi
RUN echo 'pi:pi' | chpasswd
RUN adduser pi sudo
RUN echo '%pi ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
# Groups on PiOS: pi adm dialout cdrom sudo audio video plugdev games users input render netdev lpadmin docker gpio i2c spi
# spi:x:995:pi
# i2c:x:994:pi
# gpio:x:993:pi
# audio:x:29:pi,pulse
RUN groupadd spi --system -g 995
RUN groupadd i2c -g 994
RUN groupadd gpio -g 993
# RUN groupadd audio -gf 29
RUN usermod -a -G spi pi
RUN usermod -a -G i2c pi
- spi group has same permissions as root for /dev/spidev0.1
**pi@GoPi5Go**:**/ros2ws $** ls -al /dev/spi*
crw-rw---- 1 root spi 153, 0 May 10 09:32 **/dev/spidev0.0**
crw-rw---- 1 root spi 153, 1 May 10 09:32 **/dev/spidev0.1**
crw-rw---- 1 root spi 153, 2 May 10 09:32 **/dev/spidev10.0**
- /etc/udev/rules.d/99-com.rules sets up dev
pi@GoPi5Go:/ros2ws $ more /etc/udev/rules.d/99-com.rules
SUBSYSTEM=="input", GROUP="input", MODE="0660"
SUBSYSTEM=="i2c-dev", GROUP="i2c", MODE="0660"
SUBSYSTEM=="spidev", GROUP="spi", MODE="0660"
SUBSYSTEM=="rpivid-*", GROUP="video", MODE="0660"
KERNEL=="vcsm-cma", GROUP="video", MODE="0660"
SUBSYSTEM=="dma_heap", GROUP="video", MODE="0660"
SUBSYSTEM=="gpio", GROUP="gpio", MODE="0660"
SUBSYSTEM=="gpio*", PROGRAM="/bin/sh -c '\
chown -R root:gpio /sys/class/gpio && chmod -R 770 /sys/class/gpio;\
chown -R root:gpio /sys/devices/virtual/gpio && chmod -R 770 /sys/devices/virtual/gpio;\
chown -R root:gpio /sys$devpath && chmod -R 770 /sys$devpath\
'"
SUBSYSTEM=="pwm*", PROGRAM="/bin/sh -c '\
chown -R root:gpio /sys/class/pwm && chmod -R 770 /sys/class/pwm;\
chown -R root:gpio /sys/devices/platform/soc/*.pwm/pwm/pwmchip* && chmod -R 770 /sys/devices/platform/soc/*.pwm/pwm/pwmchip*\
'"
-
pi user belongs to sudo users group, and sudo users set to NOPASSWORD
-
All the permission/group setup is not working:
pi@GoPi5Go:/ros2ws $ python3 spi_test.py
Traceback (most recent call last):
File "/ros2ws/spi_test.py", line 6, in <module>
GPG_SPI.open(0, 1)
PermissionError: [Errno 13] Permission denied
Succeeds with sudo:
pi@GoPi5Go:/ros2ws $ sudo python3 spi_test.py
spi_test.py:
#!/usr/bin/env python3
import spidev
GPG_SPI = spidev.SpiDev()
GPG_SPI.open(0, 1)
- also tried invoking with other device mappings
-v /dev/spidev0.1:/dev/spidev0.1
or:
-v /dev:/dev
or:
--device /dev/spidev0.1
and even tried:
--device /gpiomem
and:
-v /dev/mem:/dev/mem
and:
--device /dev/gpiochip4
pi@GoPi5Go:/ros2ws $ ls -al /dev/gpiochip4
crw-rw---- 1 root gpio 254, 4 May 10 10:05 /dev/gpiochip4
pi@GoPi5Go:/ros2ws $ groups pi
pi : pi sudo audio spi i2c gpio
Anyone solved user access to SPI from Ubuntu/Docker/PiOS on RaspberryPi 5?