setcap interferes with v4l2_open for video converter

Hello,

I need to set CAP_NET_BIND_SERVICE to use ports under 1024. As soon as I do the following command

#> sudo setcap CAP_NET_BIND_SERVICE=+p /path/to/executable

v4l2_open for TX1 video converter (/dev/nvhost-vic) fails. If I remove CAP_NET_BIND_SERVICE

#> sudo setcap CAP_NET_BIND_SERVICE=-p /path/to/executable

everything starts to work. I tried other caps (CAP_NET_ADMIN, CAP_NET_BROADCAST) with the same result - failed to open video converter device. Could you please help?

Thanks!

Hi,
We have 07_video_convert in Multimedia API package. Please refer to it.

Hi DaneLLL,

We followed Nvidia samples and everything works fine without setcap command. Elevating permission breaks working application. It also breaks tegra samples as well. Try the following:

This command works fine:
#> 10_camera_recording/camera_recording

Elevate permission:
#> sudo setcap CAP_NET_BIND_SERVICE=+p 10_camera_recording/camera_recording

Now it does not work:
#> 10_camera_recording/camera_recording

libv4l2: error getting capabilities: Bad address
Error generated. main.cpp, createVideoEncoder:288 Could not create m_VideoEncoder.

I can see that v4l2_open() fails to open device. Please help to figure out why.

Thanks!

Hi, we don’t verify this use case. Can you share why you need ‘#> sudo setcap CAP_NET_BIND_SERVICE=+p 10_camera_recording/camera_recording’?

Hi DaneLLL,

We need CAP_NET_BIND_SERVICE so that ports under 1024 can be used by the app.

Thanks

Hi,
So if you don’t set CAP_NET_BIND_SERVICE, some internet functionality(such as video streaming) does not work?

Yes, we are unable to use low number ports (80, 554, etc.) without setcap CAP_NET_BIND_SERVICE.

Other solutions are either not practical in our case (run as root then drop privelleges isn’t gonna work because connections are created dynamically at run time and on various network adapters) or not secure (running as root all the time).

Thanks!

It is fixed in next release. Please wait for new release.

Thanks a lot! Could you please let me know the version which will have the fix? Is it going to be available on TX2 eventually as well?

Thanks!

The next release of JetPack is 3.1…this provides flash of the most recent version of L4T on TK1, TX1, and TX2. The next TX2 release should be L4T R28.1. Don’t know what the release version will be for a TX1.

Please try r28.1

I will try it out, thanks a lot!