PiBox

I ran various tests and finally, after using strace to run omxplayer, I found that the problem was that omxplayer couldn't open /dev/vchiq, which was root.root and 660. If I changed this device to group nobody then omxplayer worked when videofe was run as nobody.nobody.

So now the question is: should I change the group to nobody for vchiq, change the perms to 664 (if that works) or create a completely different user for that device? If changing it to 664 is enough, that would be the best solution. I don't know if I need write access to the device for omxplayer.

If that doesn't work I think just switching to group nobody would be sufficient. That can be done as part of the postinstall for the omxplayer package.

Note: just tried 644 @ root.root and it failed. So the group has to be nobody.

I added the device file group change to the postinst script but that isn't sufficient. The /dev/vchiq device is remade on reboots by the kernel. So the init processing has to handle the device change.

The fix is to change /etc/mdev.conf in the core to include the following line:

vchiq           root:nobody 660

I've tested this on the target and it works. Change committed in pibox core and pushed upstream.

Closing issue.