[yocto] [meta-oe] Set linux capabilities on binary on a recipe in meta-oe layer

[Markus W]

Hi!

*Background:*
In my raspberry project I am developing a nodejs app that needs access to
bluetooth/ble device. I want to run the node application as non root user
for security reasons. In order to get access from within the app, the node
binary need to have the following capability *cap_net_raw+eip *set. I am
using the nodejs recipe from meta-oe and added it in my local.conf:

IMAGE_INSTALL_append = " *nodejs* i2c-tools bluez5 kernel-image
kernel-devicetree"

*Question:*
Where should I apply the following command? *setcap cap_net_raw+eip
/usr/bin/node*

What are my options? Can I create a recipe in a different package that will
apply the above command on the meta-oe package for the nodejs recipe?

I have been following this thread (
https://lists.yoctoproject.org/pipermail/yocto/2016-June/030811.html), but
the node binaries and my node-app are in different layers and packages.

Any advice how to do this is much appreciated?

Regards,
Markus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20181107/d3618932/attachment.html>