Robot program running as root?

[ThadHouse]

Discussed in #36

^{Originally posted by jwbonner June 25, 2025}
It looks like the robot service currently runs the user program as root. Is there a good reason to do this instead of running as the systemcore user (with appropriate permissions for any resources it needs to access)? It seems like running as root increases the risk that a misbehaving user program could cause major issues on the device (for example, suppose a user program with an incorrect path configured somewhere starts inadvertently writing/overwriting files in a system directory). I assumed that this issue was the reason for running the user program as lvuser on the RIO.

One related issue regarding permissions is that it looks like systemcore doesn't have permission to write to USB drives with the current auto-mounting scheme. Obviously if the user program ran as that user it would need to be configured with write access to USB drives.

[Kevin-OConnor]

To do this we need to:

• Update the service file to specify User=systemcore in the Service section
• Update the service file to set LimitRTPRIO in the Service section to whatever value we want robot programs to be able to utilize. If we want the CAN thread to remain the highest priority, this should be LimitRTPRIO=50
• Ensure the systemcore user is able to write to all desired locations (such as USB drives)