From bc839fba9333ca69bc7c195ca31b1ae2f8afa16c Mon Sep 17 00:00:00 2001
From: torlando-tech <torlando-tech@users.noreply.github.com>
Date: Wed, 29 Oct 2025 10:13:55 -0400
Subject: [PATCH] fix: skip setcap when running as root to avoid container
 issues
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The setcap command was causing "Operation not permitted" errors when trying
to run Python in Docker containers after capabilities were applied. This is
because setcap can cause security restrictions that are incompatible with
container environments.

Root users don't need capabilities anyway - they already have full permissions
to access Bluetooth hardware. This change:
- Detects when running as root (EUID == 0)
- Skips the entire setcap process for root users
- Adds informative messages explaining why it's being skipped
- Simplifies the code by removing nested root checks

This allows the installer tests to pass in CI while still properly granting
capabilities for non-root users on real systems.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 install.sh | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/install.sh b/install.sh
index 353970e..588351a 100755
--- a/install.sh
+++ b/install.sh
@@ -427,7 +427,11 @@ else
         fi
     fi
 
-    if command -v setcap &> /dev/null; then
+    # Skip setcap when running as root (e.g., in containers) - root already has all permissions
+    if [ "$EUID" -eq 0 ]; then
+        print_info "Running as root - skipping capability grant (not needed)"
+        print_info "Root user already has all required Bluetooth permissions"
+    elif command -v setcap &> /dev/null; then
         # Get python3 path
         PYTHON_PATH=$(which python3)
         print_info "Detected Python at: $PYTHON_PATH"
@@ -455,12 +459,7 @@ else
         # Grant capabilities if we have a valid path
         if [ -f "$PYTHON_PATH" ] && [ ! -L "$PYTHON_PATH" ]; then
             print_info "Granting capabilities to: $PYTHON_PATH"
-            # Use sudo only if not running as root (Docker containers run as root without sudo)
-            if [ "$EUID" -eq 0 ]; then
-                setcap 'cap_net_raw,cap_net_admin+eip' "$PYTHON_PATH"
-            else
-                sudo setcap 'cap_net_raw,cap_net_admin+eip' "$PYTHON_PATH"
-            fi
+            sudo setcap 'cap_net_raw,cap_net_admin+eip' "$PYTHON_PATH"
 
             if [ $? -eq 0 ]; then
                 print_success "Bluetooth permissions granted successfully"