Config may contain passwords, but is world-readable. I'd say /etc/ files are usually root-owned as well:
-rw-r--r-- 1 _shairport _shairport 23340 Jan 19 01:24 /etc/shairport-sync.conf Fix it in PLIST; daemon user's home ownership/permissions stay the same: -rw-r----- 1 root _shairport 23340 Jan 19 01:53 /etc/shairport-sync.conf drwxr-xr-x 3 _shairport _shairport 512 Jan 19 01:56 /var/spool/shairport-sync/ Paul mentioned shairpoint-sync's instructions as reply to spotifyd, where I went with less repitition and more precise instructions. I suggest syncing with that so copy/paste after install just works. Playback on amd64 from an iPhone works for me without further config. (Pausing on the remote device crashes the daemon, but that's not news and we're due updating our port, anyways.) Feedback? OK? Index: Makefile =================================================================== RCS file: /cvs/ports/audio/shairport-sync/Makefile,v diff -u -p -r1.3 Makefile --- Makefile 5 Oct 2022 14:54:23 -0000 1.3 +++ Makefile 19 Jan 2024 00:51:56 -0000 @@ -3,7 +3,7 @@ COMMENT = AirPlay audio player GH_ACCOUNT = mikebrady GH_PROJECT = shairport-sync GH_TAGNAME = 3.3.9 -REVISION = 1 +REVISION = 2 CATEGORIES = audio @@ -30,6 +30,9 @@ CONFIGURE_ARGS += --with-ssl=openssl \ --with-sndio \ --with-os=openbsd FAKE_FLAGS = sysconfdir=${PREFIX}/share/examples/shairport-sync + +HOME_DIR = ${LOCALSTATEDIR}/spool/${PKGSTEM} +SUBST_VARS = HOME_DIR post-install: mv ${PREFIX}/man/man7/shairport-sync.7 \ Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/audio/shairport-sync/pkg/PLIST,v diff -u -p -r1.2 PLIST --- pkg/PLIST 1 May 2022 14:00:13 -0000 1.2 +++ pkg/PLIST 19 Jan 2024 00:45:59 -0000 @@ -1,12 +1,17 @@ @newgroup _shairport:876 -@newuser _shairport:876:876::Shairport-sync Account:/var/spool/shairport-sync:/sbin/nologin +@newuser _shairport:876:876::Shairport-sync Account:${HOME_DIR}:/sbin/nologin @rcscript ${RCDIR}/shairport_sync +@owner _shairport +@group _shairport +@sample ${HOME_DIR}/ +@extraunexec rm -rf ${HOME_DIR} +@owner +@group @bin bin/shairport-sync @man man/man1/shairport-sync.1 share/doc/pkg-readmes/${PKGSTEM} share/examples/shairport-sync/ share/examples/shairport-sync/shairport-sync.conf -@owner _shairport +@mode 0640 @group _shairport @sample ${SYSCONFDIR}/shairport-sync.conf -@sample /var/spool/shairport-sync/ Index: pkg/README =================================================================== RCS file: /cvs/ports/audio/shairport-sync/pkg/README,v diff -u -p -r1.2 README --- pkg/README 1 May 2022 14:00:13 -0000 1.2 +++ pkg/README 19 Jan 2024 00:43:28 -0000 @@ -8,16 +8,7 @@ boot time, the rc.conf.local(8) pkg_scri rcctl enable messagebus avahi_daemon shairport_sync rcctl order messagebus avahi_daemon shairport_sync -sndiod(8) concurrent access by shairport-sync(1) and other users -================================================================ +Follow sndio(7) Authentication if both dedicated and your own user shall be +able to play audio at the same time, e.g. on a desktop system: -sndiod(8) normally only allows access to audio by a single system user -at a time. This is done by generating a random authentication token and -storing it in $HOME/.sndio/cookie when a user first accesses audio, -providing a limited capability to share with other users by copying -the token to their home directory. See AUTHENTICATION in sndio(7) for -more details. - -If you want to share sndiod(8) access with shairport-sync(1) running as -the default _shairport user, you may copy .sndio/cookie from your user's -home directory to /var/spool/shairport/.sndio/cookie. + install -D -p -o _shairport -m 0600 ~/.sndio/cookie ${HOME_DIR}/.sndio/cookie Index: pkg/shairport_sync.rc =================================================================== RCS file: /cvs/ports/audio/shairport-sync/pkg/shairport_sync.rc,v diff -u -p -r1.1.1.1 shairport_sync.rc --- pkg/shairport_sync.rc 27 Apr 2022 02:19:25 -0000 1.1.1.1 +++ pkg/shairport_sync.rc 19 Jan 2024 00:40:41 -0000 @@ -6,4 +6,5 @@ daemon_user="_shairport" . /etc/rc.d/rc.subr rc_bg=YES + rc_cmd $1