On Tue, 2016-04-19 at 06:07 +0200, Christian PERRIER wrote: > > > Control: reassign -1 user-setup > > Quoting Felipe Sateler (fsate...@debian.org): > > > > > > > > Control: reassign -1 debian-installer > > > > On 18 April 2016 at 13:06, Corcodel Marian <a...@marian1000.go.ro> > > wrote: > > > > > > > > > > > > > > Any way pulseaudio is default sound server on debian and suggest > > > to do not put > > > users on audio group because cross interference with alsa > > > programs, now alsa is > > > for power users and pulseaudio is on default. > > Pulseaudio does not add the user to the audio group. I'm guessing > > the > > installer does, so I reassign there. > Adding the *first created* user to so-called "useful" groups is done > by user-setup. > > We'll need a detaailed explanantion abou twhy this shouldn't be done > anymore, including all possible use cases of the installer.
I don't know where you get this 'all possible use cases of the installer' from. Adding the first user to device access groups only ever made sense for single-user desktop/mobile systems. The installer doesn't make device access work automagically for other local users of multi-user desktop/mobile systems, nor does it do the right thing for servers - where the first user is likely to be a remote admin (and often one of a team of admins who shuld have the same privileges). systemd installs udev rules (/lib/udev/rules.d/70-uaccess.rules) that add the 'uaccess' tag to many kinds of devices. systemd-logind then adds locally logged-in users to the ACLs for the corresponding device nodes. This makes all or most of the groups for local device access redundant. I've done a quick test of removing myself from the device access groups on a current GNOME desktop, with these results: - audio: redundant, I'm on the ACL for /dev/snd/* - cdrom: redundant, I'm on the ACL for /dev/sr0 - floppy: unknown, but expect this to work like cdrom - video: redundant, I'm on the ACL for /dev/video0 - plugdev: redundant, I'm on the ACL for /dev/bus/usb/002/006 - netdev: redundant, I'm on the ACL for /dev/rfkill - scanner: redundant, I'm on the ACL for /dev/sg2 - bluetooth: unknown, seems broken whether or not I'm a member of the group The other groups (dip, debian-tor, lpadmin, sudo) make more sense, though CUPS should probably be changed to treat sudo like lpadmin. Ben. -- Ben Hutchings Usenet is essentially a HUGE group of people passing notes in class. - Rachel Kadel, `A Quick Guide to Newsgroup Etiquette'
signature.asc
Description: This is a digitally signed message part