I've been experimenting with Torben's LSM for the 2.6 kernel, and the realtime group permissions mechanism we discussed.
Naturally, there are some problems. The worst is that GTK-2 will not
tolerate the use of setgid...
(process:11284): Gtk-WARNING **: This process is currently running setuid or setgid.
This is not a supported use of GTK+. You must create a helper
program instead. For further details, see:
http://www.gtk.org/setuid.html
Refusing to initialize GTK+.
This seems to totally invalidate the setgid approach we had discussed,
at least for audio applications using GTK. QT does not seem to
complain about setgid, though most of the reasons for avoiding it with
GTK surely apply there as well.
So, I modified Torben's LSM to check supplementary groups, and this
seems to work fine. From a system admin perspective it's pretty good.
I'm a member of group `audio', which was accomplished by adding my
user ID (joq) to the appropriate entry in /etc/group...
audio:x:29:joq
Then, I loaded the LSM like this...
$ sudo modprobe jackcapabilities rtgid=29
After that, all my processes have realtime privileges. I can run JACK
under my normal user ID...
$ jackd --realtime -d alsa
I had to make a small change to JACK for this to work, so you'll need
CVS sources to try it. Note that `jackstart' was not needed. Then,
when I start various JACK applications they automatically acquire
realtime privileges, too...
$ alsaplayer -o jack &
$ ardour &
$ jamin &
For reasons I cannot explain, this works without requiring the
CAP_SYS_RESOURCE capability, a welcome but unexpected bonus.
I would appreciate comments, feedback, and bug reports. If you want
to try it, don't forget that it has received minimal testing. Neither
I nor anyone else can promise that it will not adversely affect your
system security or stability. Caveat emptor!
--
joq
jackcaps-0.3.tar.gz
Description: modified JACK capabilities LSM
