On Mon, 08.02.10 19:11, olin.pulse....@shivers.mail0.org (olin.pulse....@shivers.mail0.org) wrote:
> PA is a system that manages access to a hardware resource, in a network > distributed context. Such a system must have mechanism for managing > authentication and privileges -- one that works in a network distributed > context. > > X11 is in a very similar position -- except that there's less call for shared > access to the resources it manages (in the sense that, with X11, multiple > humans usually don't want access to the same screen, keyboard or mouse at the > same time). X uses ~/.Xauthority, but, these days, it mostly "lifts" this > base mechanism up to a distributed setting by means of ssh. > > OK, so that's X11. I cannot figure out what PA's mechanism for this > is. By default we store the access creds of the PA server in the root window of the X server. Which means that everyone who has access to the X server has access to the matching PA server, too. So we mostly follow the X logic, with one exception: we only have one PA instance running per user and machine, and share it between all sessions of the same user, so that every session of the same user has access to all local cards that belong to any of the X screens. > I sort of get the sense, from this per-user-login server model that > PA has the horrible one-persone/one-computer model of "the person at > the console is the person using the computer," which was inflicted > on the world by Microsoft Windows. If so, this is a real design > error, one that doesn't sync up with Unix, which has always had a > multi-user model of the world. Right. "horrible". I mean, what you say is utterly bogus, but I don't even want to dicuss that here. I'd just like to refer you to the CK work that has been done, because that is where this logic stems from. The logic is certainly nothing we PA folks came up with. It's something CK was designed for. So please complain not to me. I certainly believe CK is what we want, but I am not its maintainer. Also, last time I checked Unix was a pretty broken system. Might be better than many, but Unix is certainly not user friendly, and a system from the 70s. We try to build a modern OS here, and that means we use what is good and innovate where it isn't. That's why people have come up with CK and it got adopted by the various distributions. If you believe that traditional Unix is the holy grail, then maybe modern Linux systems are not the right choice for you. If you however are interested in a modern multi-user/multi-seat system which inherits the good stuff from Unix, then you're welcome. > Maybe I'm wrong. I can't figure out *what* the model is, really. When I click > on padevchooser's "Configure Local Sound Server" entry, I get a window whose > "Network Server" tab lets me "enable network access to local sound devices." > Furthermore, I can set or clear a checkbox for "Don't require authentication." > But I can find nowhere any description of what this authentication would be. > The documentation for PulseAudio is pretty weak; it mostly says that "things > work; just try them out." That's not documentation. Checked the FAQ? Sure, the PA docs are not perfect and not complete, but they are certainly better than for many projects and you are always welcome to contribute here. Lennart -- Lennart Poettering Red Hat, Inc. lennart [at] poettering [dot] net http://0pointer.net/lennart/ GnuPG 0x1A015CC4 _______________________________________________ pulseaudio-discuss mailing list pulseaudio-discuss@mail.0pointer.de https://tango.0pointer.de/mailman/listinfo/pulseaudio-discuss
