Re: RFC: Realtime system (audio) group

2012-01-26 Thread Josselin Mouette
Le mercredi 25 janvier 2012 à 13:31 +0100, Adrian Knoth a écrit : > > If you have PolicyKit, rtkit defaults to letting you have rt priorities > > if and only if you are logged in locally (gdm, kdm, getty etc., but not > > Is there something like > > "If you're logged in locally, I'll grant y

Re: RFC: Realtime system (audio) group

2012-01-25 Thread Adrian Knoth
On 01/25/2012 12:38 PM, Simon McVittie wrote: As outlined in #656910, "being in the audio group" and "having realtime priorities" aren't separated at the moment. To make these two independent, we'd need to use a different (new?) group for realtime priorities. rtkit (packaged in Debian) seems a

Re: RFC: Realtime system (audio) group

2012-01-25 Thread Adrian Knoth
On 01/25/2012 12:43 PM, Bastian Blank wrote: [background story: pro-audio applications run with POSIX realtime priorities to meet low-latency deadlines. We ship /etc/security/limits.d/audio.conf in the jackd packages to grant rt privileges to the audio group] Why does jackd not grant _itself_

Re: RFC: Realtime system (audio) group

2012-01-25 Thread Adrian Knoth
On 01/25/2012 12:44 PM, Bastian Blank wrote: On Wed, Jan 25, 2012 at 11:38:18AM +, Simon McVittie wrote: rtkit (packaged in Debian) seems a safer way to do this than group-based privileges + setuid root. Why does it use setuid It doesn't use setuid root. Simon has wrongly assumed this.

Re: RFC: Realtime system (audio) group

2012-01-25 Thread Bastian Blank
On Wed, Jan 25, 2012 at 11:38:18AM +, Simon McVittie wrote: > rtkit (packaged in Debian) seems a safer way to do this than > group-based privileges + setuid root. Why does it use setuid and not CAP_SYS_NICE? Bastian -- We Klingons believe as you do -- the sick should die. Only the strong s

Re: RFC: Realtime system (audio) group

2012-01-25 Thread Bastian Blank
On Wed, Jan 25, 2012 at 11:32:08AM +0100, Adrian Knoth wrote: > [background story: pro-audio applications run with POSIX realtime > priorities to meet low-latency deadlines. We ship > /etc/security/limits.d/audio.conf in the jackd packages to grant rt > privileges to the audio group] Why does jack

Re: RFC: Realtime system (audio) group

2012-01-25 Thread Simon McVittie
On 25/01/12 10:32, Adrian Knoth wrote: As outlined in #656910, "being in the audio group" and "having realtime priorities" aren't separated at the moment. To make these two independent, we'd need to use a different (new?) group for realtime priorities. rtkit (packaged in Debian) seems a safer

RFC: Realtime system (audio) group

2012-01-25 Thread Adrian Knoth
Hi! [background story: pro-audio applications run with POSIX realtime priorities to meet low-latency deadlines. We ship /etc/security/limits.d/audio.conf in the jackd packages to grant rt privileges to the audio group] As outlined in #656910, "being in the audio group" and "having realtime prior