Adding the first user to group audio shouldn't break any ACL management that is done by systemd-logind. It just means, the first user *always* has access to the audio device, no matter if his session is marked active for he is logged in locally. So he get's access even when e.g. logged in remotely via SSH. I'll leave that up to others to decide if that is a security issue or not. For a single user system, it probably doesn't matter. As was pointed out in another thread , the first user is also added to a couple of other groups. At least for the major desktop environments like GNOME or KDE, that is no longer strictly necessary. Since they use polkit nowadays: udisks(2) (removable media): obsoletes plugdev, cdrom, floppy NetworkManager (network): obsoletes netdev For video and audio, we have systemd-logind device ACLs. I dunno, if the less popular desktops still require/use those groups.  https://lists.debian.org/debian-boot/2014/08/msg00383.html -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
Description: OpenPGP digital signature