Re: jackd/ dpkg-statoverride/ "audio" group question(s)

To: debian-mentors@lists.debian.org
Subject: Re: jackd/ dpkg-statoverride/ "audio" group question(s)
From: Zenaan Harkness <zen@aaroncommercial.com>
Date: Tue, 28 Oct 2003 21:52:52 +1100
Message-id: <[🔎] 1067338372.1519.292.camel@zen8100a>
In-reply-to: <[🔎] 1067234255.1516.58.camel@zen8100a>
References: <[🔎] 1067171194.1018.136.camel@zen8100a> <[🔎] 20031026144349.GA27809@downhill.at.eu.org> <[🔎] 20031027013124.GD19317@quetzlcoatl.dodds.net> <[🔎] 1067234255.1516.58.camel@zen8100a>

> > If it requires SUID root, then the package is almost certainly buggy.
> > Please use a privileged audio device user instead; I'm aware of no
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > reason that audio software should need general root privileges.
> 
> Sorry to not clarify earlier - it doesn't, in fact. But for it to perform
> well (eg. realtime multitrack recording, FX-ing and mixing, it needs to
> have realtime scheduling. And this requires root privilege.
> 
> jackstart is a program that uses "capabilities" (still trying to figure
> out how that is different to suid, and whether my kernel has it) to start
> jackd with appropriate scheduling priority.
> 
> JACK = Jack Audio Connection Kit, for any interested

I think I might be messing up here. It seems there are three options,
or at least three things and I don't know enough to know all what they
all mean.

We are attempting to install:
 audio executables requiring "realtime scheduling" privileges

One method is jackd/ jackstart. jackd runs as root, jackstart starts it,
and can be run as any user, and uses kernel "capabilities" to give jackd
the required scheduling priority ("realitime").

The way I have been thinking wouldn't need jackstart: jackd installed as
per my mini-policy for audio apps draft: install jackd root.audio,
rwsr-xr--. This apparently has the disadvantage that (audio) applications
talking to jackd must also be run as root/ SUID (?) and therefore the
files those apps create are owned by root, and this is messy and
undesirable for the user. I can't find doco on kernel capabilities to
understand this further. It doesn't work on my sid (daily) install,
kernel-image-2.4.22-1-686, uname -a:
Linux zen8100a 2.4.22-1-686 #6 Sat Oct 4 14:09:08 EST 2003 i686 GNU/Linux
This second one is prompted by this:
On Mon, 2003-10-27 at 02:04, Stefan Schwandter wrote: 
> > (BTW, Stefan, why does jackstart use "capabilities" (and therefore not
> > work with my kernel), and jackd I can use --realtime option and it
> > (seems to) works?)
> 
> With jackstart. you can run jackd and it's clients as non-root user -
> only jackstart has to be setuid root, jackd need not. This has the
> advantage that files recorded with a jack client like ardour aren't
> owned by root, for example.

Perhaps there is also some third option as underlined above - "use a
privileged audio device user". Can this be explained to me, is it a
new option or just one of the above two?

Once this is hashed out, I'm sure the folks on debian-multimedia@ldo
will be appreciative (and our future audio users, such as myself).

Thanks again
Zenaan

Reply to:

Follow-Ups:
- Re: jackd/ dpkg-statoverride/ "audio" group question(s)
  - From: Matt Zimmerman <mdz@debian.org>

References:
- jackd/ dpkg-statoverride/ "audio" group question(s)
  - From: Zenaan Harkness <zen@iptaustralia.net>
- Re: jackd/ dpkg-statoverride/ "audio" group question(s)
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>
- Re: jackd/ dpkg-statoverride/ "audio" group question(s)
  - From: Steve Langasek <vorlon@netexpress.net>
- Re: jackd/ dpkg-statoverride/ "audio" group question(s)
  - From: Zenaan Harkness <zen@aaroncommercial.com>

Prev by Date: Audio Apps Mini-Policy, v0.1
Next by Date: Re: Audio Apps Mini-Policy, v0.1
Previous by thread: Re: jackd/ dpkg-statoverride/ "audio" group question(s)
Next by thread: Re: jackd/ dpkg-statoverride/ "audio" group question(s)
Index(es):
- Date
- Thread