[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: jackd/ dpkg-statoverride/ "audio" group question(s)

> > If it requires SUID root, then the package is almost certainly buggy.
> > Please use a privileged audio device user instead; I'm aware of no
> > reason that audio software should need general root privileges.
> Sorry to not clarify earlier - it doesn't, in fact. But for it to perform
> well (eg. realtime multitrack recording, FX-ing and mixing, it needs to
> have realtime scheduling. And this requires root privilege.
> jackstart is a program that uses "capabilities" (still trying to figure
> out how that is different to suid, and whether my kernel has it) to start
> jackd with appropriate scheduling priority.
> JACK = Jack Audio Connection Kit, for any interested

I think I might be messing up here. It seems there are three options,
or at least three things and I don't know enough to know all what they
all mean.

We are attempting to install:
 audio executables requiring "realtime scheduling" privileges

One method is jackd/ jackstart. jackd runs as root, jackstart starts it,
and can be run as any user, and uses kernel "capabilities" to give jackd
the required scheduling priority ("realitime").

The way I have been thinking wouldn't need jackstart: jackd installed as
per my mini-policy for audio apps draft: install jackd root.audio,
rwsr-xr--. This apparently has the disadvantage that (audio) applications
talking to jackd must also be run as root/ SUID (?) and therefore the
files those apps create are owned by root, and this is messy and
undesirable for the user. I can't find doco on kernel capabilities to
understand this further. It doesn't work on my sid (daily) install,
kernel-image-2.4.22-1-686, uname -a:
Linux zen8100a 2.4.22-1-686 #6 Sat Oct 4 14:09:08 EST 2003 i686 GNU/Linux
This second one is prompted by this:
On Mon, 2003-10-27 at 02:04, Stefan Schwandter wrote: 
> > (BTW, Stefan, why does jackstart use "capabilities" (and therefore not
> > work with my kernel), and jackd I can use --realtime option and it
> > (seems to) works?)
> With jackstart. you can run jackd and it's clients as non-root user -
> only jackstart has to be setuid root, jackd need not. This has the
> advantage that files recorded with a jack client like ardour aren't
> owned by root, for example.

Perhaps there is also some third option as underlined above - "use a
privileged audio device user". Can this be explained to me, is it a
new option or just one of the above two?

Once this is hashed out, I'm sure the folks on debian-multimedia@ldo
will be appreciative (and our future audio users, such as myself).

Thanks again

Reply to: