Bug 489999
| Summary: | X server to isolate alsa interface | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Sergei LITVINENKO <sergei.litvinenko> |
| Component: | xorg-x11-server | Assignee: | Adam Jackson <ajax> |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | rawhide | CC: | sergei.litvinenko, xgl-maint |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-05-08 17:50:11 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Sergei LITVINENKO
2009-03-12 20:04:56 UTC
Aftef update: 1. root can use alsa even X is started. 2. user can use alsa if it is permitted read/write /dev/snd/* 3. after X is finished, user can use alsa, even if attributes of /dev/snd/* are standard [root@rawhide snd]# ll /dev/snd итого 0 crw-rw----+ 1 root audio 116, 8 Мар 15 13:32 controlC0 crw-rw----+ 1 root audio 116, 4 Мар 15 13:32 midiC0D0 crw-rw----+ 1 root audio 116, 7 Мар 15 13:52 pcmC0D0c crw-rw----+ 1 root audio 116, 6 Мар 15 15:47 pcmC0D0p crw-rw----+ 1 root audio 116, 5 Мар 15 13:32 pcmC0D1p crw-rw----+ 1 root audio 116, 3 Мар 15 13:32 seq crw-rw----+ 1 root audio 116, 2 Мар 15 13:32 timer Some add. After login in text console (not by SSH), user sergeil is permitted to use alsa and getfact show right permissions for alsa devices. [sergeil@rawhide ~]$ getfacl /dev/snd/* -------- getfacl: Removing leading '/' from absolute path names # file: dev/snd/controlC0 # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/midiC0D0 # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/pcmC0D0c # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/pcmC0D0p # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/pcmC0D1p # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/seq # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/timer # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- --------------- But, as soon, as X server is started, user lose permissions to use alsa devices. [sergeil@rawhide ~]$ getfacl /dev/snd/* getfacl: Removing leading '/' from absolute path names # file: dev/snd/controlC0 # owner: root # group: audio user::rw- group::rw- mask::rw- other::--- # file: dev/snd/midiC0D0 # owner: root # group: audio user::rw- group::rw- mask::rw- other::--- # file: dev/snd/pcmC0D0c # owner: root # group: audio user::rw- group::rw- mask::rw- other::--- # file: dev/snd/pcmC0D0p # owner: root # group: audio user::rw- group::rw- mask::rw- other::--- # file: dev/snd/pcmC0D1p # owner: root # group: audio user::rw- group::rw- mask::rw- other::--- # file: dev/snd/seq # owner: root # group: audio user::rw- group::rw- mask::rw- other::--- # file: dev/snd/timer # owner: root # group: audio user::rw- group::rw- mask::rw- other::--- So, X server restore standard ACL for alsa, but do not setup it again for user. After X server is finished (not killed), user have access to alsa again [sergeil@rawhide ~]$ getfacl /dev/snd/* getfacl: Removing leading '/' from absolute path names # file: dev/snd/controlC0 # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/midiC0D0 # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/pcmC0D0c # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/pcmC0D0p # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/pcmC0D1p # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/seq # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- # file: dev/snd/timer # owner: root # group: audio user::rw- user:sergeil:rw- group::rw- mask::rw- other::--- Problem can be solved by restoring fragment (assign CK_XINIT_SESSION) from F10. PS: Variable XDG_SESSION_COOKIE is already defined here. [sergeil@rawhide ~]$ diff -urN /etc/X11/xinit/xinitrc-common.org /etc/X11/xinit/xinitrc-common --- /etc/X11/xinit/xinitrc-common.org 2009-03-21 15:51:42.000000000 +0200 +++ /etc/X11/xinit/xinitrc-common 2009-03-21 15:58:26.000000000 +0200 @@ -64,7 +64,10 @@ fi fi +#CK_XINIT_SESSION= +#if [ -x /usr/bin/ck-xinit-session -a -z "$XDG_SESSION_COOKIE" ]; then +# CK_XINIT_SESSION="/usr/bin/ck-xinit-session" +#fi + CK_XINIT_SESSION= -if [ -x /usr/bin/ck-xinit-session -a -z "$XDG_SESSION_COOKIE" ]; then - CK_XINIT_SESSION="/usr/bin/ck-xinit-session" -fi +[ -x /usr/bin/ck-xinit-session ] && CK_XINIT_SESSION="/usr/bin/ck-xinit-session" Variable XDG_SESSION_COOKIE is known in text console (after user logon). So, if user start X system from console (by running startx), CK_XINIT_SESSION will be unknown and user lose access, as minimum, to sound. PS: IMHO, startx have to undefine variable XDG_SESSION_COOKIE or make some other preparation. Resolving of problem is simple: to add "unset XDG_SESSION_COOKIE" in /usr/bin/startx after "unset SESSION_MANAGER" [root@rawhide ~]# more /usr/bin/startx ... unset DBUS_SESSION_BUS_ADDRESS unset SESSION_MANAGER unset XDG_SESSION_COOKIE ... Fixed in xinit 1.0.9-7.fc11, thanks! |