Am 13.03.19 um 14:51 schrieb Martin Pitt: > Hello Michael, > > Michael Biebl [2019-03-11 10:49 +0100]: >> Should we drop this patch in Debian and follow upstream, i.e. make >> render nodes owned by group "render"? > > For actual graphics devices I don't see much point in it, these are the prime > example of a device that should be handled through uaccess. > > But these days there's CUDA. I'm not sure if that also needs access to render > devices, or whether these are *really* just for rendering. > >> How should we setup the permissions, 666 or 660? >> If we go for 660, should we make sure to re-add the uaccess tag for >> those devices to not break existing setups? > > My feeling is: > > - If they are for number crunching as well (CUDA, etc.), 660 + render group > + uaccess
Which means, we should probably ask upstream to apply a uaccess tag for those render devices. Otherwise we would have to carry a downstream patch for this. > - If they are strictly for graphical output, 660 + uaccess By using uaccess + group render with 0660 I think we would cover every possible use case. CUDA software which is not necessarily tied to a login session could use the static group and users with a login session would just use uaccess. I think I'll prep a PR for upstream which adds the uaccess tag for render nodes. Let's see what they say. Regards, Michael
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pkg-systemd-maintainers mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-systemd-maintainers
