https://bugs.freedesktop.org/show_bug.cgi?id=45656
Colin Guthrie <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks|45812 | --- Comment #4 from Colin Guthrie <[email protected]> 2012-04-10 03:40:09 PDT --- OK, so I've just tested this. I started "pulseaudio --system" as root and it correctly dropped privs to the pulse user. The runtime dir was set to /var/run/pulse which I had pre-created to be owned by pulse.pulse. Likewise the pulse users homedir was set to be /var/lib/pulse which was also the state dir as per compilation. When the user was added, the dir had these permissions: drwxr-xr-x 5 pulse pulse 4096 Apr 10 10:47 /var/lib/pulse/ After launching PA, it changed to these permissions: drwx------ 5 pulse pulse 4096 Apr 10 10:48 /var/lib/pulse/ The runtime dir was also handled fine. PA ensured the permissions were: drwxr-xr-x 2 pulse pulse 4096 Apr 10 10:47 /var/run/pulse/ Where I could replicate failure is when /var was a read-only filesystem. Now this is, in itself, not really something that should be supported. The whole point of /var is that it is variable. It does not make sense to mount /var read-only. /usr yes, but not /var: /var/lib Files that change while the system is running normally. So I'm not sure we should go out of our way to support this. The runtime dir is even more variable, as /var/run is used for multiple applications to record transient state. These days it is a symlink to /run which is mounted in tmpfs. That said, I agree that we could try harder to not fail when the perms are correct to begin with. i.e. do a check first and miss out the chown/chmods/mkdir if all is correct already. I'd happily take a patch for that, but the one on arch is incorrect in this regard. We should still insist on the known-good perms, we just shouldn't fail if they are already like that and we cannot call mkdir. Anyway, this is a very specific use case (the readonly /var - NFS root systems should use e.g. tmpfs, aufs or unionfs to make these directories r/w even if the changes are ultimately lost - there are various scripts to do this on Fedora and Mageia etc - Personally I run just such a setup for my own media centre), and as such it's something I'm not going to be able to personally look at for v2.0. If someone wants to provide a good patch, I'll happily merge it. Removing from 2.0 blockers. -- Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA Contact for the bug. You are the assignee for the bug. _______________________________________________ pulseaudio-bugs mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/pulseaudio-bugs
