[Pianod] Problem with RasPi sound card access as user nobody to exclusive)

pi.gonewest at xoxy.net pi.gonewest at xoxy.net
Fri May 31 18:15:20 PDT 2013

Previous message: [Pianod] Problem with RasPi sound card access as user nobody
Next message: [Pianod] Build issues
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You could also write a udev rule that changes the group ownership of the
device file to "nogroup".  Or a udev rule that sets the mode of the audio
device to 0666 rather than 0660, and then the group ownership is moot.




On Fri, May 31, 2013 at 1:53 AM, Jimmy Pop - jimmypopali96 at gmail.com <
pi.gonewest.8996a436fa.jimmypopali96#gmail.com at ob.0sg.net> wrote:

> I would just add root to the audio group, I dont see any malicious
> implications in that.
>
>
>
> On Thu, May 30, 2013 at 11:30 PM, Peter Li <chinasaurli at gmail.com> wrote:
>
>>  Seems like we could have in addition to drop_root_privs a function that
>> adds audio to the setgroups if it's not in getgroups or getgid already?  I
>> believe this patch would make sense across Linux systems, but I think it
>> doesn't make sense for Mac.  Should work to just check whether getgrnam
>> returns anything for "audio" though?
>>
>>
>>
>> On 05/30/2013 11:05 PM, Peter Li wrote:
>>
>> If I hack settings.c, drop_root_privs to set gid to the audio gid instead
>> of the nobody user gid (nogroup) it also works.
>>
>> So even though nobody is now set to be a member of the audio group, and
>> pianod is getting setuid to nobody, it needs to have setgid audio instead
>> of setgid nogroup to work.
>>
>> Now I notice that if I add root to the audio group and hack settings.c
>> back to dropping to gid nogroup it also seems to work.  So apparently after
>> pianod drops to nobody, it has:
>>     1) uid of nobody
>>     2) gid of nogroup
>>     3) additional groups of /root/ not groups of /nobody/
>>
>> So I guess this is the expected behavior and I just didn't understand
>> it.  Should the fix just be to put root in the audio group?  Or should we
>> try to change drop_root_privs so that it will take on the additional groups
>> of nobody?
>>
>>
>>
>> _______________________________________________
>> Pianod mailing list
>> Pianod at lists.deviousfish.com
>> http://lists.deviousfish.com/listinfo.cgi/pianod-deviousfish.com
>>
>>
>
> _______________________________________________
> Pianod mailing list
> Pianod at lists.deviousfish.com
> http://lists.deviousfish.com/listinfo.cgi/pianod-deviousfish.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.deviousfish.com/pipermail/pianod-deviousfish.com/attachments/20130531/c00f0869/attachment-0003.htm>

Previous message: [Pianod] Problem with RasPi sound card access as user nobody
Next message: [Pianod] Build issues
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Pianod mailing list