On 5 December 2012 14:45, Christoph Wickert cwickert@fedoraproject.org wrote:
Am Mittwoch, den 05.12.2012, 14:16 +0000 schrieb Ian Malone:
The general question of how a spin might be customised while still staying within Fedora is perhaps something that needs to go to the devel list.
I agree, but this is more of a policy question. We had this topic already with other spins but most of the time we made exceptions (or not) and never really updated the policies. It's too late for this now either.
I was hoping it might produce some creative ideas, but it sounds like that grounds already been covered then.
I do wonder if there's a systemd / seat based solution to this, will raise that on the devel list.
I think it's more of a polkit thing. If we only need to execute application foo with privileges of user/group bar, we could just ship a configuration file that allows users to run this application through pkexec.
Bug again, I need more info in order to help you.
Okay, I think Brendan has answered the 'why'. I suspect what we need to do is check what needs access to those groups. For real-time privileges it may be that the plugins working with jack need them, or it might be that just jack does. I'm not sure either what access the audio group is used for, I think for Jack it may be priorities rather than just the old purpose of access to audio devices (which pulse for example now solves through the seat idea afaik). Will check the limits file Brendan mentions when I get time.
On 5 December 2012 15:26, Ian Malone ibmalone@gmail.com wrote:
Okay, I think Brendan has answered the 'why'. I suspect what we need to do is check what needs access to those groups. For real-time privileges it may be that the plugins working with jack need them, or it might be that just jack does. I'm not sure either what access the audio group is used for, I think for Jack it may be priorities rather than just the old purpose of access to audio devices (which pulse for example now solves through the seat idea afaik). Will check the limits file Brendan mentions when I get time.
Oh, background to all this and the reason it's not set by default is, as I understand it, stability issues and the impact on the rest of the system to have things running at realtime priority.