Bad file access on the rise
Davide Bolcioni
dblistsub-fedora at yahoo.it
Sun Jul 7 01:31:35 UTC 2013
On Sunday, June 09, 2013 05:04:50 PM Lennart Poettering wrote:
> You should not second guess the kernel, ...
True ...
> Then, doing these things in userspace makes these checks non-atomic. ...
True ...
> So, yeah, just trying to open the shm files *is the right thing to
> do*. And if audit doesn't like that, then audit needs to be fixed, not
> PA.
It seems to me the problem stems from attempting garbage collection *when starting up
PulseAudio* as a user daemon.
Garbage collection might be better handled by a separate helper operating with root privilege
installed in /etc/cron*. I do not remember if the various display managers offer the ability to
run arbitrary scripts before and after the user session, and under which privilege, but this
could also be an option,
nor if a PAM session helper could run it (without waiting).
Since the problem is with files created by PulseAudio, maybe adding ACLs allowing access to
pulse or pulse-access group would allow the operation to succeed without triggering an audit.
Davide Bolcioni
--
There is no place like /home.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130706/2b7c4dcb/attachment.html>
More information about the devel
mailing list