[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: how is pulseaudio supposed to work?

On Wed, Dec 19, 2007 at 04:37:27PM +0100, Lennart Poettering wrote:
> PAM is about authentication. It's just not the place to start
> daemons. I mean, why should we start it there? We don't start dbus from
> there either, or X11, or nm-applet, or gnome-volume-manager or
> seahorse-agent or gnome-screensaver or vino-server or anything else
> that runs in the usual login session.

Except for dbus, all the examples you cite are display specific stuff
that should not be started from pam anyway (they could but there is no
much point). A relevant case you could have done is starting ssh-agent.
It is indeed not display specific and it is done in the session script.
But there is also a pam module pam_ssh that can launch ssh-agent in the
pam session phase.

> And why don't we start those things from PAM? Because we already start
> them from the session manager, in the appropriate order. Because

All the login paths don't have a session manager.

PAM start things in the appropriate order, that is in the order they
appear on the session stack.

> starting and monitoring processes is just what a session manager is
> good in. A session manager is not good for authenticating users, and
> PAM is not great for starting/monitoring/stopping processes. So we

PAM is great for starting (and maybe stopping) session-wide processes.

> leave PAM the authentication and session preparation stuff, and leave
> session management to the session manager. 

PAM can also be used for session stuff.

> Also, PAM is system configuration. If we'd start PA from there, then
> the user would have no way to disable PA unless he's root. And, as it
> seems, some people are very eager to do just that. ;-)

Being able to have a policy to start PA set up by the administrator is
something that is interesting. Now it is optional, of course, not all
administrator would want to impose that, still something nice to have.
It would really simplify the PA support in anything else than gdm, and
allow for local administrator customization.

Of course, the priority of such stuff could be low, but, in my opinion,
not considering it is not nice to those who like to administer login and
session stuff through pam.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]