Pulseaudio security run amuk

David A. De Graaf dad at datix.us
Fri Nov 20 00:19:33 UTC 2009


The pulseaudio folks have really screwed the pooch with Fedora 12.
It is now impossible to use the sound system of your computer except
while running X.  And in X, only the login user can do anything.

I have simple expectations about my sound system:

1 - Anyone should be able to make sounds unless I exclude them.
2 - Sound must be available before anyone has logged in.
3 - Sound must certainly not depend on any graphic display system.
4 - Sound must be producible in scripts, run by various users.

In F11 and before it was possible to defeat some of the silly
obstacles by starting a "system-wide" pulseaudio daemon in
/etc/rc.d/rc.local and play a sound, eg:
  /usr/bin/pulseaudio -D --system --log-target=syslog
  /usr/bin/aplay /usr/share/sounds/login.wav

This instance of pulseaudio runs forever and allows any user, before
or after starting XFCE4, to play sounds.
To relax permissions on the sound devices, it was also necessary to
create a new file, /etc/security/console.perms.d/80-dad.perms with
this content:
  # define the accessible device classes
  <sound>=/dev/snd/* /dev/dsp
  <video>=/dev/vid*
  <usbdev>=/dev/bus/usb/* /dev/bus/usb/*/*
  <bluetooth>=/dev/rfcomm*

  # permissions
  <console>  0666 <sound>    0666
  <console>  0666 <video>    0666
  <console>  0666 <usbdev>   0666
  <console>  0600 <bluetooth>  0666

which opened up the permissions on several files so that sound, video,
usb, and bluetooth services could actually be used.
In addition, every single user had to be made a member of groups
pulse, pulse-access, video and audio.


Now with Fedora 12 the /etc/security/console.perms.d/80-dad.perms file
is totally ignored;  the permissions on the stated files remain
unchanged.  How and why has this happened? 
A system-wide pulseaudio daemon can be run, but then *no one* can make
a sound.
The pulseaudio daemon seemingly violates all the rules of access that
have worked so well in various incarnations of *NIX since 1970.
It enforces its idiotic one-user policy in ways that defy understanding.
Why?

The extensive messages spewed into /var/log/messages during the
startup of the pulseaudio daemon direct me to read
  http://pulseaudio.org/wiki/WhatIsWrongWithSystemMode
which warns me that I will surely go to Hell if I persist.
Instead, I am persuaded that the author has designed this system
poorly, with little or no appreciation of Linux traditions,
requirements, or capabilities.

We seem to be sliding faster and faster into the abyss of being like
Windows.  One of the triumphal attributes of Linux is that is, and
always has been, a multiuser system.  We MUST NOT lose that.

Please, can anyone tell me how to fix pulseaudio so that root can play
a sound from within rc.local, to announce the end of the boot
sequence and that it's ready for a login?

Anyone?

Or must I, as so many others have concluded, remove it entirely?


-- 
	David A. De Graaf    DATIX, Inc.    Hendersonville, NC
	dad at datix.us         www.datix.us




More information about the fedora-list mailing list