On 12 November 2014 14:29, Gaetan Bisson <bisson@archlinux.org> wrote:
What would this package provide? If it's only a group, then shouldn't this simply be part of filesystem?
It would provide a group that has security implications, apply pam limits, and some udev perms. I only mentioned a helper package to minimize unwanted intervention, also limiting the security risk to a niche group of users.
In addition, could you give a list of all packages you expect to use this new realtime group (particularly those that do not fit the current audio/video groups)?
The current application for real-time scheduling is only multimedia, so only the following packages are involved: extra/jack community/jack2 The pam security limits are set per package here, and udev rules are added for real-time timer devices. Until systemd/pulseaudio there was no problem with this setup (i.e. the audio group). Other distros usually just let their users go through the necessary hoops. [1] I personally never saw the reason to be that pedantic so I began incorporating those hoops into the jack packages some time ago. TL;DR: I can choose to provide a new group or let users manage this themselves. If I do create a group for them, it must be from within an existing or a new (meta) package. An existing package implies a greater security risk. [1] http://ccrma.stanford.edu/planetccrma/software/installplanettwenty.html (see "Access to realtime scheduling") -- GPG/PGP ID: C0711BF1