[arch-dev-public] Realtime group and possible helper package

[Rashif Ray Rahman]

On 12 November 2014 14:29, Gaetan Bisson <bisson at archlinux.org> wrote:
> What would this package provide? If it's only a group, then shouldn't
> this simply be part of filesystem?

It would provide a group that has security implications, apply pam
limits, and some udev perms. I only mentioned a helper package to
minimize unwanted intervention, also limiting the security risk to a
niche group of users.

> In addition, could you give a list of all packages you expect to use
> this new realtime group (particularly those that do not fit the current
> audio/video groups)?

The current application for real-time scheduling is only multimedia,
so only the following packages are involved:

extra/jack
community/jack2

The pam security limits are set per package here, and udev rules are
added for real-time timer devices. Until systemd/pulseaudio there was
no problem with this setup (i.e. the audio group).

Other distros usually just let their users go through the necessary
hoops. [1] I personally never saw the reason to be that pedantic so I
began incorporating those hoops into the jack packages some time ago.

TL;DR: I can choose to provide a new group or let users manage this
themselves. If I do create a group for them, it must be from within an
existing or a new (meta) package. An existing package implies a
greater security risk.

[1] http://ccrma.stanford.edu/planetccrma/software/installplanettwenty.html
(see "Access to realtime scheduling")


--
GPG/PGP ID: C0711BF1