|
On Sunday, June 09, 2013 05:04:50 PM Lennart Poettering wrote:
> You should not second guess the kernel, ...
True ...
> Then, doing these things in userspace makes these checks non-atomic. ...
True ...
> So, yeah, just trying to open the shm files *is the right thing to > do*. And if audit doesn't like that, then audit needs to be fixed, not > PA.
It seems to me the problem stems from attempting garbage collection *when starting up PulseAudio* as a user daemon.
Garbage collection might be better handled by a separate helper operating with root privilege installed in /etc/cron*. I do not remember if the various display managers offer the ability to run arbitrary scripts before and after the user session, and under which privilege, but this could also be an option, nor if a PAM session helper could run it (without waiting).
Since the problem is with files created by PulseAudio, maybe adding ACLs allowing access to pulse or pulse-access group would allow the operation to succeed without triggering an audit.
Davide Bolcioni -- There is no place like /home. |
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
