On Wed, 14.11.07 13:02, Diego 'Flameeyes' Petten? (flameeyes at gmail.com) wrote: > Lennart Poettering <lennart at poettering.net> writes: > > > if you are a packager or for some other reason compile PA yourself, > > please take notice of this new wiki page I added a while back. > > I somehow feel like I'm interested in this :P > > I'll actually bump the libtool dependency on Gentoo, and see to add a > check for SHM, but I think newer baselayout versions should take care of > that. > > And for capabilities, I was planning on adding at least an init.d > support for the system instance.. still I'd be glad if pulseaudio didn't > fail when capabilities aren't loaded, although I admit I don't know > libcaps enough to say if it's possible. It is stupid to not build and load the capabilities module. There is no rational reason for leaving it out of the kernel. It's as stupid as not building/loading unix.ko. I am not going to merge any patch that makes the startup code in PA even more complicated than it already is with dealing with SUID and capabilities. Adding yet another security sensitive code path just for people with no clue who believe that compiling a kernel without capabilities support is a good thing is not going to happen. If PA fails to start on a kernel without capabilities support, then the right fix is to update the kernel -- not to patch PA. Lennart -- Lennart Poettering Red Hat, Inc. lennart [at] poettering [dot] net ICQ# 11060553 http://0pointer.net/lennart/ GnuPG 0x1A015CC4
