Quoting Ryan Lortie from [1]:
I assumed from my reading of the Linux code ("cap_clear()...") that it
was clearing all capabilities of the process when in fact it is only
clearing the "special to root" capabilities.
The FreeBSD version of the code indeed clears _all_ capabilities beyond
ones that the process already has (ie: cannot open any new files, create
sockets, etc.)
This has a pretty obvious adverse effect on pulseaudio's ability to do
what it needs to do -- indeed, it bombs out pretty quickly due to an
inability to read its own config file.
[1] https://bugs.freedesktop.org/show_bug.cgi?id=72580#c11
I don't like the expression "this Pulseaudio" (even though that's
originally written by me), just "PulseAudio" is enough. Also, on
FreeBSD there's no libcap, so let's refer only to "capabilities".
cap_init() and friends are Linux-specific, so only use them if we're on
Linux.
Add support for FreeBSD capabilities if we find <sys/capability.h> to be
available there.
Add an #else (not Linux or FreeBSD) case with an #error requesting
contributions for other platforms.
This patch keeps the cap_init check in configure.ac but removes the
error if it fails. This will ensure we link to -lcap if needed, but
won't fail for the case that capabilities are part of the core system
(as on FreeBSD).
We do however, modify the header check to ensure we fail if there is no
<sys/capability.h> at all and we are on a system where it could be
installed. The logic here is that it is better to give the user the
chance to install it than it is to proceed silently with a disabled
security feature on a system where it could easily be supported.
--without-caps remains an option if the user wants to force it.
https://bugs.freedesktop.org/show_bug.cgi?id=72580
The journal is a component of systemd, that captures Syslog messages,
Kernel log messages, initial RAM disk and early boot messages as well
as messages written to STDOUT/STDERR of all services, indexes them and
makes this available to the user.
It can be used in parallel, or in place of a traditional syslog daemon,
such as rsyslog or syslog-ng.
The journal offers a couple of improvements over traditional logging
facilities (e.g. advanced filtering capabilities).
This patch adds support for logging directly to the journal using its
native API.
I think this makes the code a bit nicer to read and write. This also
reduces the chances of off-by-one errors when checking the bounds of
channel count values.
I think this makes the code a bit nicer to read and write. This also
reduces the chances of off-by-one errors when checking the bounds of
sample rate values.
The code got removed by accident during the cleanup in commit 9c438bcac6. So
this patch is needed to bring it back and make things work like documented.
The author of this module, Tanu Kaskinen, has said that this module
"is not suitable for general use". Also, it is still causing crashes
on card removal (see bug 69871).
Qpaeq, and possibly other tools, use this module - but they can load
the module manually if they still wish to use it.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
We document the default values in daemon.conf, but this was not
updated when we changed the default from speex-float-3 to speex-float-1.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
This patch removes all occurrences of double and triple
newlines.
Command used for this:
find . -type d \( -name ffmpeg \) -prune -o \
-regex '\(.*\.[hc]\|.*\.cc\)' \
-a -not -name 'adrian-aec.*' -a -not \
-name reserve.c -a -not -name 'rtkit.*' \
-exec sed -i -e '/^$/{N;s/^\n$//}' {} \;
Two passes were needed to remove triple newlines.
The excluded files are mirrored files from external sources.
This patch replaces every occurrence of '){' with ') {'.
The ffmpeg source tree was excluded since it will disappear anyways.
Command used for this:
find . -type d \( -name ffmpeg \) -prune -o \
-regex '\(.*\.[hc]\|.*\.cc\)' \
-exec sed -i -e 's/){/) {/' {} \;
We need to pick the right port as early as possible, before the
first volume is picked up. Hence this module needs to be loaded
before the sound card modules are loaded.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
It appears that, libltdl will find the .la file in the builddir and
figure out where the real .so is.
This also requires .ifexists to be fixed up to correspondingly search in
<dlsearchpath>/.libs.
There was a recent thread on Linux Audio Users mailinglist about
whether to do so or not, and it looks like most people would prefer
having a stereo default (but even better would have been a
module-jack-card where you can easily set channels/profiles on the fly).
Reference:
http://lists.linuxaudio.org/pipermail/linux-audio-user/2013-February/091068.html
Reported-by: Kaj Ailomaa <zequence@mousike.me>
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
Capability dropping when changing the user in the system
mode was previously implemented by calling
prctl(PR_SET_KEEPCAPS, 0), but that doesn't necessarily
work. It's possible that the KEEPCAPS flag is locked to 1,
in which case the prctl() call fails with EPERM (this
happens at least on Harmattan). This patch implements
explicit capability dropping after changing the user.
It doesn't matter if the function fails (I'm not sure if
it's even possible), because the read data isn't used for
anything and the daemon will terminate in any case. The
void cast should get rid of a Coverity warning.
Removing the whole pa_read() call should be ok too, but I
guess it's nice to clean up the pipe before terminating...
CC pulseaudio-dumpmodules.o
daemon/dumpmodules.c:93:27: warning: redundant redeclaration of ‘lt__PROGRAM__LTX_preloaded_symbols’ [-Wredundant-decls]
/usr/include/ltdl.h:106:36: note: previous declaration of ‘lt__PROGRAM__LTX_preloaded_symbols’ was here
the declaration is provided by ltld.h of libtool since version 2.4, require the 2.4 instead of 2.2
Signed-off-by: Peter Meerwald <p.meerwald@bct-electronic.com>
This makes updating of permissions on existing directories optional with
pa_make_secure_dir() and pa_make_secure_parent_dir(). This makes sure
that the recursive directory creation doesn't end up modifying existing
directories, and also fixes a problem where creating an auth cookie
(specifically ~/.esd_auth) would end up modifying permissions on ~.
Thanks to Frédéric Danis for reporting this.
ConsoleKit has been deprecated and replaced by systemd's logind daemon,
hence provide the same functionality of module-console-kit in
module-systemd-login. This also makes sure that the CK module becomes a
NOP if the system is booted with systemd, resp. that the systemd module
becomes a NOP if the system is booted without systemd, thus being nice
to OSes such as Debian which want to support multiple init systems.
In most cases, we use dbus from more than one thread, as we
e.g. enable real-time scheduling from the ALSA threads.
Therefore set dbus to thread-safe mode by default, as recommended
in https://bugs.freedesktop.org/show_bug.cgi?id=47060#c5
This fixes a bug where PulseAudio could crash in two parallel
calls to pa_make_realtime.
BugLink: https://bugs.launchpad.net/bugs/937933
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
--exit-idle-time and --scache-idle-time were marked as having an
optional argument when the argument is actually mandatory. This causes a
crash when using this argument.
Thanks to Matthijs Kooijman (blathijs on IRC) for pointing this out.
When starting via a console login, PA will likely not have a session DBus
to play with. As there is no X11 environment, libdbus will be unable
to launch a session DBus for us and thus the module will fail to load
which in turn prevents PA from loading.
If the user subsequently logs into X11 this it will still not be possible
to load the module as the server will be ignorant of the X11 and DBus
environment variables so a longer term solution for handling this should
be found.
module-dbus-protocol gets the default sink, which sets the default sink
if not already set. This is turn makes module-default-device-restore do
nothing.
To solve the problem, make sure module-default-device-restore is loaded
before module-dbus-protocol and not the other way around.
BugLink: http://bugs.launchpad.net/bugs/843780
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
This just covers Lennart's concern over the terminology used.
The majority of this change is simply the following command:
grep -rli sync[-_]volume . | xargs sed -i 's/sync_volume/deferred_volume/g;s/PA_SINK_SYNC_VOLUME/PA_SINK_DEFERRED_VOLUME/g;s/PA_SOURCE_SYNC_VOLUME/PA_SOURCE_DEFERRED_VOLUME/g;s/sync-volume/deferred-volume/g'
Some minor tweaks were added on top to tidy up formatting and
a couple of phrases were clarified too.
I don't know the exact cause for someone to submit a bug report for
this error message: if someone is truly offended by it (if so it is
a reminder that some people are more sensitive than others, and I do
want those people to feel welcome as well), or if it's a system's
check (if this goes through, it shows the system works, and the person
might put more work into his/her next patch), or if it's just a bug
(after all, it's not that weird to run two instances of PulseAudio?).
Either one could be reason enough to apply IMO.
Signed-off-by: David Henningsson <david.henningsson@canonical.com>
