[PlanetCCRMA] Modprobe question -- I think

Fernando Lopez-Lezcano nando@ccrma.Stanford.EDU
Tue Mar 29 12:21:03 2005 

On Tue, 2005-03-29 at 11:33, ken dawson chia wu wrote:
> Hello,
> 
> I'm running the Planet FC2 distro on my laptop (a Dell 7500) with all the audio 
> packages installed.  I use it at work as my audio-content player, logging in 
> using ssh from my development behemoth and running sound apps through the 
> built-in sound card and a pair of headphones.  Works great, with the usual One 
> Single Caveat ...: I have to log into the laptop's console in order for the 
> sound-rendering software to be able to access the sound card.
> 
> Back in ancient times, there was this notion of an "audio" group to which users 
> could be added if they were trusted to do Reasonable Things with the sound 
> system, and the concerned device nodes were created with the group "audio" 
> having -rw- permissions.  This seems to have disappeared, but I would like to 
> resurrect it for my purposes, because, honestly, I see leaving my system with an 
> open login as more of a threat/nuisance than whatever perils I can foresee from 
> allowing normal users to play sounds.
> 
> The problem is that the architecture of the FC2+ startup stuff has kind of 
> outstripped my confident comprehension.  It used to suffice to modify some 
> flavor of /etc/rc.d/... script to accomplish this sort of work-around, but this 
> seems to no longer be the case.  I have the vague feeling that the solution must 
> be in some clever incantation to be inserted into /etc/modprobe.conf, but, 
> outside of the really quite explicit instructions certain ALSA-related HOWTOs 
> have listed, I can find no document which suggests how I might invent this 
> incantation that I seek on my own from (sort of) first principles.

Permissions for devices are handled through pam (Pluggable
Authentication Modules). The file that controls that is:

  /etc/security/console.perms
("man console.perms" for a bit more detail)

You could create a new audio group and change the permissions for the
relevant audio devices in that file (it controls the permissions for
when a user is logged in at the console, but also what they revert to
when the user logs out). 

-- Fernando