system wide pulseaudio: allow non-root access #32044
Conversation
| users.extraGroups.pulse.gid = gid; | ||
|
|
||
| systemd.services.pulseaudio = { | ||
| description = "PulseAudio System-Wide Server"; | ||
| wantedBy = [ "sound.target" ]; | ||
| before = [ "sound.target" ]; | ||
| environment.PULSE_RUNTIME_PATH = stateDir; |
There was a problem hiding this comment.
Default location is the users home directory, which points to stateDir. This line is therefor unnecessary and causes more confusion instead of clarifications.
nixos/modules/config/pulseaudio.nix
Outdated
| @@ -254,24 +254,35 @@ in { | |||
| }; | |||
| }) | |||
|
|
|||
| (mkIf systemWide { | |||
| (mkIf systemWide (let | |||
| cookiePath = "${stateDir}/.config/pulse/cookie"; | |||
There was a problem hiding this comment.
Put this line below stateDir =, there is no need for the extra let.
There was a problem hiding this comment.
cookiePath is only needed in case of systemWide.
|
@orivej Thanks a lot for review! |
orivej
force-pushed
the
fix-non-root-system-wide-pulseaudio
branch
from
28e0abf
to
045d4a2
Compare
|
The important files are .esd_auth and .config/pulse/cookie. Both are created by pulseaudio during start in mode 600 as use pulse and group pulse. Only root and the user pulse can access pulseaudio. Shall I change my patch to use group audio instead of pulse-access (which is the way Debian does, see [1])? [1] https://www.freedesktop.org/wiki/Software/PulseAudio/Documentation/User/SystemWide/ |
|
I have checked that the regular user in the Have you checked ESD? If so, how? |
|
Wired, what for a magic happens with in pulseaudio. The cookie is not needed. |
Motivation for this change
Accessing system wide pulseaudio is only possible as root.
Things done
build-use-sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)