[pulseaudio-discuss] Failed to create secure directory with ACL

Prunk Dump prunkdump at gmail.com
Mon Apr 7 22:17:27 PDT 2014


2014-04-07 14:11 GMT+02:00 Prunk Dump <prunkdump at gmail.com>:
> Hello !
>
> The home folders of my users are shared through a CIFS server that
> support Access Control Lists. Pulse audio won't start in those folders
> complaining "Failed to create secure directory: Permission denied".
>
> $strace -v pulseaudio
> ...
> mkdir("/home/teachers/pellegrb/.pulse", 0700) = 0
> umask(022)                              = 077
> open("/home/teachers/pellegrb/.pulse",
> O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = 4
> fstat(4, {st_mode=S_IFDIR|0775, st_size=0, ...}) = 0
> getuid()                                = 3000137
> getgid()                                = 3000038
> fchown(4, 3000137, 3000038)             = 0
> fchmod(4, 0700)                         = 0
> close(4)                                = 0
> lstat("/home/teachers/pellegrb/.pulse", {st_dev=makedev(0, 19),
> st_ino=6293841, st_mode=S_IFDIR|0770, st_nlink=2, st_uid=3000137,
> st_gid=3000038, st_blksize=16384, st_blocks=0, st_size=0,
> st_atime=2014/04/07-13:40:13, st_mtime=2014/04/07-13:40:13,
> st_ctime=2014/04/07-13:55:15}) = 0
> rmdir("/home/teachers/pellegrb/.pulse") = 0
> ...
>
> As I understand, the UID and GID are correct but Pulseaudio think the
> mode 0770 is problematic. In core-util.c, this test fail :
>
> if (!S_ISDIR(st.st_mode) ||
>         (st.st_uid != uid) ||
>         (st.st_gid != gid) ||
>         ((st.st_mode & 0777) != m)) {
>         errno = EACCES;
>         goto fail;
>     }
>
>
> But the following commands in terminal :
>
> $mkdir /home/teachers/pellegrb/.pulse
> $chown 3000137:3000038 /home/teachers/pellegrb/.pulse
> $chmod 0700 /home/teachers/pellegrb/.pulse
> $ls -al /home/teachers/pellegrb
>
> drwxrwx---+  2 pellegrb teachers     0 avril  7 14:02 .pulse
>
> $getfacl /home/teachers/pellegrb/.pulse
>
> # file: home/teachers/pellegrb/.pulse
> # owner: pellegrb
> # group: teachers
> user::rwx
> user:3000038:r-x
> group::---
> group:teachers:r-x
> group:3000137:rwx
> mask::rwx
> other::---
> default:user::rwx
> default:user:pellegrb:rwx
> default:group::r-x
> default:group:teachers:r-x
> default:mask::rwx
> default:other::r-x
>
> Every seems correct in the ACL sense. How can I fix this warning ? (In
> reality all the home folders are secured and the chmod is useless)
>
> Thanks !



2014-04-07 14:57 GMT+02:00 Michael DePaulo <mikedep333 at gmail.com>:
> On Mon, Apr 7, 2014 at 8:11 AM, Prunk Dump <prunkdump at gmail.com> wrote:
>> Hello !
>>
>> The home folders of my users are shared through a CIFS server that
>> support Access Control Lists. Pulse audio won't start in those folders
>> complaining "Failed to create secure directory: Permission denied".
>
> I have info that may be relevant. I figured I'd at least mention it.
>
> I am maintaining win32 builds, largely because the X2Go project needs them:
> http://comments.gmane.org/gmane.comp.audio.pulseaudio.general/19865
>
> I see similar warnings with win32 builds on NTFS filesystems. In this
> example, this is what happens when I start pulseaudio from the command
> line. The ".config" and "pulse" directories above the cookie are
> created though:
> C:\Users\mike.DEPAULO\.config\pulse\pulse
>
> The config.pa file contains these lines:
> load-module module-native-protocol-tcp port=4713
> load-module module-esound-protocol-tcp port=4714
> load-module module-waveout
>
> C:\Program Files (x86)\x2goclient\pulse-5.0>pulseaudio.exe -n -F
> C:\Users\mike.DEPAULO\.x2go\pulse\tmp.Hp8344\config.pa
> W: [(null)] pulsecore/core-util.c: Secure directory creation not
> supported on Win32.
> W: [(null)] pulsecore/core-util.c: Secure directory creation not
> supported on Win32.
> W: [(null)] pulsecore/core-util.c: Secure directory creation not
> supported on Win32.
> W: [(null)] pulsecore/core-util.c: Secure directory creation not
> supported on Win32.
> W: [(null)] pulsecore/core.c: failed to allocate shared memory pool.
> Falling back to a normal memory pool.
> W: [(null)] pulsecore/authkey.c: Failed to open cookie file
> 'C:\Users\mike.DEPAULO\.config/pulse/cookie': No such file or
> directory
> W: [(null)] pulsecore/authkey.c: Failed to load authorization key
> 'C:\Users\mike.DEPAULO\.config/pulse/cookie': No error
> W: [(null)] pulsecore/authkey.c: Failed to open cookie file
> 'C:\Users\mike.DEPAULO\.pulse-cookie': No such file or directory
> W: [(null)] pulsecore/authkey.c: Failed to load authorization key
> 'C:\Users\mike.DEPAULO\.pulse-cookie': No error
> W: [(null)] pulsecore/core-util.c: Secure directory creation not
> supported on Win32.
> W: [(null)] pulsecore/core-util.c: Secure directory creation not
> supported on Win32.
> W: [(null)] pulsecore/core-util.c: Secure directory creation not
> supported on Win32.
>
> Also, for some reason that I could not determine, when x2goclient.exe
> (our app written in QT4) launches pulseaudio.exe, pulseaudio.exe fails
> to create those directories. Therefore, pulseaudio.exe fails to create
> the cookie, and pulseaudio.exe fails to start. At 1st we worked around
> it by creating those 2 directories in x2goclient.exe. Now we are
> working around it by passing the "auth-cookie" argument to
> module-native-protocol-tcp, so that the cookie is created in a
> directory that already exists. (The config.pa file above is an old
> one). This issue is detailed here:
> http://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=422
>
> -Mike DePaulo
> _______________________________________________
> pulseaudio-discuss mailing list
> pulseaudio-discuss at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/pulseaudio-discuss

Thanks for your help !

In my case, even if I create the directories manually PulseAudio
complain that the rights are not correctly set and delete all the
directories ! There are no ACL check and if I look at the source code
and I don't see any part related to ACL support on home folder (just
for udev).

Please help me, no one of mine 230 linux clients have sound since
Gnome switched to PulseAudio. This is problematic on a high-school
network.

Thanks again and excuse my English !

Baptiste.


More information about the pulseaudio-discuss mailing list