[systemd-devel] user service dependency on udev's uaccess rules
Michael Kilburn
crusader.mike at gmail.com
Mon Nov 25 16:26:10 UTC 2024
On Mon, Nov 25, 2024 at 4:50 AM Lennart Poettering <lennart at poettering.net>
wrote:
> On So, 24.11.24 12:35, Michael Kilburn (crusader.mike at gmail.com) wrote:
>
> > Hi,
> >
> > OS: Pop!_OS 22.04 LTS (Debian-based distro). User service (fluidsynth)
> > fails to start on user login:
> >
> > ALSA lib seq_hw.c:466:(snd_seq_hw_open) open /dev/snd/seq failed:
> > Permission denied
> >
> > because at that moment that device's ACL was not updated yet (to grant
> > access to the user being logged in).
> >
> > When an active user logs in udev executes rules stored in
> > /lib/udev/rules.d/70-uaccess.rules (via 73-seat-late.rules) to grant that
> > user access to local devices (like soundcard, etc).
> >
> > Is there a way to express this dependency between user service and
> > completion of execution of udev rules?
> >
> > Or (if this is a wrong approach) -- what is the correct way to deal with
> > this?
>
> "uaccess" ḿeans access to devices can come and go any time, as the
> user switches sessions, as sessions come and go. This means programs
> which want access to such devices need to be written with this in
> mind: watch udev events, and try to reopen the devices whenever you
> receive an event for the relevant audio device and access is
> permitted. (logind will re-retrigger relevant devices whenever the fg
> session changes, so that the udev rules are rerun and apps are
> notified about the new situation via udev events)
>
Turns out, related udev rule(s) only mark /dev/snd devices with "uaccess"
tags, actual ACL update happens in logind. And (to my knowledge) there is
no event/condition/target you could use to wait for this ACL update to
happen. This is the main problem. Waiting in a loop doesn't look like a
proper solution at all. Which means user services that need access to these
devices are kind of in limbo... You can't configure them to auto-run, have
to use hacks.
If the device "goes away" (because of a user switch) -- it is not a problem
in this case... fluid synth needs to open /de/snd/seq only once (and keeps
it open, afaik).
Regards,
Michael.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20241125/a7e0f558/attachment.htm>
More information about the systemd-devel
mailing list