And lo, upon Sun, Jul 14, 2002 at 08:36:48PM +0100, Adam Jones spaketh thusly: > On 13-Jul-02, Tapio Kelloniemi wrote: > > > I have the following problem. When any program without root privileges > > tries to use soundcard it fails with Permission denied error. When > > they use OSS api emulation, everything is OK. chmod a+rw /dev/amixer* > > /dev/adsp* doesn't help. What should I do to fix this? > > In /etc/modules.conf, add the options "snd_device_uid=" or > "snd_device_gid=" to set the owner and group for the sound device nodes. > Best idea is to create a "sound" group, and just set snd_device_gid to > that group and make yourself a member of it.
Better yet, make sure the <sound> group exists in /etc/security/console.perms:
<sound>=/dev/dsp* /dev/audio* /dev/midi* \
/dev/mixer* /dev/sequencer \
/dev/sound/* /dev/snd/* /dev/beep
.
.
.
<console> 0600 <sound> 0600 root
Then PAM will automatically change ownership of these device files to
the user who is logged in on the console, which is probably what you
want (unless you like non-console users being able to play sounds at
your box for fun).
If you're using devfs, I'd also reccommend the following line in
your /etc/devfsd.conf file:
# update console permissions when a new device is loaded
#
REGISTER .* EXECUTE /sbin/pam_console_apply
This will ensure that the console permissions get set not only when
someone logs in on the console, but whenever a new device is loaded
(otherwise, if you load the sound modules after you log in, they
will still be owned by root).
Note that if you log in on a virtual console before you log in at X,
the user at X will never get the permissions set (unless you re-run
pam_console_apply as root, I imagine). This happens usually when people
log in as root at a VC, then themselves at X before they log out of the
VC.
--
Aaron Gaudio prothontar @ tarnation.dyndns.org
http://tarnation.dyndns.org/~aaron
----------------
"From fullness, aspect. From aspect, being. From being, emptiness."
msg03905/pgp00000.pgp
Description: PGP signature
