Group "render"
Michael Biebl
biebl at debian.org
Wed Mar 13 17:36:45 GMT 2019
Am 13.03.19 um 14:51 schrieb Martin Pitt:
> Hello Michael,
>
> Michael Biebl [2019-03-11 10:49 +0100]:
>> Should we drop this patch in Debian and follow upstream, i.e. make
>> render nodes owned by group "render"?
>
> For actual graphics devices I don't see much point in it, these are the prime
> example of a device that should be handled through uaccess.
>
> But these days there's CUDA. I'm not sure if that also needs access to render
> devices, or whether these are *really* just for rendering.
>
>> How should we setup the permissions, 666 or 660?
>> If we go for 660, should we make sure to re-add the uaccess tag for
>> those devices to not break existing setups?
>
> My feeling is:
>
> - If they are for number crunching as well (CUDA, etc.), 660 + render group + uaccess
Which means, we should probably ask upstream to apply a uaccess tag for
those render devices. Otherwise we would have to carry a downstream
patch for this.
> - If they are strictly for graphical output, 660 + uaccess
By using uaccess + group render with 0660 I think we would cover every
possible use case.
CUDA software which is not necessarily tied to a login session could use
the static group and users with a login session would just use uaccess.
I think I'll prep a PR for upstream which adds the uaccess tag for
render nodes. Let's see what they say.
Regards,
Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20190313/dbb230ce/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list