Hi! Find attached a first proposal how to fix this bug.
It uses debconf to ask the user whether he needs RT prio or not, defaulting to "no" due to the imposed security implications. Comments? -- mail: a...@thur.de http://adi.thur.de PGP/GPG: key via keyserver
diff --git a/debian/control b/debian/control index 5b0db2f..907193f 100644 --- a/debian/control +++ b/debian/control @@ -24,7 +24,7 @@ Vcs-Browser: http://git.debian.org/?p=pkg-multimedia/jack-audio-connection-kit.g Package: jackd Architecture: any -Depends: ${shlibs:Depends} +Depends: ${shlibs:Depends}, coreutils (>= 4.0), debconf | debconf-2.0 Recommends: qjackctl, libpam-modules Suggests: jack-tools, meterbridge, libjackasyn0 Description: JACK Audio Connection Kit (server and example clients) diff --git a/debian/jackd.config b/debian/jackd.config new file mode 100644 index 0000000..0bad05e --- /dev/null +++ b/debian/jackd.config @@ -0,0 +1,10 @@ +#!/bin/sh -e + +# Source debconf library. +. /usr/share/debconf/confmodule + +# realtime prio? +db_input high jackd/tweak_rt_limits +db_go + + diff --git a/debian/jackd.postinst b/debian/jackd.postinst new file mode 100644 index 0000000..59be55a --- /dev/null +++ b/debian/jackd.postinst @@ -0,0 +1,29 @@ +#!/bin/sh -e + +# Source debconf library. +. /usr/share/debconf/confmodule + +CONFIG_FILE=/etc/security/limits.d/audio + +db_get jackd/tweak_rt_limits +if [ $RET == "true" ]; then + mkdir -p $(dirname $CONFIG_FILE) + cat > $CONFIG_FILE << EOF +# generated by jackd's postinst. +# +# Do not edit this file by hand, use +# +# dpkg-reconfigure -p high jackd +# +# instead. +...@audio - rtprio 99 +...@audio - memlock unlimited +...@audio - nice -19 +EOF + +else + # user doesn't want RT prio + rm -rf $CONFIG_FILE +fi + +#DEBHELPER# diff --git a/debian/jackd.postrm b/debian/jackd.postrm new file mode 100644 index 0000000..51679c7 --- /dev/null +++ b/debian/jackd.postrm @@ -0,0 +1,22 @@ +#!/bin/sh -e +# +# +CONFIG_FILE=/etc/security/limits.d/audio + +if [ "$1" = "purge" ] +then + if [ -e $CONFIG_FILE ] + then + /bin/rm $CONFIG_FILE + fi + + # if we still have debconf, also remove our entries from the DB + if [ -e /usr/share/debconf/confmodule ] + then + # Source debconf library. + . /usr/share/debconf/confmodule + db_purge + fi +fi + + diff --git a/debian/jackd.templates b/debian/jackd.templates new file mode 100644 index 0000000..e186a8c --- /dev/null +++ b/debian/jackd.templates @@ -0,0 +1,17 @@ +Template: jackd/tweak_rt_limits +Type: boolean +Default: false +Description: Do you want me to enable realtime priorities in /etc/security/limits.d? + If you want to run jackd with realtime priorities, the user starting jackd + needs realtime permissions. This is usually accomplished by tweaking + rtprio and memlock in /etc/security/limits.conf, either for a specific + user or for the audio group in general. + . + Raising memlock and rtprio limits may lead to complete system lock-ups due + to highest scheduler priorities or denial of service attacks by requesting + all the available physical system memory, which is unacceptable in + multi-user environments. + . + The Debian default is to DISABLE realtime priorities, however, if you + intend to run jackd with very low latencies, say "Yes" in order to place + the approriate settings in /etc/security/limits.d/audio.
