summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGeorge Kiagiadakis <george.kiagiadakis@collabora.com>2019-06-21 20:02:53 +0300
committerGeorge Kiagiadakis <george.kiagiadakis@collabora.com>2019-06-21 20:02:53 +0300
commit6d83f1e291e2b2b0b87958844219a4bcb6649252 (patch)
tree3873fb2440c0fe612c61ce94eeaad592021930a7
parentff79e465cff35c0449287a9f99ca4d3ee047bf3f (diff)
pipewire: switch system-wide template systemd service & socket files
This allows granting pipewire additional permissions, most notably the permission to access the alsa devices (SupplementaryGroups=audio) and therefore fixes pipewire for the "running as non-root" setup Bug-AGL: SPEC-2554 Change-Id: Ie9192a7f42f4929f70114ddc39a23d94f9ba84fc Signed-off-by: George Kiagiadakis <george.kiagiadakis@collabora.com>
-rw-r--r--meta-pipewire/recipes-multimedia/pipewire/pipewire/pipewire@.service22
-rw-r--r--meta-pipewire/recipes-multimedia/pipewire/pipewire/pipewire@.socket19
-rw-r--r--meta-pipewire/recipes-multimedia/pipewire/pipewire_git.bbappend23
3 files changed, 58 insertions, 6 deletions
diff --git a/meta-pipewire/recipes-multimedia/pipewire/pipewire/pipewire@.service b/meta-pipewire/recipes-multimedia/pipewire/pipewire/pipewire@.service
new file mode 100644
index 00000000..7ecdcc40
--- /dev/null
+++ b/meta-pipewire/recipes-multimedia/pipewire/pipewire/pipewire@.service
@@ -0,0 +1,22 @@
+[Unit]
+Description=Multimedia Service for user %i
+Requires=pipewire@%i.socket
+
+[Install]
+Also=pipewire@%i.socket
+
+[Service]
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/pipewire
+
+Environment=XDG_RUNTIME_DIR=/run/user/%i
+Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%i/bus
+
+User=%i
+Slice=user-%i.slice
+SupplementaryGroups=audio
+UMask=0077
+CapabilityBoundingSet=
+SystemCallFilter=@basic-io @file-system @io-event @ipc \
+ @memlock @network-io @process @resources @signal
diff --git a/meta-pipewire/recipes-multimedia/pipewire/pipewire/pipewire@.socket b/meta-pipewire/recipes-multimedia/pipewire/pipewire/pipewire@.socket
new file mode 100644
index 00000000..10cb3227
--- /dev/null
+++ b/meta-pipewire/recipes-multimedia/pipewire/pipewire/pipewire@.socket
@@ -0,0 +1,19 @@
+[Unit]
+Description=Multimedia Service socket for user %i
+Requires=afm-user-setup@%i.service
+After=afm-user-setup@%i.service
+
+[Socket]
+Priority=6
+Backlog=5
+ListenStream=/run/user/%i/pipewire-0
+Service=pipewire@%i.service
+SmackLabel=*
+SmackLabelIPIn=System
+SmackLabelIPOut=System
+SocketUser=%i
+SocketGroup=%i
+SocketMode=0660
+
+[Install]
+WantedBy=afm-user-session@%i.target
diff --git a/meta-pipewire/recipes-multimedia/pipewire/pipewire_git.bbappend b/meta-pipewire/recipes-multimedia/pipewire/pipewire_git.bbappend
index 06b969a6..31253d03 100644
--- a/meta-pipewire/recipes-multimedia/pipewire/pipewire_git.bbappend
+++ b/meta-pipewire/recipes-multimedia/pipewire/pipewire_git.bbappend
@@ -1,11 +1,22 @@
+SRC_URI += "\
+ file://pipewire@.service \
+ file://pipewire@.socket \
+ "
+
do_install_append() {
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- # Execute these manually on behalf of systemctl script (from systemd-systemctl-native.bb)
- # because it does not support systemd's user mode.
- mkdir -p ${D}${sysconfdir}/systemd/user/sockets.target.wants/
- ln -sf ${systemd_user_unitdir}/pipewire.socket ${D}${sysconfdir}/systemd/user/sockets.target.wants/pipewire.socket
+ # remote the original user unit files shipped by pipewire
+ rm -rf ${D}${systemd_unitdir}
+
+ # install our own system-level templates
+ mkdir -p ${D}${systemd_system_unitdir}/
+ install -m 0644 ${WORKDIR}/pipewire@.service ${D}${systemd_system_unitdir}/pipewire@.service
+ install -m 0644 ${WORKDIR}/pipewire@.socket ${D}${systemd_system_unitdir}/pipewire@.socket
+
+ # enable the socket to start together with afm-user-session
+ mkdir -p ${D}${systemd_system_unitdir}/afm-user-session@.target.wants
+ ln -sf ../pipewire@.socket ${D}${systemd_system_unitdir}/afm-user-session@.target.wants/pipewire@.socket
fi
}
-FILES_${PN} += "${sysconfdir}/systemd/user/"
-
+FILES_${PN} += "${systemd_system_unitdir}/*"