Re: [PATCH] [request for inclusion] Realtime LSM

From: Christoph Hellwig
Date: Mon Mar 07 2005 - 23:34:19 EST

Next message: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Previous message: Andrew Morton: "Re: [PATCH] [request for inclusion] Realtime LSM"
In reply to: Andrew Morton: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 07, 2005 at 08:28:21PM -0800, Andrew Morton wrote:
> > please describe this "very simple and very real-world problem" in simple
> > terms. Lets make sure "problem" and "solution" didnt become detached.
> >
>
> Well others can do that better than I but I'd describe it as
>
> - Audio apps need to meet their realtime requirements
>
> - The way to implement that is to give them !SCHED_OTHER and mlockall
> capabilities.
>
> - But they don't want to run as root.

Which all fits very nicely with MEMLOCK rlimit and a tiny wrapper
that sets !SCHED_OTHER and execs the audio app..

and as I mentioned a few times if we really want to go for a magic
uid/gid-based approach we should at least have one that's useable for
all capabilities so it can replace the oracle hack aswell. But the
proponents of the patch weren't iterested to invest the tiniest bit
of work over what they submited.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Previous message: Andrew Morton: "Re: [PATCH] [request for inclusion] Realtime LSM"
In reply to: Andrew Morton: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]