8 Apr
2005
8 Apr
'05
6:16 p.m.
Fernando Lopez-Lezcano <nando(a)ccrma.Stanford.EDU> writes:
On Fri, 2005-04-08 at 12:31, Jack O'Quin wrote:
http://www.uwsg.iu.edu/hypermail/linux/kernel/0503.1/0048.html
Yes, you'll need to use PAM. It does support per-group as well as
per-user privileges.
Unfortunately, PAM is an overly-complicated, poorly-documented mess,
which has done more damage to Linux security than any component I can
think of, including sendmail.
The burden will be on you to figure out how to use it correctly.
End-user musicians sure as hell won't know. I don't see much hope of
kernel developers documenting this or bothering to test it, either.
--
joq
Instead, they propose an rlimits extension for
granting
per-user realtime scheduling privileges. This does (barely) meet our
minimum needs.
I have not followed the details, I presume this could be per-group,
right? What are the details on how use will be controlled, if you care
to comment (PAM?)? You would not have a thread url by chance?