[mythtv-users] Fwd: Re: Fwd: Re: Mythfrontend freezing and VDPAU?

Greg Oliver oliver.greg at gmail.com
Fri Mar 6 14:19:09 UTC 2020 

On Fri, Mar 6, 2020 at 12:59 AM Allen Edwards <allen.p.edwards at gmail.com>
wrote:

> As long as lirc is not switching users when it runs things, then there
>> should be no need to use sudoers!  Arrgh!  I would still want to test
>> it by getting lirc to run a script that runs whoami though.  It is
>> possible for a program to run things as a different user with lesser
>> permissions.  That is a fairly common trick for daemons that are run
>> as root.
>>
>> Lircd is run from systemd.  To find its status:
>>
>> sudo systemctl status lircd
>>
>> ? lircd.service - Flexible IR remote input/output application support
>>    Loaded: loaded (/lib/systemd/system/lircd.service; enabled; vendor
>> preset: enabled)
>>    Active: active (running) since Wed 2020-02-19 05:09:37 NZDT; 2
>> weeks 2 days ago
>>      Docs: man:lircd(8)
>>            http://lirc.org/html/configure.html
>>  Main PID: 2345 (lircd)
>>     Tasks: 2 (limit: 4915)
>>    CGroup: /system.slice/lircd.service
>>            +-2345 /usr/sbin/lircd --nodaemon
>>
>> Mar 02 06:45:04 mypvr lircd[2345]: lircd-0.10.0[2345]: Notice:
>> accepted new client on /var/run/lirc/lircd
>> Mar 02 06:45:04 mypvr lircd[2345]: lircd-0.10.0[2345]: Info:
>> initializing '/dev/input/event12'
>> Mar 02 06:45:04 mypvr lircd[2345]: lircd-0.10.0[2345]: Info: Using
>> device: /dev/input/event12
>> Mar 02 06:45:04 mypvr lircd-0.10.0[2345]: Notice: accepted new client
>> on /var/run/lirc/lircd
>> Mar 02 06:45:04 mypvr lircd-0.10.0[2345]: Info: initializing
>> '/dev/input/event12'
>> Mar 02 06:45:04 mypvr lircd-0.10.0[2345]: Info: Using device:
>> /dev/input/event12
>> Mar 02 06:46:04 mypvr lircd[2345]: lircd-0.10.0[2345]: Notice:
>> accepted new client on /var/run/lirc/lircd
>> Mar 02 06:46:04 mypvr lircd-0.10.0[2345]: Notice: accepted new client
>> on /var/run/lirc/lircd
>> Mar 02 06:46:30 mypvr lircd[2345]: lircd-0.10.0[2345]: Info: removed
>> client
>> Mar 02 06:46:30 mypvr lircd-0.10.0[2345]: Info: removed client
>>
>> and to see its control files:
>>
>> sudo systemctl cat lircd
>>
>> # /lib/systemd/system/lircd.service
>> [Unit]
>> Documentation=man:lircd(8)
>> Documentation=http://lirc.org/html/configure.html
>> Description=Flexible IR remote input/output application support
>> Wants=lircd-setup.service
>> After=network.target lircd-setup.service
>>
>> [Service]
>> Type=simple
>> ExecStart=/usr/sbin/lircd --nodaemon
>> ; User=lirc
>> ; Group=lirc
>>
>> ; Hardening opts, see systemd.exec(5). Doesn't add much unless
>> ; not running as root.
>> ;
>> ; # Required for dropping privileges in --effective-user.
>> ; CapabilityBoundingSet=CAP_SETEUID
>> ; MemoryDenyWriteExecute=true
>> ; NoNewPrivileges=true
>> ; PrivateTmp=true
>> ; ProtectHome=true
>> ; ProtectSystem=full
>>
>> [Install]
>> WantedBy=multi-user.target
>>
>> As you can see above, the User= and Group= lines are commented out, so
>> it runs as root.  I think it used to run as lirc in the past, but it
>> looks like it now runs as root since the update to the new version of
>> lirc.
>> _______________________________________________
>>
>>
> Mama, the moderator ate my reply. Here it is again with a bit of trimming.
>
> Another example of my system being old school. As I said, I run lircd from
> rc.local so things are different.
> This doesn't mean it is right, but it is how HDHomerun did it when I built
> my Mythbuntu-8 system and that is what I just kept doing when I did the
> rebuild last year.
>
> * dad at NewMyth:~$ sudo systemctl status lircd*
>
>
> *● lircd.service   Loaded: not-found (Reason: No such file or directory)
>  Active: inactive (dead)*
>

Nothing wrong with that.  I use union mounts and aufs to keep a single NFS
/ Media share available for Plex all with PCI and USB passthrough under
vmware, so I do all of that voodoo from rc.local as well.  Sometime it just
makes sense and is easier for some home stuff.  IIRC irexec's daemon also
had to be running for this to work.  There was a major rewrite of
lircd's config handling etc a while back after I had already quit using it,
so I cannot guarantee what I am saying is still valid :)



> I have some experimenting to do but it looks like it is likely that this
> will be easier than what we had been discussing.
>
> Allen
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mythtv.org/pipermail/mythtv-users/attachments/20200306/6a32583e/attachment.htm>

More information about the mythtv-users mailing list