diff options
| -rw-r--r-- | audio/darkice/README | 7 | ||||
| -rw-r--r-- | audio/darkice/darkice.SlackBuild | 10 | ||||
| -rw-r--r-- | audio/darkice/setcap.sh | 1 |
3 files changed, 17 insertions, 1 deletions
diff --git a/audio/darkice/README b/audio/darkice/README index bd69c95f2ef9..2dc47af0135e 100644 --- a/audio/darkice/README +++ b/audio/darkice/README @@ -27,4 +27,11 @@ DarkIce can send the encoded stream to the following streaming servers: - Darwin Streaming Server - archive the encoded audio in files +Note: +This package optionally uses POSIX filesystem capabilities to execute with +elevated privileges (required for realtime audio processing). This +may be considered a security/stability risk. Please read +http://www.slackbuilds.org/caps/ for more information. To enable +capabilities, pass SETCAP=yes to the script. + Optional dependencies: lame, opus, faac, twolame, jack-audio-connection-kit, pulseaudio diff --git a/audio/darkice/darkice.SlackBuild b/audio/darkice/darkice.SlackBuild index 93c8dde45c30..bdea42e86f3a 100644 --- a/audio/darkice/darkice.SlackBuild +++ b/audio/darkice/darkice.SlackBuild @@ -25,7 +25,7 @@ PRGNAM=darkice VERSION=${VERSION:-1.2} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} TAG=${TAG:-_SBo} if [ -z "$ARCH" ]; then @@ -96,5 +96,13 @@ for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; r mkdir $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc +# Only add capability stuff if not disabled: +if [ "${SETCAP:-no}" = "yes" ]; then + cat $CWD/setcap.sh >> $PKG/install/doinst.sh + # Only allow execution by audio group + chown root:audio $PKG/usr/bin/darkice + chmod 0750 $PKG/usr/bin/darkice +fi + cd $PKG /sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/audio/darkice/setcap.sh b/audio/darkice/setcap.sh new file mode 100644 index 000000000000..23dacce22026 --- /dev/null +++ b/audio/darkice/setcap.sh @@ -0,0 +1 @@ +[ -x /sbin/setcap ] && /sbin/setcap cap_ipc_lock,cap_sys_nice=ep usr/bin/darkice |