d=freebsd.org; s=dkim; t=1781535910; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YtIw1aVpEkv68yP/PiG2pHMCw+Lr9b6rv1SHLOk8d74=; b=lG343q2DBvMppOZhuLOI0OA8WnRQ3nmW0dfJTiUmQZbkaoV6nA81ef9up5ypRBamvj7MNp G7MiMXw3490/mL5xVdm/ak8/bhCoDgQ7mFTVdrCeK70vzX4f8VYBr87Kpuxd96LB9hdiEw eaJwgUwezzAsJUaWzAYu+SgZ6YiB0jUEY9RbMYguMCY3mTIgFAodB5MDLMuIFzGfP5mE6R JiZ2PNetIhZuhSvOqEN1YQwB3qn6x19W1Sp52BgxGMAPIXTnvKbOhQuGtS6BJQ6lWTznET dAhvCrIawm/iaKP+nrKuG3lWJ8j8FMnSMOwZj96/SiwJP9x1GXfJqkOG03E+4A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gfD1y0wBQz10JT for ; Mon, 15 Jun 2026 15:05:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c151 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 15 Jun 2026 15:05:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Christos Margiolis Subject: git: a6aa95eba6ee - main - sound: Create all device nodes with GID_AUDIO List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: christos X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a6aa95eba6ee2dd199d6cb8063dbaccd8a6f7512 Auto-Submitted: auto-generated Date: Mon, 15 Jun 2026 15:05:10 +0000 Message-Id: <6a3014a6.3c151.59eed2c6@gitrepo.freebsd.org> The branch main has been updated by christos: URL: https://cgit.FreeBSD.org/src/commit/?id=a6aa95eba6ee2dd199d6cb8063dbaccd8a6f7512 commit a6aa95eba6ee2dd199d6cb8063dbaccd8a6f7512 Author: Christos Margiolis AuthorDate: 2026-05-21 18:03:31 +0000 Commit: Christos Margiolis CommitDate: 2026-06-15 15:03:48 +0000 sound: Create all device nodes with GID_AUDIO Commit 6024e3f99a1e ("Add audio group") introduced GID_AUDIO, initially for virtual_oss(8) loopback devices. Now make all of them with GID_AUDIO. Relnotes: yes Sponsored by: The FreeBSD Foundation Reviewed by: emaste Pull-Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/35 --- UPDATING | 3 +++ share/man/man4/pcm.4 | 11 +++++++-- sys/dev/sound/midi/midi.c | 2 +- sys/dev/sound/pci/emu10kx.c | 2 +- sys/dev/sound/pcm/dsp.c | 4 +-- sys/dev/sound/pcm/mixer.c | 2 +- sys/dev/sound/sndstat.c | 2 +- sys/dev/sound/usb/uaudio.c | 2 +- usr.sbin/virtual_oss/virtual_oss/main.c | 34 ++++++++++---------------- usr.sbin/virtual_oss/virtual_oss/virtual_oss.8 | 8 +++--- 10 files changed, 35 insertions(+), 35 deletions(-) diff --git a/UPDATING b/UPDATING index 58d12856c581..a83925a811a4 100644 --- a/UPDATING +++ b/UPDATING @@ -27,6 +27,9 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 16.x IS SLOW: world, or to merely disable the most expensive debugging functionality at runtime, run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20260521: + Audio devices are now created with GID 43 / audio. You will need to add + users who need access to audio devices to this group. 20260512: "bsdinstall script" will now do a pkgbase installation by default. To revert to the legacy distset installation, set "DISTRIBUTIONS" in diff --git a/share/man/man4/pcm.4 b/share/man/man4/pcm.4 index 9ea0f14c3930..181b2120c2e6 100644 --- a/share/man/man4/pcm.4 +++ b/share/man/man4/pcm.4 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd May 15, 2026 +.Dd May 21, 2026 .Dt SOUND 4 .Os .Sh NAME @@ -559,6 +559,12 @@ Additional messages are sometimes recorded when the device is probed and attached, these messages can be viewed with the .Xr dmesg 8 utility. +.Pp +Users have to be part of the audio group in order to access any device node +created by +.Nm , +as well as the device drivers, and +.Xr virtual_oss 8 . .Sh EXAMPLES Use the sound metadriver to load all .Nm @@ -625,7 +631,8 @@ A device node is not created properly. .Xr dmesg 8 , .Xr kldload 8 , .Xr mixer 8 , -.Xr sysctl 8 +.Xr sysctl 8 , +.Xr virtual_oss 8 .Rs .%T "Cookbook formulae for audio EQ biquad filter coefficients (Audio-EQ-Cookbook.txt), by Robert Bristow-Johnson" .%U "https://www.musicdsp.org/en/latest/Filters/197-rbj-audio-eq-cookbook.html" diff --git a/sys/dev/sound/midi/midi.c b/sys/dev/sound/midi/midi.c index e70f76a44ed9..9a19b0bc2e30 100644 --- a/sys/dev/sound/midi/midi.c +++ b/sys/dev/sound/midi/midi.c @@ -143,7 +143,7 @@ midi_init(kobj_class_t cls, void *cookie) mtx_unlock(&m->lock); - m->dev = make_dev(&midi_cdevsw, m->unit, UID_ROOT, GID_WHEEL, 0666, + m->dev = make_dev(&midi_cdevsw, m->unit, UID_ROOT, GID_AUDIO, 0660, "midi%d.%d", m->unit, m->channel); m->dev->si_drv1 = m; diff --git a/sys/dev/sound/pci/emu10kx.c b/sys/dev/sound/pci/emu10kx.c index 9cd7dbca1cb2..582006e001c2 100644 --- a/sys/dev/sound/pci/emu10kx.c +++ b/sys/dev/sound/pci/emu10kx.c @@ -2312,7 +2312,7 @@ emu10kx_dev_init(struct emu_sc_info *sc) mtx_init(&sc->emu10kx_lock, device_get_nameunit(sc->dev), "kxdevlock", 0); unit = device_get_unit(sc->dev); - sc->cdev = make_dev(&emu10kx_cdevsw, unit, UID_ROOT, GID_WHEEL, 0640, "emu10kx%d", unit); + sc->cdev = make_dev(&emu10kx_cdevsw, unit, UID_ROOT, GID_AUDIO, 0640, "emu10kx%d", unit); if (sc->cdev != NULL) { sc->cdev->si_drv1 = sc; return (0); diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 089e193ee8b4..05fdc18e31f8 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -122,8 +122,8 @@ dsp_make_dev(device_t dev) make_dev_args_init(&devargs); devargs.mda_devsw = &dsp_cdevsw; devargs.mda_uid = UID_ROOT; - devargs.mda_gid = GID_WHEEL; - devargs.mda_mode = 0666; + devargs.mda_gid = GID_AUDIO; + devargs.mda_mode = 0660; devargs.mda_si_drv1 = sc; err = make_dev_s(&devargs, &sc->dsp_dev, "dsp%d", unit); if (err != 0) { diff --git a/sys/dev/sound/pcm/mixer.c b/sys/dev/sound/pcm/mixer.c index 3ddee24417cc..1d74af76b757 100644 --- a/sys/dev/sound/pcm/mixer.c +++ b/sys/dev/sound/pcm/mixer.c @@ -646,7 +646,7 @@ mixer_init(device_t dev, kobj_class_t cls, void *devinfo) mixer_setrecsrc(m, 0); /* Set default input. */ - pdev = make_dev(&mixer_cdevsw, 0, UID_ROOT, GID_WHEEL, 0666, "mixer%d", + pdev = make_dev(&mixer_cdevsw, 0, UID_ROOT, GID_AUDIO, 0660, "mixer%d", unit); pdev->si_drv1 = m; snddev->mixer_dev = pdev; diff --git a/sys/dev/sound/sndstat.c b/sys/dev/sound/sndstat.c index c28a932c784e..68902012563e 100644 --- a/sys/dev/sound/sndstat.c +++ b/sys/dev/sound/sndstat.c @@ -1437,7 +1437,7 @@ static void sndstat_sysinit(void *p) { sx_init(&sndstat_lock, "sndstat lock"); - sndstat_dev = make_dev(&sndstat_cdevsw, 0, UID_ROOT, GID_WHEEL, 0644, + sndstat_dev = make_dev(&sndstat_cdevsw, 0, UID_ROOT, GID_AUDIO, 0640, "sndstat"); } SYSINIT(sndstat_sysinit, SI_SUB_DRIVERS, SI_ORDER_FIRST, sndstat_sysinit, NULL); diff --git a/sys/dev/sound/usb/uaudio.c b/sys/dev/sound/usb/uaudio.c index eedd52774b70..4072c8138cea 100644 --- a/sys/dev/sound/usb/uaudio.c +++ b/sys/dev/sound/usb/uaudio.c @@ -6049,7 +6049,7 @@ umidi_attach(device_t dev) error = usb_fifo_attach(sc->sc_udev, chan, &chan->mtx, &umidi_fifo_methods, &sub->fifo, unit, n, chan->iface_index, - UID_ROOT, GID_OPERATOR, 0666); + UID_ROOT, GID_AUDIO, 0660); if (error) { goto detach; } diff --git a/usr.sbin/virtual_oss/virtual_oss/main.c b/usr.sbin/virtual_oss/virtual_oss/main.c index 5b50f8e5ef6c..1b03e2c8cf37 100644 --- a/usr.sbin/virtual_oss/virtual_oss/main.c +++ b/usr.sbin/virtual_oss/virtual_oss/main.c @@ -1642,6 +1642,9 @@ static int voss_ntds; static pthread_t *voss_tds; static int voss_fd_sta = -1; +static gid_t voss_gid; +static int voss_perm = 0660; + /* XXX I do not like the prefix argument... */ static struct voss_backend * voss_load_backend(const char *prefix, const char *name, const char *dir) @@ -1874,25 +1877,8 @@ dup_profile(vprofile_t *pvp, int *pamp, int pol, int rx_mute, { vprofile_t *ptr; struct cuse_dev *pdev; - struct group *gr; const char *errstr; - gid_t gid; - int x, perm; - - if (!is_client) { - /* - * Loopback devices can be used only by users who part of the - * audio group, to avoid unintended snooping by unprivileged - * users. - */ - if ((gr = getgrnam("audio")) == NULL) - return ("getgrnam() failed"); - gid = gr->gr_gid; - perm = 0660; - } else { - gid = 0; - perm = 0666; - } + int x; rx_mute = rx_mute ? 1 : 0; tx_mute = tx_mute ? 1 : 0; @@ -1945,7 +1931,7 @@ dup_profile(vprofile_t *pvp, int *pamp, int pol, int rx_mute, /* create DSP character device */ pdev = cuse_dev_create(&vclient_oss_methods, ptr, NULL, - 0, gid, perm, ptr->oss_name); + 0, voss_gid, voss_perm, ptr->oss_name); if (pdev == NULL) { errstr = "Could not create CUSE DSP device"; goto err; @@ -1964,7 +1950,7 @@ dup_profile(vprofile_t *pvp, int *pamp, int pol, int rx_mute, /* create WAV device */ if (ptr->wav_name[0] != 0) { pdev = cuse_dev_create(&vclient_wav_methods, ptr, NULL, - 0, gid, perm, ptr->wav_name); + 0, voss_gid, voss_perm, ptr->wav_name); if (pdev == NULL) { errstr = "Could not create CUSE WAV device"; goto err; @@ -2581,6 +2567,12 @@ main(int argc, char **argv) struct sigaction sa; struct cuse_dev *pdev = NULL; struct virtual_profile *pvp; + struct group *gr; + + /* Devices can be used only by users who part of the audio group. */ + if ((gr = getgrnam("audio")) == NULL) + err(EX_USAGE, "getgrnam"); + voss_gid = gr->gr_gid; TAILQ_INIT(&virtual_profile_client_head); TAILQ_INIT(&virtual_profile_loopback_head); @@ -2650,7 +2642,7 @@ main(int argc, char **argv) if (voss_ctl_device[0] != 0) { pdev = cuse_dev_create(&vctl_methods, NULL, NULL, - 0, 0, 0666, voss_ctl_device); + 0, voss_gid, voss_perm, voss_ctl_device); if (pdev == NULL) errx(EX_USAGE, "Could not create '/dev/%s'", voss_ctl_device); diff --git a/usr.sbin/virtual_oss/virtual_oss/virtual_oss.8 b/usr.sbin/virtual_oss/virtual_oss/virtual_oss.8 index b9dc8fd86a3c..4db4492a0842 100644 --- a/usr.sbin/virtual_oss/virtual_oss/virtual_oss.8 +++ b/usr.sbin/virtual_oss/virtual_oss/virtual_oss.8 @@ -23,7 +23,7 @@ .\" SUCH DAMAGE. .\" .\" -.Dd May 7, 2026 +.Dd May 21, 2026 .Dt VIRTUAL_OSS 8 .Os .Sh NAME @@ -162,8 +162,6 @@ This option should be specified before the -d and -l options. Create an OSS device by given name. .It Fl l Ar name Create a loopback OSS device by given name. -Users have to be part of the audio group to access this device. -This is a security measure to avoid unintended snooping by unprivileged users. .It Fl L Ar name Create a loopback OSS device which acts as a master device. This option is used in conjunction with -f /dev/null . @@ -328,8 +326,8 @@ virtual_oss -S -b 16 -C 2 -c 2 -r 48000 -s 4ms \\ -f /dev/sndio/default -d dsp .Ed .Sh NOTES -All character devices are created using the 0666 mode which gives -everyone in the system access. +Users have to be part of the audio group to access any device node created by +.Nm . .Sh SEE ALSO .Xr cuse 3 , .Xr sound 4 ,