Ubuntu Manpage: libpipewire-module-access

Provided by: libpipewire-0.3-modules_1.0.5-1ubuntu3_amd64

NAME

       libpipewire-module-access - Access

DESCRIPTION

       The access module performs access checks on clients.

       The access check is only performed once per client, subsequent checks return the same resolution.

       Permissions assigned to a client are configured as arguments to this module, see below. Permission
       management beyond unrestricted access is delegated to an external agent, usually the session manager.

       This module sets the pipewire.access as follows:

       • If access.legacy module option is not enabled:

       The value defined for the socket in access.socket module option, or 'default' if no value is defined.

       • If access.legacy is enabled, the value is:

         • 'flatpak': if client is a Flatpak client

         • 'unrestricted': if pipewire.client.access client property is set to 'allowed'

         • Value of pipewire.client.access client property, if set

         • 'unrestricted': otherwise

       If the resulting pipewire.access value is 'unrestricted', this module will give the client all
       permissions to access all resources. Otherwise, the client will be forced to wait until an external
       actor, such as the session manager, updates the client permissions.

       For connections from applications running inside Flatpak, and not mediated by other clients (eg. portal
       or pipewire-pulse), the pipewire.access.portal.app_id property is to the Flatpak application ID, if
       found. In addition, pipewire.sec.flatpak is set to true.

MODULE NAME

       libpipewire-module-access

MODULE OPTIONS

       Options specific to the behavior of this module

       • access.socket = { 'socket-name' = 'access-value', ... }:

       Socket-specific access permissions. Has the default value { 'CORENAME-manager': 'unrestricted' } where
       CORENAME is the name of the PipeWire core, usually pipewire-0.

       • access.legacy = true: enable backward-compatible access mode. Cannot be enabled when using socket-based
         permissions.

       If access.socket is not specified, has the default value true otherwise false.

       Warning
           The legacy mode is deprecated. The default value is subject to change and the legacy mode may be
           removed in future PipeWire releases.

GENERAL OPTIONS

       Options with well-known behavior:

       • pipewire.access

       • pipewire.client.access

EXAMPLE CONFIGURATION

        context.modules = [
         {   name = libpipewire-module-access
             args = {
                 # Use separate socket for session manager applications,
                 # and pipewire-0 for usual applications.
                 access.socket = {
                     pipewire-0 = "default",
                     pipewire-0-manager = "unrestricted",
                 }
             }
         }
       ]

       See also
           pw_resource_error

           pw_impl_client_update_permissions