Skip to content

Add support for enabling/disabling audio recording using recordctl, if installed #2

@morgant

Description

@morgant

I recently developed a small recordctl utility for OpenBSD which simplified enabling/disabling (incl. toggling) audio and/or video recording at the kernel level (both are disabled by default). Since xsndiomenu already shows the audio recording enabled/disabled state, it would be convenient to check for recordctl and, if it is installed, utilize it for toggling audio recording in the kernel.

Of course, the major consideration is whether the user is permitted by doas(1) to execute either recordctl or sysctl kern.{audi,vide}o.record=* commands as root, specifically without requiring a password (non-interactive, e.g. 'nopass' in doas.conf(5). If not, we shouldn't expose the ability to toggle audio recording as we won't have a way to prompt for a password by doas(1).

Initially, I was thinking that would make this impossible, but after checking the doas(1) manual page, I found that the -C config option will also output either permit, permit nopass, or deny if a command and its arguments are provided as arguments. So, checking if a user has permission should be as simple as a check like:

[  "$(doas -C /etc/doas.conf sysctl kern.audio.record=1)" -eq "permit nopass" ]

Would probably need to handle a couple more cases there, but still pretty straightforward.

UPDATE: I discovered my ability to use doas -C /etc/doas.conf as an unprivileged user was based on incorrect permissions, so that is not actually possible!

I'm thinking my best course of action is to add an option to specifically check for and expose the ability to toggle audio recording using recordctl. It should use doas -n to execute recordctl to ensure that it tries to run in a non-interactive terminal and doesn't hang xsndiomenu attempting to prompt for a password. Naturally, I'll need to document the required doas.conf(5) rule so that it can be run in non-interactive mode.

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions