Proposal to Assign a Fixed Group ID to the render Group
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
base-passwd (Debian) |
New
|
Unknown
|
|||
base-passwd (Ubuntu) |
Incomplete
|
Undecided
|
Unassigned |
Bug Description
Problem Statement:
The lack of a fixed Group ID (GID) for the render group in Ubuntu leads to compatibility and security challenges, particularly in environments utilizing GPU resources.
Description:
This proposal recommends assigning GID 59 to the render group in the base-passwd/
The transition of /dev/dri/renderD* from the video to the render group in SystemD has led to issues due to the lack of a fixed GID for render. This has impacted various projects and forced the community to adopt workarounds.
Proposed Change:
Assign GID 59 to the render group or another GID that is more appropriate.
Rationale:
Consistency: A standardized GID ensures uniform access controls across various Linux installations.
Security: Establishes clear and predictable permissions for GPU resources, reducing the need for elevated permissions.
Compatibility: Supports applications that depend on GPU access, avoiding conflicts and permissions issues.
Context and Documented Issues:
Some examples of issues around this:
https:/
https:/
https:/
https:/
https:/
Impact on Ubuntu Versions:
This issue affects versions such as Ubuntu 20.04 and 22.04, particularly in Docker environments where the render group is not consistently recognized.
Request for Feedback:
Seeking feedback and discussion from the Ubuntu community and maintainers.
Changed in base-passwd (Debian): | |
status: | Unknown → New |
I don't have time to provide a fully researched answer, but I hope this will help.
If you're not already familiar, I suggest you start at https:/ /www.debian. org/doc/ debian- policy/ ch-opersys. html#users- and-groups. Ubuntu cannot allocate these without potential future collision with Debian. So you should ask Debian in the first instance.
I'm pretty sure I speak for Ubuntu developers when I say that this cannot be considered for Ubuntu alone without a discussion in Debian first.