On Tue, Dec 06, 2022 at 10:12:49PM +0200, Vadim Likholetov wrote:

I’ll try to explain — running as user is not just dropping the priviledges, it is about preparing the environment - making home directory, fixing permissions, allocating pty-s in case of interactive sessions, setting environment variables. Many system daemons like dbus, pipewire , etc has their system-level and user-level parts and we should manage this separately — and it is our nearest future if we want some complex user environments to run on Spectrum, and possibly the packages for this daemons will extend this environment transparent to the user. So it’s s another form of encapsulation like we discussed about making a separate layer for wayland.

Ah, thanks for the explanation. I understand now! You're quite right about running user daemons like PipeWire. I think to manage those, we'd want to run a user-level s6(-rc) instance, so that the services are supervised, and can therefore be restarted if they crash, and dependencies can be taken care of, and logs can be managed however that should work. Let's try adding PipeWire, D-Bus etc. daemons straight to the img/app image? It's intended to be the default image for running applications, so anything that an application is likely to expect to be running should be provided by that image by default. And then later on, when it comes up, we can figure out how to support adding extra services, or whether we should support removing default services from the image, etc. How does that sound?