PipeWire
0.3.61
|
The access
module performs access checks on clients.
The access check is only performed once per client, subsequent checks return the same resolution.
Permissions assigned to a client are configured as arguments to this module, see the example configuration below. A special use-case is Flatpak where the permission management is delegated.
This module sets the PW_KEY_ACCESS property to one of
allowed
: the client is explicitly allowed to access all resourcesrejected
: the client does not have access to any resources and a resource error is generatedrestricted
: the client is restricted, see note belowflatpak
: restricted, special case for clients running inside flatpak, see note below$access.force
: the value of the access.force
argument given in the module configuration.unrestricted
: the client is allowed to access all resources. This is the default for clients not listed in any of the access.*
options unless the client requested reduced permissions in PW_KEY_CLIENT_ACCESS.allowed
or rejected
rely on an external actor to update that property once permission is granted or rejected.For connections from applications running inside Flatpak not mediated by a portal, the access
module itself sets the pipewire.access.portal.app_id
property to the Flatpak application ID.
Options specific to the behavior of this module
access.allowed = []
: an array of paths of allowed applicationsaccess.rejected = []
: an array of paths of rejected applicationsaccess.restricted = []
: an array of paths of restricted applicationsaccess.force = <str>
: forces an external permissions check (e.g. a flatpak portal)Options with well-known behavior: