Enable soft real time for gnome shell #71390
Conversation
Mutter have shipped its own `clutter` for ages, we need json-glib however which clutter propagated.
In NixOS extra capabilities are provided through the ambient set which provides real inheritability to user run processes [0]. We don't want gome-shell to spawn processes with cap_sys_nice however (apart from the obvious this also breaks eg. flatpaks). So we drop inheritable when starting to prevent further inheritance (the ambient set is only propagated if inherit is set). [0] torvalds/linux@5831905
We create a wrapper which launches gnome-shell with the correct environment and cap_sys_nice. We can then override gnome-shell-wayland.service to use this wrapper. NOTE: We need to force clear the environment, because the defaults aren't good for user services. That should probably be fixed.
ofborg
bot
added
6.topic: GNOME
ofborg
bot
added
11.by: package-maintainer
|
Note we could simplify the drop-inheritable patch, as there's a bunch of stuff we don't really need to support (eg. having a meson option, and ifdefs in the code etc.). |
|
@hedning Could it be possible to do similar without security wrappers and systemd? I also believe this is an experimental feature, so I don't think it's on by default. Could you add an option |
You basically need an executable with To actually launch sessions with the capability it just seemed cleanest to do it as a service override. That keeps the separation between NixOS and nixpkgs, and the security wrapper code can live together with the override.
Right, totally forgot that (I apparently turned it on a long time ago 😂 ).
Yep, that makes sense 👍 The gsettings override only acts as a default right? It doesn't override anything if the option is set in the users database? Fedora sets cap_sys_nice by default (https://src.fedoraproject.org/rpms/gnome-shell/blob/f31/f/gnome-shell.spec#_173), so I think that's fine to launch through the wrapper by default (that way it's possible to enable it through dconf-editor etc. too). |
Umm, by using systemd I meant a service override. But with |
Yup. And worst of all, GSettings list do not have merging semantics like Nix modules have, so if we wanted to add another experimental feature, we would need to remember to do it all in single place. |
Ah, right, that only works for system services unfortunately. I think it would be fairly difficult to integrate it with the display-managers etc. (Also looks like the capabilities are passed through the ambient set, so we'd still need the mutter patch). |
|
I'm thinking it might make more sense in nixos to not launch through the wrapper default, but to add the option |
Actually, after thinking about it I don't think there's much point without #54150, as we can only influence default values. Which isn't much use, it doesn't enable it. I would only enables support. So it's more of an implementation detail, and it's pretty harmless capability anyways. |
Motivation for this change
Make gnome-shell wayland run with cap_sys_nice to improve performance.
closes #71381
Things done
Patched mutter to drop
cap_sys_nice=ion startup, which prevents the ambient set leaking into processes gnome-shell spawns.Overrode
gnome-shell-wayland.serviceto launch through an added capability wrapper. (This proved a bit fiddly as NixOS provides a rather bad default environment for user services). Thought this was cleaner than mucking about in the gnome-shell derivation.Running this at the moment, and it seems to work:
sandboxinnix.confon non-NixOS)nix-shell -p nix-review --run "nix-review wip"./result/bin/)nix path-info -Sbefore and after)Notify maintainers
cc @