diff options
author | 2023-09-06 19:53:01 -0300 | |
---|---|---|
committer | 2023-09-20 12:23:31 -0300 | |
commit | 0091caf80c7bb024facf406d229c82b505e5d28a (patch) | |
tree | af60f9ab8ffb3395e667bcbcc926e2c079366008 /src | |
parent | VSCodium: Fix developing Arduino (#5991) (diff) | |
download | firejail-0091caf80c7bb024facf406d229c82b505e5d28a.tar.gz firejail-0091caf80c7bb024facf406d229c82b505e5d28a.tar.zst firejail-0091caf80c7bb024facf406d229c82b505e5d28a.zip |
modif: keep pipewire group unless nosound is used
This group is apparently used on Gentoo[1].
Currently only the "audio" supplementary group is kept.
Fixes #5992.
See also commit f32938669 ("Keep vglusers group unless no3d is used
(virtualgl)", 2022-01-07) / PR #4851.
[1] https://wiki.gentoo.org/wiki/PipeWire
Reported-by: @amano-kenji
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/main.c | 7 | ||||
-rw-r--r-- | src/firejail/util.c | 2 |
2 files changed, 8 insertions, 1 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index b0d5dac17..e3dab561c 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -3217,13 +3217,18 @@ int main(int argc, char **argv, char **envp) { | |||
3217 | 3217 | ||
3218 | gid_t g; | 3218 | gid_t g; |
3219 | if (!arg_nogroups || !check_can_drop_all_groups()) { | 3219 | if (!arg_nogroups || !check_can_drop_all_groups()) { |
3220 | // add audio group | 3220 | // add audio groups |
3221 | if (!arg_nosound) { | 3221 | if (!arg_nosound) { |
3222 | g = get_group_id("audio"); | 3222 | g = get_group_id("audio"); |
3223 | if (g) { | 3223 | if (g) { |
3224 | sprintf(ptr, "%d %d 1\n", g, g); | 3224 | sprintf(ptr, "%d %d 1\n", g, g); |
3225 | ptr += strlen(ptr); | 3225 | ptr += strlen(ptr); |
3226 | } | 3226 | } |
3227 | g = get_group_id("pipewire"); | ||
3228 | if (g) { | ||
3229 | sprintf(ptr, "%d %d 1\n", g, g); | ||
3230 | ptr += strlen(ptr); | ||
3231 | } | ||
3227 | } | 3232 | } |
3228 | 3233 | ||
3229 | // add video group | 3234 | // add video group |
diff --git a/src/firejail/util.c b/src/firejail/util.c index 970832b38..bd32181b5 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -207,6 +207,8 @@ static void clean_supplementary_groups(gid_t gid) { | |||
207 | if (!arg_nosound) { | 207 | if (!arg_nosound) { |
208 | copy_group_ifcont("audio", groups, ngroups, | 208 | copy_group_ifcont("audio", groups, ngroups, |
209 | new_groups, &new_ngroups, MAX_GROUPS); | 209 | new_groups, &new_ngroups, MAX_GROUPS); |
210 | copy_group_ifcont("pipewire", groups, ngroups, | ||
211 | new_groups, &new_ngroups, MAX_GROUPS); | ||
210 | } | 212 | } |
211 | 213 | ||
212 | if (!arg_novideo) { | 214 | if (!arg_novideo) { |