PulseAudio 7.0 fix

author: netblue <netblue@debian> 2015-10-09 09:33:19 -0400
committer: netblue <netblue@debian> 2015-10-09 09:33:19 -0400
commit: 8d7312b1713fd19e844ad4a94741cec399ecee9b (patch)
tree: 9ffca5108e4405dd431f14c46054f1850d45a701 /src
parent: blacklisting some directories by default under /sys (diff)
download: firejail-8d7312b1713fd19e844ad4a94741cec399ecee9b.tar.gz
firejail-8d7312b1713fd19e844ad4a94741cec399ecee9b.tar.zst
firejail-8d7312b1713fd19e844ad4a94741cec399ecee9b.zip
3 files changed, 77 insertions, 0 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 261821338..2dd70c7f4 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -401,5 +401,8 @@ int errno_find_name(const char *name);
 char *errno_find_nr(int nr);
 void errno_print(void);
+// pulseaudio.c
+void pulseaudio_init(void);
 #endif
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c
new file mode 100644
index 000000000..bea0cc940
--- /dev/null
+++ b/src/firejail/pulseaudio.c
@@ -0,0 +1,69 @@
+/*
+ * Copyright (C) 2014, 2015 Firejail Authors
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#include "firejail.h"
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mount.h>
+// disable shm in pulse audio
+void pulseaudio_init(void) {
+        struct stat s;
+        
+        // do we have pulseaudio in the system?
+        if (stat("/etc/pulse/client.conf", &s) == -1)
+                return;
+        // crate the new user pulseaudio directory
+        char *pulsedir;
+        if (asprintf(&pulsedir, "%s/pulse", MNT_DIR) == -1)
+                errExit("asprintf");
+        int rv = mkdir(pulsedir, S_IRWXU | S_IRWXG | S_IRWXO);
+        if (rv == -1)
+                errExit("mkdir");
+        if (chown(pulsedir, getuid(), getgid()) < 0)
+                errExit("chown");
+        if (chmod(pulsedir, 0700) < 0)
+                errExit("chmod");
+        // create the new client.conf file
+        char *pulsecfg = NULL;
+        if (asprintf(&pulsecfg, "%s/client.conf", pulsedir) == -1)
+                errExit("asprintf");
+        if (copy_file("/etc/pulse/client.conf", pulsecfg))
+                errExit("copy_file");
+        FILE *fp = fopen(pulsecfg, "a+");
+        if (!fp)
+                errExit("fopen");
+        fprintf(fp, "\nenable-shm = no\n");
+        fclose(fp);
+        if (chmod(pulsecfg, 0644) == -1)
+                errExit("chmod");
+        if (chown(pulsecfg, getuid(), getgid()) == -1)
+                errExit("chown");
+        // set environment
+        if (setenv("PULSE_CLIENTCONFIG", pulsecfg, 1) < 0)
+                errExit("setenv");
+        
+        free(pulsecfg);
+        free(pulsedir);         
+}
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index c9146560b..eca4c2282 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -270,6 +270,11 @@ int sandbox(void* sandbox_arg) {
        fs_proc_sys_dev_boot();
        
        //****************************
+        // fix for pulseaudio 7.0
+        //****************************
+        pulseaudio_init();
+        
+        //****************************
        // networking
        //****************************
        if (arg_nonetwork) {
author	netblue <netblue@debian>	2015-10-09 09:33:19 -0400
committer	netblue <netblue@debian>	2015-10-09 09:33:19 -0400
commit	8d7312b1713fd19e844ad4a94741cec399ecee9b (patch)
tree	9ffca5108e4405dd431f14c46054f1850d45a701 /src
parent	blacklisting some directories by default under /sys (diff)
download	firejail-8d7312b1713fd19e844ad4a94741cec399ecee9b.tar.gz firejail-8d7312b1713fd19e844ad4a94741cec399ecee9b.tar.zst firejail-8d7312b1713fd19e844ad4a94741cec399ecee9b.zip

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 261821338..2dd70c7f4 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h
@@ -401,5 +401,8 @@ int errno_find_name(const char *name);
401	char *errno_find_nr(int nr);	401	char *errno_find_nr(int nr);
402	void errno_print(void);	402	void errno_print(void);
403		403
		404	// pulseaudio.c
		405	void pulseaudio_init(void);
		406
404	#endif	407	#endif
405		408


diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c new file mode 100644 index 000000000..bea0cc940 --- /dev/null +++ b/src/firejail/pulseaudio.c
@@ -0,0 +1,69 @@
		1	/*
		2	* Copyright (C) 2014, 2015 Firejail Authors
		3	*
		4	* This file is part of firejail project
		5	*
		6	* This program is free software; you can redistribute it and/or modify
		7	* it under the terms of the GNU General Public License as published by
		8	* the Free Software Foundation; either version 2 of the License, or
		9	* (at your option) any later version.
		10	*
		11	* This program is distributed in the hope that it will be useful,
		12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
		13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		14	* GNU General Public License for more details.
		15	*
		16	* You should have received a copy of the GNU General Public License along
		17	* with this program; if not, write to the Free Software Foundation, Inc.,
		18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
		19	*/
		20	#include "firejail.h"
		21	#include <sys/types.h>
		22	#include <sys/stat.h>
		23	#include <sys/mount.h>
		24
		25	// disable shm in pulse audio
		26	void pulseaudio_init(void) {
		27	struct stat s;
		28
		29	// do we have pulseaudio in the system?
		30	if (stat("/etc/pulse/client.conf", &s) == -1)
		31	return;
		32
		33	// crate the new user pulseaudio directory
		34	char *pulsedir;
		35	if (asprintf(&pulsedir, "%s/pulse", MNT_DIR) == -1)
		36	errExit("asprintf");
		37	int rv = mkdir(pulsedir, S_IRWXU \| S_IRWXG \| S_IRWXO);
		38	if (rv == -1)
		39	errExit("mkdir");
		40	if (chown(pulsedir, getuid(), getgid()) < 0)
		41	errExit("chown");
		42	if (chmod(pulsedir, 0700) < 0)
		43	errExit("chmod");
		44
		45	// create the new client.conf file
		46	char *pulsecfg = NULL;
		47	if (asprintf(&pulsecfg, "%s/client.conf", pulsedir) == -1)
		48	errExit("asprintf");
		49	if (copy_file("/etc/pulse/client.conf", pulsecfg))
		50	errExit("copy_file");
		51	FILE *fp = fopen(pulsecfg, "a+");
		52	if (!fp)
		53	errExit("fopen");
		54	fprintf(fp, "\nenable-shm = no\n");
		55	fclose(fp);
		56	if (chmod(pulsecfg, 0644) == -1)
		57	errExit("chmod");
		58	if (chown(pulsecfg, getuid(), getgid()) == -1)
		59	errExit("chown");
		60
		61
		62	// set environment
		63	if (setenv("PULSE_CLIENTCONFIG", pulsecfg, 1) < 0)
		64	errExit("setenv");
		65
		66
		67	free(pulsecfg);
		68	free(pulsedir);
		69	}


diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index c9146560b..eca4c2282 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c
@@ -270,6 +270,11 @@ int sandbox(void* sandbox_arg) {
270	fs_proc_sys_dev_boot();	270	fs_proc_sys_dev_boot();
271		271
272	//****************************	272	//****************************
		273	// fix for pulseaudio 7.0
		274	//****************************
		275	pulseaudio_init();
		276
		277	//****************************
273	// networking	278	// networking
274	//****************************	279	//****************************
275	if (arg_nonetwork) {	280	if (arg_nonetwork) {