25 files changed, 126 insertions, 102 deletions
diff --git a/README b/README
index 043e7445a..af09db5ca 100644
--- a/README
+++ b/README
@@ -78,12 +78,18 @@ Fred-Barclay (https://github.com/Fred-Barclay)
        - added DOSBox profile
        - evince profile enhancement
 vismir2 (https://github.com/vismir2)
+        - claws-mail, mutt, git, emacs, vim profiles
+Dara Adib (https://github.com/daradib)
+        - ssh profile fix
+        - evince profile fix
+valoq (https://github.com/valoq)
+        - LibreOffice profile fixes
+        - cherrytree profile fixes
+vismir2 (https://github.com/vismir2)
        - feh, ranger, 7z, keepass, keepassx and zathura profiles
        - lots of profile fixes
 graywolf (https://github.com/graywolf)
        - spelling fix
-Dara Adib (https://github.com/daradib)
-        - ssh profile fix
 Tomasz Jan Góralczyk (https://github.com/tjg)
        - fixed Steam profile
 pwnage-pineapple (https://github.com/pwnage-pineapple)
diff --git a/README.md b/README.md
index 6e50a7645..a51651948 100644
--- a/README.md
+++ b/README.md
@@ -40,6 +40,8 @@ FAQ: https://firejail.wordpress.com/support/frequently-asked-questions/
 If you keep your Firejail profiles in a public repository, please give us a link:
 * https://github.com/chiraag-nataraj/firejail-profiles
+* https://github.com/triceratops1/fe
 `````
 `````
@@ -110,5 +112,6 @@ x11 xpra, x11 xephyr, x11 none, x11 xorg, allusers, join-or-start
 ## New profiles
-qpdfview, mupdf, Luminance HDR, Synfig Studio, Gimp, Inkscape, feh, ranger, zathura, 7z, keepass, keepassx
+qpdfview, mupdf, Luminance HDR, Synfig Studio, Gimp, Inkscape, feh, ranger, zathura, 7z, keepass, keepassx,
+claws-mail, mutt, git, emacs, vim
diff --git a/RELNOTES b/RELNOTES
index bdafb6ff0..14b84901c 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -16,7 +16,8 @@ firejail (0.9.43) baseline; urgency=low
  * feature: disable 3D hardware acceleration (--no3d)
  * feature: x11 xpra, x11 xephyr, x11 block, allusers, no3d profile commands
  * new profiles: qpdfview, mupdf, Luminance HDR, Synfig Studio, Gimp, Inkscape
-  * new profiles: feh, ranger, zathura, 7z, keepass, keepassx
+  * new profiles: feh, ranger, zathura, 7z, keepass, keepassx,
+  * new profiles: claws-mail, mutt, git, emacs, vim
  * bugfixes
 -- netblue30 <netblue30@yahoo.com>  Fri, 9 Sept 2016 08:00:00 -0500
diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile
index 7c324a34b..d16e7c067 100644
--- a/etc/cherrytree.profile
+++ b/etc/cherrytree.profile
@@ -1,6 +1,7 @@
 # cherrytree note taking application
 noblacklist /usr/bin/python2*
 noblacklist /usr/lib/python3*
+noblacklist ${HOME}/.config/cherrytree/
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
@@ -15,13 +16,4 @@ seccomp
 protocol unix,inet,inet6,netlink
 tracelog
-include /etc/firejail/whitelist-common.inc
-# no private-bin support for various reasons:
-#10:25:34 exec 11249 (root) NEW SANDBOX: /usr/bin/firejail /usr/bin/cherrytree 
-#10:25:34 exec 11252 (netblue) /bin/bash -c "/usr/bin/cherrytree"  
-#10:25:34 exec 11252 (netblue) /usr/bin/python /usr/bin/cherrytree 
-#10:25:34 exec 11253 (netblue) sh -c /sbin/ldconfig -p 2>/dev/null 
-#10:25:34 exec 11255 (netblue) sh -c if type gcc >/dev/null 2>&1; then CC=gcc; elif type cc >/dev/null 2>&1; then CC=cc;else exit 10; fi;LANG=C LC_ALL=C $CC -Wl,-t -o /tmp/tmpiYr44S 2>&1 -llibc 
-# it requires acces to browser to show the online help
-# it doesn't play nicely with expect
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index c13885739..126ebea80 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -33,6 +33,7 @@ blacklist ${HOME}/.synfig
 blacklist ${HOME}/.inkscape
 blacklist ${HOME}/.gimp*
 blacklist ${HOME}/.config/zathura
+blacklist ${HOME}/.config/cherrytree
 # Media players
diff --git a/etc/evince.profile b/etc/evince.profile
index 374fa4aaa..894c7c70d 100644
--- a/etc/evince.profile
+++ b/etc/evince.profile
@@ -15,5 +15,4 @@ shell none
 tracelog
 private-bin evince,evince-previewer,evince-thumbnailer
-whitelist /tmp/.X11-unix
 private-dev
diff --git a/etc/firejail-default b/etc/firejail-default
index 0b771f834..1b0eb7658 100644
--- a/etc/firejail-default
+++ b/etc/firejail-default
@@ -31,6 +31,9 @@ profile firejail-default {
 /{,var/}run/user/**/pulse/ rw,
 /{,var/}run/user/**/pulse/** rw,
 /{,var/}run/firejail/mnt/fslogger r,
+/{,var/}run/firejail/appimage r,
+/{,var/}run/firejail/appimage/** r,
+/{,var/}run/firejail/appimage/** ix,
 /{run,dev}/shm/ r,
 /{run,dev}/shm/** rmwk,
diff --git a/etc/keepass.profile b/etc/keepass.profile
index b2085f53d..23f9a7b40 100644
--- a/etc/keepass.profile
+++ b/etc/keepass.profile
@@ -13,7 +13,7 @@ nogroups
 nonewprivs
 noroot
 nosound
-protocol unix
+protocol unix,inet,inet6
 seccomp
 netfilter
 shell none
diff --git a/etc/libreoffice.profile b/etc/libreoffice.profile
index 75a52e9ff..d6aceb7a8 100644
--- a/etc/libreoffice.profile
+++ b/etc/libreoffice.profile
@@ -1,5 +1,6 @@
 # Firejail profile for LibreOffice
 noblacklist ~/.config/libreoffice
+noblacklist /usr/local/sbin
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
@@ -10,9 +11,9 @@ netfilter
 nogroups
 nonewprivs
 noroot
-protocol unix,inet,inet6,netlink
+protocol unix,inet,inet6
 seccomp
 tracelog
 private-dev
-whitelist /tmp/.X11-unix/
+# whitelist /tmp/.X11-unix/
diff --git a/etc/vlc.profile b/etc/vlc.profile
index cdd098dd5..446e47864 100644
--- a/etc/vlc.profile
+++ b/etc/vlc.profile
@@ -14,7 +14,6 @@ noroot
 protocol unix,inet,inet6
 seccomp
 shell none
-tracelog
 private-bin vlc,cvlc,nvlc,rvlc,qvlc,svlc
 private-dev
diff --git a/platform/debian/conffiles b/platform/debian/conffiles
index 03fb2fe75..de9ed4277 100644
--- a/platform/debian/conffiles
+++ b/platform/debian/conffiles
@@ -155,3 +155,9 @@
 /etc/firejail/7z.profile
 /etc/firejail/keepass.profile
 /etc/firejail/keepassx.profile
+/etc/firejail/claws-mail
+/etc/firejail/mutt
+/etc/firejail/git
+/etc/firejail/emacs
+/etc/firejail/vim
diff --git a/src/firejail/appimage.c b/src/firejail/appimage.c
index 05bd8a1d8..375d6be24 100644
--- a/src/firejail/appimage.c
+++ b/src/firejail/appimage.c
@@ -54,9 +54,13 @@ void appimage_set(const char *appimage_path) {
                exit(1);
        }
+        // populate /run/firejail directory
        EUID_ROOT();
+        fs_build_firejail_dir();
+        EUID_USER();
        // find or allocate a free loop device to use
+        EUID_ROOT();
        int cfd = open("/dev/loop-control", O_RDWR);
        int devnr = ioctl(cfd, LOOP_CTL_GET_FREE);
        if (devnr == -1) {
@@ -74,36 +78,37 @@ void appimage_set(const char *appimage_path) {
        }
        close(lfd);
        close(ffd);
-        
        EUID_USER();
-        // creates directory with perms 0700
+        // creates appimage mount point perms 0700
-        char dirname[] = "/tmp/firejail-mnt-XXXXXX";
+        if (asprintf(&mntdir, "%s/appimage-%u",  RUN_FIREJAIL_APPIMAGE_DIR, getpid()) == -1)
-        mntdir =  strdup(mkdtemp(dirname));
+                errExit("asprintf");
-        if (mntdir == NULL) {
+        EUID_ROOT();
-                fprintf(stderr, "Error: cannot create temporary directory\n");
+        if (mkdir(mntdir, 0700) == -1) {
+                fprintf(stderr, "Error: cannot create appimage mount point\n");
                exit(1);
        }
        if (chmod(mntdir, 0700) == -1)
                errExit("chmod");
+        if (chown(mntdir, getuid(), getgid()) == -1)
+                errExit("chown");
+        EUID_USER();
        ASSERT_PERMS(mntdir, getuid(), getgid(), 0700);
        
+        // mount
        char *mode;
        if (asprintf(&mode, "mode=700,uid=%d,gid=%d", getuid(), getgid()) == -1)
                errExit("asprintf");
        EUID_ROOT();
        if (mount(devloop, mntdir, "iso9660",MS_MGC_VAL|MS_RDONLY,  mode) < 0)
                errExit("mounting appimage");
        if (arg_debug)
                printf("appimage mounted on %s\n", mntdir);
        EUID_USER();
+        // set environment
        if (appimage_path && setenv("APPIMAGE", appimage_path, 1) < 0)
                errExit("setenv");
-        
        if (mntdir && setenv("APPDIR", mntdir, 1) < 0)
                errExit("setenv");
@@ -121,16 +126,32 @@ void appimage_set(const char *appimage_path) {
 void appimage_clear(void) {
        int rv;
+        EUID_ROOT();
        if (mntdir) {
-                rv = umount2(mntdir, MNT_FORCE);
+                int i;
-                if (rv == -1 && errno == EBUSY) {
+                int rv = 0;
-                        sleep(1);                       
+                for (i = 0; i < 5; i++) {
                        rv = umount2(mntdir, MNT_FORCE);
-                        (void) rv;
+                        if (rv == 0)
+                                break;
+                        if (rv == -1 && errno == EBUSY) {
+                                if (!arg_quiet)
+                                        printf("Warning: EBUSY error trying to unmount %s\n", mntdir);                  
+                                sleep(2);
+                                continue;
+                        }
                        
+                        // rv = -1
+                        if (!arg_quiet) {
+                                printf("Warning: error trying to unmount %s\n", mntdir);
+                                perror("umount");
+                        }
+                }
+                
+                if (rv == 0) {
+                        rmdir(mntdir);
+                        free(mntdir);
                }
-                rmdir(mntdir);
-                free(mntdir);
        }
        if (devloop) {
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index f4d468394..15e108056 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -28,6 +28,7 @@
 // filesystem
 #define RUN_FIREJAIL_BASEDIR    "/run"
 #define RUN_FIREJAIL_DIR        "/run/firejail"
+#define RUN_FIREJAIL_APPIMAGE_DIR       "/run/firejail/appimage"
 #define RUN_FIREJAIL_NAME_DIR   "/run/firejail/name"
 #define RUN_FIREJAIL_X11_DIR    "/run/firejail/x11"
 #define RUN_FIREJAIL_NETWORK_DIR        "/run/firejail/network"
@@ -457,8 +458,7 @@ char *expand_home(const char *path, const char* homedir);
 const char *gnu_basename(const char *path);
 uid_t pid_get_uid(pid_t pid);
 void invalid_filename(const char *fname);
-uid_t get_tty_gid(void);
+uid_t get_group_id(const char *group);
-uid_t get_audio_gid(void);
 int remove_directory(const char *path);
 void flush_stdin(void);
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index b40f8a3fa..a5f12c7df 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -77,14 +77,15 @@ void fs_build_firejail_dir(void) {
        if (stat(RUN_FIREJAIL_BASEDIR, &s)) {
                create_dir_as_root(RUN_FIREJAIL_BASEDIR, 0755);
        }
-        else { // check /tmp/firejail directory belongs to root end exit if doesn't!
+        // check /run/firejail directory belongs to root end exit if doesn't!
+        if (stat(RUN_FIREJAIL_DIR, &s) == 0) {
                if (s.st_uid != 0 || s.st_gid != 0) {
                        fprintf(stderr, "Error: non-root %s directory, exiting...\n", RUN_FIREJAIL_DIR);
                        exit(1);
                }
        }
+        else {
-        if (stat(RUN_FIREJAIL_DIR, &s)) {
                create_dir_as_root(RUN_FIREJAIL_DIR, 0755);
        }
        
@@ -104,12 +105,16 @@ void fs_build_firejail_dir(void) {
                create_dir_as_root(RUN_FIREJAIL_X11_DIR, 0755);
        }
        
+        if (stat(RUN_FIREJAIL_APPIMAGE_DIR, &s)) {
+                create_dir_as_root(RUN_FIREJAIL_APPIMAGE_DIR, 0755);
+        }
+        
        create_empty_dir();
        create_empty_file();
 }
-// build /tmp/firejail/mnt directory
+// build /run/firejail/mnt directory
 static int tmpfs_mounted = 0;
 #ifdef HAVE_CHROOT              
 static void fs_build_remount_mnt_dir(void) {
@@ -133,7 +138,7 @@ void fs_build_mnt_dir(void) {
                if (arg_debug)
                        printf("Mounting tmpfs on %s directory\n", RUN_MNT_DIR);
                if (mount("tmpfs", RUN_MNT_DIR, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
-                        errExit("mounting /tmp/firejail/mnt");
+                        errExit("mounting /run/firejail/mnt");
                tmpfs_mounted = 1;
                fs_logger2("tmpfs", RUN_MNT_DIR);
        }
@@ -1250,7 +1255,7 @@ void fs_private_tmp(void) {
        if (arg_debug)
                printf("Mounting tmpfs on /tmp directory\n");
        if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=1777,gid=0") < 0)
-                errExit("mounting /tmp/firejail/mnt");
+                errExit("mounting tmpfs on /tmp directory");
        fs_logger2("tmpfs", "/tmp");
 }
diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c
index 40539305f..e65474f44 100644
--- a/src/firejail/fs_bin.c
+++ b/src/firejail/fs_bin.c
@@ -208,7 +208,7 @@ void fs_private_bin_list(void) {
        char *private_list = cfg.bin_private_keep;
        assert(private_list);
        
-        // create /tmp/firejail/mnt/bin directory
+        // create /run/firejail/mnt/bin directory
        fs_build_mnt_dir();
        if (mkdir(RUN_BIN_DIR, 0755) == -1)
                errExit("mkdir");
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c
index daf0afd9e..aa5f7c28b 100644
--- a/src/firejail/fs_dev.c
+++ b/src/firejail/fs_dev.c
@@ -225,7 +225,7 @@ void fs_private_dev(void){
        // mount /dev/pts
-        gid_t ttygid = get_tty_gid();
+        gid_t ttygid = get_group_id("tty");
        char *data;
        if (asprintf(&data, "newinstance,gid=%d,mode=620,ptmxmode=0666", (int) ttygid) == -1)
                errExit("asprintf");
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c
index e860bc173..fc9e40ca0 100644
--- a/src/firejail/fs_etc.c
+++ b/src/firejail/fs_etc.c
@@ -128,7 +128,7 @@ void fs_private_etc_list(void) {
                exit(1);
        }
-        // create /tmp/firejail/mnt/etc directory
+        // create /run/firejail/mnt/etc directory
        fs_build_mnt_dir();
        if (mkdir(RUN_ETC_DIR, 0755) == -1)
                errExit("mkdir");
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index 63d5a1c5e..bd3c404e9 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -591,7 +591,7 @@ void fs_private_home_list(void) {
                exit(1);
        }
-        // create /tmp/firejail/mnt/home directory
+        // create /run/firejail/mnt/home directory
        fs_build_mnt_dir();
        int rv = mkdir(RUN_HOME_DIR, 0755);
        if (rv == -1)
diff --git a/src/firejail/fs_trace.c b/src/firejail/fs_trace.c
index 78fc8a647..37e899f12 100644
--- a/src/firejail/fs_trace.c
+++ b/src/firejail/fs_trace.c
@@ -44,7 +44,7 @@ void fs_trace_preload(void) {
 }
 void fs_trace(void) {
-        // create /tmp/firejail/mnt directory
+        // create /run/firejail/mnt directory
        fs_build_mnt_dir();
        
        // create the new ld.so.preload file and mount-bind it
diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c
index a578d04e6..4468efb10 100644
--- a/src/firejail/fs_var.c
+++ b/src/firejail/fs_var.c
@@ -317,7 +317,7 @@ void fs_var_utmp(void) {
                return;
        }
-        // create /tmp/firejail/mnt directory
+        // create /run/firejail/mnt directory
        fs_build_mnt_dir();
        
        // create a new utmp file
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index ad7fea227..849861805 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -550,29 +550,6 @@ void fs_whitelist(void) {
                if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=1777,gid=0") < 0)
                        errExit("mounting tmpfs on /tmp");
                fs_logger("tmpfs /tmp");
-                
-                // mount appimage directory if necessary
-                if (arg_appimage) {
-                        const char *dir = appimage_getdir();
-                        assert(dir);
-                        char *wdir;
-                        if (asprintf(&wdir, "%s/%s", RUN_WHITELIST_TMP_DIR, dir + 4) == -1)
-                                errExit("asprintf");
-                        // create directory
-                        if (mkdir(dir, 0755) < 0)
-                                errExit("mkdir");
-                        if (chown(dir, getuid(), getgid()) < 0)
-                                errExit("chown");
-                        if (chmod(dir, 0755) < 0)
-                                errExit("chmod");
-                
-                        // mount
-                        if (mount(wdir, dir, NULL, MS_BIND|MS_REC, NULL) < 0)
-                                errExit("mount bind");
-                        fs_logger2("whitelist", dir);
-                        free(wdir);
-                }
        }
        
        // /media mountpoint
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 6d4eb21df..987a79d1c 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -2555,16 +2555,31 @@ int main(int argc, char **argv) {
                ptr += strlen(ptr);
                
                //  add tty group
-                gid_t ttygid = get_tty_gid();
+                gid_t g = get_group_id("tty");
-                if (ttygid) {
+                if (g) {
-                        sprintf(ptr, "%d %d 1\n", ttygid, ttygid);
+                        sprintf(ptr, "%d %d 1\n", g, g);
                        ptr += strlen(ptr);
                }
                
                //  add audio group
-                gid_t audiogid = get_audio_gid();
+                g = get_group_id("audio");
-                if (ttygid) {
+                if (g) {
-                        sprintf(ptr, "%d %d 1\n", audiogid, audiogid);
+                        sprintf(ptr, "%d %d 1\n", g, g);
+                        ptr += strlen(ptr);
+                }
+                
+                //  add video group
+                g = get_group_id("video");
+                if (g) {
+                        sprintf(ptr, "%d %d 1\n", g, g);
+                        ptr += strlen(ptr);
+                }
+                
+                //  add games group
+                g = get_group_id("games");
+                if (g) {
+                        sprintf(ptr, "%d %d 1\n", g, g);
+                        ptr += strlen(ptr);
                }
                
                EUID_ROOT();
diff --git a/src/firejail/restricted_shell.c b/src/firejail/restricted_shell.c
index 24ce27c2e..979bb1eed 100644
--- a/src/firejail/restricted_shell.c
+++ b/src/firejail/restricted_shell.c
@@ -18,6 +18,7 @@
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
 #include "firejail.h"
+#include <fnmatch.h>
 #define MAX_READ 4096   // maximum line length
 char *restricted_user = NULL;
@@ -49,7 +50,11 @@ int restricted_shell(const char *user) {
                if (*ptr == '\n' || *ptr == '#')
                        continue;
-                // parse line   
+                //
+                // parse line
+                //
+                
+                // extract users
                char *usr = ptr;
                char *args = strchr(usr, ':');
                if (args == NULL) {
@@ -63,7 +68,7 @@ int restricted_shell(const char *user) {
                if (ptr)
                        *ptr = '\0';
                
-                // if nothing follows, continue
+                // extract firejail command line arguments
                char *ptr2 = args;
                int found = 0;
                while (*ptr2 != '\0') {
@@ -73,12 +78,13 @@ int restricted_shell(const char *user) {
                        }
                        ptr2++;
                }
+                // if nothing follows, continue
                if (!found)
                        continue;
                
-                // process user
+                // user name globbing
-                if (strcmp(user, usr) == 0) {
+                if (fnmatch(usr, user, 0) == 0) {
-                        // extract program arguments
+                        // process program arguments
                        fullargv[0] = "firejail";
                        int i;
diff --git a/src/firejail/seccomp.c b/src/firejail/seccomp.c
index c2da1168a..549359d94 100644
--- a/src/firejail/seccomp.c
+++ b/src/firejail/seccomp.c
@@ -708,7 +708,7 @@ int seccomp_filter_drop(int enforce_seccomp) {
        if (arg_debug)
                filter_debug();
-        // save seccomp filter in  /tmp/firejail/mnt/seccomp
+        // save seccomp filter in  /run/firejail/mnt/seccomp
        // in order to use it in --join operations
        write_seccomp_file();
@@ -754,7 +754,7 @@ int seccomp_filter_keep(void) {
        if (arg_debug)
                filter_debug();
-        // save seccomp filter in  /tmp/firejail/mnt/seccomp
+        // save seccomp filter in  /run/firejail/mnt/seccomp
        // in order to use it in --join operations
        write_seccomp_file();
@@ -796,7 +796,7 @@ int seccomp_filter_errno(void) {
        if (arg_debug)
                filter_debug();
-        // save seccomp filter in  /tmp/firejail/mnt/seccomp
+        // save seccomp filter in  /run/firejail/mnt/seccomp
        // in order to use it in --join operations
        write_seccomp_file();
@@ -819,7 +819,7 @@ int seccomp_filter_errno(void) {
 void seccomp_set(void) {
-        // read seccomp filter from  /tmp/firejail/mnt/seccomp
+        // read seccomp filter from  /runp/firejail/mnt/seccomp
        read_seccomp_file(RUN_SECCOMP_CFG);
        
        // apply filter
diff --git a/src/firejail/util.c b/src/firejail/util.c
index 7aa0ae0e8..f38b02fd0 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -649,25 +649,14 @@ void invalid_filename(const char *fname) {
 }
-uid_t get_tty_gid(void) {
+uid_t get_group_id(const char *group) {
        // find tty group id
-        gid_t ttygid = 0;
+        gid_t gid = 0;
-        struct group *g = getgrnam("tty");
+        struct group *g = getgrnam(group);
        if (g)
-                ttygid = g->gr_gid;
+                gid = g->gr_gid;
-        return ttygid;
+        return gid;
-}
-uid_t get_audio_gid(void) {
-        // find tty group id
-        gid_t audiogid = 0;
-        struct group *g = getgrnam("audio");
-        if (g)
-                audiogid = g->gr_gid;
-        return audiogid;
 }