From 74149d2484c091e1595416731ba208ff7803957b Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sun, 20 Mar 2016 13:17:35 -0400
Subject: fixes

---
 src/firejail/firejail.h |  1 +
 src/firejail/main.c     | 39 ++++++++++++++++++++++++++-------------
 src/firejail/util.c     | 10 ++++++++++
 3 files changed, 37 insertions(+), 13 deletions(-)

(limited to 'src')

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index f1ddd40ad..0e2ae16c2 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -370,6 +370,7 @@ const char *gnu_basename(const char *path);
 uid_t pid_get_uid(pid_t pid);
 void invalid_filename(const char *fname);
 uid_t get_tty_gid(void);
+uid_t get_audio_gid(void);
 
 // fs_var.c
 void fs_var_log(void);	// mounting /var/log
diff --git a/src/firejail/main.c b/src/firejail/main.c
index b20854b30..612d9c667 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -2007,6 +2007,7 @@ int main(int argc, char **argv) {
 	 	char *map_path;
 	 	if (asprintf(&map_path, "/proc/%d/uid_map", child) == -1)
 	 		errExit("asprintf");
+
 	 	char *map;
 	 	uid_t uid = getuid();
 	 	if (asprintf(&map, "%d %d 1", uid, uid) == -1)
@@ -2017,23 +2018,35 @@ int main(int argc, char **argv) {
 	 	free(map);
 	 	free(map_path);
 	 
-	 	//gid
-	 	if (asprintf(&map_path, "/proc/%d/gid_map", child) == -1)
-	 		errExit("asprintf");
+	 	// gid file
+		if (asprintf(&map_path, "/proc/%d/gid_map", child) == -1)
+			errExit("asprintf");
+	 	char gidmap[1024];
+	 	char *ptr = gidmap;
+	 	*ptr = '\0';
+
+	 	// add user group
 	 	gid_t gid = getgid();
+	 	sprintf(ptr, "%d %d 1\n", gid, gid);
+	 	ptr += strlen(ptr);
+	 	
+	 	//  add tty group
 	 	gid_t ttygid = get_tty_gid();
-	 	if (ttygid == 0)  {
-		 	if (asprintf(&map, "%d %d 1", gid, gid) == -1)
-		 		errExit("asprintf");
-		}
-		else {
-			if (asprintf(&map, "%d %d 1\n%d %d 1", gid, gid, ttygid, ttygid) == -1)
-				errExit("asprintf");
-		}
+	 	if (ttygid) {
+	 		sprintf(ptr, "%d %d 1\n", ttygid, ttygid);
+	 		ptr += strlen(ptr);
+	 	}
+	 	
+	 	//  add audio group
+	 	gid_t audiogid = get_audio_gid();
+	 	if (ttygid) {
+	 		sprintf(ptr, "%d %d 1\n", audiogid, audiogid);
+	 		ptr += strlen(ptr);
+	 	}
+	 	
  		EUID_ROOT();
-	 	update_map(map, map_path);
+	 	update_map(gidmap, map_path);
 	 	EUID_USER();
-	 	free(map);
 	 	free(map_path);
  	}
  	
diff --git a/src/firejail/util.c b/src/firejail/util.c
index 04b564370..1fa60bb4d 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -642,3 +642,13 @@ uid_t get_tty_gid(void) {
 
 	return ttygid;
 }
+
+uid_t get_audio_gid(void) {
+	// find tty group id
+	gid_t audiogid = 0;
+	struct group *g = getgrnam("audio");
+	if (g)
+		audiogid = g->gr_gid;
+
+	return audiogid;
+}
-- 
cgit v1.2.3-54-g00ecf