modif: keep pipewire group unless nosound is used

This group is apparently used on Gentoo[1]. Currently only the "audio" supplementary group is kept. Fixes netblue30#5992. See also commit f329386 ("Keep vglusers group unless no3d is used (virtualgl)", 2022-01-07) / PR netblue30#4851. [1] https://wiki.gentoo.org/wiki/PipeWire Reported-by: @amano-kenji
kmk3 · Sep 20, 2023 · 0091caf · 0091caf
1 parent 4b8f1d2
commit 0091caf
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 1 deletion.
diff --git a/RELNOTES b/RELNOTES
@@ -21,6 +21,7 @@ firejail (0.9.73) baseline; urgency=low
  * modif: Improve --version/--help & print version on startup (#5829)
  * modif: improve errExit error messages (#5871)
  * modif: drop deprecated 'shell' option references (#5894)
+ * modif: keep pipewire group unless nosound is used (#5992 #5993)
  * bugfix: qutebrowser: links will not open in the existing instance (#5601
  #5618)
  * bugfix: fix --hostname and --hosts-file commands

diff --git a/src/firejail/main.c b/src/firejail/main.c
@@ -3217,13 +3217,18 @@ int main(int argc, char **argv, char **envp) {
 
  gid_t g;
  if (!arg_nogroups || !check_can_drop_all_groups()) {
- // add audio group
+ // add audio groups
  if (!arg_nosound) {
  g = get_group_id("audio");
  if (g) {
  sprintf(ptr, "%d %d 1\n", g, g);
  ptr += strlen(ptr);
  }
+ g = get_group_id("pipewire");
+ if (g) {
+ sprintf(ptr, "%d %d 1\n", g, g);
+ ptr += strlen(ptr);
+ }
  }
 
  // add video group

diff --git a/src/firejail/util.c b/src/firejail/util.c
@@ -207,6 +207,8 @@ static void clean_supplementary_groups(gid_t gid) {
  if (!arg_nosound) {
  copy_group_ifcont("audio", groups, ngroups,
  new_groups, &new_ngroups, MAX_GROUPS);
+ copy_group_ifcont("pipewire", groups, ngroups,
+ new_groups, &new_ngroups, MAX_GROUPS);
  }
 
  if (!arg_novideo) {