0

I am using Parabola (based on Arch) and I would like to use firejail to sandbox one or two less trusted applications (steam, in particular). However, when running applications in firejail (even with the --noprofile option, which is supposed to give the least-restrictive sandbox), I don't hear any sound. I have tried with steam and rhythmbox and have the same problem with both.

I have an open ticket here on github. I am using pulseaudio and I suspect the issue may be similar as to why I also get no sound when I run the same applications from the terminal as the root user (because firejail itself needs superuser priviledges to setup the sandbox, before handing over to the jailed application).

Is there a way I can enable sound in pulseaudio for the root user, such that if I log in to the desktop as a regular user; su to root in the terminal; and then run rhythmbox, the sound will play? I am aware of this existing answer; however, it doesn't seem to work for me (presumably, this would only work if I were to log in to the entire desktop session as root, which I don't want to do).

Time4Tea
  • 2,366

2 Answers2

0

Did you try the apulse package?

The program provides an alternative partial implementation of the PulseAudio API. It consists of a loader script and a number of shared libraries with the same names as from original PulseAudio, so applications could dynamically load them and think they are talking to PulseAudio. Internally, no separate sound mixing daemon is used. Instead, apulse relies on ALSA's dmix, dsnoop, and plug plugins to handle multiple sound sources and capture streams running at the same time. dmix plugin muxes multiple playback streams; dsnoop plugin allow multiple applications to capture from a single microphone; and plug plugin transparently converts audio between various sample formats, sample rates and channel numbers.

apulse <program>
Scorpion
  • 757
  • Thanks for your answer, although I haven't tried that. For me, uninstalling pulseaudio resolved the issue and doesn't seem to have caused any other problems. So, I haven't seen much need to try anything else. – Time4Tea Apr 06 '20 at 19:42
-1

To answer my own question: I uninstalled pulseaudio and now the sound seems to work fine in the firejailed applications (presumably they are now using ALSA directly). I suspect the issue was because pulseaudio does not allow server access for the root user; however, firejail requires root privileges.

Time4Tea
  • 2,366
  • When I launch an application as another user I have to use this: ssh -XY <another_user>@localhost https://unix.stackexchange.com/questions/108784/running-gui-application-as-another-non-root-user – Scorpion Mar 29 '20 at 08:33
  • @Scorpion the GUI windows open fine with the firejailed applications. It's the audio that's the problem. – Time4Tea Mar 29 '20 at 09:12
  • 1
    Would be nice to know the reason for the downvote? – Time4Tea Apr 06 '20 at 19:39