mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-05 13:30:02 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

snap-policy: Manage ENOPROTOOPT error in aa_getpeercon()

Browse source
This commit is contained in:
Sergio Costas 2024-01-30 10:28:27 +00:00 committed by Wim Taymans
parent 726e22311e
commit e8fcaa5157
1 changed files with 7 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/modules/module-protocol-pulse/snap-policy.c
View file

@ -65,7 +65,13 @@ pw_sandbox_access_t pw_snap_get_audio_permissions(struct client *client, int fd,
// if apparmor isn't enabled, we can safely assume that there are no SNAPs in the system
return PW_SANDBOX_ACCESS_NOT_A_SANDBOX;
}
pw_log_warn("snap_get_audio_permissions: failed to get the AppArmor info.");
if (errno == ENOPROTOOPT) {
// if fine grained unix mediation isn't available, we can't know if this is a snap or
// not, so we have no choice but give full access
pw_log_warn("snap_get_audio_permissions: kernel lacks 'fine grained unix mediation'; snap audio permissions won't be honored.");
return PW_SANDBOX_ACCESS_NOT_A_SANDBOX;
}
pw_log_warn("snap_get_audio_permissions: failed to get the AppArmor info: %s.", strerror(errno));
return PW_SANDBOX_ACCESS_NONE;
}
if (!g_str_has_prefix(aa_label, SNAP_LABEL_PREFIX)) {