* How to make audio devices available with guix shell --container
@ 2022-12-05 17:41 Elias Kueny
2022-12-06 3:47 ` kiasoc5
0 siblings, 1 reply; 4+ messages in thread
From: Elias Kueny @ 2022-12-05 17:41 UTC (permalink / raw)
To: help-guix
Hello,
I'm trying to run an online videoconferencing tool in chromium in a guix shell with a container, so I expose my system as little as possible. All is well without the --container option, but I'm not sure what to expose to make it work in the container too.
I'm on guix system. I'm starting the software with: `guix shell --container -N -P --no-cwd --preserve='^DISPLAY$' --preserve='^XAUTHORITY$' --share=$XAUTHORITY --share=/dev/video0 ungoogled-chromium -- chromium --app="https://meet.jit.si"`.
`--preserve='^DISPLAY$' --preserve='^XAUTHORITY$' --share=$XAUTHORITY` lets chromium open an X window and share the scren.
`--share=/dev/video0` gives access to the webcam.
What is the step to allow the microphone and speakers?
I'm not particularly familiar with how audio devices are working. I read they are in /dev/snd, but sharing this or even the whole of /dev/ doesn't make the microphone and speakers available (although the browser is now asking me for the permission to access them, so it seems aware I have them). I also tried adding tinyalsa and pulseaudio to the container in case that's what's missing, but to no avail. I didn't explicitely install anything related to audio (but I have %desktop-services in my operating-system definition), so if it's a software that is missing, I don't know which one.
Thank you in advance!
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: How to make audio devices available with guix shell --container
2022-12-05 17:41 How to make audio devices available with guix shell --container Elias Kueny
@ 2022-12-06 3:47 ` kiasoc5
2022-12-06 17:01 ` Elias Kueny
0 siblings, 1 reply; 4+ messages in thread
From: kiasoc5 @ 2022-12-06 3:47 UTC (permalink / raw)
To: Elias Kueny, help-guix
On 12/5/22 12:41, Elias Kueny wrote:
> Hello,
>
> I'm trying to run an online videoconferencing tool in chromium in a guix
> shell with a container, so I expose my system as little as possible. All
> is well without the --container option, but I'm not sure what to expose
> to make it work in the container too.
>
> I'm on guix system. I'm starting the software with: `guix shell
> --container -N -P --no-cwd --preserve='^DISPLAY$'
> --preserve='^XAUTHORITY$' --share=$XAUTHORITY --share=/dev/video0
> ungoogled-chromium -- chromium --app="https://meet.jit.si"`.
>
> `--preserve='^DISPLAY$' --preserve='^XAUTHORITY$' --share=$XAUTHORITY`
> lets chromium open an X window and share the scren.
> `--share=/dev/video0` gives access to the webcam.
> What is the step to allow the microphone and speakers?
About the sound, I believe you will need to expose the pulseaudio and/or
pipewire sockets. You can reference bubblewrap configuration since it
also works by sharing/exposing files.
https://wiki.archlinux.org/title/Bubblewrap/Examples#Chromium
> I'm not particularly familiar with how audio devices are working. I read
> they are in /dev/snd, but sharing this or even the whole of /dev/
> doesn't make the microphone and speakers available (although the browser
> is now asking me for the permission to access them, so it seems aware I
> have them). I also tried adding tinyalsa and pulseaudio to the container
> in case that's what's missing, but to no avail. I didn't explicitely
> install anything related to audio (but I have %desktop-services in my
> operating-system definition), so if it's a software that is missing, I
> don't know which one.
I believe in the case of ungoogled-chromium that pulseaudio is part of
the inputs already.
> Thank you in advance!
>
It would be nice to have a tool for defining guix containers by
permissions (with camera, with audio, etc) like bubblejail/firejail.
That is a topic for a later mail.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: How to make audio devices available with guix shell --container
2022-12-06 3:47 ` kiasoc5
@ 2022-12-06 17:01 ` Elias Kueny
2023-01-08 11:19 ` Gabriel Wicki
0 siblings, 1 reply; 4+ messages in thread
From: Elias Kueny @ 2022-12-06 17:01 UTC (permalink / raw)
To: kiasoc5; +Cc: help-guix
On Mon, Dec 05 2022, kiasoc5 wrote:
> About the sound, I believe you will need to expose the pulseaudio
> and/or pipewire sockets. You can reference bubblewrap configuration
> since it also works by sharing/exposing files.
>
> https://wiki.archlinux.org/title/Bubblewrap/Examples#Chromium
Thank you, that helped me progress. I noticed there were errors about not being able to connect to DBUS, now the following got rid of those:
guix shell -C -N -P --no-cwd \
--share=/dev/ \
--preserve='^DISPLAY$' --preserve='^XAUTHORITY$' --expose="$XAUTHORITY" \
--preserve='^DBUS_.*' --expose=/var/run/dbus/system_bus_socket \
--expose="$XDG_RUNTIME_DIR/pulse" \
ungoogled-chromium -- chromium --app="https://meet.jit.si"
With this, I can use the microphone (there is no default microphone available, but my internal microphone can be selected and works), but I still have no sound.
ALSA throws the error "The field ipc_gid must be a valid group (create group audio)", and indeed /etc/group in the container doesn't contain an audio group (only users and overflow).
But `--expose=/etc/group` prevents the creation of the container with the error "guix shell: error: rename-file: Device or resource busy".
So the next question is: how does one uses groups in the container?
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: How to make audio devices available with guix shell --container
2022-12-06 17:01 ` Elias Kueny
@ 2023-01-08 11:19 ` Gabriel Wicki
0 siblings, 0 replies; 4+ messages in thread
From: Gabriel Wicki @ 2023-01-08 11:19 UTC (permalink / raw)
To: Elias Kueny; +Cc: help-guix
Hi!
I'm not entirely sure why this exact error pops up, but i think this
might render a nice opportunity for a small Guix shell/environment
feature!
I have created a simplistic patch, unfortunately that does not seem to
work -- which puzzles me somewhat. What else is needed to add a user to
a group in a guix shell container? On the *nix systems i'm acquainted
with there was nothing more to it than adding the correct entry in
/etc/group and logging in (again). What am i missing in the context of
Guix containers?
Though my patch is not ready (or working) i attach it below.
g
From ad84a3e73bf86e89c7a8a167111e5bca5821f021 Mon Sep 17 00:00:00 2001
From: Gabriel Wicki <gabriel@erlikon.ch>
Date: Sun, 8 Jan 2023 12:08:30 +0100
Subject: [PATCH] scripts: environment: Add "audio" group to the shell
container user
* guix/scripts/environment.scm [launch-environment/container]: Add an entry
for "audio" in /etc/group.
---
guix/scripts/environment.scm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm
index c7fd8fd340..f2fae6f1f8 100644
--- a/guix/scripts/environment.scm
+++ b/guix/scripts/environment.scm
@@ -748,6 +748,9 @@ (define fhs-mappings
(string-append "/home/" user)
(passwd:dir pwd))))))
(groups (list (group-entry (name "users") (gid gid))
+ (group-entry (name "audio")
+ (gid (+ 1 gid))
+ (members (list (number->string uid))))
(group-entry (gid 65534) ;the overflow GID
(name "overflow"))))
(home-dir (password-entry-directory passwd))
--
2.38.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-01-08 11:20 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-05 17:41 How to make audio devices available with guix shell --container Elias Kueny
2022-12-06 3:47 ` kiasoc5
2022-12-06 17:01 ` Elias Kueny
2023-01-08 11:19 ` Gabriel Wicki
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.