Liorst4 commented 1 month ago

Description

When using reader view in firefox, the text to speech feature will fail, because it can't access espeak-ng and its data files. Firefox on linux uses speech-dispatcher for text to speech. speech-dispatcher may use espeak-ng (I think it has other backends).

So firefox needs to be able to access the espeak-ng binary and its data files.

https://freebsoft.org/speechd https://github.com/espeak-ng/espeak-ng

Steps to Reproduce

Run firefox under firejail. Find an article with lots of text, use the reader view button. In reader view press the headphones buttons and then the play buttons.

https://support.mozilla.org/en-US/kb/firefox-reader-view-clutter-free-web-pages

Expected behavior

Firefox should use espeak-ng to play a reading of the text.

Actual behavior

Speech dispatcher will play an error message about not being able to find any modules. Something along the lines of "Its seems like your speech dispatcher is working but none of its sound modules are"

Additional context

I tried to play around with the profile config files. I was able to make the text to speech work, but it broke other stuff, so this solution is not PR worthy.

noblacklist /usr/bin/espeak-ng
noblacklist /usr/share/espeak-ng-data
noblacklist /usr/share/speech-dispatcher
noblacklist /etc/speech-dispatcher
noblacklist /usr/bin/speech-dispatcher
noblacklist /usr/bin/spd-conf
noblacklist /usr/bin/spd-say
noblacklist /usr/bin/spdsend

include /etc/firejail/firefox.profile

whitelist /usr/share/espeak-ng-data
whitelist /usr/share/speech-dispatcher
whitelist /etc/speech-dispatcher

Checklist

[x] The issues is caused by firejail (i.e. running the program by path (e.g. /usr/bin/vlc) "fixes" it).
[x] I can reproduce the issue without custom modifications (e.g. globals.local).
[x] The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
[x] The profile (and redirect profile if exists) hasn't already been fixed upstream.
[x] I have performed a short search for similar issues (to avoid opening a duplicate).
- [x] I'm aware of browser-allow-drm yes/browser-disable-u2f no in firejail.config to allow DRM/U2F in browsers.
[x] I used --profile=PROFILENAME to set the right profile. (Only relevant for AppImages)

kmk3 commented 1 month ago

Basic debugging information is missing; please follow the bug report template:

https://github.com/netblue30/firejail/issues/new?template=bug_report.md

Liorst4 commented 1 month ago

Firejail logs

Running firejail --private --trace=/tmp/trace.log firefox https://firejail.wordpress.com/blog/ entering the reader mode and pressing the play button resulted in speech-dispatcher reading an error message aloud.

Notable system calls in the log

speech-dispatch:exec /usr/bin/speech-dispatcher:0 <- calls speech-dispatcher
speech-dispatch:stat /etc/speech-dispatcher/modules/espeak-ng-mbrola.conf:0 <- speech-dispatcher using the espeak-ng module
sh:stat /usr/bin/espeak-ng:0 <- checing that espeak-ng is present 
sd_espeak-ng-mb:stat /usr/share/espeak-ng-data/phontab:-1 <- fails to read configuration file
paplay:open64 /usr/share/sounds/speech-dispatcher/dummy-message.wav:19 <- plays error message

I think that this is the firefox code that calls speech-dispatcher

Speech dispatcher logs

After some digging I found out that speech dispatcher does write logs, but in /run directory (inside the firejail) I was able to get the by loading the log files inside firefox itself

file:///run/user/$UID/speech-dispatcher/log/espeak-ng.log

Error processing file '/usr/share/espeak-ng-data/phontab': No such file or directory.

file:///run/user/$UID/speech-dispatcher/log/speech-dispatcher.log

speechd:   Speech Dispatcher Logging to file /run/user/$UID/speech-dispatcher/log//speech-dispatcher.log at level 3
speechd:  Configuration has been read from "/etc/speech-dispatcher/speechd.conf"
speechd:   couldn't open directory /home/$USER/.local/share/../libexec/speech-dispatcher-modules because of error No such file or directory

speechd:   couldn't open directory /usr/lib/speech-dispatcher-modules because of error No such file or directory

speechd:  Initializing output module festival with binary /usr/lib/speech-dispatcher/speech-dispatcher-modules/sd_festival and configuration /etc/speech-dispatcher/modules/festival.conf
speechd:   Output module is logging to file /run/user/$UID/speech-dispatcher/log//festival.log
speechd:  Module festival loaded.
speechd: ERROR: Module festival failed to initialize. Reason:
---------------
Communicating with Festival through a socket. Can't connect to Festival server. Check your configuration in etc/speech-dispatcher/modules/festival.conf for the specified host and port and check if Festival is really running there, e.g. with telnet. Please see documentation for more info.
---------------

speechd:  Initializing output module espeak-ng-mbrola with binary /usr/lib/speech-dispatcher/speech-dispatcher-modules/sd_espeak-ng-mbrola and configuration /etc/speech-dispatcher/modules/espeak-ng-mbrola.conf
speechd:   Output module is logging to file /run/user/$UID/speech-dispatcher/log//espeak-ng-mbrola.log
speechd:  Module espeak-ng-mbrola loaded.
speechd: ERROR: Bad syntax from output module espeak-ng-mbrola 1
speechd:  Initializing output module espeak-ng with binary /usr/lib/speech-dispatcher/speech-dispatcher-modules/sd_espeak-ng and configuration /etc/speech-dispatcher/modules/espeak-ng.conf
speechd:   Output module is logging to file /run/user/$UID/speech-dispatcher/log//espeak-ng.log
speechd:  Module espeak-ng loaded.
speechd: ERROR: Bad syntax from output module espeak-ng 1
speechd:  Initializing output module dummy with binary /usr/lib/speech-dispatcher/speech-dispatcher-modules/sd_dummy and configuration /etc/speech-dispatcher/modules/dummy.conf
speechd:   Output module is logging to file /run/user/$UID/speech-dispatcher/log//dummy.log
speechd:  Module dummy loaded.
speechd:  Module dummy started successfully with message: 
---------------
Everything ok so far.
---------------

[Fri Sep 27 18:00:26 2024 : 159611] speechd:  Error: Module reported error in request from speechd (code 3xx): 300-Opening sound device failed. Reason: Cannot open plugin server. error: file not found. 
300 MODULE ERROR
.
speechd: LINE here:|200-dummy   en  none|
speechd: LINE here:|200 OK VOICE LIST SENT|
speechd:   Speech Dispatcher Logging to file /run/user/$UID/speech-dispatcher/log//speech-dispatcher.log at level 3
speechd:   Speech Dispatcher started with 1 output module
speechd: Speech Dispatcher started and waiting for clients ...
speechd: LINE here:|200-dummy   en  none|
speechd: LINE here:|200 OK VOICE LIST SENT|
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en_US/gender-neutral.dic': No such file or directory
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/gender-neutral.dic': No such file or directory
speechd: Failed to load symbols 'gender-neutral.dic' for locale 'en_US'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en_US/font-variants.dic': No such file or directory
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/font-variants.dic': No such file or directory
speechd: Failed to load symbols 'font-variants.dic' for locale 'en_US'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en_US/symbols.dic': No such file or directory
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/symbols.dic': No such file or directory
speechd: Failed to load symbols 'symbols.dic' for locale 'en_US'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en_US/emojis.dic': No such file or directory
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/emojis.dic': No such file or directory
speechd: Failed to load symbols 'emojis.dic' for locale 'en_US'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en_US/orca.dic': No such file or directory
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/orca.dic': No such file or directory
speechd: Failed to load symbols 'orca.dic' for locale 'en_US'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en_US/orca-chars.dic': No such file or directory
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/orca-chars.dic': No such file or directory
speechd: Failed to load symbols 'orca-chars.dic' for locale 'en_US'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/gender-neutral.dic': No such file or directory
speechd: Failed to load symbols 'gender-neutral.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/font-variants.dic': No such file or directory
speechd: Failed to load symbols 'font-variants.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/symbols.dic': No such file or directory
speechd: Failed to load symbols 'symbols.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/emojis.dic': No such file or directory
speechd: Failed to load symbols 'emojis.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/orca.dic': No such file or directory
speechd: Failed to load symbols 'orca.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/orca-chars.dic': No such file or directory
speechd: Failed to load symbols 'orca-chars.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/gender-neutral.dic': No such file or directory
speechd: Failed to load symbols 'gender-neutral.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/font-variants.dic': No such file or directory
speechd: Failed to load symbols 'font-variants.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/symbols.dic': No such file or directory
speechd: Failed to load symbols 'symbols.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/emojis.dic': No such file or directory
speechd: Failed to load symbols 'emojis.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/orca.dic': No such file or directory
speechd: Failed to load symbols 'orca.dic' for locale 'en'
speechd: Failed to open file '/usr/share/speech-dispatcher/locale/en/orca-chars.dic': No such file or directory
speechd: Failed to load symbols 'orca-chars.dic' for locale 'en'

rusty-snake commented 1 month ago

sd_espeak-ng-mb:stat /usr/share/espeak-ng-data/phontab:-1 <- fails to read configuration file

So does it work if you whitelist it?

Liorst4 commented 1 month ago

sd_espeak-ng-mb:stat /usr/share/espeak-ng-data/phontab:-1 <- fails to read configuration file

So does it work if you whitelist it?

Its been a while since I wrote a profile. I tried, but it didn't go well :sweat_smile:

At first I tried to noblacklist the data driectory, but it didn't do anything. When I explicitly whitelisted it, it worked, but other files weren't whitelisted so unrelated stuff broke.

kmk3 commented 1 month ago

Missing information:

Name/version of the Linux distribution (e.g. "Ubuntu 20.04" or "Arch Linux"):
Version of Firejail (firejail --version):
If you use a development version of firejail, also the commit from which it was compiled (git rev-parse HEAD):

Make sure you're using at least firejail 0.9.72.

include /etc/firejail/firefox.profile

Unless you want to override the entire /etc/firejail/firefox.profile, it's usually better to just put all changes in ~/.config/firejail/firefox.local and remove ~/.config/firejail/firefox.profile if it exists.

Running firejail --private --trace=/tmp/trace.log firefox https://firejail.wordpress.com/blog/ entering the reader mode and pressing the play button resulted in speech-dispatcher reading an error message aloud.

[...]
speech-dispatch:exec /usr/bin/speech-dispatcher:0 <- calls speech-dispatcher
speech-dispatch:stat /etc/speech-dispatcher/modules/espeak-ng-mbrola.conf:0 <- speech-dispatcher using the espeak-ng module
sh:stat /usr/bin/espeak-ng:0 <- checing that espeak-ng is present 
sd_espeak-ng-mb:stat /usr/share/espeak-ng-data/phontab:-1 <- fails to read configuration file
paplay:open64 /usr/share/sounds/speech-dispatcher/dummy-message.wav:19 <- plays error message
I think that this is the firefox code that calls speech-dispatcher

Props for this debugging.

Does it work with just the following in firefox.local?

whitelist ${RUNUSER}/speech-dispatcher
whitelist /usr/share/espeak-ng-data
whitelist /usr/share/speech-dispatcher

whitelist /etc/speech-dispatcher

Using the above is likely part of the issue, as /etc is not whitelisted for firefox in 0.9.72.

There were many changes to /etc handling in 0.9.73, so does it work with the following while using firejail-git?

whitelist ${RUNUSER}/speech-dispatcher
whitelist /usr/share/espeak-ng-data
whitelist /usr/share/speech-dispatcher
private-etc speech-dispatcher

netblue30 / firejail

firefox: tts fails in reader view: cannot access espeak-ng #6484

Description

Steps to Reproduce

Expected behavior

Actual behavior

Additional context

Checklist

Firejail logs

Notable system calls in the log

Speech dispatcher logs

file:///run/user/$UID/speech-dispatcher/log/espeak-ng.log

file:///run/user/$UID/speech-dispatcher/log/speech-dispatcher.log