github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #176] Google-Chrome-Stable does not launch #126

New issue
Closed
opened 2026-05-05 05:06:39 -06:00 by gitea-mirror · 20 comments
gitea-mirror commented 2026-05-05 05:06:39 -06:00
Owner
Copy link

Originally created by @Fred-Barclay on GitHub (Nov 29, 2015).
Original GitHub issue: https://github.com/netblue30/firejail/issues/176

G'day guys!
Google Chrome will not launch in firejail. If
firejail
google-chrome is used, it returns
[19:19:1130/061242:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/google/chrome/chrome-sandbox is owned by root and has mode 4755.
Aborted
This occurs even though /opt/google/chrome/chrome-sandbox is owned by root and has mode 4755.

If firejail google-chrome, then
fred@aussie! ~ $ firejail google-chrome
Reading profile /etc/firejail/google-chrome.profile
Reading profile /etc/firejail/chromium.profile
Reading profile /etc/firejail/disable-mgmt.inc
Reading profile /etc/firejail/disable-secret.inc
Reading profile /etc/firejail/disable-common.inc
Parent pid 9309, child pid 9310
Child process initialized
...but a chrome window is not created/does not appear.

If firejail --no-profile google-chrome then it launches as normal.
This is for firejail version 0.9.34 and Chrome Stable 46.0.2490.86.
I'm running LMDE Betsy, but I've noticed the same behavior on Debian Sid and Devuan Jessie Alpha.

Additional info is here .

Originally created by @Fred-Barclay on GitHub (Nov 29, 2015). Original GitHub issue: https://github.com/netblue30/firejail/issues/176 G'day guys! Google Chrome will not launch in firejail. If `firejail` `google-chrome` is used, it returns _[19:19:1130/061242:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/google/chrome/chrome-sandbox is owned by root and has mode 4755. Aborted_ This occurs even though /opt/google/chrome/chrome-sandbox is owned by root and has mode 4755. If `firejail google-chrome`, then _fred@aussie! ~ $ firejail google-chrome Reading profile /etc/firejail/google-chrome.profile Reading profile /etc/firejail/chromium.profile Reading profile /etc/firejail/disable-mgmt.inc Reading profile /etc/firejail/disable-secret.inc Reading profile /etc/firejail/disable-common.inc Parent pid 9309, child pid 9310 Child process initialized_ ...but a chrome window is not created/does not appear. If `firejail --no-profile google-chrome` then it launches as normal. This is for firejail version 0.9.34 and Chrome Stable 46.0.2490.86. I'm running LMDE Betsy, but I've noticed the same behavior on Debian Sid and Devuan Jessie Alpha. Additional info is [here](http://forums.linuxmint.com/viewtopic.php?f=238&t=210200) .
gitea-mirror 2026-05-05 05:06:39 -06:00
  • closed this issue
  • added the
    bug
         label
gitea-mirror commented 2026-05-05 05:06:48 -06:00
Author
Owner
Copy link

@nick75e commented on GitHub (Nov 29, 2015):

Hi!
Try this: firejail google-chrome -no-sandbox
It'll disable chrome's sandbox and you should be able to launch it.

<!-- gh-comment-id:160464852 --> @nick75e commented on GitHub (Nov 29, 2015): Hi! Try this: `firejail google-chrome -no-sandbox` It'll disable chrome's sandbox and you should be able to launch it.
gitea-mirror commented 2026-05-05 05:06:52 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Nov 29, 2015):

Thanks nick75e! Unfortunately that didn't seem to work:

fred@aussie! ~ $ firejail google-chrome -no-sandbox
Reading profile /etc/firejail/google-chrome.profile
Reading profile /etc/firejail/chromium.profile
Reading profile /etc/firejail/disable-mgmt.inc
Reading profile /etc/firejail/disable-secret.inc
Reading profile /etc/firejail/disable-common.inc
Parent pid 3933, child pid 3934
Child process initialized
[1:1:1130/081322:ERROR:browser_main_loop.cc(195)] Running without the SUID sandbox! See https://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment for more information on developing with the sandbox on.
[1:1:1130/081323:ERROR:simple_message_box_views.cc(228)] Unable to show a dialog outside the UI thread message loop: Failed To Create Data Directory - Google Chrome cannot read and write to its data directory:

/home/fred/.config/google-chrome

parent is shutting down, bye...

On the other hand, if I use
fred@aussie! ~ $ google-chrome -no-sandbox
[3951:3951:1130/081329:ERROR:browser_main_loop.cc(195)] Running without the SUID sandbox! See https://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment for more information on developing with the sandbox on.
[3951:3974:1130/081343:ERROR:channel.cc(307)] RawChannel read error (connection broken) [1130/081344:ERROR:nacl_helper_linux.cc(314)] NaCl helper process running without a sandbox!
Most likely you need to configure your SUID sandbox correctly

the chrome window does appear.

<!-- gh-comment-id:160472518 --> @Fred-Barclay commented on GitHub (Nov 29, 2015): Thanks nick75e! Unfortunately that didn't seem to work: `fred@aussie! ~ $ firejail google-chrome -no-sandbox` `Reading profile /etc/firejail/google-chrome.profile` `Reading profile /etc/firejail/chromium.profile` `Reading profile /etc/firejail/disable-mgmt.inc` `Reading profile /etc/firejail/disable-secret.inc` `Reading profile /etc/firejail/disable-common.inc` `Parent pid 3933, child pid 3934` `Child process initialized` `[1:1:1130/081322:ERROR:browser_main_loop.cc(195)] Running without the SUID sandbox! See https://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment for more information on developing with the sandbox on.` `[1:1:1130/081323:ERROR:simple_message_box_views.cc(228)] Unable to show a dialog outside the UI thread message loop: Failed To Create Data Directory - Google Chrome cannot read and write to its data directory:` ` ` `/home/fred/.config/google-chrome` ` ` `parent is shutting down, bye...` On the other hand, if I use `fred@aussie! ~ $ google-chrome -no-sandbox` `[3951:3951:1130/081329:ERROR:browser_main_loop.cc(195)] Running without the SUID sandbox! See https://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment for more information on developing with the sandbox on.` `[3951:3974:1130/081343:ERROR:channel.cc(307)] RawChannel read error (connection broken) [1130/081344:ERROR:nacl_helper_linux.cc(314)] NaCl helper process running without a sandbox!` `Most likely you need to configure your SUID sandbox correctly` the chrome window does appear.
gitea-mirror commented 2026-05-05 05:06:54 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Nov 29, 2015):

$ firejail google-chrome -no-sandbox
[1:1:1130/081323:ERROR:simple_message_box_views.cc(228)] Unable to show a dialog outside the UI thread message loop: Failed To Create Data Directory - Google Chrome cannot read and write to its data directory:

/home/fred/.config/google-chrome

So then try $ firejail --whitelist=~/.config/google-chrome google-chrome -no-sandbox
Actually, try $ firejail --whitelist=/opt/google/chrome/chrome-sandbox --whitelist=~/.config/google-chrome google-chrome, but it looks like /opt may be just mounted with the NOSUID flag on, in which case all you can do is wait for it to be fixed. And I hope I am correct with my statements.

<!-- gh-comment-id:160481321 --> @ghost commented on GitHub (Nov 29, 2015): > $ firejail google-chrome -no-sandbox > [1:1:1130/081323:ERROR:simple_message_box_views.cc(228)] Unable to show a dialog outside the UI thread message loop: Failed To Create Data Directory - Google Chrome cannot read and write to its data directory: > > /home/fred/.config/google-chrome So then try `$ firejail --whitelist=~/.config/google-chrome google-chrome -no-sandbox` Actually, try `$ firejail --whitelist=/opt/google/chrome/chrome-sandbox --whitelist=~/.config/google-chrome google-chrome`, but it looks like /opt may be just mounted with the NOSUID flag on, in which case all you can do is wait for it to be fixed. And I hope I am correct with my statements.
gitea-mirror commented 2026-05-05 05:06:58 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Nov 30, 2015):

Both options:
fred@aussie! ~ $ firejail --whitelist=~/.config/google-chrome google-chrome -no-sandbox Reading profile /etc/firejail/google-chrome.profile Reading profile /etc/firejail/chromium.profile Reading profile /etc/firejail/disable-mgmt.inc Reading profile /etc/firejail/disable-secret.inc Reading profile /etc/firejail/disable-common.inc Parent pid 10444, child pid 10445 Child process initialized [1:1:1130/115256:ERROR:browser_main_loop.cc(195)] Running without the SUID sandbox! See https://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment for more information on developing with the sandbox on. [1:1:1130/115256:ERROR:process_singleton_posix.cc(419)] readlink failed: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(255)] readlink(/home/fred/.config/google-chrome/SingletonLock) failed: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(255)] readlink(/home/fred/.config/google-chrome/SingletonLock) failed: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(279)] Failed to create /home/fred/.config/google-chrome/SingletonLock: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(419)] readlink failed: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(255)] readlink(/home/fred/.config/google-chrome/SingletonLock) failed: Permission denied [1:1:1130/115256:ERROR:chrome_browser_main.cc(1291)] Failed to create a ProcessSingleton for your profile directory. This means that running multiple instances would start multiple browser processes rather than opening a new window in the existing process. Aborting now to avoid profile corruption. [1130/115256:ERROR:nacl_helper_linux.cc(314)] NaCl helper process running without a sandbox! Most likely you need to configure your SUID sandbox correctly `` parent is shutting down, bye...

fred@aussie! ~ $ firejail --whitelist=/opt/google/chrome/chrome-sandbox --whitelist=~/.config/google-chrome google-chrome Reading profile /etc/firejail/google-chrome.profile Reading profile /etc/firejail/chromium.profile Reading profile /etc/firejail/disable-mgmt.inc Reading profile /etc/firejail/disable-secret.inc Reading profile /etc/firejail/disable-common.inc Parent pid 10510, child pid 10511 Error: file /opt/google/chrome/chrome-sandbox is not in user home directory, exiting... Error: cannot establish communication with the parent, exiting..

No success in either case.

<!-- gh-comment-id:160490794 --> @Fred-Barclay commented on GitHub (Nov 30, 2015): Both options: `fred@aussie! ~ $ firejail --whitelist=~/.config/google-chrome google-chrome -no-sandbox Reading profile /etc/firejail/google-chrome.profile Reading profile /etc/firejail/chromium.profile Reading profile /etc/firejail/disable-mgmt.inc Reading profile /etc/firejail/disable-secret.inc Reading profile /etc/firejail/disable-common.inc Parent pid 10444, child pid 10445 Child process initialized [1:1:1130/115256:ERROR:browser_main_loop.cc(195)] Running without the SUID sandbox! See https://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment for more information on developing with the sandbox on. [1:1:1130/115256:ERROR:process_singleton_posix.cc(419)] readlink failed: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(255)] readlink(/home/fred/.config/google-chrome/SingletonLock) failed: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(255)] readlink(/home/fred/.config/google-chrome/SingletonLock) failed: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(279)] Failed to create /home/fred/.config/google-chrome/SingletonLock: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(419)] readlink failed: Permission denied [1:1:1130/115256:ERROR:process_singleton_posix.cc(255)] readlink(/home/fred/.config/google-chrome/SingletonLock) failed: Permission denied [1:1:1130/115256:ERROR:chrome_browser_main.cc(1291)] Failed to create a ProcessSingleton for your profile directory. This means that running multiple instances would start multiple browser processes rather than opening a new window in the existing process. Aborting now to avoid profile corruption. [1130/115256:ERROR:nacl_helper_linux.cc(314)] NaCl helper process running without a sandbox! Most likely you need to configure your SUID sandbox correctly `` parent is shutting down, bye...` `fred@aussie! ~ $ firejail --whitelist=/opt/google/chrome/chrome-sandbox --whitelist=~/.config/google-chrome google-chrome Reading profile /etc/firejail/google-chrome.profile Reading profile /etc/firejail/chromium.profile Reading profile /etc/firejail/disable-mgmt.inc Reading profile /etc/firejail/disable-secret.inc Reading profile /etc/firejail/disable-common.inc Parent pid 10510, child pid 10511 Error: file /opt/google/chrome/chrome-sandbox is not in user home directory, exiting... Error: cannot establish communication with the parent, exiting..` No success in either case.
gitea-mirror commented 2026-05-05 05:06:59 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Nov 30, 2015):

I've found the problem. Use this profile file:

# Chromium browser profile
noblacklist ${HOME}/.config/chromium
noblacklist ${HOME}/.config/google-chrome
include /etc/firejail/disable-mgmt.inc
include /etc/firejail/disable-secret.inc
include /etc/firejail/disable-common.inc

# chromium is distributed with a perl script on Arch
# include /etc/firejail/disable-devel.inc
#

netfilter
whitelist ~/Downloads
whitelist ~/.config/chromium
whitelist ~/.config/google-chrome

# common
whitelist ~/.fonts
whitelist ~/.fonts.d
whitelist ~/.fontconfig
whitelist ~/.fonts.conf
whitelist ~/.fonts.conf.d

Cut & paste into /etc/firejail/chromium.profile. After that you can start chrome as usual:

$ firejail google-chrome
or
$ firejail google-chrome --no-sandbox

I'll have it fixed in the next release, thanks for the bug!

If you run into problems with chrome SUID binary, I would say you need to reinstall chrome.

<!-- gh-comment-id:160497289 --> @netblue30 commented on GitHub (Nov 30, 2015): I've found the problem. Use this profile file: ``` # Chromium browser profile noblacklist ${HOME}/.config/chromium noblacklist ${HOME}/.config/google-chrome include /etc/firejail/disable-mgmt.inc include /etc/firejail/disable-secret.inc include /etc/firejail/disable-common.inc # chromium is distributed with a perl script on Arch # include /etc/firejail/disable-devel.inc # netfilter whitelist ~/Downloads whitelist ~/.config/chromium whitelist ~/.config/google-chrome # common whitelist ~/.fonts whitelist ~/.fonts.d whitelist ~/.fontconfig whitelist ~/.fonts.conf whitelist ~/.fonts.conf.d ``` Cut & paste into /etc/firejail/chromium.profile. After that you can start chrome as usual: ``` $ firejail google-chrome or $ firejail google-chrome --no-sandbox ``` I'll have it fixed in the next release, thanks for the bug! If you run into problems with chrome SUID binary, I would say you need to reinstall chrome.
gitea-mirror commented 2026-05-05 05:07:04 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Nov 30, 2015):

After commenting out the previous code and adding this, Chrome and Firejail are now playing nicely. :)
Thanks!

<!-- gh-comment-id:160498275 --> @Fred-Barclay commented on GitHub (Nov 30, 2015): After commenting out the previous code and adding this, Chrome and Firejail are now playing nicely. :) Thanks!
gitea-mirror commented 2026-05-05 05:07:07 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Nov 30, 2015):

Wow! It was an ugly bug, it disabled google-chrome configuration!

<!-- gh-comment-id:160499916 --> @netblue30 commented on GitHub (Nov 30, 2015): Wow! It was an ugly bug, it disabled google-chrome configuration!
gitea-mirror commented 2026-05-05 05:07:10 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Nov 30, 2015):

Update:
Using the new config, then "google-chrome-stable" fails to launch:
fred@aussie! ~ $ firejail google-chrome-stable
Reading profile /etc/firejail/generic.profile
Reading profile /etc/firejail/disable-mgmt.inc
Reading profile /etc/firejail/disable-secret.inc
Reading profile /etc/firejail/disable-common.inc

** Note: you can use --noprofile to disable generic.profile **

Parent pid 19845, child pid 19846 Child process initialized [1:1:1130/174040:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/google/chrome/chrome-sandbox is owned by root and has mode 4755.

parent is shutting down, bye...

However, firejail google-chrome does fine.
This could be problematic for people who have multiple installs of chrome, i.e. Stable && Beta or Stable && Dev.

Sorry to be the bearer of bad news again!

<!-- gh-comment-id:160537184 --> @Fred-Barclay commented on GitHub (Nov 30, 2015): Update: Using the new config, then "google-chrome-stable" fails to launch: `fred@aussie! ~ $ firejail google-chrome-stable` `Reading profile /etc/firejail/generic.profile` `Reading profile /etc/firejail/disable-mgmt.inc` `Reading profile /etc/firejail/disable-secret.inc` `Reading profile /etc/firejail/disable-common.inc` `** Note: you can use --noprofile to disable generic.profile **` `Parent pid 19845, child pid 19846 Child process initialized [1:1:1130/174040:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/google/chrome/chrome-sandbox is owned by root and has mode 4755.` `parent is shutting down, bye...` However, `firejail google-chrome` does fine. This could be problematic for people who have multiple installs of chrome, i.e. Stable && Beta or Stable && Dev. Sorry to be the bearer of bad news again!
gitea-mirror commented 2026-05-05 05:07:12 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Nov 30, 2015):

What distribution are you running?

<!-- gh-comment-id:160612235 --> @netblue30 commented on GitHub (Nov 30, 2015): What distribution are you running?
gitea-mirror commented 2026-05-05 05:07:15 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Nov 30, 2015):

LMDE Betsy.
I've noticed the same effect in Debian Sid and Devuan Jessie Alpha, though

<!-- gh-comment-id:160649266 --> @Fred-Barclay commented on GitHub (Nov 30, 2015): LMDE Betsy. I've noticed the same effect in Debian Sid and Devuan Jessie Alpha, though
gitea-mirror commented 2026-05-05 05:07:17 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Nov 30, 2015):

Just as a summary:
firejail google-chrome works

However,
firejail google-chrome-stable
or
firejail
google-chrome
or
firejail
google-chrome-stable
do not work.

<!-- gh-comment-id:160658494 --> @Fred-Barclay commented on GitHub (Nov 30, 2015): Just as a summary: `firejail google-chrome` works However, `firejail google-chrome-stable` or `firejail` `google-chrome` or `firejail` `google-chrome-stable` do not work.
gitea-mirror commented 2026-05-05 05:07:20 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Nov 30, 2015):

mkdir ~/.config/firejail
touch ~/.config/firejail/google-chrome-stable.profile
cp /etc/firejail/google-chrome.profile ~/.config/firejail/google-chrome-stable.profile

This works for
firejail google-chrome
&&
firejail google-chrome-stable
(Thanks xenopeek! )

Looking at /etc/firejail/google-chrome.profile, it appears I could have copied the chromium profile to ~/.config/firejail/google-chrome-stable.profile as well.

<!-- gh-comment-id:160698613 --> @Fred-Barclay commented on GitHub (Nov 30, 2015): `mkdir ~/.config/firejail` `touch ~/.config/firejail/google-chrome-stable.profile` `cp /etc/firejail/google-chrome.profile ~/.config/firejail/google-chrome-stable.profile` This works for `firejail google-chrome` && `firejail google-chrome-stable` (Thanks [xenopeek](http://forums.linuxmint.com/viewtopic.php?f=238&t=210200&p=1097856#p1097805)! ) Looking at /etc/firejail/google-chrome.profile, it appears I could have copied the chromium profile to ~/.config/firejail/google-chrome-stable.profile as well.
gitea-mirror commented 2026-05-05 05:07:22 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Nov 30, 2015):

I'll add a profile for google-chrome-stable.
Does google-chrome-stable have his own ~/.config directory?

You can do

$ firejail
$ google-chrome

but you need to specify the --profile, else it will load the generic profile.

<!-- gh-comment-id:160735625 --> @ghost commented on GitHub (Nov 30, 2015): I'll add a profile for `google-chrome-stable`. Does `google-chrome-stable` have his own ~/.config directory? You can do ``` $ firejail $ google-chrome ``` but you need to specify the `--profile`, else it will load the generic profile.
gitea-mirror commented 2026-05-05 05:07:25 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Nov 30, 2015):

Okay, let's see.
Chrome Stable has it's own config directory, ~/.config/google-chrome.
Chrome Beta's is ~/.config/google-chrome-beta and Unstable is at ~/.config/google-chrome-unstable

<!-- gh-comment-id:160752241 --> @Fred-Barclay commented on GitHub (Nov 30, 2015): Okay, let's see. Chrome Stable has it's own config directory, `~/.config/google-chrome`. Chrome Beta's is `~/.config/google-chrome-beta` and Unstable is at `~/.config/google-chrome-unstable`
gitea-mirror commented 2026-05-05 05:07:27 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Nov 30, 2015):

@netblue30 I have it on good authority that the default /etc/firejail/chromium.profile worked for chromium before any of these changes were made (before adding noblacklist ${HOME}/.config/google-chrome and whitelist ~/.config/google-chrome.)

With this in mind, might I suggest that /etc/firejail/google-chrome.profile actually contain the changes rather than simply being a reference to /etc/firejail/chromium.profile? That way the chromium.profile won't contain whitelists that are only needed for google chrome?

I'd be happy to write the google-chrome.profile if you like.

<!-- gh-comment-id:160753867 --> @Fred-Barclay commented on GitHub (Nov 30, 2015): @netblue30 I have it on good authority that the default `/etc/firejail/chromium.profile` worked for chromium **before** any of these changes were made (before adding `noblacklist ${HOME}/.config/google-chrome` and `whitelist ~/.config/google-chrome`.) With this in mind, might I suggest that `/etc/firejail/google-chrome.profile` actually contain the changes rather than simply being a reference to `/etc/firejail/chromium.profile`? That way the chromium.profile won't contain whitelists that are only needed for google chrome? I'd be happy to write the google-chrome.profile if you like.
gitea-mirror commented 2026-05-05 05:07:28 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Nov 30, 2015):

With this in mind, might I suggest that /etc/firejail/google-chrome.profile actually contain the changes rather than simply being a reference to /etc/firejail/chromium.profile? That way the chromium.profile won't contain whitelists that are only needed for google chrome?

I would say that is a good idea. Won't hurt at least. Though, how many people use chromium and google-chrome at the same time?
I'll add alias profiles for beta and unstable and dev and let netblue decide which ones he wants. No, fuck it. I'll do it properly.

<!-- gh-comment-id:160781850 --> @ghost commented on GitHub (Nov 30, 2015): > With this in mind, might I suggest that /etc/firejail/google-chrome.profile actually contain the changes rather than simply being a reference to /etc/firejail/chromium.profile? That way the chromium.profile won't contain whitelists that are only needed for google chrome? I would say that is a good idea. Won't hurt at least. Though, how many people use chromium and google-chrome at the same time? I'll add alias profiles for beta and unstable and dev and let netblue decide which ones he wants. No, fuck it. I'll do it properly.
gitea-mirror commented 2026-05-05 05:07:31 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Nov 30, 2015):

Done.

<!-- gh-comment-id:160794096 --> @ghost commented on GitHub (Nov 30, 2015): Done.
gitea-mirror commented 2026-05-05 05:07:32 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Dec 1, 2015):

All merged, thanks!

<!-- gh-comment-id:160805744 --> @netblue30 commented on GitHub (Dec 1, 2015): All merged, thanks!
gitea-mirror commented 2026-05-05 05:07:36 -06:00
Author
Owner
Copy link

@Fred-Barclay commented on GitHub (Dec 1, 2015):

Sounds good. Thanks!

I installed Chromium as well as Chrome Stable, Unstable, and Beta (hey, somebody'll probably do it!) and I notice a few problems launching chromium from firejail. If it persists after further testing I'll create a new report if that's okay.

<!-- gh-comment-id:160856627 --> @Fred-Barclay commented on GitHub (Dec 1, 2015): Sounds good. Thanks! I installed Chromium as well as Chrome Stable, Unstable, and Beta (hey, somebody'll probably do it!) and I notice a few problems launching chromium from firejail. If it persists after further testing I'll create a new report if that's okay.
gitea-mirror commented 2026-05-05 05:07:38 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Dec 3, 2015):

Yes, put all the data here, thanks!

<!-- gh-comment-id:161639669 --> @netblue30 commented on GitHub (Dec 3, 2015): Yes, put all the data here, thanks!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#126
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?