[GH-ISSUE #2082] Properties and owner of /run/firejail ?

gitea-mirror commented

2026-05-05 08:04:10 -06:00

Owner

Originally created by @CdeMills on GitHub (Aug 15, 2018).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2082

Hello,
There was an update of firejail today (Centos7, firejail-0.9.95-0.1.el7.x86_64.rpm today.

After launch, it failed :-(

After looking at the doc, I ran "firecfg" to create the user database, but still no luck. Starting from the command line showed some file could not be created under /run/firejail/profile. So I deleted /run/firejail and reinstalled the rpm. But is seems /run/firejail is not created from the installation nor the first launch.

What should be the properties and owner of this dir ?

Regards

Pascal

Originally created by @CdeMills on GitHub (Aug 15, 2018). Original GitHub issue: https://github.com/netblue30/firejail/issues/2082 Hello, There was an update of firejail today (Centos7, firejail-0.9.95-0.1.el7.x86_64.rpm today. After launch, it failed :-( After looking at the doc, I ran "firecfg" to create the user database, but still no luck. Starting from the command line showed some file could not be created under /run/firejail/profile. So I deleted /run/firejail and reinstalled the rpm. But is seems /run/firejail is not created from the installation nor the first launch. What should be the properties and owner of this dir ? Regards Pascal

gitea-mirror

2026-05-05 08:04:10 -06:00

closed this issue
added the
information_old
label

gitea-mirror commented

2026-05-05 08:04:13 -06:00

Author

Owner

@CdeMills commented on GitHub (Aug 16, 2018):

I went a bit further.

the changes documented at https://firejail.wordpress.com/documentation-2/basic-usage/, that is

$ su
# addgroup firejail
# chown root:firejail /usr/bin/firejail
# chmod 4750 /usr/bin/firejail

should be performed in the post-install script

usermod -a -G firejail username
should be performed by firejail-cfg
for some strange reason, setgrp was not SUID root, I had to reinstall shadow-utils to get it right

With all those changes, I confirm firejail works as it should in CentOS 7

@CdeMills commented on GitHub (Aug 16, 2018): I went a bit further. 1) the changes documented at https://firejail.wordpress.com/documentation-2/basic-usage/, that is ``` $ su # addgroup firejail # chown root:firejail /usr/bin/firejail # chmod 4750 /usr/bin/firejail ``` should be performed in the post-install script 2) `usermod -a -G firejail username` should be performed by firejail-cfg 3) for some strange reason, `setgrp` was not SUID root, I had to reinstall `shadow-utils` to get it right With all those changes, I confirm firejail works as it should in CentOS 7

gitea-mirror commented

2026-05-05 08:04:14 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (Aug 16, 2018):

I'm not sure if this means I should close it or leave it open. @CdeMills Are you asking for documentation to be updated? For now, I'll leave it tagged information, and we'll proceed from there.

@chiraag-nataraj commented on GitHub (Aug 16, 2018): I'm not sure if this means I should close it or leave it open. @CdeMills Are you asking for documentation to be updated? For now, I'll leave it tagged information, and we'll proceed from there.

gitea-mirror commented

2026-05-05 08:04:15 -06:00

Author

Owner

@smitsohu commented on GitHub (Aug 16, 2018):

@CdeMills Where did you get this package from?

@smitsohu commented on GitHub (Aug 16, 2018): @CdeMills Where did you get this package from?

gitea-mirror commented

2026-05-05 08:04:16 -06:00

Author

Owner

@CdeMills commented on GitHub (Aug 17, 2018):

Hello,

the update on CentOS did not went smoothly. So the suggestion is about modifying the rpm post-install script or at least point in the firejail docs that some operations have to be performed on CentOS
I got the package from heikoada-firejail.repo, whose URL is
https://copr-be.cloud.fedoraproject.org/results/heikoada/firejail/epel-7-$basearch/
which is an user-maintained repo

Regards

Pascal

@CdeMills commented on GitHub (Aug 17, 2018): Hello, 1) the update on CentOS did not went smoothly. So the suggestion is about modifying the rpm post-install script or at least point in the firejail docs that some operations have to be performed on CentOS 2) I got the package from heikoada-firejail.repo, whose URL is https://copr-be.cloud.fedoraproject.org/results/heikoada/firejail/epel-7-$basearch/ which is an user-maintained repo Regards Pascal

gitea-mirror commented

2026-05-05 08:04:17 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (Aug 17, 2018):

@CdeMills Do you have the same issues if you use e.g. make rpms after compiling from this repo? If so, we can probably modify the platform/rpm/mkrpm.sh script to deal with it.

@chiraag-nataraj commented on GitHub (Aug 17, 2018): @CdeMills Do you have the same issues if you use e.g. `make rpms` after compiling from this repo? If so, we can probably modify the `platform/rpm/mkrpm.sh` script to deal with it.

gitea-mirror commented

2026-05-05 08:04:18 -06:00

Author

Owner

@CdeMills commented on GitHub (Aug 17, 2018):

Hello,
I made a few small modifications to the .spec file:

ensure a system group 'firejail' exists; otherwise create it
display a warning after installation
define the attr of firejail binary "the right way"

Patch included

Regards

Pascal

firejail.spec.pat.txt

@CdeMills commented on GitHub (Aug 17, 2018): Hello, I made a few small modifications to the .spec file: 1) ensure a system group 'firejail' exists; otherwise create it 2) display a warning after installation 3) define the attr of firejail binary "the right way" Patch included Regards Pascal [firejail.spec.pat.txt](https://github.com/netblue30/firejail/files/2297754/firejail.spec.pat.txt)

gitea-mirror commented

2026-05-05 08:04:19 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Aug 17, 2018):

@CdeMills

None of that is needed.
To install the latest version of firejail please do the following

#Cleanup first
sudo yum remove firejail
sudo rm /run/firejail

#Option 1: Install from source
cd Downloads
git clone https://github.com/netblue30/firejail.git
./configure
make rpms
sudo yum install firejail-0.9.56~rc1-1.x86_64.rpm
sudo firecfg

#Option 2: Install from binary
#Download from https://sourceforge.net/projects/firejail/files/firejail/
sudo yum install firejail-0.9.56~rc1-1.x86_64.rpm
sudo firecfg

@SkewedZeppelin commented on GitHub (Aug 17, 2018): @CdeMills None of that is needed. To install the latest version of firejail please do the following ``` #Cleanup first sudo yum remove firejail sudo rm /run/firejail ``` ``` #Option 1: Install from source cd Downloads git clone https://github.com/netblue30/firejail.git ./configure make rpms sudo yum install firejail-0.9.56~rc1-1.x86_64.rpm sudo firecfg ``` ``` #Option 2: Install from binary #Download from https://sourceforge.net/projects/firejail/files/firejail/ sudo yum install firejail-0.9.56~rc1-1.x86_64.rpm sudo firecfg ```

gitea-mirror commented

2026-05-05 08:04:20 -06:00

Author

Owner

@CdeMills commented on GitHub (Aug 17, 2018):

OK, thank you. But what is this repository
https://copr-be.cloud.fedoraproject.org/results/heikoada/firejail/epel-7-x86_64/00787489-firejail/

with a firejail version which seems ahead of yours ?

Regards

Pascal

@CdeMills commented on GitHub (Aug 17, 2018): OK, thank you. But what is this repository https://copr-be.cloud.fedoraproject.org/results/heikoada/firejail/epel-7-x86_64/00787489-firejail/ with a firejail version which seems ahead of yours ? Regards Pascal

gitea-mirror commented

2026-05-05 08:04:21 -06:00

Author

Owner

@Fred-Barclay commented on GitHub (Aug 17, 2018):

I'm not sure. We've not even released 0.9.56 yet. 😕 I haven't done much looking around but they seem to offer 0.9.95 for Fedora too.

Maybe there's some sort of weird versioning requirements for redhat distros?

(Also see https://firejail.wordpress.com/download-2/#comment-499).

@Fred-Barclay commented on GitHub (Aug 17, 2018): I'm not sure. We've not even released 0.9.56 yet. :confused: I haven't done much looking around but they seem to offer 0.9.95 for Fedora too. Maybe there's some sort of weird versioning requirements for redhat distros? (Also see https://firejail.wordpress.com/download-2/#comment-499).

gitea-mirror commented

2026-05-05 08:04:21 -06:00

Author

Owner

@CdeMills commented on GitHub (Aug 17, 2018):

Hello,
The difference between your .spec and heikoada .spec is that yours use the version as defined from git tag, while heikoada version is "frozen". The net result is that fedora and centOS repositories get a version which automatically supersedes yours.
I can't guess a maintainer E-Mail adress from https://copr.fedorainfracloud.org/coprs/heikoada/firejail/ Is it one of the core developpers ?

Pascal

@CdeMills commented on GitHub (Aug 17, 2018): Hello, The difference between your .spec and heikoada .spec is that yours use the version as defined from git tag, while heikoada version is "frozen". The net result is that fedora and centOS repositories get a version which automatically supersedes yours. I can't guess a maintainer E-Mail adress from https://copr.fedorainfracloud.org/coprs/heikoada/firejail/ Is it one of the core developpers ? Pascal

gitea-mirror commented

2026-05-05 08:04:22 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Aug 17, 2018):

@CdeMills That is not our COPR nor is it the same spec file as in our git. None of the Firejail collaborators are responsible for that COPR. Please use the steps I detailed above to install Firejail.

@Fred-Barclay "0.9.95": more like weird repo or typo

@SkewedZeppelin commented on GitHub (Aug 17, 2018): @CdeMills That is not our COPR nor is it the same spec file as in our git. None of the Firejail collaborators are responsible for that COPR. Please use the steps I detailed above to install Firejail. @Fred-Barclay "0.9.95": more like weird repo or typo

gitea-mirror commented

2026-05-05 08:04:23 -06:00

Author

Owner

@CdeMills commented on GitHub (Aug 17, 2018):

Hello,
I followed your instructions and got firejail up and running, thank you.

I just wanted to know how was behind this "COPR" repository, to report the issues I've got with this specific version.

Regards

Pascal

@CdeMills commented on GitHub (Aug 17, 2018): Hello, I followed your instructions and got firejail up and running, thank you. I just wanted to know how was behind this "COPR" repository, to report the issues I've got with this specific version. Regards Pascal

gitea-mirror commented

2026-05-05 08:04:23 -06:00

Author

Owner

@CdeMills commented on GitHub (Aug 17, 2018):

OK. The Fedora and CentOS maintainer adress can be found at https://fedoraproject.org/wiki/User:Heikoada
I sent the bug report to him.

Regards

Pascal

@CdeMills commented on GitHub (Aug 17, 2018): OK. The Fedora and CentOS maintainer adress can be found at https://fedoraproject.org/wiki/User:Heikoada I sent the bug report to him. Regards Pascal

gitea-mirror referenced this issue

2026-05-05 10:10:51 -06:00

[PR #1407] [MERGED] Add Electron and Riot profiles #3945

Rows
Columns

[GH-ISSUE #2082] Properties and owner of /run/firejail ? #1407