github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #2223] errors/troubles with x11 #1494

New issue
Closed
opened 2026-05-05 08:09:40 -06:00 by gitea-mirror · 6 comments
gitea-mirror commented 2026-05-05 08:09:40 -06:00
Owner
Copy link

Originally created by @admzzz on GitHub (Oct 29, 2018).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2223

i'm trying to restrict user in his session to vlc only, after adding =anybody to /etc/X11/Xwrapper.config Xpra had started, but with small resolution instead of required 1920x1080 (which was set in /etc/firejail/firejail.config), unmovable and unresizable vlc'c window and without sound (sound works in).
after adding restricted user to xpa group, i got black screen with error, which fall to desktop instead of logouting after hitting OK

Gtk-Message: 05:19:40.126: GtkDialog mapped without a transient parent. This is discouraged.

X.Org X Server 1.19.6
Release Date: 2017-12-20
X Protocol Version 11, Revision 0
Build Operating System: Linux 4.4.0-138-generic x86_64 Ubuntu
Current Operating System: Linux agricolamz 4.18.11-ext73-58.11-intelstandard #16 SMP Sat Sep 29 23:42:09 CEST 2018 x86_64
Kernel command line: BOOT_IMAGE=/boot/vmlinuz-4.18.11-ext73-58.11-intelstandard root=UUID=7a83b632-135e-4619-b6a4-986e587ce028 ro intel_iommu=igfx_off resume=/dev/sda2 ipv6.disable=1 i915.preliminary_hw_support=1 acpi_osi= acpi_backlight=native elevator=noop
Build Date: 25 October 2018  04:11:27PM
xorg-server 2:1.19.6-1ubuntu4.2 (For technical support please see http://www.ubuntu.com/support) 
Current version of pixman: 0.34.0
	Before reporting problems, check http://wiki.x.org
	to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
	(++) from command line, (!!) notice, (II) informational,
	(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(++) Log file: "/run/user/1002/xpra/Xorg.:54.log", Time: Mon Oct 29 05:19:31 2018
(++) Using config file: "/etc/xpra/xorg.conf"
(==) Using system config directory "/usr/share/X11/xorg.conf.d"
2018-10-29 05:19:34,096 created unix domain socket: /run/user/1002/xpra/agricolamz-54
2018-10-29 05:19:34,097 created unix domain socket: /home/vlc-gaper/.xpra/agricolamz-54
2018-10-29 05:19:34,097 created unix domain socket: /run/xpra/agricolamz-54
2018-10-29 05:19:34,185 Warning: zlib is the only compressor enabled
2018-10-29 05:19:34,185  install and enable lzo or lz4 support for better performance
2018-10-29 05:19:34,196 vpx: vp8 encoding failed: No module named numpy
2018-10-29 05:19:34,204 vpx: vp9 encoding failed: No module named numpy
2018-10-29 05:19:34,207 vpx: vp9 encoding failed: No module named numpy
2018-10-29 05:19:34,207 vpx: all the codecs have failed! (vp8, vp9, vp9)
2018-10-29 05:19:34,214 x264: h264 encoding failed: No module named numpy
2018-10-29 05:19:34,214 x264: all the codecs have failed! (h264)
2018-10-29 05:19:34,214 Warning: enc_x264 failed its self test
2018-10-29 05:19:34,227 x265: h265 encoding failed: No module named numpy
2018-10-29 05:19:34,227 x265: all the codecs have failed! (h265)
2018-10-29 05:19:34,227 Warning: enc_x265 failed its self test
2018-10-29 05:19:34,302 ffmpeg: h264+mp4 encoding failed: No module named numpy
2018-10-29 05:19:34,304 ffmpeg: vp8+webm encoding failed: No module named numpy
2018-10-29 05:19:34,309 ffmpeg: mpeg4+mp4 encoding failed: No module named numpy
2018-10-29 05:19:34,309 ffmpeg: all the codecs have failed! (h264+mp4, vp8+webm, mpeg4+mp4)
2018-10-29 05:19:34,312 Warning: csc_swscale failed its self test
2018-10-29 05:19:34,313  No module named numpy
2018-10-29 05:19:34,315 Warning: failed to load the mdns avahi publisher:
2018-10-29 05:19:34,315  No module named avahi
2018-10-29 05:19:34,315  either fix your installation or use the 'mdns=no' option
2018-10-29 05:19:34,793 Error: webcam forwarding disabled:
2018-10-29 05:19:34,793  No module named PIL
2018-10-29 05:19:34,915 Warning: webcam forwarding is disabled
2018-10-29 05:19:34,915  the virtual video directory '/sys/devices/virtual/video4linux' was not found
2018-10-29 05:19:34,915  make sure that the 'v4l2loopback' kernel module is installed and loaded
2018-10-29 05:19:34,915 found 0 virtual video devices for webcam forwarding
2018-10-29 05:19:34,927 pulseaudio server started with pid 19262
2018-10-29 05:19:35,433 GStreamer version 1.14.1 for Python 2.7.15 64-bit
2018-10-29 05:19:35,442 D-Bus notification forwarding is available
2018-10-29 05:19:35,449 xpra X11 version 2.1.3-r17247M 64-bit
2018-10-29 05:19:35,449  uid=1002 (vlc-gaper), gid=1002 (vlc-gaper)
2018-10-29 05:19:35,449  running with pid 19201 on Linux LinuxMint 19 tara
2018-10-29 05:19:35,449  connected to X11 display :54 with 24 bit colors
2018-10-29 05:19:35,496 xpra is ready.
2018-10-29 05:19:35,546 Warning: cannot load enc_vpx video encoder:
2018-10-29 05:19:35,546  no supported encodings!
2018-10-29 05:19:35,548 7.7GB of system memory
Xpra server pid 19201, xpra client pid 19341, jail 19342

*** Attaching to xpra display 54 ***

Reading profile /usr/local/etc/firejail/openbox.profile
Reading profile /usr/local/etc/firejail/disable-common.inc
Parent pid 19342, child pid 19343
Warning: cleaning all supplementary groups
Child process initialized in 50.39 ms

Parent is shutting down, bye...
2018-10-29 05:19:37,939 New unix-domain connection received on /run/user/1002/xpra/agricolamz-54
2018-10-29 05:19:37,940 New unix-domain connection received on /home/vlc-gaper/.xpra/agricolamz-54
2018-10-29 05:19:37,940 New unix-domain connection received on /run/xpra/agricolamz-54
2018-10-29 05:19:37,960 New unix-domain connection received on /run/user/1002/xpra/agricolamz-54
2018-10-29 05:19:37,962 Handshake complete; enabling connection
2018-10-29 05:19:37,976 Python/Gtk2 Linux LinuxMint 19 tara x11 client version 2.1.3-r17247 64-bit
2018-10-29 05:19:37,976  connected from 'agricolamz' as 'vlc-gaper'
2018-10-29 05:19:37,977  mmap is enabled using 256MB area in /tmp/xpra.YUtAD0.mmap
2018-10-29 05:19:37,978  client root window size is 1920x1080 with 1 display:
2018-10-29 05:19:37,978   :0.0 (508x285 mm - DPI: 96x96)
2018-10-29 05:19:37,978     monitor 1 (340x190 mm - DPI: 143x144)
2018-10-29 05:19:38,045 server virtual display now set to 1920x1080
2018-10-29 05:19:38,046 setting key repeat rate from client: 660ms delay / 40ms interval
2018-10-29 05:19:38,047 setting keymap: rules=evdev, model=pc105, layout=us
2018-10-29 05:19:38,064 DPI set to 23 x 25 (wanted 96 x 96)
2018-10-29 05:19:38,064  you may experience scaling problems, such as huge or small fonts, etc
2018-10-29 05:19:38,064  to fix this issue, try the dpi switch, or use a patched Xorg dummy driver
2018-10-29 05:19:38,074 client 1: Attached to :54 (press Control-C to detach)
2018-10-29 05:19:38,078 python netifaces package is missing
2018-10-29 05:19:38,295 New unix-domain connection received on /run/user/1002/xpra/agricolamz-54
2018-10-29 05:19:38,296 New unix-domain connection received on /home/vlc-gaper/.xpra/agricolamz-54
2018-10-29 05:19:38,296 New unix-domain connection received on /run/xpra/agricolamz-54
2018-10-29 05:19:38,352 New unix-domain connection received on /run/user/1002/xpra/agricolamz-54
2018-10-29 05:19:38,354 Python2/GObject client version 2.1.3-r17247 64-bit
2018-10-29 05:19:38,354  connected from 'agricolamz' as 'vlc-gaper'
2018-10-29 05:19:38,355 Shutting down in response to client request
2018-10-29 05:19:38,355 Disconnecting client /run/user/1002/xpra/agricolamz-54:
2018-10-29 05:19:38,355  server shutdown
2018-10-29 05:19:38,355 xpra client 1 disconnected.
2018-10-29 05:19:38,356 xpra client 2 disconnected.
2018-10-29 05:19:38,858 stopping pulseaudio with pid 19262
2018-10-29 05:19:39,371 xpra is terminating.
2018-10-29 05:19:39,374 killing xvfb with pid 19214
2018-10-29 05:19:39,375 removing socket /run/user/1002/xpra/agricolamz-54
2018-10-29 05:19:39,375 removing socket /home/vlc-gaper/.xpra/agricolamz-54
2018-10-29 05:19:39,375 removing socket /run/xpra/agricolamz-54
(II) Server terminated successfully (0). Closing log file.
dbus-update-activation-environment: setting DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1002/bus
dbus-update-activation-environment: setting DISPLAY=:0
dbus-update-activation-environment: setting XAUTHORITY=/home/vlc-gaper/.Xauthority
dbus-update-activation-environment: setting GTK_MODULES=gail:atk-bridge
dbus-update-activation-environment: setting QT_ACCESSIBILITY=1
dbus-update-activation-environment: setting CLUTTER_IM_MODULE=xim
dbus-update-activation-environment: setting LC_MEASUREMENT=ru_RU.UTF-8
dbus-update-activation-environment: setting LC_PAPER=ru_RU.UTF-8
dbus-update-activation-environment: setting LC_MONETARY=ru_RU.UTF-8
dbus-update-activation-environment: setting LANG=en_US.UTF-8
dbus-update-activation-environment: setting GDM_LANG=en_US
dbus-update-activation-environment: setting DISPLAY=:0
dbus-update-activation-environment: setting JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
dbus-update-activation-environment: setting MANDATORY_PATH=/usr/share/gconf/cinnamon.mandatory.path
dbus-update-activation-environment: setting LC_NAME=ru_RU.UTF-8
dbus-update-activation-environment: setting XDG_GREETER_DATA_DIR=/var/lib/lightdm-data/vlc-gaper
dbus-update-activation-environment: setting USER=vlc-gaper
dbus-update-activation-environment: setting DESKTOP_SESSION=cinnamon
dbus-update-activation-environment: setting QT4_IM_MODULE=xim
dbus-update-activation-environment: setting DEFAULTS_PATH=/usr/share/gconf/cinnamon.default.path
dbus-update-activation-environment: setting PWD=/home/vlc-gaper
dbus-update-activation-environment: setting HOME=/home/vlc-gaper
dbus-update-activation-environment: setting QT_ACCESSIBILITY=1
dbus-update-activation-environment: setting XDG_SESSION_TYPE=x11
dbus-update-activation-environment: setting XDG_DATA_DIRS=/usr/share/cinnamon:/usr/share/gnome:/home/vlc-gaper/.local/share/flatpak/exports/share:/var/lib/flatpak/exports/share:/usr/local/share:/usr/share
dbus-update-activation-environment: setting XDG_SESSION_DESKTOP=cinnamon
dbus-update-activation-environment: setting LC_ADDRESS=ru_RU.UTF-8
dbus-update-activation-environment: setting LC_NUMERIC=ru_RU.UTF-8
dbus-update-activation-environment: setting GTK_MODULES=gail:atk-bridge
dbus-update-activation-environment: setting SHELL=/bin/bash
dbus-update-activation-environment: setting XDG_SEAT_PATH=/org/freedesktop/DisplayManager/Seat0
dbus-update-activation-environment: setting QT_IM_MODULE=ibus
dbus-update-activation-environment: setting XMODIFIERS=@im=ibus
dbus-update-activation-environment: setting IM_CONFIG_PHASE=1
dbus-update-activation-environment: setting GPG_AGENT_INFO=/run/user/1002/gnupg/S.gpg-agent:0:1
dbus-update-activation-environment: setting SHLVL=1
dbus-update-activation-environment: setting LANGUAGE=en_US
dbus-update-activation-environment: setting LC_TELEPHONE=ru_RU.UTF-8
dbus-update-activation-environment: setting GDMSESSION=cinnamon
dbus-update-activation-environment: setting LOGNAME=vlc-gaper
dbus-update-activation-environment: setting DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1002/bus
dbus-update-activation-environment: setting XDG_RUNTIME_DIR=/run/user/1002
dbus-update-activation-environment: setting XAUTHORITY=/home/vlc-gaper/.Xauthority
dbus-update-activation-environment: setting XDG_SESSION_PATH=/org/freedesktop/DisplayManager/Session1
dbus-update-activation-environment: setting XDG_CONFIG_DIRS=/etc/xdg/xdg-cinnamon:/etc/xdg
dbus-update-activation-environment: setting PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
dbus-update-activation-environment: setting LC_IDENTIFICATION=ru_RU.UTF-8
dbus-update-activation-environment: setting GTK_IM_MODULE=xim
dbus-update-activation-environment: setting _=/usr/bin/dbus-update-activation-environment
Connection failure: Connection refused
pa_context_connect() failed: Connection refused
[cinnamon-settings-daemon-smartcard] Failed to start: no suitable smartcard driver could be found

ERROR: NVIDIA driver is not loaded


ERROR: Error querying enabled displays on GPU 0 (Missing Extension).


ERROR: Error querying connected displays on GPU 0 (Missing Extension).

Cjs-Message: 05:20:14.883: JS LOG: About to start Cinnamon

(nm-applet:25081): Gtk-WARNING **: 05:20:14.890: Can't set a parent on widget which has a parent
Cjs-Message: 05:20:14.926: JS LOG: [LookingGlass/info] Cinnamon.AppSystem.get_default() started in 40 ms
Cjs-Message: 05:20:14.929: JS LOG: [LookingGlass/info] loading user theme: /usr/share/themes/Linux Mint/cinnamon/cinnamon.css
Cjs-Message: 05:20:14.939: JS LOG: [LookingGlass/info] added icon directory: /usr/share/themes/Linux Mint/cinnamon
** Message: 05:20:14.954: nemo-desktop: session is cinnamon, establishing proxy
Cjs-Message: 05:20:14.995: JS LOG: [LookingGlass/info] PlacesManager: Updating devices
St-Message: 05:20:14.997: cogl npot texture sizes SUPPORTED
Cjs-Message: 05:20:15.003: JS LOG: [LookingGlass/info] loaded at Mon Oct 29 2018 05:20:15 GMT+0300 (MSK)
Cjs-Message: 05:20:15.003: JS LOG: Cinnamon started at Mon Oct 29 2018 05:20:15 GMT+0300 (MSK)
Cjs-Message: 05:20:15.018: JS LOG: [LookingGlass/info] ExtensionSystem started in 0 ms
Cjs-Message: 05:20:15.019: JS LOG: [LookingGlass/info] DeskletManager started in 0 ms
Cjs-Message: 05:20:15.019: JS LOG: [LookingGlass/info] SearchProviderManager started in 0 ms
openGL version 4.5 detected (GL3 Cogl Driver)
MetaSyncRing disabled: couldn't find required GL extensions, or the minimum safe openGL version was not met
Cjs-Message: 05:20:15.102: JS LOG: [LookingGlass/info] Loaded applet removable-drives@cinnamon.org in 16 ms
Cjs-Message: 05:20:15.120: JS LOG: [LookingGlass/info] Loaded applet show-desktop@cinnamon.org in 18 ms
Cjs-Message: 05:20:15.139: JS LOG: [LookingGlass/info] Loaded applet calendar@cinnamon.org in 18 ms
Cjs-Message: 05:20:15.154: JS LOG: [LookingGlass/info] Loaded applet user@cinnamon.org in 16 ms
Cjs-Message: 05:20:15.159: JS LOG: [LookingGlass/info] Loaded applet systray@cinnamon.org in 4 ms
Cjs-Message: 05:20:15.168: JS LOG: [LookingGlass/info] Role locked: notifications
Cjs-Message: 05:20:15.172: JS LOG: [LookingGlass/info] Loaded applet notifications@cinnamon.org in 14 ms
Cjs-Message: 05:20:15.202: JS LOG: [LookingGlass/info] Role locked: panellauncher
Cjs-Message: 05:20:15.204: JS LOG: [LookingGlass/info] Loaded applet panel-launchers@cinnamon.org in 32 ms
Cjs-Message: 05:20:15.215: JS LOG: [LookingGlass/info] Loaded applet keyboard@cinnamon.org in 10 ms
Cjs-Message: 05:20:15.227: JS LOG: [LookingGlass/info] Loaded applet power@cinnamon.org in 10 ms
Cjs-Message: 05:20:15.244: JS LOG: [LookingGlass/info] Loaded applet window-list@cinnamon.org in 18 ms
Cjs-Message: 05:20:15.275: JS LOG: [LookingGlass/info] Loaded applet sound@cinnamon.org in 30 ms
failed to create drawable
Cjs-Message: 05:20:15.336: JS LOG: network applet: Cannot find connection for active (or connection cannot be read)
Cjs-Message: 05:20:15.337: JS LOG: [LookingGlass/info] Loaded applet network@cinnamon.org in 62 ms
Cjs-Message: 05:20:15.714: JS LOG: [LookingGlass/info] Loaded applet menu@cinnamon.org in 378 ms
Cjs-Message: 05:20:15.714: JS LOG: [LookingGlass/info] AppletManager started in 712 ms
Cjs-Message: 05:20:15.716: JS LOG: [LookingGlass/info] Cinnamon took 834 ms to start
Cjs-Message: 05:20:15.827: JS LOG: Invalid network device type, is 14
Cjs-Message: 05:20:15.827: JS LOG: network applet: Found connection for active
Cjs-Message: 05:20:15.970: JS LOG: [LookingGlass/info] Hiding systray: network
Cjs-Message: 05:20:15.971: JS LOG: [LookingGlass/info] Adding systray: nvidia-prime (24x24px)
Cjs-Message: 05:20:15.972: JS LOG: [LookingGlass/info] Adding systray: input-method (24x24px)

(nvidia-prime:25086): Gdk-CRITICAL **: 05:20:16.983: gdk_window_thaw_toplevel_updates: assertion 'window->update_and_descendants_freeze_count > 0' failed
Cjs-Message: 05:20:20.590: JS LOG: [LookingGlass/info] Adding systray: blueberry-tray.py (24x24px)
Gtk-Message: 05:20:28.714: GtkDialog mapped without a transient parent. This is discouraged.
cinnamon-session[19196]: WARNING: t+16,42262s: Playing logout sound '/usr/share/mint-artwork/sounds/logout.ogg'
cinnamon-session[19196]: WARNING: t+16,42608s: Logout sound failed to play, skipping.
cinnamon-session[19196]: GLib-GIO-CRITICAL: t+16,42636s: g_dbus_connection_call_sync_internal: assertion 'G_IS_DBUS_CONNECTION (connection)' failed
Cinnamon warning: Log level 16: invalid (NULL) pointer instance
Gdk-Message: 05:20:30.676: csd-print-notifications: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Cinnamon warning: Log level 8: g_signal_handler_disconnect: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed
Gdk-Message: 05:20:30.676: csd-orientation: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.677: csd-power: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Cinnamon warning: Log level 16: invalid (NULL) pointer instance
Gdk-Message: 05:20:30.677: csd-xsettings: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.677: csd-cursor: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.677: csd-a11y-keyboard: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.677: csd-housekeeping: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.678: csd-xrandr: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.678: csd-clipboard: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.678: csd-screensaver-proxy: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.678: csd-automount: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.679: csd-sound: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.679: csd-media-keys: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.679: csd-wacom: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Cinnamon warning: Log level 8: g_signal_handler_disconnect: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed
Gdk-Message: 05:20:30.681: cinnamon: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.684: nm-applet: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.684: blueberry-obex-agent.py: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.684: nvidia-prime: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.684: csd-background: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.684: csd-keyboard: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.684: cinnamon-killer-daemon: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.685: cinnamon-screensaver-main.py: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.687: csd-mouse: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.687: csd-color: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.687: csd-a11y-settings: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.

Gdk-Message: 05:20:30.749: cinnamon-launcher: Fatal IO error 2 (No such file or directory) on X server :0.


(metacity:27589): metacity-CRITICAL **: 05:20:31.037: Unable to open X display :0
Unable to init server: Could not connect: Connection refused

(mate-panel:27591): Gtk-WARNING **: 05:20:31.039: cannot open display: :0

"firejail --x11=xephyr --private-tmp vlc" in .profile works fine until the closing of vlc - surprisingly it shows desktop instead of logouting too.

linux mint 19.04, xpra v2.1.3-r17247M.

can you sugest a right way for setting vlc-gaper box? ;-)

Originally created by @admzzz on GitHub (Oct 29, 2018). Original GitHub issue: https://github.com/netblue30/firejail/issues/2223 i'm trying to restrict user in his session to vlc only, after adding =anybody to /etc/X11/Xwrapper.config Xpra had started, but with small resolution instead of required 1920x1080 (which was set in /etc/firejail/firejail.config), unmovable and unresizable vlc'c window and without sound (sound works in). after adding restricted user to xpa group, i got black screen with error, which fall to desktop instead of logouting after hitting OK ``` Gtk-Message: 05:19:40.126: GtkDialog mapped without a transient parent. This is discouraged. X.Org X Server 1.19.6 Release Date: 2017-12-20 X Protocol Version 11, Revision 0 Build Operating System: Linux 4.4.0-138-generic x86_64 Ubuntu Current Operating System: Linux agricolamz 4.18.11-ext73-58.11-intelstandard #16 SMP Sat Sep 29 23:42:09 CEST 2018 x86_64 Kernel command line: BOOT_IMAGE=/boot/vmlinuz-4.18.11-ext73-58.11-intelstandard root=UUID=7a83b632-135e-4619-b6a4-986e587ce028 ro intel_iommu=igfx_off resume=/dev/sda2 ipv6.disable=1 i915.preliminary_hw_support=1 acpi_osi= acpi_backlight=native elevator=noop Build Date: 25 October 2018 04:11:27PM xorg-server 2:1.19.6-1ubuntu4.2 (For technical support please see http://www.ubuntu.com/support) Current version of pixman: 0.34.0 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (++) Log file: "/run/user/1002/xpra/Xorg.:54.log", Time: Mon Oct 29 05:19:31 2018 (++) Using config file: "/etc/xpra/xorg.conf" (==) Using system config directory "/usr/share/X11/xorg.conf.d" 2018-10-29 05:19:34,096 created unix domain socket: /run/user/1002/xpra/agricolamz-54 2018-10-29 05:19:34,097 created unix domain socket: /home/vlc-gaper/.xpra/agricolamz-54 2018-10-29 05:19:34,097 created unix domain socket: /run/xpra/agricolamz-54 2018-10-29 05:19:34,185 Warning: zlib is the only compressor enabled 2018-10-29 05:19:34,185 install and enable lzo or lz4 support for better performance 2018-10-29 05:19:34,196 vpx: vp8 encoding failed: No module named numpy 2018-10-29 05:19:34,204 vpx: vp9 encoding failed: No module named numpy 2018-10-29 05:19:34,207 vpx: vp9 encoding failed: No module named numpy 2018-10-29 05:19:34,207 vpx: all the codecs have failed! (vp8, vp9, vp9) 2018-10-29 05:19:34,214 x264: h264 encoding failed: No module named numpy 2018-10-29 05:19:34,214 x264: all the codecs have failed! (h264) 2018-10-29 05:19:34,214 Warning: enc_x264 failed its self test 2018-10-29 05:19:34,227 x265: h265 encoding failed: No module named numpy 2018-10-29 05:19:34,227 x265: all the codecs have failed! (h265) 2018-10-29 05:19:34,227 Warning: enc_x265 failed its self test 2018-10-29 05:19:34,302 ffmpeg: h264+mp4 encoding failed: No module named numpy 2018-10-29 05:19:34,304 ffmpeg: vp8+webm encoding failed: No module named numpy 2018-10-29 05:19:34,309 ffmpeg: mpeg4+mp4 encoding failed: No module named numpy 2018-10-29 05:19:34,309 ffmpeg: all the codecs have failed! (h264+mp4, vp8+webm, mpeg4+mp4) 2018-10-29 05:19:34,312 Warning: csc_swscale failed its self test 2018-10-29 05:19:34,313 No module named numpy 2018-10-29 05:19:34,315 Warning: failed to load the mdns avahi publisher: 2018-10-29 05:19:34,315 No module named avahi 2018-10-29 05:19:34,315 either fix your installation or use the 'mdns=no' option 2018-10-29 05:19:34,793 Error: webcam forwarding disabled: 2018-10-29 05:19:34,793 No module named PIL 2018-10-29 05:19:34,915 Warning: webcam forwarding is disabled 2018-10-29 05:19:34,915 the virtual video directory '/sys/devices/virtual/video4linux' was not found 2018-10-29 05:19:34,915 make sure that the 'v4l2loopback' kernel module is installed and loaded 2018-10-29 05:19:34,915 found 0 virtual video devices for webcam forwarding 2018-10-29 05:19:34,927 pulseaudio server started with pid 19262 2018-10-29 05:19:35,433 GStreamer version 1.14.1 for Python 2.7.15 64-bit 2018-10-29 05:19:35,442 D-Bus notification forwarding is available 2018-10-29 05:19:35,449 xpra X11 version 2.1.3-r17247M 64-bit 2018-10-29 05:19:35,449 uid=1002 (vlc-gaper), gid=1002 (vlc-gaper) 2018-10-29 05:19:35,449 running with pid 19201 on Linux LinuxMint 19 tara 2018-10-29 05:19:35,449 connected to X11 display :54 with 24 bit colors 2018-10-29 05:19:35,496 xpra is ready. 2018-10-29 05:19:35,546 Warning: cannot load enc_vpx video encoder: 2018-10-29 05:19:35,546 no supported encodings! 2018-10-29 05:19:35,548 7.7GB of system memory Xpra server pid 19201, xpra client pid 19341, jail 19342 *** Attaching to xpra display 54 *** Reading profile /usr/local/etc/firejail/openbox.profile Reading profile /usr/local/etc/firejail/disable-common.inc Parent pid 19342, child pid 19343 Warning: cleaning all supplementary groups Child process initialized in 50.39 ms Parent is shutting down, bye... 2018-10-29 05:19:37,939 New unix-domain connection received on /run/user/1002/xpra/agricolamz-54 2018-10-29 05:19:37,940 New unix-domain connection received on /home/vlc-gaper/.xpra/agricolamz-54 2018-10-29 05:19:37,940 New unix-domain connection received on /run/xpra/agricolamz-54 2018-10-29 05:19:37,960 New unix-domain connection received on /run/user/1002/xpra/agricolamz-54 2018-10-29 05:19:37,962 Handshake complete; enabling connection 2018-10-29 05:19:37,976 Python/Gtk2 Linux LinuxMint 19 tara x11 client version 2.1.3-r17247 64-bit 2018-10-29 05:19:37,976 connected from 'agricolamz' as 'vlc-gaper' 2018-10-29 05:19:37,977 mmap is enabled using 256MB area in /tmp/xpra.YUtAD0.mmap 2018-10-29 05:19:37,978 client root window size is 1920x1080 with 1 display: 2018-10-29 05:19:37,978 :0.0 (508x285 mm - DPI: 96x96) 2018-10-29 05:19:37,978 monitor 1 (340x190 mm - DPI: 143x144) 2018-10-29 05:19:38,045 server virtual display now set to 1920x1080 2018-10-29 05:19:38,046 setting key repeat rate from client: 660ms delay / 40ms interval 2018-10-29 05:19:38,047 setting keymap: rules=evdev, model=pc105, layout=us 2018-10-29 05:19:38,064 DPI set to 23 x 25 (wanted 96 x 96) 2018-10-29 05:19:38,064 you may experience scaling problems, such as huge or small fonts, etc 2018-10-29 05:19:38,064 to fix this issue, try the dpi switch, or use a patched Xorg dummy driver 2018-10-29 05:19:38,074 client 1: Attached to :54 (press Control-C to detach) 2018-10-29 05:19:38,078 python netifaces package is missing 2018-10-29 05:19:38,295 New unix-domain connection received on /run/user/1002/xpra/agricolamz-54 2018-10-29 05:19:38,296 New unix-domain connection received on /home/vlc-gaper/.xpra/agricolamz-54 2018-10-29 05:19:38,296 New unix-domain connection received on /run/xpra/agricolamz-54 2018-10-29 05:19:38,352 New unix-domain connection received on /run/user/1002/xpra/agricolamz-54 2018-10-29 05:19:38,354 Python2/GObject client version 2.1.3-r17247 64-bit 2018-10-29 05:19:38,354 connected from 'agricolamz' as 'vlc-gaper' 2018-10-29 05:19:38,355 Shutting down in response to client request 2018-10-29 05:19:38,355 Disconnecting client /run/user/1002/xpra/agricolamz-54: 2018-10-29 05:19:38,355 server shutdown 2018-10-29 05:19:38,355 xpra client 1 disconnected. 2018-10-29 05:19:38,356 xpra client 2 disconnected. 2018-10-29 05:19:38,858 stopping pulseaudio with pid 19262 2018-10-29 05:19:39,371 xpra is terminating. 2018-10-29 05:19:39,374 killing xvfb with pid 19214 2018-10-29 05:19:39,375 removing socket /run/user/1002/xpra/agricolamz-54 2018-10-29 05:19:39,375 removing socket /home/vlc-gaper/.xpra/agricolamz-54 2018-10-29 05:19:39,375 removing socket /run/xpra/agricolamz-54 (II) Server terminated successfully (0). Closing log file. dbus-update-activation-environment: setting DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1002/bus dbus-update-activation-environment: setting DISPLAY=:0 dbus-update-activation-environment: setting XAUTHORITY=/home/vlc-gaper/.Xauthority dbus-update-activation-environment: setting GTK_MODULES=gail:atk-bridge dbus-update-activation-environment: setting QT_ACCESSIBILITY=1 dbus-update-activation-environment: setting CLUTTER_IM_MODULE=xim dbus-update-activation-environment: setting LC_MEASUREMENT=ru_RU.UTF-8 dbus-update-activation-environment: setting LC_PAPER=ru_RU.UTF-8 dbus-update-activation-environment: setting LC_MONETARY=ru_RU.UTF-8 dbus-update-activation-environment: setting LANG=en_US.UTF-8 dbus-update-activation-environment: setting GDM_LANG=en_US dbus-update-activation-environment: setting DISPLAY=:0 dbus-update-activation-environment: setting JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 dbus-update-activation-environment: setting MANDATORY_PATH=/usr/share/gconf/cinnamon.mandatory.path dbus-update-activation-environment: setting LC_NAME=ru_RU.UTF-8 dbus-update-activation-environment: setting XDG_GREETER_DATA_DIR=/var/lib/lightdm-data/vlc-gaper dbus-update-activation-environment: setting USER=vlc-gaper dbus-update-activation-environment: setting DESKTOP_SESSION=cinnamon dbus-update-activation-environment: setting QT4_IM_MODULE=xim dbus-update-activation-environment: setting DEFAULTS_PATH=/usr/share/gconf/cinnamon.default.path dbus-update-activation-environment: setting PWD=/home/vlc-gaper dbus-update-activation-environment: setting HOME=/home/vlc-gaper dbus-update-activation-environment: setting QT_ACCESSIBILITY=1 dbus-update-activation-environment: setting XDG_SESSION_TYPE=x11 dbus-update-activation-environment: setting XDG_DATA_DIRS=/usr/share/cinnamon:/usr/share/gnome:/home/vlc-gaper/.local/share/flatpak/exports/share:/var/lib/flatpak/exports/share:/usr/local/share:/usr/share dbus-update-activation-environment: setting XDG_SESSION_DESKTOP=cinnamon dbus-update-activation-environment: setting LC_ADDRESS=ru_RU.UTF-8 dbus-update-activation-environment: setting LC_NUMERIC=ru_RU.UTF-8 dbus-update-activation-environment: setting GTK_MODULES=gail:atk-bridge dbus-update-activation-environment: setting SHELL=/bin/bash dbus-update-activation-environment: setting XDG_SEAT_PATH=/org/freedesktop/DisplayManager/Seat0 dbus-update-activation-environment: setting QT_IM_MODULE=ibus dbus-update-activation-environment: setting XMODIFIERS=@im=ibus dbus-update-activation-environment: setting IM_CONFIG_PHASE=1 dbus-update-activation-environment: setting GPG_AGENT_INFO=/run/user/1002/gnupg/S.gpg-agent:0:1 dbus-update-activation-environment: setting SHLVL=1 dbus-update-activation-environment: setting LANGUAGE=en_US dbus-update-activation-environment: setting LC_TELEPHONE=ru_RU.UTF-8 dbus-update-activation-environment: setting GDMSESSION=cinnamon dbus-update-activation-environment: setting LOGNAME=vlc-gaper dbus-update-activation-environment: setting DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1002/bus dbus-update-activation-environment: setting XDG_RUNTIME_DIR=/run/user/1002 dbus-update-activation-environment: setting XAUTHORITY=/home/vlc-gaper/.Xauthority dbus-update-activation-environment: setting XDG_SESSION_PATH=/org/freedesktop/DisplayManager/Session1 dbus-update-activation-environment: setting XDG_CONFIG_DIRS=/etc/xdg/xdg-cinnamon:/etc/xdg dbus-update-activation-environment: setting PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin dbus-update-activation-environment: setting LC_IDENTIFICATION=ru_RU.UTF-8 dbus-update-activation-environment: setting GTK_IM_MODULE=xim dbus-update-activation-environment: setting _=/usr/bin/dbus-update-activation-environment Connection failure: Connection refused pa_context_connect() failed: Connection refused [cinnamon-settings-daemon-smartcard] Failed to start: no suitable smartcard driver could be found ERROR: NVIDIA driver is not loaded ERROR: Error querying enabled displays on GPU 0 (Missing Extension). ERROR: Error querying connected displays on GPU 0 (Missing Extension). Cjs-Message: 05:20:14.883: JS LOG: About to start Cinnamon (nm-applet:25081): Gtk-WARNING **: 05:20:14.890: Can't set a parent on widget which has a parent Cjs-Message: 05:20:14.926: JS LOG: [LookingGlass/info] Cinnamon.AppSystem.get_default() started in 40 ms Cjs-Message: 05:20:14.929: JS LOG: [LookingGlass/info] loading user theme: /usr/share/themes/Linux Mint/cinnamon/cinnamon.css Cjs-Message: 05:20:14.939: JS LOG: [LookingGlass/info] added icon directory: /usr/share/themes/Linux Mint/cinnamon ** Message: 05:20:14.954: nemo-desktop: session is cinnamon, establishing proxy Cjs-Message: 05:20:14.995: JS LOG: [LookingGlass/info] PlacesManager: Updating devices St-Message: 05:20:14.997: cogl npot texture sizes SUPPORTED Cjs-Message: 05:20:15.003: JS LOG: [LookingGlass/info] loaded at Mon Oct 29 2018 05:20:15 GMT+0300 (MSK) Cjs-Message: 05:20:15.003: JS LOG: Cinnamon started at Mon Oct 29 2018 05:20:15 GMT+0300 (MSK) Cjs-Message: 05:20:15.018: JS LOG: [LookingGlass/info] ExtensionSystem started in 0 ms Cjs-Message: 05:20:15.019: JS LOG: [LookingGlass/info] DeskletManager started in 0 ms Cjs-Message: 05:20:15.019: JS LOG: [LookingGlass/info] SearchProviderManager started in 0 ms openGL version 4.5 detected (GL3 Cogl Driver) MetaSyncRing disabled: couldn't find required GL extensions, or the minimum safe openGL version was not met Cjs-Message: 05:20:15.102: JS LOG: [LookingGlass/info] Loaded applet removable-drives@cinnamon.org in 16 ms Cjs-Message: 05:20:15.120: JS LOG: [LookingGlass/info] Loaded applet show-desktop@cinnamon.org in 18 ms Cjs-Message: 05:20:15.139: JS LOG: [LookingGlass/info] Loaded applet calendar@cinnamon.org in 18 ms Cjs-Message: 05:20:15.154: JS LOG: [LookingGlass/info] Loaded applet user@cinnamon.org in 16 ms Cjs-Message: 05:20:15.159: JS LOG: [LookingGlass/info] Loaded applet systray@cinnamon.org in 4 ms Cjs-Message: 05:20:15.168: JS LOG: [LookingGlass/info] Role locked: notifications Cjs-Message: 05:20:15.172: JS LOG: [LookingGlass/info] Loaded applet notifications@cinnamon.org in 14 ms Cjs-Message: 05:20:15.202: JS LOG: [LookingGlass/info] Role locked: panellauncher Cjs-Message: 05:20:15.204: JS LOG: [LookingGlass/info] Loaded applet panel-launchers@cinnamon.org in 32 ms Cjs-Message: 05:20:15.215: JS LOG: [LookingGlass/info] Loaded applet keyboard@cinnamon.org in 10 ms Cjs-Message: 05:20:15.227: JS LOG: [LookingGlass/info] Loaded applet power@cinnamon.org in 10 ms Cjs-Message: 05:20:15.244: JS LOG: [LookingGlass/info] Loaded applet window-list@cinnamon.org in 18 ms Cjs-Message: 05:20:15.275: JS LOG: [LookingGlass/info] Loaded applet sound@cinnamon.org in 30 ms failed to create drawable Cjs-Message: 05:20:15.336: JS LOG: network applet: Cannot find connection for active (or connection cannot be read) Cjs-Message: 05:20:15.337: JS LOG: [LookingGlass/info] Loaded applet network@cinnamon.org in 62 ms Cjs-Message: 05:20:15.714: JS LOG: [LookingGlass/info] Loaded applet menu@cinnamon.org in 378 ms Cjs-Message: 05:20:15.714: JS LOG: [LookingGlass/info] AppletManager started in 712 ms Cjs-Message: 05:20:15.716: JS LOG: [LookingGlass/info] Cinnamon took 834 ms to start Cjs-Message: 05:20:15.827: JS LOG: Invalid network device type, is 14 Cjs-Message: 05:20:15.827: JS LOG: network applet: Found connection for active Cjs-Message: 05:20:15.970: JS LOG: [LookingGlass/info] Hiding systray: network Cjs-Message: 05:20:15.971: JS LOG: [LookingGlass/info] Adding systray: nvidia-prime (24x24px) Cjs-Message: 05:20:15.972: JS LOG: [LookingGlass/info] Adding systray: input-method (24x24px) (nvidia-prime:25086): Gdk-CRITICAL **: 05:20:16.983: gdk_window_thaw_toplevel_updates: assertion 'window->update_and_descendants_freeze_count > 0' failed Cjs-Message: 05:20:20.590: JS LOG: [LookingGlass/info] Adding systray: blueberry-tray.py (24x24px) Gtk-Message: 05:20:28.714: GtkDialog mapped without a transient parent. This is discouraged. cinnamon-session[19196]: WARNING: t+16,42262s: Playing logout sound '/usr/share/mint-artwork/sounds/logout.ogg' cinnamon-session[19196]: WARNING: t+16,42608s: Logout sound failed to play, skipping. cinnamon-session[19196]: GLib-GIO-CRITICAL: t+16,42636s: g_dbus_connection_call_sync_internal: assertion 'G_IS_DBUS_CONNECTION (connection)' failed Cinnamon warning: Log level 16: invalid (NULL) pointer instance Gdk-Message: 05:20:30.676: csd-print-notifications: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Cinnamon warning: Log level 8: g_signal_handler_disconnect: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed Gdk-Message: 05:20:30.676: csd-orientation: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.677: csd-power: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Cinnamon warning: Log level 16: invalid (NULL) pointer instance Gdk-Message: 05:20:30.677: csd-xsettings: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.677: csd-cursor: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.677: csd-a11y-keyboard: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.677: csd-housekeeping: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.678: csd-xrandr: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.678: csd-clipboard: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.678: csd-screensaver-proxy: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.678: csd-automount: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.679: csd-sound: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.679: csd-media-keys: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.679: csd-wacom: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Cinnamon warning: Log level 8: g_signal_handler_disconnect: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed Gdk-Message: 05:20:30.681: cinnamon: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.684: nm-applet: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.684: blueberry-obex-agent.py: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.684: nvidia-prime: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.684: csd-background: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.684: csd-keyboard: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.684: cinnamon-killer-daemon: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.685: cinnamon-screensaver-main.py: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.687: csd-mouse: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.687: csd-color: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.687: csd-a11y-settings: Fatal IO error 11 (Resource temporarily unavailable) on X server :0. Gdk-Message: 05:20:30.749: cinnamon-launcher: Fatal IO error 2 (No such file or directory) on X server :0. (metacity:27589): metacity-CRITICAL **: 05:20:31.037: Unable to open X display :0 Unable to init server: Could not connect: Connection refused (mate-panel:27591): Gtk-WARNING **: 05:20:31.039: cannot open display: :0 ``` "firejail --x11=xephyr --private-tmp vlc" in .profile works fine until the closing of vlc - surprisingly it shows desktop instead of logouting too. linux mint 19.04, xpra v2.1.3-r17247M. can you sugest a right way for setting vlc-gaper box? ;-)
gitea-mirror 2026-05-05 08:09:40 -06:00
gitea-mirror commented 2026-05-05 08:09:43 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 20, 2019):

@admzzz so you wish to have a session where only vlc is running/can run and this session should exit if vlc is closed. right? Also, using a tty for login or an display-manager?

<!-- gh-comment-id:485141339 --> @rusty-snake commented on GitHub (Apr 20, 2019): @admzzz so you wish to have a session where only vlc is running/can run and this session should exit if vlc is closed. right? Also, using a tty for login or an display-manager?
gitea-mirror commented 2026-05-05 08:09:44 -06:00
Author
Owner
Copy link

@admzzz commented on GitHub (Apr 22, 2019):

  1. right, and also restrict access only to /home/vlc (the name of directory and user is just an example).
  2. using display-manager, of course - the purpose of the efforts is vlc in a restricted kiosk-mode (i.e. without network access and the possibility of filesystem-traversing).

usecase:
when user vlc (with or without password) is logged in, he should have possibility to browse only his home directory, select a video or audio file(s) from it and play it(them) in fullscreen mode only, if he close vlc, he had to be logged off (i.e. system had to close vlc's session and proceed to display-manager's login screen) automatically.

<!-- gh-comment-id:485447725 --> @admzzz commented on GitHub (Apr 22, 2019): 1) right, and also restrict access only to /home/vlc (the name of directory and user is just an example). 2) using display-manager, of course - the purpose of the efforts is vlc in a restricted kiosk-mode (i.e. without network access and the possibility of filesystem-traversing). usecase: when user vlc (with or without password) is logged in, he should have possibility to browse only his home directory, select a video or audio file(s) from it and play it(them) in fullscreen mode only, if he close vlc, he had to be logged off (i.e. system had to close vlc's session and proceed to display-manager's login screen) automatically.
gitea-mirror commented 2026-05-05 08:09:45 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 22, 2019):

  1. That the user only has access to /home/vlc/VIDEO_FILES is not technically possible AFAIK.
    But blacklisting something is possible.
  2. Wicht distro?
  3. I'd do something like that (After starting X11):
i3 & # A simple WM. alternatively openbox, but i3 has the advantage that vlc is maximized.
firejail --net=none --nodbus --private-srv=none --private-opt=none vlc # --private-etc would still be good ; --blacklist=SOMETHING if you want
exit
<!-- gh-comment-id:485486852 --> @rusty-snake commented on GitHub (Apr 22, 2019): 1. That the user only has access to /home/vlc/VIDEO_FILES is not technically possible AFAIK. But blacklisting something is possible. 2. Wicht distro? 3. I'd do something like that (After starting X11): ``` i3 & # A simple WM. alternatively openbox, but i3 has the advantage that vlc is maximized. firejail --net=none --nodbus --private-srv=none --private-opt=none vlc # --private-etc would still be good ; --blacklist=SOMETHING if you want exit ```
gitea-mirror commented 2026-05-05 08:09:46 -06:00
Author
Owner
Copy link

@admzzz commented on GitHub (Apr 23, 2019):

thanks for idea, but:

  1. how to blacklist a directory /opt (for example)?
  2. linux mint 18.2 (~= ubuntu 16).
  3. where do you put i3&, in .profile?
<!-- gh-comment-id:485768247 --> @admzzz commented on GitHub (Apr 23, 2019): thanks for idea, but: 1) how to blacklist a directory /opt (for example)? 2) linux mint 18.2 (~= ubuntu 16). 3) where do you put `i3&`, in .profile?
gitea-mirror commented 2026-05-05 08:09:47 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 23, 2019):

  1. /opt with --private-opt=none
  2. in general --blacklist=DIR
  3. this is the basic idea for a shell script that starts this xsession
    I don't know how you create a new Xsession for your DM in Mint either.
  4. Keep in mind: TTY login (fix with user-shell = /bin/false)
  5. Keep in mind: User might change the selected Xsession
<!-- gh-comment-id:485816112 --> @rusty-snake commented on GitHub (Apr 23, 2019): 1. /opt with --private-opt=none 2. in general --blacklist=DIR 3. this is the basic idea for a shell script that starts this xsession I don't know how you create a new Xsession for your DM in Mint either. 4. Keep in mind: TTY login (fix with user-shell = /bin/false) 5. Keep in mind: User might change the selected Xsession
gitea-mirror commented 2026-05-05 08:09:47 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Jun 26, 2019):

@admzzz I'm closing here due to inactivity, please fell free to reopen if you have more questions.

<!-- gh-comment-id:505791556 --> @rusty-snake commented on GitHub (Jun 26, 2019): @admzzz I'm closing here due to inactivity, please fell free to reopen if you have more questions.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#1494
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?