[GH-ISSUE #2264] Pinta starts without menus

gitea-mirror commented

2026-05-05 08:10:40 -06:00

Owner

Originally created by @igor2x on GitHub (Nov 18, 2018).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2264

Hi,
using Ubuntu 16.04 Desktop 32-bit, so I installed firejail_0.9.56_1_i386.deb

$ firejail --version

firejail version 0.9.56

Compile time support:
- AppArmor support is disabled
- AppImage support is enabled
- chroot support is enabled
- file and directory whitelisting support is enabled
- file transfer support is enabled
- networking support is enabled
- overlayfs support is enabled
- private-home support is enabled
- seccomp-bpf support is enabled
- user namespace support is enabled
- X11 sandboxing support is enabled

Starting "pinta" program from bash shell and program works fine.
Starting "firejail pinta" from bash shell and program starts without menus (PROBLEM).

To capture logs I did:
firejail --debug pinta &> pinta.txt

See attached file: pinta.txt

To narrow down the problem I copied original pinta.profile to my local config dir:
cp /etc/firejail/pinta.profile $HOME/.config/firejail/
and I commented out all commands from above file and from top down started uncommenting lines.

I have found out if I comment out both bellow lines:

#net none
#nodbus

then Pinta starts fine, menus displayed, problem solved.

But uncomment any of above two settings or uncomment both line, then Pinta does not display menus.

What should be the proper "cure" to fix this problem (except obvious commenting this two lines out).

Thanks

Originally created by @igor2x on GitHub (Nov 18, 2018). Original GitHub issue: https://github.com/netblue30/firejail/issues/2264 Hi, using Ubuntu 16.04 Desktop 32-bit, so I installed firejail_0.9.56_1_i386.deb `$ firejail --version` > firejail version 0.9.56 > > Compile time support: > - AppArmor support is disabled > - AppImage support is enabled > - chroot support is enabled > - file and directory whitelisting support is enabled > - file transfer support is enabled > - networking support is enabled > - overlayfs support is enabled > - private-home support is enabled > - seccomp-bpf support is enabled > - user namespace support is enabled > - X11 sandboxing support is enabled Starting "pinta" program from bash shell and program works fine. Starting "firejail pinta" from bash shell and program starts without menus (PROBLEM). ![no_menus](https://user-images.githubusercontent.com/10895030/48675977-6e04db80-eb60-11e8-883a-d3f0d0fbd8c8.png) To capture logs I did: `firejail --debug pinta &> pinta.txt` See attached file: [pinta.txt](https://github.com/netblue30/firejail/files/2593034/pinta.txt) To narrow down the problem I copied original pinta.profile to my local config dir: `cp /etc/firejail/pinta.profile $HOME/.config/firejail/` and I commented out all commands from above file and from top down started uncommenting lines. I have found out if I comment out both bellow lines: ``` #net none #nodbus ``` then Pinta starts fine, menus displayed, problem solved. But uncomment any of above two settings or uncomment both line, then Pinta does not display menus. What should be the proper "cure" to fix this problem (except obvious commenting this two lines out). Thanks

gitea-mirror closed this issue

2026-05-05 08:10:41 -06:00

gitea-mirror commented

2026-05-05 08:10:43 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Nov 20, 2018):

iirc this is an issue with unity/appindicators, #1728 contains some relevant information

@SkewedZeppelin commented on GitHub (Nov 20, 2018): iirc this is an issue with unity/appindicators, #1728 contains some relevant information

gitea-mirror commented

2026-05-05 08:10:44 -06:00

Author

Owner

@igor2x commented on GitHub (Nov 25, 2018):

According to above web page I should install official firejail from Ubuntu package.

Removed current firejail
sudo apt-get remove --purge firejail
Make sure there is no file in:
/usr/local/etc/firejail
/usr/local/bin/firejail
/usr/local/lib/x86_64-linux-gnu/firejail
$HOME/.config/firejail

Actually "firejail" dir/file do not even exists anymore.

Install firejail from official repository
sudo apt install firejail
Now I have launched Pinta using firejail
firejail pinta
and Pinta started successfully and menus are displayed.
I checked and pinta is jailed
firejail --list
It looks like problem solved. But immediately new problem pop-ed out.
When I start firefox:
firejail firefox
and type in some URL or select some bookmark and nothing happens, no web page loaded, just nothing, no indication that something is even happening.
I have checked the firejail version:
firejail --version
firejail version 0.9.38.10

and I see some old version of firejail is installed from official Ubuntu repository.

I don't want to get into loop of: New version, whole new set of problems.

From gimp's bug report #1728 I also see firectl was supposed used, but when I do:
`firectl
I get:
firectl: command not found
I uninstalled firejail from official Ubuntu repository, because I just don't know how many additional problems will appear using official repo version and installed back firejail deb package from Firejail project web site. So now I am back to "firejail 0.9.56" version (the same as my first post in this bug report).
I also see I have reported few mounts ago very similar problem with menus not working in Firefox in bug #1942 and work-around solution was to create local file and disabling not working jailing feature. So now I did:
In /etc/firejail/ I created pinta.local file and typed in:
ignore net none
ignore nodbus
and now Pinta starts jailed with menus displayed.

This is similar workaround as in my first post of this thread but probably more error prone to potential profiles upgrades.

Don't know how good above work-around is, if some security feature is disabled, then program may in some way escape the sandbox jail.

@igor2x commented on GitHub (Nov 25, 2018): According to above web page I should install official firejail from Ubuntu package. 1. Removed current firejail `sudo apt-get remove --purge firejail` 2. Make sure there is no file in: /usr/local/etc/firejail /usr/local/bin/firejail /usr/local/lib/x86_64-linux-gnu/firejail $HOME/.config/firejail Actually "firejail" dir/file do not even exists anymore. 3. Install firejail from official repository `sudo apt install firejail` 4. Now I have launched Pinta using firejail `firejail pinta` and Pinta started successfully and menus are displayed. 5. I checked and pinta is jailed firejail --list 6. It looks like problem solved. But immediately new problem pop-ed out. When I start firefox: firejail firefox and type in some URL or select some bookmark and nothing happens, no web page loaded, just nothing, no indication that something is even happening. 7. I have checked the firejail version: firejail --version firejail version 0.9.38.10 and I see some old version of firejail is installed from official Ubuntu repository. I don't want to get into loop of: New version, whole new set of problems. 8. From gimp's bug report #1728 I also see firectl was supposed used, but when I do: `firectl I get: firectl: command not found 9. I uninstalled firejail from official Ubuntu repository, because I just don't know how many additional problems will appear using official repo version and installed back firejail deb package from Firejail project web site. So now I am back to "firejail 0.9.56" version (the same as my first post in this bug report). 10. I also see I have reported few mounts ago very similar problem with menus not working in Firefox in bug #1942 and work-around solution was to create local file and disabling not working jailing feature. So now I did: In /etc/firejail/ I created pinta.local file and typed in: ignore net none ignore nodbus and now Pinta starts jailed with menus displayed. This is similar workaround as in my first post of this thread but probably more error prone to potential profiles upgrades. Don't know how good above work-around is, if some security feature is disabled, then program may in some way escape the sandbox jail.

gitea-mirror commented

2026-05-05 08:10:45 -06:00

Author

Owner

@smitsohu commented on GitHub (Nov 26, 2018):

Could you try it with the following pinta.local

env UBUNTU_MENUPROXY=0
#ignore net none
#ignore nodbus

@smitsohu commented on GitHub (Nov 26, 2018): Could you try it with the following pinta.local ``` env UBUNTU_MENUPROXY=0 #ignore net none #ignore nodbus ```

gitea-mirror commented

2026-05-05 08:10:46 -06:00

Author

Owner

@igor2x commented on GitHub (Nov 29, 2018):

@smitsohu, I tried your setting and Pinta starts and displays menu and menus are working fine, but menu is not positioned on most top (where I like it), but little bit lower. So this solution semi-fixes the problem.

Terminal output of firejail pinta is:

Reading profile /etc/firejail/pinta.profile
Reading profile /etc/firejail/pinta.local
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Parent pid 15765, child pid 15768
Warning fseccomp: --protocol not supported on this platform
Child process initialized in 152.71 ms

** (Pinta:4): WARNING **: Couldn't connect to accessibility bus: Failed to connect to socket /tmp/dbus-1GcVFmW2bk: Connection refused

@igor2x commented on GitHub (Nov 29, 2018): @smitsohu, I tried your setting and Pinta starts and displays menu and menus are working fine, but menu is not positioned on most top (where I like it), but little bit lower. So this solution semi-fixes the problem. ![menu_not_on_top](https://user-images.githubusercontent.com/10895030/49233994-78906200-f3f7-11e8-97a0-ab2f6237163c.png) Terminal output of `firejail pinta` is: > Reading profile /etc/firejail/pinta.profile > Reading profile /etc/firejail/pinta.local > Reading profile /etc/firejail/disable-common.inc > Reading profile /etc/firejail/disable-devel.inc > Reading profile /etc/firejail/disable-interpreters.inc > Reading profile /etc/firejail/disable-passwdmgr.inc > Reading profile /etc/firejail/disable-programs.inc > Reading profile /etc/firejail/disable-xdg.inc > Parent pid 15765, child pid 15768 > Warning fseccomp: --protocol not supported on this platform > Child process initialized in 152.71 ms > > ** (Pinta:4): WARNING **: Couldn't connect to accessibility bus: Failed to connect to socket /tmp/dbus-1GcVFmW2bk: Connection refused

gitea-mirror commented

2026-05-05 08:10:47 -06:00

Author

Owner

@smitsohu commented on GitHub (Nov 29, 2018):

I guess env UBUNTU_MENUPROXY=0 is then the best solution we have in this moment.

A third approach would be to fiddle with Apparmor, which provides quite fine grained control over D-Bus.

@smitsohu commented on GitHub (Nov 29, 2018): I guess `env UBUNTU_MENUPROXY=0` is then the best solution we have in this moment. A third approach would be to fiddle with Apparmor, which provides quite fine grained control over D-Bus.

gitea-mirror commented

2026-05-05 08:10:47 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (May 20, 2019):

@igor2x Is this still an issue?

@chiraag-nataraj commented on GitHub (May 20, 2019): @igor2x Is this still an issue?

gitea-mirror commented

2026-05-05 08:10:48 -06:00

Author

Owner

@igor2x commented on GitHub (May 21, 2019):

@chiraag-nataraj, I currently use firejail 0.9.58.2 and there is the same problem.

I currently use /etc/firejail/pinta.local with settings:
ignore net none
ignore nodbus

Currently the best I can think of...

P.S. This is not such a crucial problem for me, if you like to close down the bug report it is fine with me. Pinta is currently more or less death project. The last official stable version was released 4 years ago. Probably not a lot of users are using it now days.

@igor2x commented on GitHub (May 21, 2019): @chiraag-nataraj, I currently use firejail 0.9.58.2 and there is the same problem. I currently use /etc/firejail/pinta.local with settings: ignore net none ignore nodbus Currently the best I can think of... P.S. This is not such a crucial problem for me, if you like to close down the bug report it is fine with me. Pinta is currently more or less death project. The last official stable version [was released 4 years ago.](https://pinta-project.com/pintaproject/pinta/releases/1-6) Probably not a lot of users are using it now days.

gitea-mirror commented

2026-05-05 08:10:48 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (May 21, 2019):

@igor2x I'll probably close this then, since you've found a workaround that works on your end. And wow, yeah...it hasn't been updated in a long time...surprised the version in Debian sid is even still installable...

@chiraag-nataraj commented on GitHub (May 21, 2019): @igor2x I'll probably close this then, since you've found a workaround that works on your end. And wow, yeah...it hasn't been updated in a _long_ time...surprised the version in Debian sid is even still installable...

gitea-mirror referenced this issue

2026-05-05 10:11:54 -06:00

[PR #1515] [MERGED] Fix Spotify #1513 #4001

Rows
Columns

[GH-ISSUE #2264] Pinta starts without menus #1515