[GH-ISSUE #2406] Duplicate bookmarks in Firefox

gitea-mirror commented

2026-05-05 08:15:36 -06:00

Owner

Originally created by @bertradio on GitHub (Feb 16, 2019).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2406

Originally created by @bertradio on GitHub (Feb 16, 2019). Original GitHub issue: https://github.com/netblue30/firejail/issues/2406

gitea-mirror

2026-05-05 08:15:36 -06:00

closed this issue
added the
information_old
label

gitea-mirror commented

2026-05-05 08:15:39 -06:00

Author

Owner

@bertradio commented on GitHub (Feb 16, 2019):

I run both Firefox and Chrome under firejail. Within Chrome when I try and save a page all my bookmarks are correct. But when I try and save a page in Firefox I see duplicate bookmarks. I am running the latest version of firejail (o.9.28.2). Any idea what might be happening. Evidently the bookmarks are saved somewhere but I cannot find where. I am using Linux Mint 19.1.

@bertradio commented on GitHub (Feb 16, 2019): I run both Firefox and Chrome under firejail. Within Chrome when I try and save a page all my bookmarks are correct. But when I try and save a page in Firefox I see duplicate bookmarks. I am running the latest version of firejail (o.9.28.2). Any idea what might be happening. Evidently the bookmarks are saved somewhere but I cannot find where. I am using Linux Mint 19.1. ![example](https://user-images.githubusercontent.com/47680581/52892695-b9bc2680-3149-11e9-8adb-b6ab4eadb1c1.jpg)

gitea-mirror commented

2026-05-05 08:15:39 -06:00

Author

Owner

@smitsohu commented on GitHub (Feb 17, 2019):

I am running the latest version of firejail (o.9.28.2)

Do you mean 0.9.58.2? Version 0.9.28 is very old, unsupported and has lots of known issues (pick a package with the newest version e.g. from here)

Did you try what happens when you run them without firejail?

/usr/bin/firefox
/usr/bin/chromium
# or /usr/bin/google-chrome or whatever your path is

@smitsohu commented on GitHub (Feb 17, 2019): > I am running the latest version of firejail (o.9.28.2) Do you mean 0.9.58.2? Version 0.9.28 is very old, unsupported and has lots of known issues (pick a package with the newest version e.g. from [here](https://sourceforge.net/projects/firejail/files/firejail)) Did you try what happens when you run them without firejail? ``` /usr/bin/firefox /usr/bin/chromium # or /usr/bin/google-chrome or whatever your path is ```

gitea-mirror commented

2026-05-05 08:15:40 -06:00

Author

Owner

@bertradio commented on GitHub (Feb 17, 2019):

You are right, that's a typo. I am running 0.9.58.2, the latest.

Everything is fine if I run without firejail - no duplicates. And Chrome is fine with and without firejail. I also run FF and firejail on another computer and there are no duplicates there. So it must have something to do with my installation or config files.

@bertradio commented on GitHub (Feb 17, 2019): You are right, that's a typo. I am running 0.9.58.2, the latest. Everything is fine if I run without firejail - no duplicates. And Chrome is fine with and without firejail. I also run FF and firejail on another computer and there are no duplicates there. So it must have something to do with my installation or config files.

gitea-mirror commented

2026-05-05 08:15:41 -06:00

Author

Owner

@bertradio commented on GitHub (Feb 17, 2019):

I did a complete uninstall in Synaptic and reinstall so I have unmodified profiles. Now I have this:

Note that the entry for Home (with a capital H) points to my user home. The entires for "home" (small h) point to the home folder in rook which contains my Home.

@bertradio commented on GitHub (Feb 17, 2019): I did a complete uninstall in Synaptic and reinstall so I have unmodified profiles. Now I have this: ![image](https://user-images.githubusercontent.com/47680581/52916570-22181e80-3296-11e9-9c70-a1b4f8697866.png) Note that the entry for Home (with a capital H) points to my user home. The entires for "home" (small h) point to the home folder in rook which contains my Home.

gitea-mirror commented

2026-05-05 08:15:42 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (Feb 17, 2019):

This is because the private-* options mount tmpfs on top of various directories. Those directories show up as "mounts" in various file managers.

The reason you're seeing differences between firefox and chromium is that the chromium profile is much looser than the firefox one (due to chromium needing tons of privileges to set up its own sandbox). I don't see why that would necessarily affect this, but it is what it is.

Regardless, this isn't really a bug. It's mostly just an artifact of the way whitelisting is implemented.

@chiraag-nataraj commented on GitHub (Feb 17, 2019): This is because the `private-*` options mount `tmpfs` on top of various directories. Those directories show up as "mounts" in various file managers. The reason you're seeing differences between firefox and chromium is that the chromium profile is much looser than the firefox one (due to chromium needing tons of privileges to set up its _own_ sandbox). I don't see why that would necessarily affect this, but it is what it is. Regardless, this isn't really a bug. It's mostly just an artifact of the way whitelisting is implemented.

gitea-mirror commented

2026-05-05 08:15:42 -06:00

Author

Owner

@bertradio commented on GitHub (Feb 17, 2019):

So I guess I'll have to live with this... unless you know of somewhere in the system I could get rid of the duplicates.

@bertradio commented on GitHub (Feb 17, 2019): So I guess I'll have to live with this... unless you know of somewhere in the system I could get rid of the duplicates.

gitea-mirror commented

2026-05-05 08:15:43 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (Feb 17, 2019):

Not that I know of, nope. Unless you can configure the file manager not to show you mounted stuff (which would probably be inconvenient in the general use case).

The fundamental problem here is that stuff mounted by firejail (to hide things) appears exactly the same as, say, a flash drive you mounted to copy files. It's using the same subsystems (well...tmpfs versus reading from an actual filesystem, but still...same overall subsystem), which means you can't hide one without hiding the other (and users rarely want to hide mounted flash drives from their sidebar).

@chiraag-nataraj commented on GitHub (Feb 17, 2019): Not that I know of, nope. Unless you can configure the file manager not to show you mounted stuff (which would probably be inconvenient in the general use case). The fundamental problem here is that stuff mounted by firejail (to hide things) appears exactly the same as, say, a flash drive you mounted to copy files. It's using the same subsystems (well...tmpfs versus reading from an actual filesystem, but still...same overall subsystem), which means you can't hide one without hiding the other (and users rarely want to hide mounted flash drives from their sidebar).

gitea-mirror commented

2026-05-05 08:15:43 -06:00

Author

Owner

@bertradio commented on GitHub (Feb 17, 2019):

Thanks. It's a minor inconvenience that I can live with.

On Sun, Feb 17, 2019, at 12:38, ಚಿರಾಗ್ ನಟರಾಜ್ wrote:

Not that I know of, nope. Unless you can configure the file manager
not to show you mounted stuff (which would probably be inconvenient in
the general use case).> The fundamental problem here is that stuff mounted by firejail (to
hide things) appears exactly the same as, say, a flash drive you
mounted to copy files. It's using the same subsystems (well...tmpfs
versus reading from an actual filesystem, but still...same overall
subsystem), which means you can't hide one without hiding the other
(and users rarely want to hide mounted flash drives from their
sidebar).> — You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub[1], or mute the
thread[2].

Links:

@bertradio commented on GitHub (Feb 17, 2019): Thanks. It's a minor inconvenience that I can live with. On Sun, Feb 17, 2019, at 12:38, ಚಿರಾಗ್ ನಟರಾಜ್ wrote: > Not that I know of, nope. Unless you can configure the file manager > not to show you mounted stuff (which would probably be inconvenient in > the general use case).> The fundamental problem here is that stuff mounted by firejail (to > hide things) appears exactly the same as, say, a flash drive you > mounted to copy files. It's using the same subsystems (well...tmpfs > versus reading from an actual filesystem, but still...same overall > subsystem), which means you can't hide one without hiding the other > (and users rarely want to hide mounted flash drives from their > sidebar).> — You are receiving this because you modified the open/close state. > Reply to this email directly, view it on GitHub[1], or mute the > thread[2]. Links: 1. https://github.com/netblue30/firejail/issues/2406#issuecomment-464505854 2. https://github.com/notifications/unsubscribe-auth/AteMRaif1HjOFc-mBRYq8_AsO9aaDNv_ks5vOb3SgaJpZM4a-tjE

gitea-mirror commented

2026-05-05 08:15:43 -06:00

Author

Owner

@ghost commented on GitHub (Feb 17, 2019):

I also run FF and firejail on another computer and there are no duplicates there. So it must have something to do with my installation or config files.

@bertradio Have you compared ~/.config/gtk-3.0/bookmarks yet between both installations? Try shutting down your file-manager, remove any duplicates from that file and see if that helps at all.

@ghost commented on GitHub (Feb 17, 2019): > I also run FF and firejail on another computer and there are no duplicates there. So it must have something to do with my installation or config files. @bertradio Have you compared `~/.config/gtk-3.0/bookmarks` yet between both installations? Try shutting down your file-manager, remove any duplicates from that file and see if that helps at all.

gitea-mirror commented

2026-05-05 08:15:44 -06:00

Author

Owner

@bertradio commented on GitHub (Feb 17, 2019):

Yes. The bookmarks files are identical and there are no duplicates in the bookmark files.

@bertradio commented on GitHub (Feb 17, 2019): Yes. The bookmarks files are identical and there are no duplicates in the bookmark files.

gitea-mirror commented

2026-05-05 08:15:44 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (Feb 18, 2019):

Also, fwiw, this randomly stopped happening for me with my firefox profile (which you can find here).

@chiraag-nataraj commented on GitHub (Feb 18, 2019): Also, fwiw, this randomly stopped happening for me with my `firefox` profile (which you can find [here](https://github.com/chiraag-nataraj/firejail-profiles)).

gitea-mirror commented

2026-05-05 08:15:45 -06:00

Author

Owner

@bertradio commented on GitHub (Feb 18, 2019):

Thanks. But our systems seem different and it did not work on mine. I'll just live with the problem,

@bertradio commented on GitHub (Feb 18, 2019): Thanks. But our systems seem different and it did not work on mine. I'll just live with the problem,

gitea-mirror commented

2026-05-05 08:15:45 -06:00

Author

Owner

@rusty-snake commented on GitHub (Sep 5, 2019):

I figured out when that happened.
Two condtitions must meet:

nobus
access to /etc/fstab

firejail --noprofile zenity --file-selection # NO
firejail --noprofile --nodbus zenity --file-selection # YES
firejail --noprofile --nodbus --private-etc=empty zenity --file-selection # NO
firejail --noprofile --nodbus --private-etc=fstab zenity --file-selection # YES
firejail --noprofile --nodbus --blacklist=/etc/fstab zenity --file-selection # NO

How could firejail prevent that?

Adding blacklist /etc/fstab where possible to profiles with nodbus
Mounting with x-gvfs-hide

mkdir tmp1 tmp2
sudo mount --bind tmp1 tmp2
zenity --file-selection # tmp2 is shown
sudo umount tmp2
sudo mount -o x-gvfs-hide --bind tmp1 tmp2
zenity --file-selection # tmp2 is hidden

Disclaimber: I have only tried and worked with GTK/GIO/GVFS.

@rusty-snake commented on GitHub (Sep 5, 2019): I figured out when that happened. Two condtitions must meet: 1. `nobus` 2. access to `/etc/fstab` ```bash firejail --noprofile zenity --file-selection # NO firejail --noprofile --nodbus zenity --file-selection # YES firejail --noprofile --nodbus --private-etc=empty zenity --file-selection # NO firejail --noprofile --nodbus --private-etc=fstab zenity --file-selection # YES firejail --noprofile --nodbus --blacklist=/etc/fstab zenity --file-selection # NO ``` *** How could firejail prevent that? 1. Adding `blacklist /etc/fstab` where possible to profiles with `nodbus` 2. Mounting with `x-gvfs-hide` ```bash mkdir tmp1 tmp2 sudo mount --bind tmp1 tmp2 zenity --file-selection # tmp2 is shown sudo umount tmp2 sudo mount -o x-gvfs-hide --bind tmp1 tmp2 zenity --file-selection # tmp2 is hidden ``` *** Disclaimber: I have only tried and worked with GTK/GIO/GVFS.

gitea-mirror commented

2026-05-05 08:15:46 -06:00

Author

Owner

@rusty-snake commented on GitHub (Sep 5, 2019):

@bertradio Adding this ?HAS_NODBUS: blacklist /etc/fstab to globals.local should work.

@rusty-snake commented on GitHub (Sep 5, 2019): @bertradio Adding this `?HAS_NODBUS: blacklist /etc/fstab` to `globals.local` should work.

gitea-mirror referenced this issue

2026-05-05 10:12:27 -06:00

[PR #1604] [MERGED] Addition of RLIMIT_AS #4030

gitea-mirror referenced this issue

2026-05-05 10:53:02 -06:00

[PR #6895] [MERGED] tests: rlimit: add missing tests for rlimit-as / rlimit-cpu #6226

Rows
Columns

[GH-ISSUE #2406] Duplicate bookmarks in Firefox #1604