[GH-ISSUE #2410] Firecfg claims "symlinks were created", though none working

gitea-mirror commented

2026-05-05 08:15:47 -06:00

Owner

Originally created by @rugabunda on GitHub (Feb 17, 2019).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2410

Using Lubuntu 18.10 LXQT. (Cosmic Cuttlefish) Depending on your internet speed, you can test to recreate with this pre-made vm in just minutes: https://www.osboxes.org/lubuntu/ what an amazing os. fastest & sexiest ever made imo.

Solution? Must add 'firejail' in .desktop links under /user/share/application after "exec", then firejail loads them fine in terminal, desktop link, start menu, and third party app URL's for browsers; would recommend firecfg does both to avoid such confusion in the future. Even wget is listed there.

Originally created by @rugabunda on GitHub (Feb 17, 2019). Original GitHub issue: https://github.com/netblue30/firejail/issues/2410 Using Lubuntu 18.10 LXQT. (Cosmic Cuttlefish) Depending on your internet speed, you can test to recreate with this pre-made vm in just minutes: https://www.osboxes.org/lubuntu/ what an amazing os. fastest & sexiest ever made imo. Solution? Must add 'firejail' in .desktop links under /user/share/application after "exec", then firejail loads them fine in terminal, desktop link, start menu, and third party app URL's for browsers; would recommend firecfg does both to avoid such confusion in the future. Even wget is listed there.

gitea-mirror closed this issue

2026-05-05 08:15:48 -06:00

gitea-mirror commented

2026-05-05 08:15:50 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Feb 17, 2019):

Must add 'firejail' in .desktop links under /user/share/application after "exe

please do not do this

can you post the output of $PATH, you might not have /usr/local/bin in yours

@SkewedZeppelin commented on GitHub (Feb 17, 2019): > Must add 'firejail' in .desktop links under /user/share/application after "exe please do not do this can you post the output of `$PATH`, you might not have /usr/local/bin in yours

gitea-mirror commented

2026-05-05 08:15:51 -06:00

Author

Owner

@rugabunda commented on GitHub (Feb 18, 2019):

sorry but its the only thing that works for me, so I must at the moment for firejail to work globally. if you can explain why you don't recommend this, i would appreciate that; it would help a lot of people if you added firejail to desktop application configurations.

bash: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin: No such file or directory

@rugabunda commented on GitHub (Feb 18, 2019): sorry but its the only thing that works for me, so I must at the moment for firejail to work globally. if you can explain why you don't recommend this, i would appreciate that; it would help a lot of people if you added firejail to desktop application configurations. bash: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin: No such file or directory

gitea-mirror commented

2026-05-05 08:15:52 -06:00

Author

Owner

@rugabunda commented on GitHub (Feb 18, 2019):

/usr/local/bin ls

2048-qt           display        firefox      localc          lomath      pdftotext  soffice              vlc        xpra
ark               dnsmasq        k3b          lodraw          loweb       qlipper    ssh                  wget
chromium-browser  enchant        kcalc        loffice         lowriter    qpdfview   strings              wireshark
cvlc              enchant-lsmod  less         lofromtemplate  lximage-qt  quassel    torbrowser-launcher  xcalc
dig               feh            libreoffice  loimpress       patch       skanlite   transmission-qt      Xephyr

firecfg --list

/usr/local/bin/enchant
/usr/local/bin/torbrowser-launcher
/usr/local/bin/lximage-qt
/usr/local/bin/transmission-qt
/usr/local/bin/wget
/usr/local/bin/lomath
/usr/local/bin/patch
/usr/local/bin/xcalc
/usr/local/bin/pdftotext
/usr/local/bin/enchant-lsmod
/usr/local/bin/lodraw
/usr/local/bin/libreoffice
/usr/local/bin/cvlc
/usr/local/bin/2048-qt
/usr/local/bin/k3b
/usr/local/bin/display
/usr/local/bin/soffice
/usr/local/bin/ark
/usr/local/bin/qpdfview
/usr/local/bin/lowriter
/usr/local/bin/Xephyr
/usr/local/bin/firefox
/usr/local/bin/dig
/usr/local/bin/vlc
/usr/local/bin/ssh
/usr/local/bin/quassel
/usr/local/bin/loweb
/usr/local/bin/loffice
/usr/local/bin/strings
/usr/local/bin/skanlite
/usr/local/bin/wireshark
/usr/local/bin/localc
/usr/local/bin/chromium-browser
/usr/local/bin/kcalc

still not working; however, adding firejail to .desktop application configuration manually does work.

@rugabunda commented on GitHub (Feb 18, 2019): ``` /usr/local/bin ls 2048-qt display firefox localc lomath pdftotext soffice vlc xpra ark dnsmasq k3b lodraw loweb qlipper ssh wget chromium-browser enchant kcalc loffice lowriter qpdfview strings wireshark cvlc enchant-lsmod less lofromtemplate lximage-qt quassel torbrowser-launcher xcalc dig feh libreoffice loimpress patch skanlite transmission-qt Xephyr ``` ``` firecfg --list /usr/local/bin/enchant /usr/local/bin/torbrowser-launcher /usr/local/bin/lximage-qt /usr/local/bin/transmission-qt /usr/local/bin/wget /usr/local/bin/lomath /usr/local/bin/patch /usr/local/bin/xcalc /usr/local/bin/pdftotext /usr/local/bin/enchant-lsmod /usr/local/bin/lodraw /usr/local/bin/libreoffice /usr/local/bin/cvlc /usr/local/bin/2048-qt /usr/local/bin/k3b /usr/local/bin/display /usr/local/bin/soffice /usr/local/bin/ark /usr/local/bin/qpdfview /usr/local/bin/lowriter /usr/local/bin/Xephyr /usr/local/bin/firefox /usr/local/bin/dig /usr/local/bin/vlc /usr/local/bin/ssh /usr/local/bin/quassel /usr/local/bin/loweb /usr/local/bin/loffice /usr/local/bin/strings /usr/local/bin/skanlite /usr/local/bin/wireshark /usr/local/bin/localc /usr/local/bin/chromium-browser /usr/local/bin/kcalc ``` still not working; however, adding firejail to .desktop application configuration manually does work.

gitea-mirror commented

2026-05-05 08:15:53 -06:00

Author

Owner

@rugabunda commented on GitHub (Feb 18, 2019):

Oh i notice firejail does check .destkop files, will firecfg --fix fix this issue for me, or will this remove my custom modifications?

@rugabunda commented on GitHub (Feb 18, 2019): Oh i notice firejail does check .destkop files, will firecfg --fix fix this issue for me, or will this remove my custom modifications?

gitea-mirror commented

2026-05-05 08:15:54 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Feb 18, 2019):

will firecfg --fix fix this issue for me

that is for fixing hardcoded program paths

.
.
your $PATH seems fine and firecfg did make the symlinks

are you logged in as root?
what is the output of running eg. firejail /usr/bin/wget
what about which wget

@SkewedZeppelin commented on GitHub (Feb 18, 2019): > will firecfg --fix fix this issue for me that is for fixing hardcoded program paths . . your $PATH seems fine and firecfg did make the symlinks are you logged in as root? what is the output of running eg. `firejail /usr/bin/wget` what about `which wget`

gitea-mirror commented

2026-05-05 08:15:55 -06:00

Author

Owner

@rugabunda commented on GitHub (Feb 18, 2019):

it says wget, missing url etc. i am logged on as admin. i ran firejail as sudo, not 'sudo -i' root.

interestingly yesterday when I ran wget (url large file), using another terminal with firejail --list showed wget was not firejailed. however it is working now. I will test other apps and remove my custom .desktop changes and see what happens now.

@rugabunda commented on GitHub (Feb 18, 2019): it says wget, missing url etc. i am logged on as admin. i ran firejail as sudo, not 'sudo -i' root. interestingly yesterday when I ran wget (url large file), using another terminal with firejail --list showed wget was not firejailed. however it is working now. I will test other apps and remove my custom .desktop changes and see what happens now.

gitea-mirror commented

2026-05-05 08:15:56 -06:00

Author

Owner

@rugabunda commented on GitHub (Feb 18, 2019):

Confirmed, everything is working as intended. I have no idea what the heck happened but its all good now. Just one question o/t from the original question, when I load tor browser, firejail shows tor-browser-launcher is firejailed. however once the actual tor browser is opened, firejail does not list tor-browser... are extra steps necessary, or does a firejailed tor-browser-launcher cover all child processes

@rugabunda commented on GitHub (Feb 18, 2019): Confirmed, everything is working as intended. I have no idea what the heck happened but its all good now. Just one question o/t from the original question, when I load tor browser, firejail shows tor-browser-launcher is firejailed. however once the actual tor browser is opened, firejail does not list tor-browser... are extra steps necessary, or does a firejailed tor-browser-launcher cover all child processes

gitea-mirror commented

2026-05-05 08:15:57 -06:00

Author

Owner

@rugabunda commented on GitHub (Feb 18, 2019):

updated previous comment for clarity

@rugabunda commented on GitHub (Feb 18, 2019): updated previous comment for clarity

gitea-mirror commented

2026-05-05 08:15:57 -06:00

Author

Owner

@rugabunda commented on GitHub (Feb 18, 2019):

Does apparmor firefox set to enforce require running firejail --apparmor firefox? or is this redundant, thank y ou

@rugabunda commented on GitHub (Feb 18, 2019): Does apparmor firefox set to enforce require running firejail --apparmor firefox? or is this redundant, thank y ou

Rows
Columns

[GH-ISSUE #2410] Firecfg claims "symlinks were created", though none working #1607