github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #2638] Why? Warning: networking feature is disabled in Firejail configuration file #1668

New issue

Closed

opened 2026-05-05 08:18:53 -06:00 by gitea-mirror · 6 comments

gitea-mirror commented

2026-05-05 08:18:53 -06:00

Owner

Originally created by @julien-tmp on GitHub (Apr 6, 2019).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2638

- firejail version: 0.9.58.2
 - Linux distribution: Linux Mint LMDE
 - Problem did no exist in December last year
 - firejail withthe `--noprofile` argument: Does not give a warning about networking

Why is networking now disabled by default and how to enable it?
For example, when running Firefox I get:

Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Warning: networking feature is disabled in Firejail configuration file

I did enable the network with network yes in /etc/firejail/firejail.config

Originally created by @julien-tmp on GitHub (Apr 6, 2019). Original GitHub issue: https://github.com/netblue30/firejail/issues/2638 ``` - firejail version: 0.9.58.2 - Linux distribution: Linux Mint LMDE - Problem did no exist in December last year - firejail withthe `--noprofile` argument: Does not give a warning about networking ``` Why is networking now disabled by default and how to enable it? For example, when running Firefox I get: ``` Reading profile /etc/firejail/default.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Warning: networking feature is disabled in Firejail configuration file ``` I did enable the network with `network yes` in `/etc/firejail/firejail.config`

gitea-mirror

2026-05-05 08:18:53 -06:00

closed this issue
added the
information_old
label

gitea-mirror commented

2026-05-05 08:18:56 -06:00

Author

Owner

@Fred-Barclay commented on GitHub (Apr 7, 2019):

Hi @julien-tmp
Please also install firejail-profiles from stretch backports so you can get the correct firefox profile. Currently, the profile isn't on your system so firejail is trying to use the default profile for firefox instead of the correct one.

Cheers!
Fred

@Fred-Barclay commented on GitHub (Apr 7, 2019): Hi @julien-tmp Please also install `firejail-profiles` from stretch backports so you can get the correct firefox profile. Currently, the profile isn't on your system so firejail is trying to use the default profile for firefox instead of the correct one. Cheers! Fred

gitea-mirror commented

2026-05-05 08:18:57 -06:00

Author

Owner

@julien-tmp commented on GitHub (Apr 7, 2019):

Hi @Fred-Barclay, thank you! I am still encountering this issue after installing the profiles:

firejail --netfilter=/etc/firejail/onlylocal.net --private=/home/username/.firejail-profiles/lan-mgmt firefox -no-remote
Error: networking feature is disabled in Firejail configuration file

Cheers,
Julien

@julien-tmp commented on GitHub (Apr 7, 2019): Hi @Fred-Barclay, thank you! I am still encountering this issue after installing the profiles: ``` firejail --netfilter=/etc/firejail/onlylocal.net --private=/home/username/.firejail-profiles/lan-mgmt firefox -no-remote Error: networking feature is disabled in Firejail configuration file ``` Cheers, Julien

gitea-mirror commented

2026-05-05 08:18:59 -06:00

Author

Owner

@reinerh commented on GitHub (Apr 7, 2019):

You need to change restricted-network in the firejail.config. Or you disable the netfilter setting in the firefox profile.

@reinerh commented on GitHub (Apr 7, 2019): You need to change `restricted-network` in the firejail.config. Or you disable the netfilter setting in the firefox profile.

gitea-mirror commented

2026-05-05 08:19:00 -06:00

Author

Owner

@julien-tmp commented on GitHub (Apr 13, 2019):

Thank you for the tip @reinerh, however, I am not sure if I understand everythin
I have it like this:

# networking features should also be enabled (network yes).
# Restricted networking grants access to --interface, --net=ethXXX and
# --netfilter only to root user. Regular users are only allowed --net=none.
restricted-network yes

What would be the consequence to put it to no?
Does it open any security hole?

@julien-tmp commented on GitHub (Apr 13, 2019): Thank you for the tip @reinerh, however, I am not sure if I understand everythin I have it like this: ``` # networking features should also be enabled (network yes). # Restricted networking grants access to --interface, --net=ethXXX and # --netfilter only to root user. Regular users are only allowed --net=none. restricted-network yes ``` What would be the consequence to put it to no? Does it open any security hole?

gitea-mirror commented

2026-05-05 08:19:00 -06:00

Author

Owner

@Vincent43 commented on GitHub (Apr 13, 2019):

Putting it to no will allow to create new network interfaces which could bypass your network security settings.

@Vincent43 commented on GitHub (Apr 13, 2019): Putting it to `no` will allow to create new network interfaces which could bypass your network security settings.

gitea-mirror commented

2026-05-05 08:19:00 -06:00

Author

Owner

@julien-tmp commented on GitHub (Apr 15, 2019):

It worked, thanks!

@julien-tmp commented on GitHub (Apr 15, 2019): It worked, thanks!

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#1668

No description provided.

Rows
Columns