github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #2706] Can't get tor-browser to run with Firejail #1704

New issue
Closed
opened 2026-05-05 08:21:35 -06:00 by gitea-mirror · 27 comments
gitea-mirror commented 2026-05-05 08:21:35 -06:00
Owner
Copy link

Originally created by @ghost on GitHub (May 17, 2019).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2706

Hi!
I can't get tor-browser to run with Firejail.

I edited "torbrowser-launcher.profile".

# Persistent local customizations
#include /etc/firejail/torbrowser-launcher.local
# Persistent global definitions
#include /etc/firejail/globals.local

noblacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser	(EXEC file)
noblacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.config
#noblacklist ${HOME}/.local/share/torbrowser

include /etc/firejail/disable-common.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
include /etc/firejail/disable-programs.inc

whitelist /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser
whitelist /mnt/tor-browser-tmpfs/tor_browser/Browser/.config
#whitelist ${HOME}/.local/share/torbrowser
include /etc/firejail/whitelist-common.inc

caps.drop all
netfilter
nodvd
nogroups
nonewprivs
noroot
notv
novideo
protocol unix,inet,inet6
seccomp
shell none
tracelog

disable-mnt
private-bin bash,cp,dirname,env,expr,file,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,tor-browser-en,torbrowser-launcher
private-dev
private-etc fonts
private-tmp

noexec /tmp

then edited: disable-programs.inc

# "tor-browser-tmpfs"
blacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.cache
blacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.config
#blacklist ${HOME}/.local/share/torbrowser

I typed in terminal...

$ firejail torbrowser-launcher

A error appears:

Reading profile /etc/firejail/torbrowser-launcher.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Parent pid 35190, child pid 35191
Private /etc installed in 24.88 ms
TESTING warning: noblacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser not matched by a proper blacklist command in disable*.inc
Blacklist violations are logged to syslog
Child process initialized in 198.33 ms
Error: no suitable torbrowser-launcher executable found

Parent is shutting down, bye...

Firejail don't found the EXEC file of tor-browser.
When I typed in terminal /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser... tor-browser starts.

How can I fix that?

Please help, thanks!

Originally created by @ghost on GitHub (May 17, 2019). Original GitHub issue: https://github.com/netblue30/firejail/issues/2706 Hi! I can't get tor-browser to run with Firejail. I edited "torbrowser-launcher.profile". ``` # Persistent local customizations #include /etc/firejail/torbrowser-launcher.local # Persistent global definitions #include /etc/firejail/globals.local noblacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser (EXEC file) noblacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.config #noblacklist ${HOME}/.local/share/torbrowser include /etc/firejail/disable-common.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc whitelist /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser whitelist /mnt/tor-browser-tmpfs/tor_browser/Browser/.config #whitelist ${HOME}/.local/share/torbrowser include /etc/firejail/whitelist-common.inc caps.drop all netfilter nodvd nogroups nonewprivs noroot notv novideo protocol unix,inet,inet6 seccomp shell none tracelog disable-mnt private-bin bash,cp,dirname,env,expr,file,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,tor-browser-en,torbrowser-launcher private-dev private-etc fonts private-tmp noexec /tmp ``` then edited: `disable-programs.inc` ``` # "tor-browser-tmpfs" blacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.cache blacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.config #blacklist ${HOME}/.local/share/torbrowser ``` I typed in terminal... ``$ firejail torbrowser-launcher`` A error appears: ``` Reading profile /etc/firejail/torbrowser-launcher.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/whitelist-common.inc Parent pid 35190, child pid 35191 Private /etc installed in 24.88 ms TESTING warning: noblacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser not matched by a proper blacklist command in disable*.inc Blacklist violations are logged to syslog Child process initialized in 198.33 ms Error: no suitable torbrowser-launcher executable found Parent is shutting down, bye... ``` Firejail don't found the EXEC file of tor-browser. When I typed in terminal `/mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser`... tor-browser starts. How can I fix that? Please help, thanks!
gitea-mirror 2026-05-05 08:21:35 -06:00
gitea-mirror commented 2026-05-05 08:21:39 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 17, 2019):

  1. Can you please use codeblock in the future for profiles (it's easier to read).
  2. You need to remove noexec /tmp and private-tmp
<!-- gh-comment-id:493441584 --> @rusty-snake commented on GitHub (May 17, 2019): 1. Can you please use codeblock in the future for profiles (it's easier to read). 2. You need to remove `noexec /tmp` and `private-tmp`
gitea-mirror commented 2026-05-05 08:21:40 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 23, 2019):

ok, thanks, I'll try it out.

<!-- gh-comment-id:495293289 --> @ghost commented on GitHub (May 23, 2019): ok, thanks, I'll try it out.
gitea-mirror commented 2026-05-05 08:21:41 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 23, 2019):

I renamed my tor-browser-profile to: "start-tor-browser.profile"

When I start "firejail /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser"

I edited: "disable-programs.inc"

blacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.cache
blacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.config
#blacklist ${HOME}/.local/share/torbrowser

I got these errors:

Reading profile /etc/firejail/start-tor-browser.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Parent pid 23374, child pid 23375
Private /etc installed in 27.31 ms
TESTING warning: noblacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser not matched by a proper blacklist command in disable*.inc
Blacklist violations are logged to syslog
Child process initialized in 223.39 ms
Error: no suitable /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser executable found

Parent is shutting down, bye...

What I have do do to fix that? How can I add the exec file "start-tor-browser" so firejail can find it?

Please help, thanks!

<!-- gh-comment-id:495302807 --> @ghost commented on GitHub (May 23, 2019): I renamed my tor-browser-profile to: "start-tor-browser.profile" When I start "firejail /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser" I edited: "disable-programs.inc" blacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.cache blacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/.config #blacklist ${HOME}/.local/share/torbrowser I got these errors: Reading profile /etc/firejail/start-tor-browser.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/whitelist-common.inc Parent pid 23374, child pid 23375 Private /etc installed in 27.31 ms TESTING warning: noblacklist /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser not matched by a proper blacklist command in disable*.inc Blacklist violations are logged to syslog Child process initialized in 223.39 ms Error: no suitable /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser executable found Parent is shutting down, bye... What I have do do to fix that? How can I add the exec file "start-tor-browser" so firejail can find it? Please help, thanks!
gitea-mirror commented 2026-05-05 08:21:42 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 23, 2019):

@cokeflash use the following profile (save as e.g. $HOME/.config/firejail/torbrowser.profile):

# Persistent local customizations
include /etc/firejail/torbrowser.local
# Persistent global definitions
include /etc/firejail/globals.local

include /etc/firejail/disable-common.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
include /etc/firejail/disable-programs.inc

include /etc/firejail/whitelist-common.inc
include /etc/firejail/whitelist-var-common.inc

apparmor
caps.drop all
netfilter
nodvd
nogroups
nonewprivs
noroot
notv
novideo
protocol unix,inet,inet6
seccomp
shell none

private-bin bash,cp,dirname,env,expr,file,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,tor-browser-en,torbrowser-launcher
private-dev
# private-etc fonts
private-tmp

noexec ${HOME}
noexec /tmp

and run it with firejail --profile=torbrowser /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser

also which firejail version are you using?

EDIT: I updated the profile.
EDIT: second update.

<!-- gh-comment-id:495323454 --> @rusty-snake commented on GitHub (May 23, 2019): @cokeflash use the following profile (save as e.g. $HOME/.config/firejail/torbrowser.profile): ``` # Persistent local customizations include /etc/firejail/torbrowser.local # Persistent global definitions include /etc/firejail/globals.local include /etc/firejail/disable-common.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc include /etc/firejail/whitelist-common.inc include /etc/firejail/whitelist-var-common.inc apparmor caps.drop all netfilter nodvd nogroups nonewprivs noroot notv novideo protocol unix,inet,inet6 seccomp shell none private-bin bash,cp,dirname,env,expr,file,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,tor-browser-en,torbrowser-launcher private-dev # private-etc fonts private-tmp noexec ${HOME} noexec /tmp ``` and run it with `firejail --profile=torbrowser /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser` also which firejail version are you using? EDIT: I updated the profile. EDIT: second update.
gitea-mirror commented 2026-05-05 08:21:42 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 23, 2019):

Alternative you use my "HOWTO: Firejailed Tor Browser". But this is still not fully finish.

<!-- gh-comment-id:495324249 --> @rusty-snake commented on GitHub (May 23, 2019): Alternative you use my "[HOWTO: Firejailed Tor Browser](https://github.com/rusty-snake/firejailed-tor-browser)". But this is still not fully finish.
gitea-mirror commented 2026-05-05 08:21:43 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 25, 2019):

Ok, thanks! I'll try it out.

<!-- gh-comment-id:495911771 --> @ghost commented on GitHub (May 25, 2019): Ok, thanks! I'll try it out.
gitea-mirror commented 2026-05-05 08:21:43 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 25, 2019):

firejail --profile=torbrowser /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser

Error: cannot access profile file

Can I save the torbrowser.profile to /etc/firejail? ...(where firejail stores other profiles...)

<!-- gh-comment-id:495920674 --> @ghost commented on GitHub (May 25, 2019): # firejail --profile=torbrowser /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser Error: cannot access profile file Can I save the torbrowser.profile to /etc/firejail? ...(where firejail stores other profiles...)
gitea-mirror commented 2026-05-05 08:21:44 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 25, 2019):

Version: 0.9.52-2

<!-- gh-comment-id:495920743 --> @ghost commented on GitHub (May 25, 2019): Version: 0.9.52-2
gitea-mirror commented 2026-05-05 08:21:44 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 25, 2019):

Copied the torbrowser.profile to /etc/firejail... same error, cannot access profile file.

<!-- gh-comment-id:495920995 --> @ghost commented on GitHub (May 25, 2019): Copied the torbrowser.profile to /etc/firejail... same error, cannot access profile file.
gitea-mirror commented 2026-05-05 08:21:45 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 25, 2019):

@cokeflash because of your (old) firejail version. I update the profile above again. You can copy it to ${HOME}/.config/firejail/tor-browser.profile and try executing firejail --profile=$HOME/.config/firejail/tor-browser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser

<!-- gh-comment-id:495923768 --> @rusty-snake commented on GitHub (May 25, 2019): @cokeflash because of your (old) firejail version. I update the profile above again. You can copy it to `${HOME}/.config/firejail/tor-browser.profile` and try executing `firejail --profile=$HOME/.config/firejail/tor-browser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser`
gitea-mirror commented 2026-05-05 08:21:45 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 25, 2019):

Thanks, I'll try it out tomorrow.

Must I set another permission of the torbrowser.profile?

User or root?
Read+Write - Read - Read?

<!-- gh-comment-id:495937391 --> @ghost commented on GitHub (May 25, 2019): Thanks, I'll try it out tomorrow. Must I set another permission of the torbrowser.profile? User or root? Read+Write - Read - Read?
gitea-mirror commented 2026-05-05 08:21:46 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 25, 2019):

The file will read as root, so you can set what you want ;)

The issue above was that your firejail version needs absolut paths for profiles.

<!-- gh-comment-id:495939614 --> @rusty-snake commented on GitHub (May 25, 2019): The file will read as root, so you can set what you want ;) The issue above was that your firejail version needs absolut paths for profiles.
gitea-mirror commented 2026-05-05 08:21:46 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 26, 2019):

I run this command: # firejail --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser

...but FireJail is shutting down :-(

Reading profile /etc/firejail/torbrowser.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Parent pid 6407, child pid 6408
Child process initialized in 204.06 ms

Parent is shutting down, bye...

Some idea?
I use AppArmor,too in my OS.

<!-- gh-comment-id:495983689 --> @ghost commented on GitHub (May 26, 2019): I run this command: # firejail --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser ...but FireJail is shutting down :-( Reading profile /etc/firejail/torbrowser.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Parent pid 6407, child pid 6408 Child process initialized in 204.06 ms Parent is shutting down, bye... Some idea? I use AppArmor,too in my OS.
gitea-mirror commented 2026-05-05 08:21:46 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 26, 2019):

AppArmor is blocking torbrowser with FireJail.

When I run /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser alone, then it works without FireJail.

<!-- gh-comment-id:495984073 --> @ghost commented on GitHub (May 26, 2019): AppArmor is blocking torbrowser with FireJail. When I run /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser alone, then it works without FireJail.
gitea-mirror commented 2026-05-05 08:21:47 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 26, 2019):

[url=https://postimg.cc/5HRmJ7VS][img]https://i.postimg.cc/5HRmJ7VS/App-Armor-denied.png[/img][/url]

<!-- gh-comment-id:495996051 --> @ghost commented on GitHub (May 26, 2019): [url=https://postimg.cc/5HRmJ7VS][img]https://i.postimg.cc/5HRmJ7VS/App-Armor-denied.png[/img][/url]
gitea-mirror commented 2026-05-05 08:21:47 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 26, 2019):

@cokeflash OK, then remove the apparmor line in the profile and try again.

<!-- gh-comment-id:495999615 --> @rusty-snake commented on GitHub (May 26, 2019): @cokeflash OK, then remove the `apparmor` line in the profile and try again.
gitea-mirror commented 2026-05-05 08:21:48 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 27, 2019):

AppArmor torbrowser denied-message is gone but torbrowser with firejail don't start.

See:
firejail firejail --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser
Reading profile /etc/firejail/torbrowser.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Parent pid 31505, child pid 31506
Child process initialized in 239.04 ms

Parent is shutting down, bye...

<!-- gh-comment-id:496184876 --> @ghost commented on GitHub (May 27, 2019): AppArmor torbrowser denied-message is gone but torbrowser with firejail don't start. See: firejail firejail --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser Reading profile /etc/firejail/torbrowser.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Parent pid 31505, child pid 31506 Child process initialized in 239.04 ms Parent is shutting down, bye...
gitea-mirror commented 2026-05-05 08:21:48 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 27, 2019):

Could it be that AppArmor is blocking Firejail to run TorBrowser? I also have an AppArmor profile for FireJail called 'firejail-default' and for the TorBrowser 'home. tor-browser. firefox' ...

Do I have to change anything?

<!-- gh-comment-id:496189247 --> @ghost commented on GitHub (May 27, 2019): Could it be that AppArmor is blocking Firejail to run TorBrowser? I also have an AppArmor profile for FireJail called 'firejail-default' and for the TorBrowser 'home. tor-browser. firefox' ... Do I have to change anything?
gitea-mirror commented 2026-05-05 08:21:49 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 27, 2019):

@cokeflash ok, then comment every line in tor-browser.profile and uncomment line for line and try after any uncomment.

Does one of the following work?
firejail --ignore=private-bin --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser
firejail --noprofile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser

Have you edited /etc/firejail.config?

<!-- gh-comment-id:496189673 --> @rusty-snake commented on GitHub (May 27, 2019): @cokeflash ok, then comment every line in tor-browser.profile and uncomment line for line and try after any uncomment. Does one of the following work? `firejail --ignore=private-bin --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser` `firejail --noprofile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser` Have you edited /etc/firejail.config?
gitea-mirror commented 2026-05-05 08:21:49 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 27, 2019):

No, i don't edited 'firejail.config'.

Must I edit something? Or add something?

<!-- gh-comment-id:496232192 --> @ghost commented on GitHub (May 27, 2019): No, i don't edited 'firejail.config'. Must I edit something? Or add something?
gitea-mirror commented 2026-05-05 08:21:49 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 27, 2019):

Nope.

<!-- gh-comment-id:496238725 --> @rusty-snake commented on GitHub (May 27, 2019): Nope.
gitea-mirror commented 2026-05-05 08:21:50 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 28, 2019):

I'll try it out at weekend.

<!-- gh-comment-id:496555855 --> @ghost commented on GitHub (May 28, 2019): I'll try it out at weekend.
gitea-mirror commented 2026-05-05 08:21:50 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 30, 2019):

Not working:

firejail --ignore=private-bin --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser

Working:
firejail --noprofile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser

Do I edit this line
private-bin bash,cp,dirname,env,expr,file,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,tor-browser-en,torbrowser-launcher

to

private-bin bash,cp,dirname,env,expr,file,firefox,firefox.real,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,start-tor-browser

I disabled all lines in my torbrowser.profile, then it starts with:

firejail --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-

Some line/lines in my torbrowser profile is blocking to start torbrowser.

<!-- gh-comment-id:497315796 --> @ghost commented on GitHub (May 30, 2019): Not working: firejail --ignore=private-bin --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser Working: firejail --noprofile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor-browser Do I edit this line private-bin bash,cp,dirname,env,expr,file,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,tor-browser-en,torbrowser-launcher to private-bin bash,cp,dirname,env,expr,file,firefox,firefox.real,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,start-tor-browser I disabled all lines in my torbrowser.profile, then it starts with: firejail --profile=/etc/firejail/torbrowser.profile /mnt/tor-browser-tmpfs/tor_browser/Browser/start-tor- Some line/lines in my torbrowser profile is blocking to start torbrowser.
gitea-mirror commented 2026-05-05 08:21:51 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 30, 2019):

@cokeflash can you then try uncomment line for line and try after every uncomment (don't forget to save the file aber uncommenting).

Actually, I think that may be an include or seccomp it the issue.

<!-- gh-comment-id:497319848 --> @rusty-snake commented on GitHub (May 30, 2019): @cokeflash can you then try uncomment line for line and try after every uncomment (don't forget to save the file aber uncommenting). Actually, I think that may be an `include` or `seccomp` it the issue.
gitea-mirror commented 2026-05-05 08:21:51 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 30, 2019):

shell none

blocks torbrowser to start with FireJail-profil of torbrowser.

What to do? Remove it? Or edit it?

<!-- gh-comment-id:497369060 --> @ghost commented on GitHub (May 30, 2019): shell none blocks torbrowser to start with FireJail-profil of torbrowser. What to do? Remove it? Or edit it?
gitea-mirror commented 2026-05-05 08:21:51 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (May 30, 2019):

@cokeflash then remove shell none from tor-browser.profile or comment it.

PS: Some else issue with starting tor browser or can we close?

<!-- gh-comment-id:497374007 --> @rusty-snake commented on GitHub (May 30, 2019): @cokeflash then remove `shell none` from tor-browser.profile or comment it. PS: Some else issue with starting tor browser or can we close?
gitea-mirror commented 2026-05-05 08:21:52 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 30, 2019):

'SOLVED'

...is working :-) Thanks for your help.

<!-- gh-comment-id:497375020 --> @ghost commented on GitHub (May 30, 2019): 'SOLVED' ...is working :-) Thanks for your help.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#1704
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?