[GH-ISSUE #3039] Cant run firejail firefox #1908

New issue

Closed

opened 2026-05-05 08:34:24 -06:00 by gitea-mirror · 6 comments

gitea-mirror commented 2026-05-05 08:34:24 -06:00

Owner

Copy link

Originally created by @nsauter on GitHub (Nov 12, 2019).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3039

Hi,

maybe im just confused but i cant run a firejail-firefox instance on my computer. Can someone please tell me what i am doing wrong?

$ firejail firefox
Reading profile /etc/firejail/firefox.profile
Reading profile /etc/firejail/firefox-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Parent pid 390181, child pid 390184
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: cleaning all supplementary groups
Error mount bind: fs_whitelist.c:297 whitelist_path: Permission denied
Error: proc 390181 cannot sync with peer: unexpected EOF
Peer 390184 unexpectedly exited with status 1

Even if i add --net remove unix from protocol set this wont work.

Originally created by @nsauter on GitHub (Nov 12, 2019). Original GitHub issue: https://github.com/netblue30/firejail/issues/3039 Hi, maybe im just confused but i cant run a firejail-firefox instance on my computer. Can someone please tell me what i am doing wrong? ``` $ firejail firefox Reading profile /etc/firejail/firefox.profile Reading profile /etc/firejail/firefox-common.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Parent pid 390181, child pid 390184 Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: cleaning all supplementary groups Error mount bind: fs_whitelist.c:297 whitelist_path: Permission denied Error: proc 390181 cannot sync with peer: unexpected EOF Peer 390184 unexpectedly exited with status 1 ``` Even if i add --net remove unix from protocol set this wont work.

gitea-mirror closed this issue 2026-05-05 08:34:25 -06:00

gitea-mirror commented 2026-05-05 08:34:27 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Nov 12, 2019):

distro, firejail version? output of echo $HOME.

<!-- gh-comment-id:552958590 --> @rusty-snake commented on GitHub (Nov 12, 2019): distro, firejail version? output of `echo $HOME`.

gitea-mirror commented 2026-05-05 08:34:27 -06:00

Author

Owner

Copy link

@nsauter commented on GitHub (Nov 13, 2019):

Fedora 31, but i tried it with every fedora version since 29.

firejail version 0.9.57

$HOME is
/home/nsauter

<!-- gh-comment-id:553278159 --> @nsauter commented on GitHub (Nov 13, 2019): Fedora 31, but i tried it with every fedora version since 29. firejail version 0.9.57 $HOME is /home/nsauter

gitea-mirror commented 2026-05-05 08:34:28 -06:00

Author

Owner

Copy link

@smitsohu commented on GitHub (Nov 13, 2019):

Is /home/nsauter a symbolic link?

Could you run firejail --debug-whitelists firefox?

<!-- gh-comment-id:553323236 --> @smitsohu commented on GitHub (Nov 13, 2019): Is /home/nsauter a symbolic link? Could you run `firejail --debug-whitelists firefox`?

gitea-mirror commented 2026-05-05 08:34:28 -06:00

Author

Owner

Copy link

@nsauter commented on GitHub (Nov 13, 2019):

Its a NFS Mounted Home. But i get the same error with local home.

https://pastebin.com/150z4HNQ

<!-- gh-comment-id:553366149 --> @nsauter commented on GitHub (Nov 13, 2019): Its a NFS Mounted Home. But i get the same error with local home. https://pastebin.com/150z4HNQ

gitea-mirror commented 2026-05-05 08:34:28 -06:00

Author

Owner

Copy link

@Vincent43 commented on GitHub (Nov 14, 2019):

Can you show ls -al /usr/bin/firejail output?

<!-- gh-comment-id:553873615 --> @Vincent43 commented on GitHub (Nov 14, 2019): Can you show `ls -al /usr/bin/firejail` output?

gitea-mirror commented 2026-05-05 08:34:29 -06:00

Author

Owner

Copy link

@nsauter commented on GitHub (Nov 18, 2019):

-rwsr-xr-x 1 root root 395928 29. Jul 10:50 /usr/bin/firejail

<!-- gh-comment-id:554915528 --> @nsauter commented on GitHub (Nov 18, 2019): -rwsr-xr-x 1 root root 395928 29. Jul 10:50 /usr/bin/firejail

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

serialize_remounts_v2

landlock_v4

landlock

release-0.9.64

release-0.9.62

gitlab_ci

LTSbase

fred_ctests

docs

0.9.80

0.9.80-rc1

0.9.78

0.9.76

0.9.76-rc4

0.9.76-rc3

0.9.76-rc2

0.9.76-rc1

0.9.74

landlock-split

0.9.72

0.9.72rc1

0.9.70

0.9.68

0.9.68rc1

0.9.66

0.9.66rc1

0.9.64.4

0.9.64.2

0.9.64

0.9.64rc1

0.9.62.4

0.9.62.2

0.9.62

0.9.56.2-LTS

0.9.60

0.9.60-rc1

0.9.58.2

0.9.58

0.9.58-rc1

0.9.56-LTS-release

0.9.56-LTS

0.9.56

0.9.56-rc1

0.9.54

0.9.54-rc2

0.9.54-rc1

0.9.52

0.9.38.12

0.9.50

0.9.50-rc1

0.9.48

0.9.46

0.9.46-rc1

0.9.44.10

0.9.44.8

0.9.44.6

0.9.38.10

0.9.44.4

0.9.38.8

0.9.44.2

0.9.44

0.9.44-rc1

0.9.38.4

0.9.42

0.9.42-rc2

0.9.38.2

0.9.42-rc1

disable-globalcfg

0.9.40

0.9.40-rc1

0.9.38

0.9.38-rc1

0.9.36

0.9.36-rc1

0.9.34

0.9.34-rc1

0.9.32

0.9.32-rc1

0.9.30

0.9.30-rc1

Labels

Clear labels   

LTS merge

  

LTS merge

  

bug

  

bug

  

converted-to-discussion

  

doc-todo

  

documentation

  

duplicate

  

enhancement

  

file-transfer

  

firecfg

  

firejail-in-firejail

  

firetools

  

graphics

  

help wanted

  

information_old

  

installation

  

invalid

  

modif

  

moved

  

needinfo

  

networking

  

notabug

  

notourbug

  

old-version

  

overlayfs

  

packaging

  

profile-request

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question_old

  

removal

  

runtime-permissions

  

sandbox-ipc

  

security

  

stale

  

wiki

  

wiki

  

wontfix

  

wordpress

  

workaround

No labels

LTS merge

LTS merge

bug

bug

converted-to-discussion

doc-todo

documentation

duplicate

enhancement

file-transfer

firecfg

firejail-in-firejail

firetools

graphics

help wanted

information_old

installation

invalid

modif

moved

needinfo

networking

notabug

notourbug

old-version

overlayfs

packaging

profile-request

pull-request

question

question_old

removal

runtime-permissions

sandbox-ipc

security

stale

wiki

wiki

wontfix

wordpress

workaround

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#1908

No description provided.