github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #3047] Need help for Waterofx.profile (Firejail) #1914

New issue

Closed

opened 2026-05-05 08:34:40 -06:00 by gitea-mirror · 3 comments

gitea-mirror commented

2026-05-05 08:34:40 -06:00

Owner

Originally created by @ghost on GitHub (Nov 20, 2019).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3047

Hi!

I created a Waterfox.profile for Firejail.

include /etc/firejail/waterfox.profile.local
include globals.local

include /etc/firejail/disable-common.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-interpreters.inc
include /etc/firejail/disable-passwdmgr.inc
include /etc/firejail/disable-programs.inc

blacklist ${HOME}/.cache/waterfox
blacklist ${HOME}/.waterfox

caps.drop all
machine-id
netfilter
nodvd
nogroups
nonewprivs
noroot
notv
protocol unix,inet
#seccomp
#shell none

private-bin bash,cp,dirname,env,expr,file,waterfox,waterfox-bin,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test
private-dev
private-etc fonts
private-tmp

noexec ${HOME}
noexec /tmp

I run:
firejail --private --dns=84.200.69.80 --dns=84.200.70.40 --profile=/etc/firejail/waterfox.profile /home/unknown/waterfox/waterfox

Error:
Reading profile /etc/firejail/waterfox.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 9202, child pid 9203

DNS server 84.200.69.80
DNS server 84.200.70.40

Private /etc installed in 23.16 ms
38 programs installed in 99.27 ms
Child process initialized in 199.59 ms
/bin/bash: /home/unknown/waterfox/waterfox: No such file or directory

Parent is shutting down, bye...

/home/unknown/waterfox/waterfox: No such file or directory
How can I fix that?

The path to the exec of Waterfox works when I run it without Firejail command.

Originally created by @ghost on GitHub (Nov 20, 2019). Original GitHub issue: https://github.com/netblue30/firejail/issues/3047 Hi! I created a Waterfox.profile for Firejail. > include /etc/firejail/waterfox.profile.local > include globals.local > > include /etc/firejail/disable-common.inc > include /etc/firejail/disable-devel.inc > include /etc/firejail/disable-interpreters.inc > include /etc/firejail/disable-passwdmgr.inc > include /etc/firejail/disable-programs.inc > > blacklist ${HOME}/.cache/waterfox > blacklist ${HOME}/.waterfox > > caps.drop all > machine-id > netfilter > nodvd > nogroups > nonewprivs > noroot > notv > protocol unix,inet > #seccomp > #shell none > > private-bin bash,cp,dirname,env,expr,file,waterfox,waterfox-bin,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test > private-dev > private-etc fonts > private-tmp > > noexec ${HOME} > noexec /tmp I run: firejail --private --dns=84.200.69.80 --dns=84.200.70.40 --profile=/etc/firejail/waterfox.profile /home/unknown/waterfox/waterfox Error: Reading profile /etc/firejail/waterfox.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Warning: networking feature is disabled in Firejail configuration file Parent pid 9202, child pid 9203 DNS server 84.200.69.80 DNS server 84.200.70.40 Private /etc installed in 23.16 ms 38 programs installed in 99.27 ms Child process initialized in 199.59 ms /bin/bash: /home/unknown/waterfox/waterfox: No such file or directory Parent is shutting down, bye... /home/unknown/waterfox/waterfox: No such file or directory How can I fix that? The path to the exec of Waterfox works when I run it without Firejail command.

gitea-mirror

2026-05-05 08:34:40 -06:00

closed this issue
added the
information_old
label

gitea-mirror commented

2026-05-05 08:34:42 -06:00

Author

Owner

@rusty-snake commented on GitHub (Nov 20, 2019):

Hi,

I thing the issue is noexec ${HOME} if /home/unknown/waterfox/waterfox is a elf-file. Or is it a symlink?
Also what against the waterfox-profile from firejail?
You use a old firejail version, right? Which version is it?

@rusty-snake commented on GitHub (Nov 20, 2019): Hi, I thing the issue is `noexec ${HOME}` if `/home/unknown/waterfox/waterfox` is a elf-file. Or is it a symlink? Also what against the waterfox-profile from firejail? You use a old firejail version, right? Which version is it?

gitea-mirror commented

2026-05-05 08:34:44 -06:00

Author

Owner

@rusty-snake commented on GitHub (Nov 20, 2019):

Wait, you use --private.

--private
Mount new /root and /home/user directories in temporary filesystems. All modifications are discarded when the sandbox is closed.

"New /home/user in a temporary filesystem" means empty.

@rusty-snake commented on GitHub (Nov 20, 2019): Wait, you use `--private`. > **--private** > Mount _new_ /root and _/home/user_ directories in _temporary filesystems_. All modifications are discarded when the sandbox is closed. "New /home/user in a temporary filesystem" means empty.

gitea-mirror commented

2026-05-05 08:34:45 -06:00

Author

Owner

@ghost commented on GitHub (Nov 20, 2019):

it was "noexec ${HOME}"... thanks for the help.

I moved the waterfox folder to another folder, now it works.

(SOLVED)

@ghost commented on GitHub (Nov 20, 2019): it was "noexec ${HOME}"... thanks for the help. I moved the waterfox folder to another folder, now it works. (SOLVED)

gitea-mirror referenced this issue

2026-05-05 10:14:13 -06:00

[PR #1914] [MERGED] Update Gajim profile #4125

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#1914

No description provided.

Rows
Columns