github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #3146] Immutable ~/.mozilla with persistent ~/Downloads #1977

New issue
Closed
opened 2026-05-05 08:38:25 -06:00 by gitea-mirror · 6 comments
gitea-mirror commented 2026-05-05 08:38:25 -06:00
Owner
Copy link

Originally created by @BreakfastSerial on GitHub (Jan 15, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3146

I want to use firejail with Firefox, having a temporary home and an immutable Firefox but keep all Downloads. The use-case isn't for high-security operations, but for daily use, so --ls, --get and --put are not really viable.

I did come across the following related issues:

However none of these resulted in appropriate solutions.

I've tried the following

firejail --read-only=~/.mozilla --whitelist=~/Downloads firefox
This is also mentioned in the man page of firejail, but for me firefox isn't operable like this, as Firefox states "Firefox is already running, but is not responding. To open a new window, you must first close the existing Firefox process, or restart your system.". Even if I use Firefox with the -no-remote parameter.

firejail --private-home=~/.mozilla,~/Downloads --whitelist=~/Downloads firefox
Doesn't allow persistent Downloads.

I've tried setting Firefox to use /downloads (in the root directory) for all downloads, which doesn't seem to be a sane solution, but doesn't work anyways, as downloads fail to said directory without error message.

Is there any way to have to have my downloads directory persistent but have all other modifications discarded when the sandbox is closed?

firejail version 0.9.58.2
Mozilla Firefox 72.0.1
Ubuntu 19.10

Originally created by @BreakfastSerial on GitHub (Jan 15, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3146 I want to use firejail with Firefox, having a temporary home and an immutable Firefox but keep all Downloads. The use-case isn't for high-security operations, but for daily use, so `--ls`, `--get` and `--put` are not really viable. I did come across the following related issues: - https://github.com/netblue30/firejail/issues/3139 - https://github.com/netblue30/firejail/issues/1716 However none of these resulted in appropriate solutions. I've tried the following `firejail --read-only=~/.mozilla --whitelist=~/Downloads firefox` This is also mentioned in the man page of firejail, but for me firefox isn't operable like this, as Firefox states `"Firefox is already running, but is not responding. To open a new window, you must first close the existing Firefox process, or restart your system."`. Even if I use Firefox with the `-no-remote` parameter. `firejail --private-home=~/.mozilla,~/Downloads --whitelist=~/Downloads firefox` Doesn't allow persistent Downloads. I've tried setting Firefox to use `/downloads` (in the root directory) for all downloads, which doesn't seem to be a sane solution, but doesn't work anyways, as downloads fail to said directory without error message. Is there any way to have to have my downloads directory persistent but have all other modifications discarded when the sandbox is closed? firejail version 0.9.58.2 Mozilla Firefox 72.0.1 Ubuntu 19.10
gitea-mirror 2026-05-05 08:38:25 -06:00
gitea-mirror commented 2026-05-05 08:38:28 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Jan 15, 2020):

but for me firefox isn't operable like this, as Firefox states "Firefox is already running, but is not responding. To open a new window, you must first close the existing Firefox process, or restart your system.". Even if I use Firefox with the -no-remote parameter.

With an ro profile this seems reasonable to me.

Is there any way to have to have my downloads directory persistent but have all other modifications discarded when the sandbox is closed?

untested idea:
firejail --profile=firefox --read-only='${HOME}/.mozilla' firefox --no-remote --ProfileManager
Create a new profile in /tmp (private-tmp).

<!-- gh-comment-id:574675595 --> @rusty-snake commented on GitHub (Jan 15, 2020): > but for me firefox isn't operable like this, as Firefox states "Firefox is already running, but is not responding. To open a new window, you must first close the existing Firefox process, or restart your system.". Even if I use Firefox with the -no-remote parameter. With an ro profile this seems reasonable to me. > Is there any way to have to have my downloads directory persistent but have all other modifications discarded when the sandbox is closed? untested idea: `firejail --profile=firefox --read-only='${HOME}/.mozilla' firefox --no-remote --ProfileManager` Create a new profile in /tmp (`private-tmp`).
gitea-mirror commented 2026-05-05 08:38:28 -06:00
Author
Owner
Copy link

@BreakfastSerial commented on GitHub (Jan 15, 2020):

Thank you for your input.

I've tried the following: firejail --profile=firefox --read-only='${HOME}/.mozilla' firefox -P "custom-user". This resulted in persistent downloads (in ~/Downloads) but also in persistent changes for Firefox! The browser history was written and add-ons changes were stored.

edit: Sorry I've missed the part with the new Firefox profile in /tmp. This seems to increase overhead, every time I start Firefox. If possible, I'd have my fixed Firefox profile, which I prepared outside of firejail and use that "read-only".

<!-- gh-comment-id:574687593 --> @BreakfastSerial commented on GitHub (Jan 15, 2020): Thank you for your input. I've tried the following: `firejail --profile=firefox --read-only='${HOME}/.mozilla' firefox -P "custom-user"`. This resulted in persistent downloads (in ~/Downloads) but also in persistent changes for Firefox! The browser history was written and add-ons changes were stored. edit: Sorry I've missed the part with the new Firefox profile in `/tmp`. This seems to increase overhead, every time I start Firefox. If possible, I'd have my fixed Firefox profile, which I prepared outside of firejail and use that "read-only".
gitea-mirror commented 2026-05-05 08:38:29 -06:00
Author
Owner
Copy link

@Vincent43 commented on GitHub (Jan 15, 2020):

I don't think firefox can function without being able to write into its config. You could use firejail --overlay-tmpfs --ignore=private-tmp firefox, download things to /tmp and move them somewhere else manually.

<!-- gh-comment-id:574721204 --> @Vincent43 commented on GitHub (Jan 15, 2020): I don't think firefox can function without being able to write into its config. You could use `firejail --overlay-tmpfs --ignore=private-tmp firefox`, download things to `/tmp` and move them somewhere else manually.
gitea-mirror commented 2026-05-05 08:38:31 -06:00
Author
Owner
Copy link

@BreakfastSerial commented on GitHub (Jan 16, 2020):

That sounds like it would be a reasonable trade-off between usability and security! I'll give it a try, thank you!

<!-- gh-comment-id:575001402 --> @BreakfastSerial commented on GitHub (Jan 16, 2020): That sounds like it would be a reasonable trade-off between usability and security! I'll give it a try, thank you!
gitea-mirror commented 2026-05-05 08:38:32 -06:00
Author
Owner
Copy link

@dpellegr commented on GitHub (Oct 16, 2020):

Hello,

I am in a similar situation where I need a temporary folder and a persistent folder, both writable from the sandbox.

Unfortunately the workaround proposed by @Vincent43 does not work for me. Indeed am using --private-tmp to store stuff which should be isolated between multiple sandboxes. In addition, as the persistent folder is used for logs (which are continuously written), it would really be better to have them in place, instead of having to periodically synchronize them, with chances of loosing (part of) them.

It doesn't seem conceptually difficult, but I am lost in the myriad of options... Any idea?

<!-- gh-comment-id:709981868 --> @dpellegr commented on GitHub (Oct 16, 2020): Hello, I am in a similar situation where I need a temporary folder and a persistent folder, both writable from the sandbox. Unfortunately the workaround proposed by @Vincent43 does not work for me. Indeed am using `--private-tmp` to store stuff which should be isolated between multiple sandboxes. In addition, as the persistent folder is used for logs (which are continuously written), it would really be better to have them in place, instead of having to periodically synchronize them, with chances of loosing (part of) them. It doesn't seem conceptually difficult, but I am lost in the myriad of options... Any idea?
gitea-mirror commented 2026-05-05 08:38:32 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Oct 20, 2020):

For now you maybe can use --private-cache, which makes ~/.cache a tmpfs. In the future: #3676.

<!-- gh-comment-id:713049310 --> @rusty-snake commented on GitHub (Oct 20, 2020): For now you maybe can use `--private-cache`, which makes ~/.cache a tmpfs. In the future: #3676.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#1977
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?