github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #3312] newsbeuter doesn´t trigger browser when pressing "o" when using firejail #2082

New issue
Closed
opened 2026-05-05 08:44:58 -06:00 by gitea-mirror · 48 comments
gitea-mirror commented 2026-05-05 08:44:58 -06:00
Owner
Copy link

Originally created by @Rosika2 on GitHub (Apr 2, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3312

Hello everybody,

I´ve got a problem when running newsbeuter (RSS feed reader for the text console) in firejail.

My system is: BodhiLinux 5.1.0, 32bit (VM).

The command firejail newsbeuter itself works perfectly. The problem is that I cannot open a browser to read the feed contents.
The interactive key-stroke "o" should provide for that. But pressing "o" yields nothing.

Yet all works well when running newsbeuter normally (i.e. not within the sandbox).

Example:

env BROWSER=lynx newsbeuter works fine and lynx opes up within the terminal.

env BROWSER=lynx firejail newsbeuter runs newsbeuter alright but doesn´t trigger the browser.

Surely there´s something that could be modified within the "newsbeuter.profile". But I´m stuck here.
Currently it looks like this:

# Firejail profile for Newsboat
# Description: Text based Atom/RSS feed reader
# This file is overwritten after every install/update
# Persistent local customizations
include newsbeuter.local
# Persistent global definitions
# added by included profile
#include globals.local

noblacklist ${HOME}/.config/newsbeuter
noblacklist ${HOME}/.newsbeuter

mkdir ${HOME}/.config/newsbeuter
mkdir ${HOME}/.newsbeuter
whitelist ${HOME}/.config/newsbeuter
whitelist ${HOME}/.newsbeuter

private-bin newsbeuter

# Redirect
include newsboat.profile
include lynx.profile  # I added this one but to no avail

Any help is much appreciated.
Thanks a lot in advance.

Greetings.
Rosika

Originally created by @Rosika2 on GitHub (Apr 2, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3312 Hello everybody, I´ve got a problem when running **newsbeuter** (RSS feed reader for the text console) in firejail. _My system is: BodhiLinux 5.1.0, 32bit (VM)._ The command `firejail newsbeuter` itself works perfectly. The problem is that I cannot open a browser to read the feed contents. The interactive key-stroke "o" should provide for that. But pressing "o" yields nothing. Yet all works well when running newsbeuter normally (i.e. not within the sandbox). Example: `env BROWSER=lynx newsbeuter` works fine and lynx opes up within the terminal. `env BROWSER=lynx firejail newsbeuter` runs newsbeuter alright but doesn´t trigger the browser. Surely there´s something that could be modified within the "newsbeuter.profile". But I´m stuck here. Currently it looks like this: ``` # Firejail profile for Newsboat # Description: Text based Atom/RSS feed reader # This file is overwritten after every install/update # Persistent local customizations include newsbeuter.local # Persistent global definitions # added by included profile #include globals.local noblacklist ${HOME}/.config/newsbeuter noblacklist ${HOME}/.newsbeuter mkdir ${HOME}/.config/newsbeuter mkdir ${HOME}/.newsbeuter whitelist ${HOME}/.config/newsbeuter whitelist ${HOME}/.newsbeuter private-bin newsbeuter # Redirect include newsboat.profile include lynx.profile # I added this one but to no avail ``` Any help is much appreciated. Thanks a lot in advance. Greetings. Rosika
gitea-mirror 2026-05-05 08:44:58 -06:00
gitea-mirror commented 2026-05-05 08:45:01 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 2, 2020):

Can you try setting the BROWSER variable with firejail like this firejail --env=BROWSER=lynx newsbeuter.

<!-- gh-comment-id:607810824 --> @rusty-snake commented on GitHub (Apr 2, 2020): Can you try setting the BROWSER variable with firejail like this `firejail --env=BROWSER=lynx newsbeuter`.
gitea-mirror commented 2026-05-05 08:45:02 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 2, 2020):

@rusty-snake:
Hello. Nice to hear from you again and thanks for your reply.

Alas firejail --env=BROWSER=lynx newsbeuter doesn´t work either.
Hitting "o" has no effect a all.
Surely it has got to do something with the profile as running newsbeuter/lynx outside the sandbox works.
Greetings.
Rosika

<!-- gh-comment-id:607822179 --> @Rosika2 commented on GitHub (Apr 2, 2020): @rusty-snake: Hello. Nice to hear from you again and thanks for your reply. Alas `firejail --env=BROWSER=lynx newsbeuter` doesn´t work either. Hitting "o" has no effect a all. Surely it has got to do something with the profile as running newsbeuter/lynx outside the sandbox works. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:03 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 2, 2020):

additional info:

What strikes me as odd is the fact that using the default.profile results in even stranger behaviour:

firejail --profile=/etc/firejail/default.profile newsbeuter
Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 20733, child pid 20734
Warning: cleaning all supplementary groups
Child process initialized in 76.29 ms
XDG: Konfigurationsverzeichnis '/home/rosika/.config/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'.
Starte newsbeuter 2.9...
Fehler: Eine Instanz von newsbeuter läuft bereits (PID: 0)

Parent is shutting down, bye...

It basically says that an instance of newsbeuter is already running ((PID: 0) - which simply isn´t true!
Thus: shutdown.

<!-- gh-comment-id:607868690 --> @Rosika2 commented on GitHub (Apr 2, 2020): additional info: What strikes me as odd is the fact that using the `default.profile` results in even stranger behaviour: ``` firejail --profile=/etc/firejail/default.profile newsbeuter Reading profile /etc/firejail/default.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Warning: networking feature is disabled in Firejail configuration file Parent pid 20733, child pid 20734 Warning: cleaning all supplementary groups Child process initialized in 76.29 ms XDG: Konfigurationsverzeichnis '/home/rosika/.config/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'. Starte newsbeuter 2.9... Fehler: Eine Instanz von newsbeuter läuft bereits (PID: 0) Parent is shutting down, bye... ``` It basically says that an instance of newsbeuter is already running ((PID: 0) - which simply isn´t true! Thus: shutdown.
gitea-mirror commented 2026-05-05 08:45:04 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 2, 2020):

  1. The default profile includes disable-programs.inc which blacklists ~/.config/newsbeuter.
  2. I missed the obvious private-bin. There is no lnyx in the sandbox, try firejail --private-bin=lynx newsbeuter. I should realy write some diff tools for firejail profiles.
<!-- gh-comment-id:607887861 --> @rusty-snake commented on GitHub (Apr 2, 2020): 1. The default profile includes disable-programs.inc which blacklists ~/.config/newsbeuter. 2. I missed the obvious private-bin. There is no lnyx in the sandbox, try `firejail --private-bin=lynx newsbeuter`. _I should realy write some diff tools for firejail profiles._
gitea-mirror commented 2026-05-05 08:45:06 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 2, 2020):

Hi,
firejail --private-bin=lynx newsbeuter didn´t work either.
Neither did firejail --env=BROWSER=lynx --private-bin=lynx newsbeuter.
The problem remains. Sorry.

<!-- gh-comment-id:607912337 --> @Rosika2 commented on GitHub (Apr 2, 2020): Hi, `firejail --private-bin=lynx newsbeuter` didn´t work either. Neither did `firejail --env=BROWSER=lynx --private-bin=lynx newsbeuter`. The problem remains. Sorry.
gitea-mirror commented 2026-05-05 08:45:07 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 2, 2020):

Ok then lets ignore any differences between the newsbeuter/newsboat profile and the lynx profile: --ignore=disable-mnt --ignore=private-bin --ignore=private-etc --ignore=memory-deny-write-execute --ignore=protocol --ignore=tracelog --ignore=nosound --ignore=nodbus --ignore=ipc-namespace --noblacklist=/tmp/.X11-unix '--noblacklist=${RUNUSER}/wayland-*' + comment every whitelist ${HOME}/… and include whitelist-common.inc.

most likely it is one of the following: private-bin, mdwe, protocol (missing unix), whtelist ${HOME}, nodbus, ipc-namespace

<!-- gh-comment-id:607920599 --> @rusty-snake commented on GitHub (Apr 2, 2020): Ok then lets ignore any differences between the newsbeuter/newsboat profile and the lynx profile: `--ignore=disable-mnt --ignore=private-bin --ignore=private-etc --ignore=memory-deny-write-execute --ignore=protocol --ignore=tracelog --ignore=nosound --ignore=nodbus --ignore=ipc-namespace --noblacklist=/tmp/.X11-unix '--noblacklist=${RUNUSER}/wayland-*'` + comment every `whitelist ${HOME}/…` and `include whitelist-common.inc`. most likely it is one of the following: private-bin, mdwe, protocol (missing unix), whtelist ${HOME}, nodbus, ipc-namespace
gitea-mirror commented 2026-05-05 08:45:08 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 3, 2020):

@rusty-snake:
Hello again and thank you so much for your help.
I finally got everything running.
First of all I tried the lengthy command
env BROWSER=lynx firejail --ignore=disable-mnt --ignore=private-bin --ignore=private-etc --ignore=memory-deny-write-execute --ignore=protocol --ignore=tracelog --ignore=nosound --ignore=nodbus --ignore=ipc-namespace --noblacklist=/tmp/.X11-unix '--noblacklist=${RUNUSER}/wayland-*'
which was successful already. Typing "o" opened up lynx alright.
Then I took away one option after another to see which one works/doesn´t work.
It turns out that I need this one:
env BROWSER=lynx firejail --ignore=private-bin --ignore=private-etc newsbeuter

So what do you think, how should I modify the newsbeuter.profile?
Is it O.K. to add

ignore=private-bin
ignore=private-etc

in the profile?
And what about the private-bin newsbeuter-entry? May that remain in the file?

Thanks again for your help.
Greetings.
Rosika

<!-- gh-comment-id:608373131 --> @Rosika2 commented on GitHub (Apr 3, 2020): @rusty-snake: Hello again and thank you so much for your help. I finally got everything running. First of all I tried the lengthy command `env BROWSER=lynx firejail --ignore=disable-mnt --ignore=private-bin --ignore=private-etc --ignore=memory-deny-write-execute --ignore=protocol --ignore=tracelog --ignore=nosound --ignore=nodbus --ignore=ipc-namespace --noblacklist=/tmp/.X11-unix '--noblacklist=${RUNUSER}/wayland-*'` which was successful already. Typing "o" opened up lynx alright. Then I took away one option after another to see which one works/doesn´t work. It turns out that I need this one: `env BROWSER=lynx firejail --ignore=private-bin --ignore=private-etc newsbeuter` So what do you think, how should I modify the _newsbeuter.profile_? Is it O.K. to add ``` ignore=private-bin ignore=private-etc ``` in the profile? And what about the `private-bin newsbeuter`-entry? May that remain in the file? Thanks again for your help. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:09 -06:00
Author
Owner
Copy link

@Minoru commented on GitHub (Apr 3, 2020):

Hi, former Newsbeuter and current Newsboat maintainer here. Both programs use system(3) to execute the browser, which in turn uses /bin/sh. So I wonder if firejail --private-bin=sh,lynx newsbeuter would work. @Rosika2, can you try that? (Don't know much about Firejail, so just a shot in the dark)

<!-- gh-comment-id:608378819 --> @Minoru commented on GitHub (Apr 3, 2020): Hi, former Newsbeuter and current Newsboat maintainer here. Both programs use system(3) to execute the browser, which in turn uses `/bin/sh`. So I wonder if `firejail --private-bin=sh,lynx newsbeuter` would work. @Rosika2, can you try that? (Don't know much about Firejail, so just a shot in the dark)
gitea-mirror commented 2026-05-05 08:45:10 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 3, 2020):

@Minoru:
Hi Alexander and thanks for your suggestion.
I tried the command you provided but sadly it didn´t `work:

firejail --private-bin=sh,lynx newsbeuter
Reading profile /home/rosika/.config/firejail/newsbeuter.profile
Reading profile /etc/firejail/newsboat.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 8425, child pid 8426
Warning fcopy: skipping /etc/alternatives/orbd, cannot find inode
Warning fcopy: skipping /etc/alternatives/servertool, cannot find inode
Warning fcopy: skipping /etc/alternatives/servertool.1.gz, cannot find inode
Warning fcopy: skipping /etc/alternatives/tnameserv, cannot find inode
Warning fcopy: skipping /etc/alternatives/orbd.1.gz, cannot find inode
Warning fcopy: skipping /etc/alternatives/tnameserv.1.gz, cannot find inode
Warning: skipping crypto-policies for private /etc
Private /etc installed in 20.46 ms
4 programs installed in 9.51 ms
Warning: cleaning all supplementary groups
Warning: cleaning all supplementary groups
Child process initialized in 121.89 ms
XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'.
Starte newsbeuter 2.9...
Lade Konfiguration...Fertig.
Öffne Zwischenspeicher...Fertig.
Lade URLs von /home/rosika/.newsbeuter/urls...Fertig.
Lade Artikel aus dem Zwischenspeicher...Fertig.

Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich.   # config-file not available


Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich.


Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich.


Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich.


Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich.


Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich.

Bereinige Zwischenspeicher...Fertig.

So until now the command env BROWSER=lynx firejail --ignore=private-bin --ignore=private-etc newsbeuter remains the only one to work.
But thanks a lot for your input.
Greetings.
Rosika

<!-- gh-comment-id:608382752 --> @Rosika2 commented on GitHub (Apr 3, 2020): @Minoru: Hi Alexander and thanks for your suggestion. I tried the command you provided but sadly it didn´t `work: ``` firejail --private-bin=sh,lynx newsbeuter Reading profile /home/rosika/.config/firejail/newsbeuter.profile Reading profile /etc/firejail/newsboat.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: networking feature is disabled in Firejail configuration file Parent pid 8425, child pid 8426 Warning fcopy: skipping /etc/alternatives/orbd, cannot find inode Warning fcopy: skipping /etc/alternatives/servertool, cannot find inode Warning fcopy: skipping /etc/alternatives/servertool.1.gz, cannot find inode Warning fcopy: skipping /etc/alternatives/tnameserv, cannot find inode Warning fcopy: skipping /etc/alternatives/orbd.1.gz, cannot find inode Warning fcopy: skipping /etc/alternatives/tnameserv.1.gz, cannot find inode Warning: skipping crypto-policies for private /etc Private /etc installed in 20.46 ms 4 programs installed in 9.51 ms Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Child process initialized in 121.89 ms XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'. Starte newsbeuter 2.9... Lade Konfiguration...Fertig. Öffne Zwischenspeicher...Fertig. Lade URLs von /home/rosika/.newsbeuter/urls...Fertig. Lade Artikel aus dem Zwischenspeicher...Fertig. Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich. # config-file not available Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich. Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich. Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich. Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich. Konfigurationsdatei /etc/lynx/lynx.cfg ist nicht zugänglich. Bereinige Zwischenspeicher...Fertig. ``` So until now the command `env BROWSER=lynx firejail --ignore=private-bin --ignore=private-etc newsbeuter` remains the only one to work. But thanks a lot for your input. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:10 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 3, 2020):

If firejail --private-bin=sh,lynx --ignore=private-etc newsbeuter works, can you try firejail --private-bin=sh,lynx --private-etc=lynx newsbeuter

<!-- gh-comment-id:608512630 --> @rusty-snake commented on GitHub (Apr 3, 2020): If `firejail --private-bin=sh,lynx --ignore=private-etc newsbeuter` works, can you try `firejail --private-bin=sh,lynx --private-etc=lynx newsbeuter`
gitea-mirror commented 2026-05-05 08:45:11 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 4, 2020):

@rusty-snake:
Hi and thanks again.
I tried the two commands - with different results:
firejail --private-bin=sh,lynx --ignore=private-etc newsbeuter doesn´t work . The same results as before: newsbeuter is alright but lynx won´t open up.

firejail --private-bin=sh,lynx --private-etc=lynx newsbeuter however works just fine. Newsbeuter and lynx run perfectly.
So that´s the command I´m going for.
Thank you so much for your help.
Greetings.
Rosika

<!-- gh-comment-id:609011395 --> @Rosika2 commented on GitHub (Apr 4, 2020): @rusty-snake: Hi and thanks again. I tried the two commands - with different results: `firejail --private-bin=sh,lynx --ignore=private-etc newsbeuter` **doesn´t work** . The same results as before: newsbeuter is alright but lynx won´t open up. `firejail --private-bin=sh,lynx --private-etc=lynx newsbeuter` however works just fine. Newsbeuter and lynx run perfectly. So that´s the command I´m going for. Thank you so much for your help. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:11 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 16, 2020):

Hello again,

as everything works fine now an additional question came up:

I´d very much like to use w3m instead of lynx as a browser.
So I thought I could switch over to w3m by using this command:
firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter

Alas this won´t work . Pressing "o" won´t trigger any browser at all.
Any ideas how I could get w3m to work as a browser within newsbeuter (in firejail of course)?

Thanks a lot in advance.

Greetings.
Rosika

<!-- gh-comment-id:614642992 --> @Rosika2 commented on GitHub (Apr 16, 2020): Hello again, as everything works fine now an additional question came up: I´d very much like to use **w3m** instead of **lynx** as a browser. So I thought I could switch over to **w3m** by using this command: `firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter` Alas this won´t work . Pressing "o" won´t trigger any browser at all. Any ideas how I could get **w3m** to work as a browser within newsbeuter (in firejail of course)? Thanks a lot in advance. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:12 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 16, 2020):

No hints even in the syslog?

Based on the w3m profile, you can try adding this to your newsbeute.local. If it works you can harden it.

noblacklist ${HOME}/.w3m
include allow-perl.inc
ignore private-bin
ignore memory-deny-write-execute
<!-- gh-comment-id:614716783 --> @rusty-snake commented on GitHub (Apr 16, 2020): No hints even in the syslog? Based on the w3m profile, you can try adding this to your newsbeute.local. If it works you can harden it. ``` noblacklist ${HOME}/.w3m include allow-perl.inc ignore private-bin ignore memory-deny-write-execute ```
gitea-mirror commented 2026-05-05 08:45:12 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 17, 2020):

@rusty-snake:
Hi again and thanks for your help.

No hints even in the syslog?
It seems not. tail -f /var/log/syslog doesn´t show any newsbeuter- or w3m-related entries.

Based on the w3m profile, you can try adding this to your newsbeute.local
Funny thing: I don´t seem to have a newsbeuter.local-file despite the fact that the newsbeuter.profile refers to it. This is the newsbeuter.profile:

# Firejail profile for Newsboat
# Description: Text based Atom/RSS feed reader
# This file is overwritten after every install/update
# Persistent local customizations
include newsbeuter.local
# Persistent global definitions
# added by included profile
#include globals.local

noblacklist ${HOME}/.config/newsbeuter
noblacklist ${HOME}/.newsbeuter

mkdir ${HOME}/.config/newsbeuter
mkdir ${HOME}/.newsbeuter
whitelist ${HOME}/.config/newsbeuter
whitelist ${HOME}/.newsbeuter

private-bin newsbeuter

# Redirect
include newsboat.profile

So should I create newsbeuter.local manually? And then: should I place it in /etc/firejail as well?

Greetings.
Rosika

<!-- gh-comment-id:615169967 --> @Rosika2 commented on GitHub (Apr 17, 2020): @rusty-snake: Hi again and thanks for your help. > No hints even in the syslog? It seems not. `tail -f /var/log/syslog` doesn´t show any newsbeuter- or w3m-related entries. > Based on the w3m profile, you can try adding this to your newsbeute.local Funny thing: I don´t seem to have a `newsbeuter.local`-file despite the fact that the `newsbeuter.profile` refers to it. This is the `newsbeuter.profile`: ``` # Firejail profile for Newsboat # Description: Text based Atom/RSS feed reader # This file is overwritten after every install/update # Persistent local customizations include newsbeuter.local # Persistent global definitions # added by included profile #include globals.local noblacklist ${HOME}/.config/newsbeuter noblacklist ${HOME}/.newsbeuter mkdir ${HOME}/.config/newsbeuter mkdir ${HOME}/.newsbeuter whitelist ${HOME}/.config/newsbeuter whitelist ${HOME}/.newsbeuter private-bin newsbeuter # Redirect include newsboat.profile ``` So should I create `newsbeuter.local` manually? And then: should I place it in `/etc/firejail` as well? Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:13 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 17, 2020):

So should I create newsbeuter.local manually? And then: should I place it in /etc/firejail as well?

Yes. Yes or in .config/firejail. Alternative you can put it in your newsbeuter.profile anywhere before the # Redirect.

Uhh and maybe you need to also mkdir and whitelist ${HOME}/.w3m.

<!-- gh-comment-id:615224231 --> @rusty-snake commented on GitHub (Apr 17, 2020): > So should I create newsbeuter.local manually? And then: should I place it in /etc/firejail as well? Yes. Yes or in `.config/firejail`. Alternative you can put it in your newsbeuter.profile anywhere before the `# Redirect`. Uhh and maybe you need to also `mkdir` and `whitelist` `${HOME}/.w3m`.
gitea-mirror commented 2026-05-05 08:45:13 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 17, 2020):

@rusty-snake:
Hi and thanks again.
I did all you suggested but unfortunately it still doesn´t work . w3m won´t open up.
I put the newsbeuter.profile in ~/.config.firejail and now it looks like that:

# Firejail profile for Newsboat
# Description: Text based Atom/RSS feed reader
# This file is overwritten after every install/update
# Persistent local customizations
include newsbeuter.local
# Persistent global definitions
# added by included profile
#include globals.local

noblacklist ${HOME}/.config/newsbeuter
noblacklist ${HOME}/.newsbeuter

mkdir ${HOME}/.config/newsbeuter
mkdir ${HOME}/.newsbeuter
mkdir ${HOME}/.w3m
whitelist ${HOME}/.config/newsbeuter
whitelist ${HOME}/.newsbeuter
whitelist ${HOME}/.w3m

private-bin newsbeuter
noblacklist ${HOME}/.w3m
include allow-perl.inc
ignore private-bin
ignore memory-deny-write-execute

# Redirect
include newsboat.profile

Using the command firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter still won´t trigger w3m as browser. In fact it has no effect at all.
Terminal says:

firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter
Reading profile /home/rosika/.config/firejail/newsbeuter.profile
Reading profile /etc/firejail/allow-perl.inc
Reading profile /etc/firejail/newsboat.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 14769, child pid 14770
Warning fcopy: skipping /etc/alternatives/orbd, cannot find inode
Warning fcopy: skipping /etc/alternatives/servertool, cannot find inode
Warning fcopy: skipping /etc/alternatives/servertool.1.gz, cannot find inode
Warning fcopy: skipping /etc/alternatives/tnameserv, cannot find inode
Warning fcopy: skipping /etc/alternatives/orbd.1.gz, cannot find inode
Warning fcopy: skipping /etc/alternatives/tnameserv.1.gz, cannot find inode
Warning: skipping crypto-policies for private /etc
Private /etc installed in 24.56 ms
4 programs installed in 9.42 ms
Warning: cleaning all supplementary groups
Warning: cleaning all supplementary groups
Child process initialized in 5949200269312.00 ms
XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'.
Starte newsbeuter 2.9...
Lade Konfiguration...Fertig.
Öffne Zwischenspeicher...Fertig.
Lade URLs von /home/rosika/.newsbeuter/urls...Fertig.
Lade Artikel aus dem Zwischenspeicher...Fertig.
sh: 1: lynx: Permission denied
sh: 1: lynx: Permission denied
sh: 1: lynx: Permission denied
Bereinige Zwischenspeicher...Fertig.

Parent is shutting down, bye...

Greetings.
Rosika

<!-- gh-comment-id:615242908 --> @Rosika2 commented on GitHub (Apr 17, 2020): @rusty-snake: Hi and thanks again. I did all you suggested but unfortunately it still doesn´t work . w3m won´t open up. I put the `newsbeuter.profile` in `~/.config.firejail` and now it looks like that: ``` # Firejail profile for Newsboat # Description: Text based Atom/RSS feed reader # This file is overwritten after every install/update # Persistent local customizations include newsbeuter.local # Persistent global definitions # added by included profile #include globals.local noblacklist ${HOME}/.config/newsbeuter noblacklist ${HOME}/.newsbeuter mkdir ${HOME}/.config/newsbeuter mkdir ${HOME}/.newsbeuter mkdir ${HOME}/.w3m whitelist ${HOME}/.config/newsbeuter whitelist ${HOME}/.newsbeuter whitelist ${HOME}/.w3m private-bin newsbeuter noblacklist ${HOME}/.w3m include allow-perl.inc ignore private-bin ignore memory-deny-write-execute # Redirect include newsboat.profile ``` Using the command `firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter` still won´t trigger w3m as browser. In fact it has no effect at all. Terminal says: ``` firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter Reading profile /home/rosika/.config/firejail/newsbeuter.profile Reading profile /etc/firejail/allow-perl.inc Reading profile /etc/firejail/newsboat.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: networking feature is disabled in Firejail configuration file Parent pid 14769, child pid 14770 Warning fcopy: skipping /etc/alternatives/orbd, cannot find inode Warning fcopy: skipping /etc/alternatives/servertool, cannot find inode Warning fcopy: skipping /etc/alternatives/servertool.1.gz, cannot find inode Warning fcopy: skipping /etc/alternatives/tnameserv, cannot find inode Warning fcopy: skipping /etc/alternatives/orbd.1.gz, cannot find inode Warning fcopy: skipping /etc/alternatives/tnameserv.1.gz, cannot find inode Warning: skipping crypto-policies for private /etc Private /etc installed in 24.56 ms 4 programs installed in 9.42 ms Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Child process initialized in 5949200269312.00 ms XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'. Starte newsbeuter 2.9... Lade Konfiguration...Fertig. Öffne Zwischenspeicher...Fertig. Lade URLs von /home/rosika/.newsbeuter/urls...Fertig. Lade Artikel aus dem Zwischenspeicher...Fertig. sh: 1: lynx: Permission denied sh: 1: lynx: Permission denied sh: 1: lynx: Permission denied Bereinige Zwischenspeicher...Fertig. Parent is shutting down, bye... ``` Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:13 -06:00
Author
Owner
Copy link

@Minoru commented on GitHub (Apr 17, 2020):

sh: 1: lynx: Permission denied

Have you added browser "w3m" to /home/rosika/.newsbeuter/config? Looks like you didn't, and it tries to run lynx (which is the default browser).

<!-- gh-comment-id:615243956 --> @Minoru commented on GitHub (Apr 17, 2020): > sh: 1: lynx: Permission denied Have you added `browser "w3m"` to /home/rosika/.newsbeuter/config? Looks like you didn't, and it tries to run lynx (which is the default browser).
gitea-mirror commented 2026-05-05 08:45:14 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 17, 2020):

@Minoru:
Hi Alexander,
thanks.
Well, I created the config-file: touch ~/.newsbeuter/config and then put browser "w3m" as the single entry in it.
Now firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter partly works.
Pressing "o" opens up w3m alright but doesn´t display anything.
The last line says: "<< Viiewing [SSL] <...> No Line"

Thanks again.
Greetings. Rosika.

<!-- gh-comment-id:615255517 --> @Rosika2 commented on GitHub (Apr 17, 2020): @Minoru: Hi Alexander, thanks. Well, I created the config-file: `touch ~/.newsbeuter/config` and then put `browser "w3m"` as the single entry in it. Now `firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter` partly works. Pressing "o" opens up w3m alright but doesn´t display anything. The last line says: "<< Viiewing [SSL] <...> No Line" Thanks again. Greetings. Rosika.
gitea-mirror commented 2026-05-05 08:45:14 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 17, 2020):

XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'.

noblacklist ${HOME}/.local/share/newsbeuter + whitelist + mkdir ( + blacklist in disable-programs.inc) to fix this.

Can you try it with firejail newsbeuter. w3m needs perl and maybe other things, so I would first get it to run w/o private-bin and then figure out which programs are needed.

<!-- gh-comment-id:615272891 --> @rusty-snake commented on GitHub (Apr 17, 2020): > XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'. `noblacklist ${HOME}/.local/share/newsbeuter` + `whitelist` + `mkdir` ( + `blacklist` in disable-programs.inc) to fix this. Can you try it with `firejail newsbeuter`. w3m needs perl and maybe other things, so I would first get it to run w/o private-bin and then figure out which programs are needed.
gitea-mirror commented 2026-05-05 08:45:15 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 17, 2020):

@rusty-snake:
O.K. But how exactly? Do I understand it correctly this way:

noblacklist ${HOME}/.local/share/newsbeuter
mkdir ${HOME}/.local/share/newsbeuter
whitelist ${HOME}/.local/share/newsbeuter

in the newsbeuter.profile and

# newsbeuter
blacklist ${HOME}/.local/share/newsbeuter

in disable-programs.inc ?

<!-- gh-comment-id:615284641 --> @Rosika2 commented on GitHub (Apr 17, 2020): @rusty-snake: O.K. But how exactly? Do I understand it correctly this way: ``` noblacklist ${HOME}/.local/share/newsbeuter mkdir ${HOME}/.local/share/newsbeuter whitelist ${HOME}/.local/share/newsbeuter ``` in the newsbeuter.profile and ``` # newsbeuter blacklist ${HOME}/.local/share/newsbeuter ``` in `disable-programs.inc` ?
gitea-mirror commented 2026-05-05 08:45:15 -06:00
Author
Owner
Copy link

@Minoru commented on GitHub (Apr 17, 2020):

@rusty-snake

XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'.

noblacklist ${HOME}/.local/share/newsbeuter + whitelist + mkdir ( + blacklist in disable-programs.inc) to fix this.

Oh, this isn't an error in need of fixing, it's just a message. Newsbeuter checks if XDG dir is available, and if not, it falls back to the dotdir. Further on we see that ~/.newsbeuter/urls is loaded just fine; that indicates that @Rosika2 is indeed using the dotdir. (Though I understand that the general-purpose Firejail profile would whitelist both dirs)

I think @Rosika2 should concentrate on running w3m standalone. Is Firejail blocking network access for it? I don't see any other reason for w3m to start but fail to connect to the site.

<!-- gh-comment-id:615299347 --> @Minoru commented on GitHub (Apr 17, 2020): @rusty-snake > > XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'. > > noblacklist ${HOME}/.local/share/newsbeuter + whitelist + mkdir ( + blacklist in disable-programs.inc) to fix this. Oh, this isn't an error in need of fixing, it's just a message. Newsbeuter checks if XDG dir is available, and if not, it falls back to the dotdir. Further on we see that ~/.newsbeuter/urls is loaded just fine; that indicates that @Rosika2 is indeed using the dotdir. (Though I understand that the general-purpose Firejail profile would whitelist both dirs) I think @Rosika2 should concentrate on running w3m standalone. Is Firejail blocking network access for it? I don't see any other reason for w3m to start but fail to connect to the site.
gitea-mirror commented 2026-05-05 08:45:15 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 17, 2020):

(Though I understand that the general-purpose Firejail profile would whitelist both dirs)

It should, will fix this later.

Is Firejail blocking network access for it?

No, but AF_UNIX sockets. @Rosika2 add also protocol unix,inet,inet6. disable-exec.inc isn't included in the w3m profile. IDK, but I don't think that this is it.

<!-- gh-comment-id:615315329 --> @rusty-snake commented on GitHub (Apr 17, 2020): > (Though I understand that the general-purpose Firejail profile would whitelist both dirs) It should, will fix this later. > Is Firejail blocking network access for it? No, but AF_UNIX sockets. @Rosika2 add also `protocol unix,inet,inet6`. disable-exec.inc isn't included in the w3m profile. IDK, but I don't think that this is it.
gitea-mirror commented 2026-05-05 08:45:16 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 18, 2020):

@Minoru:
Hi and thanks for the comment.

I think @Rosika2 should concentrate on running w3m standalone

Yes, I think that´s the best way.

Tnx for your help.
Greetings
Rosika

<!-- gh-comment-id:615842009 --> @Rosika2 commented on GitHub (Apr 18, 2020): @Minoru: Hi and thanks for the comment. > I think @Rosika2 should concentrate on running w3m standalone Yes, I think that´s the best way. Tnx for your help. Greetings Rosika
gitea-mirror commented 2026-05-05 08:45:16 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 18, 2020):

@rusty-snake:
Thanks.

add also protocol unix,inet,inet6

Sorry for asking again, bute where should I put the entries? In the w3m-profile?

<!-- gh-comment-id:615842454 --> @Rosika2 commented on GitHub (Apr 18, 2020): @rusty-snake: Thanks. > add also protocol unix,inet,inet6 Sorry for asking again, bute where should I put the entries? In the `w3m-profile`?
gitea-mirror commented 2026-05-05 08:45:17 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 18, 2020):

No, in the newsbeuter.profile/.local.

<!-- gh-comment-id:615851054 --> @rusty-snake commented on GitHub (Apr 18, 2020): No, in the newsbeuter.profile/.local.
gitea-mirror commented 2026-05-05 08:45:17 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 18, 2020):

@rusty-snake:
Thanks. Yet I seem to be mentally blocked or incapacitated.
I´ve got the newsbeuter.profile alright. But what and where is the "local"-part of
newsbeuter.profile/.local?

Sorry for asking again.

<!-- gh-comment-id:615852980 --> @Rosika2 commented on GitHub (Apr 18, 2020): @rusty-snake: Thanks. Yet I seem to be mentally blocked or incapacitated. I´ve got the `newsbeuter.profile` alright. But what and where is the "local"-part of `newsbeuter.profile/.local`? Sorry for asking again.
gitea-mirror commented 2026-05-05 08:45:17 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 18, 2020):

I just looked up newsbeuter.profile. It says:
include newsbeuter.local.
But I´ve got no such file.

<!-- gh-comment-id:615854642 --> @Rosika2 commented on GitHub (Apr 18, 2020): I just looked up `newsbeuter.profile`. It says: `include newsbeuter.local`. But I´ve got no such file.
gitea-mirror commented 2026-05-05 08:45:18 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 18, 2020):

The system behind this is that /etc/firejail/newsbeuter.profile is overridden on every update of firejail. If you want to customize it, you could copy it to ~/.config/firejail/newsbeuter.proifle, but then you don't get fixes/new feature on the next update. There fore every profile has a include profile_name.local which is not distributed with firejail and must be created by the user if he/she want (small) changes in a profile. There is also a globals.local for options applied to every profile.

<!-- gh-comment-id:615859927 --> @rusty-snake commented on GitHub (Apr 18, 2020): The system behind this is that /etc/firejail/newsbeuter.profile is overridden on every update of firejail. If you want to customize it, you could copy it to ~/.config/firejail/newsbeuter.proifle, but then you don't get fixes/new feature on the next update. There fore every profile has a `include profile_name.local` which is not distributed with firejail and must be created by the user if he/she want (small) changes in a profile. There is also a globals.local for options applied to every profile.
gitea-mirror commented 2026-05-05 08:45:18 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 18, 2020):

@rusty-snake:
Thanks for the clarification. O.K. I´ve learnt something new again.

I now I´ve created the file with touch /etc/firejail/newsbeuter.local and put protocol unix,inet,inet6 in it.
In /home/rosika/.newsbeuter/config I put browser "w3m".
The command I used is firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter .
But the problem remains.

Pressing "o" opens up w3m.
"Opening socket" .... and then the web-site should displayed but it remains empty. "No Line".
Pressing "c" however yields the respective url.
In my example: www.zdf.de/nachrichten/panorama/stars-promi-news-bilder-aktuell-april-100.html

Well, we certainly did all we could. It seems w3m is not cut out for this purpose.
I think I´ll have to stick to lynx then.
That doesn´t really matter much. It´s just that I like w3m better. But that´s rather a "luxury problem".

So sorry to have taken up so much of your time.
But your help is much appreciated and I´ve learnt quite a few things, too.

Thanks again to @rusty-snake and @Minoru . Have a nice and healthy weekend.

Greetings.
Rosika

<!-- gh-comment-id:615866147 --> @Rosika2 commented on GitHub (Apr 18, 2020): @rusty-snake: Thanks for the clarification. O.K. I´ve learnt something new again. I now I´ve created the file with `touch /etc/firejail/newsbeuter.local` and put `protocol unix,inet,inet6` in it. In `/home/rosika/.newsbeuter/config` I put `browser "w3m"`. The command I used is `firejail --private-bin=sh,w3m --private-etc=w3m newsbeuter` . But the problem remains. Pressing "o" opens up w3m. "Opening socket" .... and then the web-site **should** displayed but it remains **empty**. "No Line". Pressing "c" however yields the respective url. In my example: www.zdf.de/nachrichten/panorama/stars-promi-news-bilder-aktuell-april-100.html Well, we certainly did all we could. It seems w3m is not cut out for this purpose. I think I´ll have to stick to lynx then. That doesn´t really matter much. It´s just that I like w3m better. But that´s rather a "luxury problem". So sorry to have taken up so much of your time. But your help is much appreciated and I´ve learnt quite a few things, too. Thanks again to @rusty-snake and @Minoru . Have a nice and healthy weekend. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:19 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 18, 2020):

@Rosika2 have you tried it with only firejail newsbeuter? as I sayed above w3m needs perl and maybe some other stuff.

<!-- gh-comment-id:615868141 --> @rusty-snake commented on GitHub (Apr 18, 2020): @Rosika2 have you tried it with only `firejail newsbeuter`? as I sayed above w3m needs perl and maybe some other stuff.
gitea-mirror commented 2026-05-05 08:45:19 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 18, 2020):

@rusty-snake:
Yes, I´ve tried but that´s even worse.
Newsbeuter works alright but w3m won´t open up at all. Pressing "o" has no effect at all.
Here´s the terminal output:

firejail newsbeuter
Reading profile /home/rosika/.config/firejail/newsbeuter.profile
Reading profile /etc/firejail/newsbeuter.local
Reading profile /etc/firejail/allow-perl.inc
Reading profile /etc/firejail/newsboat.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Warning: two protocol lists are present, "unix,inet,inet6" will be installed
Parent pid 11079, child pid 11080
Warning fcopy: skipping /etc/alternatives/orbd, cannot find inode
Warning fcopy: skipping /etc/alternatives/servertool, cannot find inode
Warning fcopy: skipping /etc/alternatives/servertool.1.gz, cannot find inode
Warning fcopy: skipping /etc/alternatives/tnameserv, cannot find inode
Warning fcopy: skipping /etc/alternatives/orbd.1.gz, cannot find inode
Warning fcopy: skipping /etc/alternatives/tnameserv.1.gz, cannot find inode
Warning: skipping crypto-policies for private /etc
Private /etc installed in 21.32 ms
1 program installed in 3.85 ms
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: cleaning all supplementary groups
Warning: cleaning all supplementary groups
Child process initialized in 5938679382016.00 ms
XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'.
Starte newsbeuter 2.9...
Lade Konfiguration...Fertig.
Öffne Zwischenspeicher...Fertig.
Lade URLs von /home/rosika/.newsbeuter/urls...Fertig.
Lade Artikel aus dem Zwischenspeicher...Fertig.
Bereinige Zwischenspeicher...Fertig.

Parent is shutting down, bye...
<!-- gh-comment-id:615869176 --> @Rosika2 commented on GitHub (Apr 18, 2020): @rusty-snake: Yes, I´ve tried but that´s even worse. Newsbeuter works alright but w3m won´t open up at all. Pressing "o" has no effect at all. Here´s the terminal output: ``` firejail newsbeuter Reading profile /home/rosika/.config/firejail/newsbeuter.profile Reading profile /etc/firejail/newsbeuter.local Reading profile /etc/firejail/allow-perl.inc Reading profile /etc/firejail/newsboat.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: networking feature is disabled in Firejail configuration file Warning: two protocol lists are present, "unix,inet,inet6" will be installed Parent pid 11079, child pid 11080 Warning fcopy: skipping /etc/alternatives/orbd, cannot find inode Warning fcopy: skipping /etc/alternatives/servertool, cannot find inode Warning fcopy: skipping /etc/alternatives/servertool.1.gz, cannot find inode Warning fcopy: skipping /etc/alternatives/tnameserv, cannot find inode Warning fcopy: skipping /etc/alternatives/orbd.1.gz, cannot find inode Warning fcopy: skipping /etc/alternatives/tnameserv.1.gz, cannot find inode Warning: skipping crypto-policies for private /etc Private /etc installed in 21.32 ms 1 program installed in 3.85 ms Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Child process initialized in 5938679382016.00 ms XDG: Datenverzeichnis '/home/rosika/.local/share/newsbeuter' nicht zugänglich, benutze stattdessen '/home/rosika/.newsbeuter'. Starte newsbeuter 2.9... Lade Konfiguration...Fertig. Öffne Zwischenspeicher...Fertig. Lade URLs von /home/rosika/.newsbeuter/urls...Fertig. Lade Artikel aus dem Zwischenspeicher...Fertig. Bereinige Zwischenspeicher...Fertig. Parent is shutting down, bye... ```
gitea-mirror commented 2026-05-05 08:45:20 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 18, 2020):

No idea if it helps at all.
The weirdest thing:
Although not displaying the website-content at all ("No Line") w3m seems to be functional after all.

When typing an URL directly (example: ubuntuusers.de) after typing "U" for direct url-entry,
the website is displayed alright!

<!-- gh-comment-id:615870943 --> @Rosika2 commented on GitHub (Apr 18, 2020): No idea if it helps at all. The weirdest thing: Although not displaying the website-content at all ("No Line") w3m seems to be functional after all. When typing an URL **directly** (example: ubuntuusers.de) after typing "U" for direct url-entry, the website is displayed alright!
gitea-mirror commented 2026-05-05 08:45:20 -06:00
Author
Owner
Copy link

@Minoru commented on GitHub (Apr 18, 2020):

That sounds like Newsbeuter doesn't pass the URL to w3m, but I just took a look at the relevant part of the code and it seems impossible =\ (The code didn't change much since then, so it should work the same even if your distro backported some newer changes)

<!-- gh-comment-id:615872568 --> @Minoru commented on GitHub (Apr 18, 2020): That sounds like Newsbeuter doesn't pass the URL to w3m, but I just took a look at [the relevant part of the code](https://github.com/akrennmair/newsbeuter/blob/969fcb163d541fa26f4600c6ae0bfe3d36309823/src/view.cpp#L346-L352) and it seems impossible =\ (The code didn't change much since then, so it should work the same even if your distro backported some newer changes)
gitea-mirror commented 2026-05-05 08:45:20 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 18, 2020):

@Minoru:
Thanks for looking that up.
Even weirder:
Only some urls are working. Like ubuntuusers.de which loads perfectly.
But e.g. linuxquestions.org yields the same empty screen with the "No Lines" remark.

But it´s not a specific w3m-problem as both sites (and every site for that matter) load perfectly when starting a standalone instance of w3m.
It´s just the interaction of w3m and newsbeuter that creates this weirdness.

Never mind. As already said, I´ll go for lynx then.

Thanks so much.
Greetings. Rosika

<!-- gh-comment-id:615875671 --> @Rosika2 commented on GitHub (Apr 18, 2020): @Minoru: Thanks for looking that up. Even weirder: Only **some** urls are working. Like ubuntuusers.de which loads perfectly. But e.g. linuxquestions.org yields the same empty screen with the "No Lines" remark. But it´s not a specific w3m-problem as both sites (and every site for that matter) load perfectly when starting a standalone instance of w3m. It´s just the interaction of w3m and newsbeuter that creates this weirdness. Never mind. As already said, I´ll go for lynx then. Thanks so much. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:21 -06:00
Author
Owner
Copy link

@Minoru commented on GitHub (Apr 18, 2020):

@Rosika2, if you don't mind, I'd still like to delve a bit deeper.

  1. Can you reproduce this without Firejail?

  2. If you have Newsboat installed, can you reproduce it there?

If this is a bug in Newsbeuter and it still exists in Newsboat, I'd like to know about it. Thanks!

<!-- gh-comment-id:615892128 --> @Minoru commented on GitHub (Apr 18, 2020): @Rosika2, if you don't mind, I'd still like to delve a bit deeper. 1. Can you reproduce this *without* Firejail? 2. If you have Newsboat installed, can you reproduce it there? If this is a bug in Newsbeuter and it still exists in Newsboat, I'd like to know about it. Thanks!
gitea-mirror commented 2026-05-05 08:45:21 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 19, 2020):

@Minoru:
Hi Alexander and thank you so much for your persistence.

Can you reproduce this without Firejail?

Well, I´ll be blessed. Up and until now I´ve never tried this.
I did the following:
touch /home/rosika/.newsbeuter/alternative_config2
and filled alterrnative_config2 with the following content:

auto-reload yes
reload-time 30
browser "w3m"
color background          white   black
color listnormal          white   black
color listfocus           yellow  blue   bold
color listnormal_unread   magenta black
color listfocus_unread    magenta blue   bold
color info                yellow  blue   bold
color article             white   black

The command newsbeuter -C /home/rosika/.newsbeuter/alternative_config2
really works as desired.
Newsbeuter performs perfectly together with w3m, which opens up the url alright.
So the issue seems to be rooted in firejail.

If you have Newsboat installed, can you reproduce it there?

I don´t have newsboat. Yet I may install it.
apt-cache show newsboat says:

[...] Successor of newsbeuter [...]

So before installing it: do you know if I can install it alongside newsbeuter?

Greetings. Rosika

<!-- gh-comment-id:616110949 --> @Rosika2 commented on GitHub (Apr 19, 2020): @Minoru: Hi Alexander and thank you so much for your persistence. > Can you reproduce this without Firejail? Well, I´ll be blessed. Up and until now I´ve never tried this. I did the following: `touch /home/rosika/.newsbeuter/alternative_config2 ` and filled `alterrnative_config2` with the following content: ``` auto-reload yes reload-time 30 browser "w3m" color background white black color listnormal white black color listfocus yellow blue bold color listnormal_unread magenta black color listfocus_unread magenta blue bold color info yellow blue bold color article white black ``` The command `newsbeuter -C /home/rosika/.newsbeuter/alternative_config2` really works as desired. Newsbeuter performs perfectly together with w3m, which opens up the url alright. So the issue seems to be rooted in firejail. > If you have Newsboat installed, can you reproduce it there? I don´t have newsboat. Yet I may install it. `apt-cache show newsboat` says: > [...] Successor of newsbeuter [...] So before installing it: do you know if I can install it alongside newsbeuter? Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:22 -06:00
Author
Owner
Copy link

@Minoru commented on GitHub (Apr 19, 2020):

The command newsbeuter -C /home/rosika/.newsbeuter/alternative_config2 really works as desired.

Great, thanks!

do you know if I can install it alongside newsbeuter?

Yes, you can. Newsboat stores its data in ~/.newsboat, so it won't conflict with Newsbeuter. On the first run, Newsboat will copy data from Newsbeuter; afterwards, it'll keep using its own copy.

<!-- gh-comment-id:616114586 --> @Minoru commented on GitHub (Apr 19, 2020): > The command newsbeuter -C /home/rosika/.newsbeuter/alternative_config2 really works as desired. Great, thanks! > do you know if I can install it alongside newsbeuter? Yes, you can. Newsboat stores its data in ~/.newsboat, so it won't conflict with Newsbeuter. On the first run, Newsboat [will copy data from Newsbeuter](https://newsboat.org/releases/2.19/docs/newsboat.html#_newsbeuter_automatic_migration); afterwards, it'll keep using its own copy.
gitea-mirror commented 2026-05-05 08:45:22 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 19, 2020):

@Minoru:
Hi again and thanks for he info and the link. Much appreciated.

Now that I´ve successfully installed newsboat I can tell you the following:

These commands do work with lynx or w3m as browser:

  • newsboat
  • firejail --profile=/etc/firejail/default.profile newsboat
  • firejail --noprofile newsboat

This doesn´t work:

  • firejail newsboat
    That way newsboat doesn´t seem to be able to read the urls-file:
firejail newsboat
Reading profile /etc/firejail/newsboat.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 8563, child pid 8564
Warning: skipping crypto-policies for private /etc
Warning: skipping pki for private /etc
Private /etc installed in 26.96 ms
1 program installed in 9.12 ms
Warning: cleaning all supplementary groups
Warning: cleaning all supplementary groups
Child process initialized in 120.99 ms
Starting newsboat 2.10.2...
Loading configuration...done.
Opening cache...done.
Loading URLs from /home/rosika2/.newsboat/urls...done.
Error: no URLs configured. Please fill the file /home/rosika2/.newsboat/urls with RSS feed URLs or import an OPML file.

newsboat 2.10.2 [...]

Greetings. Rosika

<!-- gh-comment-id:616122755 --> @Rosika2 commented on GitHub (Apr 19, 2020): @Minoru: Hi again and thanks for he info and the link. Much appreciated. Now that I´ve successfully installed **newsboat** I can tell you the following: These commands **do work** with lynx or w3m as browser: - `newsboat` - `firejail --profile=/etc/firejail/default.profile newsboat` - `firejail --noprofile newsboat` This **doesn´t work**: - `firejail newsboat` That way newsboat doesn´t seem to be able to read the **urls**-file: ``` firejail newsboat Reading profile /etc/firejail/newsboat.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: networking feature is disabled in Firejail configuration file Parent pid 8563, child pid 8564 Warning: skipping crypto-policies for private /etc Warning: skipping pki for private /etc Private /etc installed in 26.96 ms 1 program installed in 9.12 ms Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Child process initialized in 120.99 ms Starting newsboat 2.10.2... Loading configuration...done. Opening cache...done. Loading URLs from /home/rosika2/.newsboat/urls...done. Error: no URLs configured. Please fill the file /home/rosika2/.newsboat/urls with RSS feed URLs or import an OPML file. newsboat 2.10.2 [...] ``` Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:22 -06:00
Author
Owner
Copy link

@Minoru commented on GitHub (Apr 19, 2020):

firejail newsboat
That way newsboat doesn´t seem to be able to read the urls-file:

I guess this needs to be fixed in order for us to check if the bug is reproducible with Newsboat.
Newsboat's profile appears to whitelist access to ~/.newsboat, so I wonder what's going on. @Rosika2, you sure the urls file is not empty? @rusty-snake, do you have any insights into this (perhaps whitelisting doesn't mean what I think it means)?

<!-- gh-comment-id:616127111 --> @Minoru commented on GitHub (Apr 19, 2020): > firejail newsboat > That way newsboat doesn´t seem to be able to read the urls-file: I guess this needs to be fixed in order for us to check if the bug is reproducible with Newsboat. Newsboat's profile [appears to whitelist access to ~/.newsboat](https://github.com/netblue30/firejail/blob/824d517b2c5bdfb0e233349f6e4c546e5ad9dcfb/etc/newsboat.profile#L20), so I wonder what's going on. @Rosika2, you sure the urls file is not empty? @rusty-snake, do you have any insights into this (perhaps whitelisting doesn't mean what I think it means)?
gitea-mirror commented 2026-05-05 08:45:23 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 19, 2020):

Hi,

@Rosika2, you sure the urls file is not empty?

Yes, the urls-file is definitively filled with my example-entries.

N E W_I N F O R M A T I O N :

(don´t know if it helps at all):

Now I performed a direct comparison of those commands:

firejail --profile=/etc/firejail/default.profile newsboat -C /home/rosika2/.config/newsboat/alternative_config2
and
firejail --profile=/etc/firejail/default.profile newsbeuter -C /home/rosika2/.newsbeuter/alternative_config2

There´s a fundamental difference between them:

The newsboat-command works perfectly (including all browsers)
The newsbeuter-command fails to even start:

firejail --profile=/etc/firejail/default.profile newsbeuter -C /home/rosika2/.newsbeuter/alternative_config2
Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Warning: networking feature is disabled in Firejail configuration file
Parent pid 9819, child pid 9820
Warning: cleaning all supplementary groups
Child process initialized in 40.45 ms
XDG: configuration directory '/home/rosika2/.config/newsbeuter' not accessible, using '/home/rosika2/.newsbeuter' instead.
Starting newsbeuter 2.9...
Error: an instance of newsbeuter is already running (PID: 0)  # ???????????????????

Parent is shutting down, bye...

There´s definitively no instance of newsbeuter running. I don´t understand the error-message.

Greetings. Rosika

<!-- gh-comment-id:616129486 --> @Rosika2 commented on GitHub (Apr 19, 2020): Hi, > @Rosika2, you sure the urls file is not empty? Yes, the urls-file is definitively filled with my example-entries. N E W_I N F O R M A T I O N : (don´t know if it helps at all): Now I performed a direct comparison of those commands: `firejail --profile=/etc/firejail/default.profile newsboat -C /home/rosika2/.config/newsboat/alternative_config2` and `firejail --profile=/etc/firejail/default.profile newsbeuter -C /home/rosika2/.newsbeuter/alternative_config2` There´s a fundamental difference between them: The **newsboat**-command works perfectly (including all browsers) The **newsbeuter**-command fails to even start: ``` firejail --profile=/etc/firejail/default.profile newsbeuter -C /home/rosika2/.newsbeuter/alternative_config2 Reading profile /etc/firejail/default.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Warning: networking feature is disabled in Firejail configuration file Parent pid 9819, child pid 9820 Warning: cleaning all supplementary groups Child process initialized in 40.45 ms XDG: configuration directory '/home/rosika2/.config/newsbeuter' not accessible, using '/home/rosika2/.newsbeuter' instead. Starting newsbeuter 2.9... Error: an instance of newsbeuter is already running (PID: 0) # ??????????????????? Parent is shutting down, bye... ``` There´s definitively no instance of newsbeuter running. I don´t understand the error-message. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:23 -06:00
Author
Owner
Copy link

@Minoru commented on GitHub (Apr 19, 2020):

Error: an instance of newsbeuter is already running (PID: 0)

The most common cause for this is "wrong" location for the cache file, but I don't see this happening in your case. Another reason might be inaccessible location for the cache file, but again, this doesn't look like your case. (We intend to improve the message in Newsboat, just haven't gotten around to it yet; see https://github.com/newsboat/newsboat/issues/314)

@Rosika2, thanks for keeping digging! Can you try without -C? Would results be the same?

(I understand Newsboat works fine, so technically I'm all done here, but I'm puzzled by Newsbeuter behaving like it does. It should work the same as Newsboat here, I don't see any material difference in this regard)

<!-- gh-comment-id:616138449 --> @Minoru commented on GitHub (Apr 19, 2020): > Error: an instance of newsbeuter is already running (PID: 0) The most common cause for this is "wrong" location for the cache file, but I don't see this happening in your case. Another reason might be inaccessible location for the cache file, but again, this doesn't look like your case. (We intend to improve the message in Newsboat, just haven't gotten around to it yet; see https://github.com/newsboat/newsboat/issues/314) @Rosika2, thanks for keeping digging! Can you try without `-C`? Would results be the same? (I understand Newsboat works fine, so technically I'm all done here, but I'm puzzled by Newsbeuter behaving like it does. It should work the same as Newsboat here, I don't see any material difference in this regard)
gitea-mirror commented 2026-05-05 08:45:24 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 19, 2020):

Hi and thanks for the link,

thanks for keeping digging!

You´re welcome. It´s my pleasure.

firejail --profile=/etc/firejail/default.profile newsbeuter
also fails to start. The same as before.

firejail --profile=/etc/firejail/default.profile newsboat
works well (including both browsers)

I understand Newsboat works fine

Yes, but only when using the default.profile. If the newsboat.profile is loaded pressing "o" won´t trigger any browser at all.

Thank you so much for your help.
Greetings. Rosika

<!-- gh-comment-id:616143674 --> @Rosika2 commented on GitHub (Apr 19, 2020): Hi and thanks for the link, > thanks for keeping digging! You´re welcome. It´s my pleasure. `firejail --profile=/etc/firejail/default.profile newsbeuter ` also fails to start. The same as before. `firejail --profile=/etc/firejail/default.profile newsboat` works well (including both browsers) > I understand Newsboat works fine Yes, but only when using the `default.profile`. If the `newsboat.profile` is loaded pressing "o" won´t trigger any browser at all. Thank you so much for your help. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:24 -06:00
Author
Owner
Copy link

@Minoru commented on GitHub (Apr 19, 2020):

firejail --profile=/etc/firejail/default.profile newsbeuter also fails to start. The same as before.

I'm out of ideas now. :( Firejail profile looks okay to me, and if Newsbeuter works outside of Firejail, I don't see why it should fail inside it. Sorry for taking up so much of your time investigating this, @Rosika2.

If the newsboat.profile is loaded pressing "o" won´t trigger any browser at all.

Got it. @rusty-snake, perhaps newsboat.profile should include lynx.profile, so the default configuration works without any intervention from the user? I don't know anything about Firejail, though; if it's hard to "subtract" profiles later, i.e. deny access to lynx once the user switches to some other browser, I'd understand why lynx is not part of newsboat.profile.

<!-- gh-comment-id:616145912 --> @Minoru commented on GitHub (Apr 19, 2020): > firejail --profile=/etc/firejail/default.profile newsbeuter also fails to start. The same as before. I'm out of ideas now. :( Firejail profile looks okay to me, and if Newsbeuter works outside of Firejail, I don't see why it should fail inside it. Sorry for taking up so much of your time investigating this, @Rosika2. > If the newsboat.profile is loaded pressing "o" won´t trigger any browser at all. Got it. @rusty-snake, perhaps newsboat.profile should include lynx.profile, so the default configuration works without any intervention from the user? I don't know anything about Firejail, though; if it's hard to "subtract" profiles later, i.e. deny access to lynx once the user switches to some other browser, I'd understand why lynx is not part of newsboat.profile.
gitea-mirror commented 2026-05-05 08:45:24 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 19, 2020):

@Minoru:

Sorry for taking up so much of your time investigating this,

That´s really O.K.
I´m glad for your help and I´ve learnt a lot, to say the least.
Anyway I can proceed now with using newsbeuter and newsboat as well.

So thank you again for your help and persistence.
Have a nice (and healthy) Sunday and many greetings.
Rosika

<!-- gh-comment-id:616147303 --> @Rosika2 commented on GitHub (Apr 19, 2020): @Minoru: `Sorry for taking up so much of your time investigating this,` That´s really O.K. I´m glad for your help and I´ve learnt a lot, to say the least. Anyway I can proceed now with using newsbeuter and newsboat as well. So thank you again for your help and persistence. Have a nice (and healthy) Sunday and many greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:25 -06:00
Author
Owner
Copy link

@matu3ba commented on GitHub (Apr 19, 2020):

@Minoru This would mean user-based installation derivement of the setup or dynamic loading. Additionally this would mean even more complexity on maintaining.
I will formulate something in the issue formular about the interaction of programs/default programs.

<!-- gh-comment-id:616157215 --> @matu3ba commented on GitHub (Apr 19, 2020): @Minoru This would mean user-based installation derivement of the setup or dynamic loading. Additionally this would mean even more complexity on maintaining. I will formulate something in the issue formular about the interaction of programs/default programs.
gitea-mirror commented 2026-05-05 08:45:25 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 19, 2020):

I can't really follow this anymore, if there's anything left please post it.

FYI: default.profile includes disable-programs.inc which blacklists ~/.newsbeuter and so on.

<!-- gh-comment-id:616167755 --> @rusty-snake commented on GitHub (Apr 19, 2020): I can't really follow this anymore, if there's anything left please post it. FYI: `default.profile` `include`s `disable-programs.inc` which `blacklist`s `~/.newsbeuter` and so on.
gitea-mirror commented 2026-05-05 08:45:26 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 20, 2020):

@rusty-snake:
Thank you so much for your help.
Tnx also for the default.profile explanation.

Greetings. Rosika

<!-- gh-comment-id:616473728 --> @Rosika2 commented on GitHub (Apr 20, 2020): @rusty-snake: Thank you so much for your help. Tnx also for the `default.profile` explanation. Greetings. Rosika
gitea-mirror commented 2026-05-05 08:45:27 -06:00
Author
Owner
Copy link

@Rosika2 commented on GitHub (Apr 20, 2020):

@all:
UPDATE
Sorry for getting back to you again although we decided to close the thread but I just want to let anybody who is interested know: S U C C E S S !!!!!!!!

You wouldn´t believe but I finally got it running the way I wanted to.
What I did was the following:

I took the command
firejail--ignore=disable-mnt --ignore=private-bin --ignore=private-etc --ignore=memory-deny-write-execute --ignore=protocol --ignore=tracelog --ignore=nosound --ignore=nodbus --ignore=ipc-namespace --noblacklist=/tmp/.X11-unix '--noblacklist=${RUNUSER}/wayland-*' newsbeuter
which @rusty-snake suggested 18 days ago.

To be more precise: I used these firejail-options with
newsbeuter -C /home/rosika/.newsbeuter/alternative_config2
The alternative_config2 looks like this:

auto-reload yes
reload-time 30
browser "w3m"
color background          white   black
color listnormal          white   black
color listfocus           yellow  blue   bold
color listnormal_unread   magenta black
color listfocus_unread    magenta blue   bold
color info                yellow  blue   bold
color article             white   black

And now it worked. w3m opens up alright, plus: it doesn´t show "No Line" any more but displays the website correctly.
As a second step I took away one option after another to see whether the reduced command still worked.
I finally arrived at this minimal working command:
firejail --ignore=private-bin newsbeuter -C /home/rosika/.newsbeuter/alternative_config2
So after all the investigation it seems that --ignore=private-bin holds the key to success.

Thanks again to all of you for your help.
Greetings.
Rosika

<!-- gh-comment-id:616507219 --> @Rosika2 commented on GitHub (Apr 20, 2020): @all: *****UPDATE***** Sorry for getting back to you again although we decided to close the thread but I just want to let anybody who is interested know: **S U C C E S S !!!!!!!!** You wouldn´t believe but I finally got it running the way I wanted to. What I did was the following: I took the command `firejail--ignore=disable-mnt --ignore=private-bin --ignore=private-etc --ignore=memory-deny-write-execute --ignore=protocol --ignore=tracelog --ignore=nosound --ignore=nodbus --ignore=ipc-namespace --noblacklist=/tmp/.X11-unix '--noblacklist=${RUNUSER}/wayland-*' newsbeuter` which @rusty-snake suggested 18 days ago. To be more precise: I used these _firejail-options_ with `newsbeuter -C /home/rosika/.newsbeuter/alternative_config2` The alternative_config2 looks like this: ``` auto-reload yes reload-time 30 browser "w3m" color background white black color listnormal white black color listfocus yellow blue bold color listnormal_unread magenta black color listfocus_unread magenta blue bold color info yellow blue bold color article white black ``` **_And now it worked_**. **w3m** opens up alright, plus: it doesn´t show "No Line" any more but displays the website correctly. As a second step I took away one option after another to see whether the reduced command still worked. I finally arrived at this **minimal working** command: `firejail --ignore=private-bin newsbeuter -C /home/rosika/.newsbeuter/alternative_config2 ` So after all the investigation it seems that `--ignore=private-bin` holds the key to success. Thanks again to all of you for your help. Greetings. Rosika
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2082
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?