[GH-ISSUE #3448] --private-bin=something does not seem to work #2164

New issue

Closed

opened 2026-05-05 08:50:32 -06:00 by gitea-mirror · 12 comments

gitea-mirror commented 2026-05-05 08:50:32 -06:00

Owner

Copy link

Originally created by @heinrich5991 on GitHub (Jun 3, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3448

--private-bin=something does not seem to work for me.

Bug and expected behavior

> firejail --private-bin=ls ls
Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc

** Note: you can use --noprofile to disable default.profile **

Parent pid 2449111, child pid 2449112
1 program installed in 2.40 ms
Warning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted
Child process initialized in 47.81 ms
execvp: No such file or directory

Parent is shutting down, bye...

I expected ls to execute given that I whitelisted it with --private-bin.

No profile or disabling firejail

• firejail --private-bin=ls --noprofile ls also doesn't work.
• firejail --noprofile ls obviously works, so does firejail ls.
• Calling the program directly (ls) obviously also works.

Reproduce
Steps to reproduce the behavior:

1. Run in bash firejail --private-bin=ls ls
2. See error execvp: No such file or directory

Environment

• Arch Linux

firejail version 0.9.62

Compile time support:
	- AppArmor support is enabled
	- AppImage support is enabled
	- chroot support is enabled
	- file and directory whitelisting support is enabled
	- file transfer support is enabled
	- firetunnel support is enabled
	- networking support is enabled
	- overlayfs support is enabled
	- private-home support is enabled
	- seccomp-bpf support is enabled
	- user namespace support is enabled
	- X11 sandboxing support is enabled

fish is my default shell, but both setting the SHELL variable to /bin/bash and executing from bash did not seem to help.

No other programs interact with the affected program for the functionality.

Additional context
I figured out that the default Discord profile does not work for me due to the private-bin directives. I narrowed it down to private-bin not working in general for me. Might have something to do with fish being my default shell: #2934.

Checklist

• The upstream profile (and redirect profile if exists) have no changes fixing it.
• The upstream profile exists (find / -name 'firejail' 2>/dev/null/fd firejail to locate profiles ie in /usr/local/etc/firejail/PROGRAM.profile)
• Programs needed for interaction are listed.
• Error was checked in search engine and on issue list without success. Similar issue: #2934, but this is not about joining an existing container.

Originally created by @heinrich5991 on GitHub (Jun 3, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3448 `--private-bin=something` does not seem to work for me. **Bug and expected behavior** ``` > firejail --private-bin=ls ls Reading profile /etc/firejail/default.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc ** Note: you can use --noprofile to disable default.profile ** Parent pid 2449111, child pid 2449112 1 program installed in 2.40 ms Warning: /sbin directory link was not blacklisted Warning: /usr/sbin directory link was not blacklisted Child process initialized in 47.81 ms execvp: No such file or directory Parent is shutting down, bye... ``` I expected `ls` to execute given that I whitelisted it with `--private-bin`. **No profile or disabling firejail** - `firejail --private-bin=ls --noprofile ls` also doesn't work. - `firejail --noprofile ls` obviously works, so does `firejail ls`. - Calling the program directly (`ls`) obviously also works. **Reproduce** Steps to reproduce the behavior: 1. Run in bash `firejail --private-bin=ls ls` 2. See error `execvp: No such file or directory` **Environment** - Arch Linux ``` firejail version 0.9.62 Compile time support: - AppArmor support is enabled - AppImage support is enabled - chroot support is enabled - file and directory whitelisting support is enabled - file transfer support is enabled - firetunnel support is enabled - networking support is enabled - overlayfs support is enabled - private-home support is enabled - seccomp-bpf support is enabled - user namespace support is enabled - X11 sandboxing support is enabled ``` `fish` is my default shell, but both setting the `SHELL` variable to `/bin/bash` and executing from bash did not seem to help. No other programs interact with the affected program for the functionality. **Additional context** I figured out that the default Discord profile does not work for me due to the `private-bin` directives. I narrowed it down to `private-bin` not working in general for me. Might have something to do with `fish` being my default shell: #2934. **Checklist** - [x] The upstream profile (and redirect profile if exists) have no changes fixing it. - [x] The upstream profile exists (`find / -name 'firejail' 2>/dev/null`/`fd firejail` to locate profiles ie in `/usr/local/etc/firejail/PROGRAM.profile`) - [x] Programs needed for interaction are listed. - [x] Error was checked in search engine and on issue list without success. Similar issue: #2934, but this is not about joining an existing container.

gitea-mirror closed this issue 2026-05-05 08:50:33 -06:00

gitea-mirror commented 2026-05-05 08:50:35 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Jun 3, 2020):

Can you try with bash.

chsh -s /bin/bash
logout
firejail --private-bin=ls --noprofile ls

Can you try adding --shell=none:
firejail --private-bin=ls --shell=none --noprofile ls

Works firejail --private-bin=ls,fish --noprofile ls and firejail --private-bin=ls --noprofile /bin/ls

NOTE: Not having a shell inside the sandbox, but starting a program in a shell is expected to fail.

<!-- gh-comment-id:638436782 --> @rusty-snake commented on GitHub (Jun 3, 2020): Can you try with bash. ``` chsh -s /bin/bash logout firejail --private-bin=ls --noprofile ls ``` Can you try adding `--shell=none`: `firejail --private-bin=ls --shell=none --noprofile ls` Works `firejail --private-bin=ls,fish --noprofile ls` and `firejail --private-bin=ls --noprofile /bin/ls` NOTE: Not having a shell inside the sandbox, but starting a program in a shell is expected to fail.

gitea-mirror commented 2026-05-05 08:50:36 -06:00

Author

Owner

Copy link

@heinrich5991 commented on GitHub (Jun 3, 2020):

After changing the shell to bash using chsh -s /bin/bash and then logging in via SSH again:

$ firejail --private-bin=ls --noprofile ls
Parent pid 2553517, child pid 2553518
1 program installed in 2.80 ms
Child process initialized in 24.49 ms
execvp: No such file or directory

Parent is shutting down, bye...

firejail --private-bin=ls --shell=none --noprofile ls works. firejail --private-bin=ls,bash --noprofile ls works if bash is my default shell.

firejail --private-bin=ls,fish --noprofile ls kinda works with a warning:

> firejail --private-bin=ls,fish --noprofile ls
Parent pid 2558462, child pid 2558463
2 programs installed in 13.06 ms
Child process initialized in 20.74 ms
fish: Unknown command: '['
/usr/share/fish/functions/isatty.fish (line 32): 
    command [ -t "$fd" ]
            ^
in function 'isatty' with arguments 'stdout'
	called on line 14 of file /usr/share/fish/functions/ls.fish
in function 'ls'
[...]
Parent is shutting down, bye...

<!-- gh-comment-id:638467927 --> @heinrich5991 commented on GitHub (Jun 3, 2020): After changing the shell to bash using `chsh -s /bin/bash` and then logging in via SSH again: ``` $ firejail --private-bin=ls --noprofile ls Parent pid 2553517, child pid 2553518 1 program installed in 2.80 ms Child process initialized in 24.49 ms execvp: No such file or directory Parent is shutting down, bye... ``` `firejail --private-bin=ls --shell=none --noprofile ls` works. `firejail --private-bin=ls,bash --noprofile ls` works if bash is my default shell. `firejail --private-bin=ls,fish --noprofile ls` kinda works with a warning: ``` > firejail --private-bin=ls,fish --noprofile ls Parent pid 2558462, child pid 2558463 2 programs installed in 13.06 ms Child process initialized in 20.74 ms fish: Unknown command: '[' /usr/share/fish/functions/isatty.fish (line 32): command [ -t "$fd" ] ^ in function 'isatty' with arguments 'stdout' called on line 14 of file /usr/share/fish/functions/ls.fish in function 'ls' [...] Parent is shutting down, bye... ```

gitea-mirror commented 2026-05-05 08:50:37 -06:00

Author

Owner

Copy link

@heinrich5991 commented on GitHub (Jun 3, 2020):

It's unexpected for me that firejail calls the shell btw.

<!-- gh-comment-id:638475272 --> @heinrich5991 commented on GitHub (Jun 3, 2020): It's unexpected for me that firejail calls the shell btw.

gitea-mirror commented 2026-05-05 08:50:38 -06:00

Author

Owner

Copy link

@heinrich5991 commented on GitHub (Jun 4, 2020):

> firejail --noprofile --private-bin=ls --debug ls
Autoselecting /usr/bin/fish as shell
Building quoted command line: 'ls' 
Command name #ls#
DISPLAY=:0 parsed as 0
Using the local network stack
Parent pid 24675, child pid 24676
Initializing child process
Host network configured
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp directory
Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file
Mounting /proc filesystem representing the PID namespace
Basic read-only filesystem:
Mounting read-only /etc
Mounting noexec /etc
Mounting read-only /var
Mounting noexec /var
Mounting read-only /bin
Mounting read-only /lib
Mounting read-only /usr
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Mounting tmpfs on /var/lib/nginx
Create the new utmp file
Mount the new utmp file
Cleaning /home directory
Cleaning /run/user directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /home/user/.config/firejail
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/profile
Disable /run/firejail/x11
Copying files in the new bin directory
Checking /usr/local/bin/ls
Checking /usr/bin/ls
sbox run: /run/firejail/lib/fcopy /usr/bin/ls /run/firejail/mnt/bin (null) 
Mount-bind /run/firejail/mnt/bin on top of /usr/local/bin
Mount-bind /run/firejail/mnt/bin on top of /usr/bin
Mount-bind /run/firejail/mnt/bin on top of /bin
Mount-bind /run/firejail/mnt/bin on top of /usr/local/games
Mount-bind /run/firejail/mnt/bin on top of /usr/local/sbin
Mount-bind /run/firejail/mnt/bin on top of /usr/sbin
Mount-bind /run/firejail/mnt/bin on top of /sbin
1 program installed in 2.22 ms
Mounting read-only /proc/sys
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/power
Disable /sys/kernel/debug
Disable /sys/kernel/vmcoreinfo
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kcore
Disable /proc/kallsyms
Disable /usr/lib/modules (requested /lib/modules)
Disable /boot
Disable /dev/port
Disable /run/user/1000/gnupg
Disable /run/user/1000/systemd
Disable /dev/kmsg
Disable /proc/kmsg
Disable /sys/fs
Disable /sys/module
Mounting noexec /run/firejail/mnt/pulse
Mounting /run/firejail/mnt/pulse on /home/user/.config/pulse
1234 1206 0:99 /pulse /home/user/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=1234 fsname=/pulse dir=/home/user/.config/pulse fstype=tmpfs
Current directory: /home/user
DISPLAY=:0 parsed as 0
Mounting read-only /run/firejail/mnt/seccomp
Drop privileges: pid 1, uid 1000, gid 100, nogroups 0
starting application
LD_PRELOAD=(null)
Running 'ls'  command through /usr/bin/fish
execvp argument 0: /usr/bin/fish
execvp argument 1: -c
execvp argument 2: 'ls' 
Child process initialized in 8.89 ms
execvp: No such file or directory
monitoring pid 3

Sandbox monitor: waitpid 3 retval 3 status 256

Parent is shutting down, bye...

<!-- gh-comment-id:638709981 --> @heinrich5991 commented on GitHub (Jun 4, 2020): ``` > firejail --noprofile --private-bin=ls --debug ls Autoselecting /usr/bin/fish as shell Building quoted command line: 'ls' Command name #ls# DISPLAY=:0 parsed as 0 Using the local network stack Parent pid 24675, child pid 24676 Initializing child process Host network configured PID namespace installed Mounting tmpfs on /run/firejail/mnt directory Creating empty /run/firejail/mnt/seccomp directory Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file Mounting /proc filesystem representing the PID namespace Basic read-only filesystem: Mounting read-only /etc Mounting noexec /etc Mounting read-only /var Mounting noexec /var Mounting read-only /bin Mounting read-only /lib Mounting read-only /usr Mounting tmpfs on /var/lock Mounting tmpfs on /var/tmp Mounting tmpfs on /var/log Mounting tmpfs on /var/lib/nginx Create the new utmp file Mount the new utmp file Cleaning /home directory Cleaning /run/user directory Sanitizing /etc/passwd, UID_MIN 1000 Sanitizing /etc/group, GID_MIN 1000 Disable /home/user/.config/firejail Disable /run/firejail/network Disable /run/firejail/bandwidth Disable /run/firejail/name Disable /run/firejail/profile Disable /run/firejail/x11 Copying files in the new bin directory Checking /usr/local/bin/ls Checking /usr/bin/ls sbox run: /run/firejail/lib/fcopy /usr/bin/ls /run/firejail/mnt/bin (null) Mount-bind /run/firejail/mnt/bin on top of /usr/local/bin Mount-bind /run/firejail/mnt/bin on top of /usr/bin Mount-bind /run/firejail/mnt/bin on top of /bin Mount-bind /run/firejail/mnt/bin on top of /usr/local/games Mount-bind /run/firejail/mnt/bin on top of /usr/local/sbin Mount-bind /run/firejail/mnt/bin on top of /usr/sbin Mount-bind /run/firejail/mnt/bin on top of /sbin 1 program installed in 2.22 ms Mounting read-only /proc/sys Remounting /sys directory Disable /sys/firmware Disable /sys/hypervisor Disable /sys/power Disable /sys/kernel/debug Disable /sys/kernel/vmcoreinfo Disable /proc/sys/fs/binfmt_misc Disable /proc/sys/kernel/core_pattern Disable /proc/sys/kernel/modprobe Disable /proc/sysrq-trigger Disable /proc/sys/vm/panic_on_oom Disable /proc/irq Disable /proc/bus Disable /proc/sched_debug Disable /proc/timer_list Disable /proc/kcore Disable /proc/kallsyms Disable /usr/lib/modules (requested /lib/modules) Disable /boot Disable /dev/port Disable /run/user/1000/gnupg Disable /run/user/1000/systemd Disable /dev/kmsg Disable /proc/kmsg Disable /sys/fs Disable /sys/module Mounting noexec /run/firejail/mnt/pulse Mounting /run/firejail/mnt/pulse on /home/user/.config/pulse 1234 1206 0:99 /pulse /home/user/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755 mountid=1234 fsname=/pulse dir=/home/user/.config/pulse fstype=tmpfs Current directory: /home/user DISPLAY=:0 parsed as 0 Mounting read-only /run/firejail/mnt/seccomp Drop privileges: pid 1, uid 1000, gid 100, nogroups 0 starting application LD_PRELOAD=(null) Running 'ls' command through /usr/bin/fish execvp argument 0: /usr/bin/fish execvp argument 1: -c execvp argument 2: 'ls' Child process initialized in 8.89 ms execvp: No such file or directory monitoring pid 3 Sandbox monitor: waitpid 3 retval 3 status 256 Parent is shutting down, bye... ```

gitea-mirror commented 2026-05-05 08:50:39 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Jun 4, 2020):

I'm probably endlessly saying it, but let me repeat it one more time: A not POSIX compatible login-shell is a bad Idea. Programs break badly, you need to debug strength issues and have a potential security-hole because of others escape rules. Guys, use bash as login-shell and set you favourite interactive-shell in your terminal-emulator/multiplexer.

<!-- gh-comment-id:638766612 --> @rusty-snake commented on GitHub (Jun 4, 2020): I'm probably endlessly saying it, but let me repeat it one more time: A not POSIX compatible login-shell is a bad Idea. Programs break badly, you need to debug strength issues and have a potential security-hole because of others escape rules. Guys, use bash as login-shell and set you favourite interactive-shell in your terminal-emulator/multiplexer.

gitea-mirror commented 2026-05-05 08:50:41 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Jun 4, 2020):

firejail --private-bin=ls,fish --noprofile ls kinda works with a warning:

Looks like [ is not a build-in of fish. Unfortunately you can't add it (#3381).

<!-- gh-comment-id:638767317 --> @rusty-snake commented on GitHub (Jun 4, 2020): >firejail --private-bin=ls,fish --noprofile ls kinda works with a warning: Looks like `[` is not a build-in of fish. Unfortunately you can't add it (#3381).

gitea-mirror commented 2026-05-05 08:50:42 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Jun 4, 2020):

It's unexpected for me that firejail calls the shell btw.

--shell=none
Run the program directly, without a user shell.

Example:
$ firejail --shell=none script.sh
--shell=program
Set default user shell. Use this shell to run the application using -c shell option. For example "firejail --shell=/bin/dash firefox" will
start Mozilla Firefox as "/bin/dash -c firefox". By default Bash shell (/bin/bash) is used.

<!-- gh-comment-id:638768687 --> @rusty-snake commented on GitHub (Jun 4, 2020): > It's unexpected for me that firejail calls the shell btw. > **--shell=none** > Run the program directly, without a user shell. > > Example: > $ firejail --shell=none script.sh > **--shell=program** > Set default user shell. Use this shell to run the application using -c shell option. For example "firejail --shell=/bin/dash firefox" will > start Mozilla Firefox as "/bin/dash -c firefox". By default Bash shell (/bin/bash) is used.

gitea-mirror commented 2026-05-05 08:50:43 -06:00

Author

Owner

Copy link

@heinrich5991 commented on GitHub (Jun 4, 2020):

I'm probably endlessly saying it, but let me repeat it one more time: A not POSIX compatible login-shell is a bad Idea. Programs break badly, you need to debug strength issues and have a potential security-hole because of others escape rules. Guys, use bash as login-shell and set you favourite interactive-shell in your terminal-emulator/multiplexer.

No, firejail is the first program for me that breaks under fish. If it is related to fish that firejail breaks, that seems to be a firejail problem. I have been using fish for over a year as my login shell.

I can't comment on the security holes because those aren't visible to users.

Note that the problem does not seem to be related to fish though, it also fails in bash (see https://github.com/netblue30/firejail/issues/3448#issuecomment-638467927).

Can you explain what benefit firejail gets by executing a shell with each command by default?

<!-- gh-comment-id:638775249 --> @heinrich5991 commented on GitHub (Jun 4, 2020): > I'm probably endlessly saying it, but let me repeat it one more time: A not POSIX compatible login-shell is a bad Idea. **Programs break badly,** you need to debug strength issues and have a potential security-hole because of others escape rules. Guys, use bash as login-shell and set you favourite interactive-shell in your terminal-emulator/multiplexer. No, firejail is the first program for me that breaks under `fish`. If it is related to fish that firejail breaks, that seems to be a firejail problem. I have been using fish for over a year as my login shell. I can't comment on the security holes because those aren't visible to users. Note that the problem does not seem to be related to fish though, it also fails in bash (see https://github.com/netblue30/firejail/issues/3448#issuecomment-638467927). Can you explain what benefit firejail gets by executing a shell with each command by default?

gitea-mirror commented 2026-05-05 08:50:45 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Jun 4, 2020):

No, firejail is the first program for me that breaks under fish. If it is related to fish that firejail breaks, that seems to be a firejail problem. I have been using fish for over a year as my login shell.

I've seen more program that assume bash as login-shell, and can only tell what IMHO the best is.

<!-- gh-comment-id:638779157 --> @rusty-snake commented on GitHub (Jun 4, 2020): > No, firejail is the first program for me that breaks under fish. If it is related to fish that firejail breaks, that seems to be a firejail problem. I have been using fish for over a year as my login shell. I've seen more program that assume bash as login-shell, and can only tell what IMHO the best is.

gitea-mirror commented 2026-05-05 08:50:46 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Sep 1, 2020):

Closing here, we still have #3434.

<!-- gh-comment-id:684822122 --> @rusty-snake commented on GitHub (Sep 1, 2020): Closing here, we still have #3434.

gitea-mirror commented 2026-05-05 08:50:47 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Jun 20, 2022):

shell none becomes default (#5196).

<!-- gh-comment-id:1160568895 --> @rusty-snake commented on GitHub (Jun 20, 2022): `shell none` becomes default (#5196).

gitea-mirror commented 2026-05-05 08:50:47 -06:00

Author

Owner

Copy link

@heinrich5991 commented on GitHub (Jun 21, 2022):

Nice! :)

<!-- gh-comment-id:1161635070 --> @heinrich5991 commented on GitHub (Jun 21, 2022): Nice! :)

gitea-mirror referenced this issue 2026-05-05 10:15:29 -06:00

[PR #2164] [MERGED] New profile aria2c #4192

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

serialize_remounts_v2

landlock_v4

landlock

release-0.9.64

release-0.9.62

gitlab_ci

LTSbase

fred_ctests

docs

0.9.80

0.9.80-rc1

0.9.78

0.9.76

0.9.76-rc4

0.9.76-rc3

0.9.76-rc2

0.9.76-rc1

0.9.74

landlock-split

0.9.72

0.9.72rc1

0.9.70

0.9.68

0.9.68rc1

0.9.66

0.9.66rc1

0.9.64.4

0.9.64.2

0.9.64

0.9.64rc1

0.9.62.4

0.9.62.2

0.9.62

0.9.56.2-LTS

0.9.60

0.9.60-rc1

0.9.58.2

0.9.58

0.9.58-rc1

0.9.56-LTS-release

0.9.56-LTS

0.9.56

0.9.56-rc1

0.9.54

0.9.54-rc2

0.9.54-rc1

0.9.52

0.9.38.12

0.9.50

0.9.50-rc1

0.9.48

0.9.46

0.9.46-rc1

0.9.44.10

0.9.44.8

0.9.44.6

0.9.38.10

0.9.44.4

0.9.38.8

0.9.44.2

0.9.44

0.9.44-rc1

0.9.38.4

0.9.42

0.9.42-rc2

0.9.38.2

0.9.42-rc1

disable-globalcfg

0.9.40

0.9.40-rc1

0.9.38

0.9.38-rc1

0.9.36

0.9.36-rc1

0.9.34

0.9.34-rc1

0.9.32

0.9.32-rc1

0.9.30

0.9.30-rc1

Labels

Clear labels   

LTS merge

  

LTS merge

  

bug

  

bug

  

converted-to-discussion

  

doc-todo

  

documentation

  

duplicate

  

enhancement

  

file-transfer

  

firecfg

  

firejail-in-firejail

  

firetools

  

graphics

  

help wanted

  

information_old

  

installation

  

invalid

  

modif

  

moved

  

needinfo

  

networking

  

notabug

  

notourbug

  

old-version

  

overlayfs

  

packaging

  

profile-request

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question_old

  

removal

  

runtime-permissions

  

sandbox-ipc

  

security

  

stale

  

wiki

  

wiki

  

wontfix

  

wordpress

  

workaround

No labels

LTS merge

LTS merge

bug

bug

converted-to-discussion

doc-todo

documentation

duplicate

enhancement

file-transfer

firecfg

firejail-in-firejail

firetools

graphics

help wanted

information_old

installation

invalid

modif

moved

needinfo

networking

notabug

notourbug

old-version

overlayfs

packaging

profile-request

pull-request

question

question_old

removal

runtime-permissions

sandbox-ipc

security

stale

wiki

wiki

wontfix

wordpress

workaround

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2164

No description provided.