github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #3568] How to block internet access while retain connection to host native X11 #2236

New issue
Closed
opened 2026-05-05 08:55:39 -06:00 by gitea-mirror · 10 comments
gitea-mirror commented 2026-05-05 08:55:39 -06:00
Owner
Copy link

Originally created by @azurvii on GitHub (Aug 4, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3568

The options I explored:

  • --net=none blocks both internet and host X11 connection. --net=none --x11 works, but I need gpu hardware acceleration, and thus a direct host x11 connection.
  • --netfilter works only when --net= is used, according to the manpage.
  • --protocol=unix works only partially. I tested with steam, in which web pages are all broken. But somehow steam can still download games (both new game install and update downloads work).

For the 3rd point, my impression is that unix sockets are local. Is it possible to use a unix socket for internet access? I found https://wiki.manjaro.org/index.php?title=Firejail#Block_an_application_from_accessing_the_internet, which seems to side with my impression (that unix socks are local), but somehow firejailed steam is not fully restricted from internet.

In case it might be helpful, how I launch steam is: firejail --noprofile --seccomp --nonewprivs --caps.drop=all --chroot=~/chroot steam.

Not sure what else I can do to achieve the result in the title. Any recommendations / suggestions are welcome.

Originally created by @azurvii on GitHub (Aug 4, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3568 The options I explored: * `--net=none` blocks both internet and host X11 connection. `--net=none --x11` works, but I need gpu hardware acceleration, and thus a direct host x11 connection. * `--netfilter` works only when `--net=` is used, according to the manpage. * `--protocol=unix` works only partially. I tested with steam, in which web pages are all broken. But somehow steam can still download games (both new game install and update downloads work). For the 3rd point, my impression is that unix sockets are local. Is it possible to use a unix socket for internet access? I found https://wiki.manjaro.org/index.php?title=Firejail#Block_an_application_from_accessing_the_internet, which seems to side with my impression (that unix socks are local), but somehow firejailed steam is not fully restricted from internet. In case it might be helpful, how I launch steam is: `firejail --noprofile --seccomp --nonewprivs --caps.drop=all --chroot=~/chroot steam`. Not sure what else I can do to achieve the result in the title. Any recommendations / suggestions are welcome.
gitea-mirror 2026-05-05 08:55:39 -06:00
gitea-mirror commented 2026-05-05 08:55:42 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Aug 4, 2020):

But somehow steam can still download games (both new game install and update downloads work).

Unix sockets are local and can not be used for TCP/IP. Steam likely spawns a download-worker through systemD/D-Bus .

Not sure what else I can do to achieve the result in the title. Any recommendations / suggestions are welcome.

You can bind mount the regular-X11-socket inside the chroot.

<!-- gh-comment-id:668421078 --> @rusty-snake commented on GitHub (Aug 4, 2020): > But somehow steam can still download games (both new game install and update downloads work). Unix sockets are local and can not be used for TCP/IP. Steam likely spawns a download-worker through systemD/D-Bus . > Not sure what else I can do to achieve the result in the title. Any recommendations / suggestions are welcome. You can bind mount the regular-X11-socket inside the chroot.
gitea-mirror commented 2026-05-05 08:55:43 -06:00
Author
Owner
Copy link

@smitsohu commented on GitHub (Aug 4, 2020):

A bit of a dirty hack is to set an environment variable FIREJAIL_X11 before starting the sandbox, then Firejail will take care of X11 mounting itself. But only do this when not using any of the --x11 options.

<!-- gh-comment-id:668510540 --> @smitsohu commented on GitHub (Aug 4, 2020): A bit of a dirty hack is to set an environment variable `FIREJAIL_X11` before starting the sandbox, then Firejail will take care of X11 mounting itself. But only do this when not using any of the `--x11` options.
gitea-mirror commented 2026-05-05 08:55:43 -06:00
Author
Owner
Copy link

@azurvii commented on GitHub (Aug 5, 2020):

But somehow steam can still download games (both new game install and update downloads work).

Unix sockets are local and can not be used for TCP/IP. Steam likely spawns a download-worker through systemD/D-Bus .

Can you expand a bit on the systemd/dbus exploit? I'm trying to relate how steam can communicate with the systemd/dbus in the chroot, but my assumption is that systemd/dbus that steam talks to is also bound by the --protocol parameter, which should restrict their outreaching activities. Correct me if I'm wrong.

You can bind mount the regular-X11-socket inside the chroot.

A bit of a dirty hack is to set an environment variable FIREJAIL_X11 before starting the sandbox, then Firejail will take care of X11 mounting itself. But only do this when not using any of the --x11 options.

This worked for me! I found some more info in #2711 and the code. Do you have any idea whether this hack would be formalized? E.g. to become a command line parameter. Also, as the solution is similar for #3484 as well, I think this should be able to be applied to pulseaudio as well (which needs to copy /etc/machine-id and bind-mount /$XDG_RUNTIME_DIR/pulse).

<!-- gh-comment-id:668927166 --> @azurvii commented on GitHub (Aug 5, 2020): > > But somehow steam can still download games (both new game install and update downloads work). > > Unix sockets are local and can not be used for TCP/IP. Steam likely spawns a download-worker through systemD/D-Bus . Can you expand a bit on the systemd/dbus exploit? I'm trying to relate how steam can communicate with the systemd/dbus in the chroot, but my assumption is that systemd/dbus that steam talks to is also bound by the `--protocol` parameter, which should restrict their outreaching activities. Correct me if I'm wrong. > You can bind mount the regular-X11-socket inside the chroot. > A bit of a dirty hack is to set an environment variable `FIREJAIL_X11` before starting the sandbox, then Firejail will take care of X11 mounting itself. But only do this when not using any of the `--x11` options. This worked for me! I found some more info in #2711 and [the code](https://github.com/netblue30/firejail/blob/6f3867fdb8cdaca3ffd62eb824c10d42a5250c9c/src/firejail/chroot.c#L168). Do you have any idea whether this hack would be formalized? E.g. to become a command line parameter. Also, as the solution is similar for #3484 as well, I think this should be able to be applied to pulseaudio as well (which needs to copy `/etc/machine-id` and bind-mount `/$XDG_RUNTIME_DIR/pulse`).
gitea-mirror commented 2026-05-05 08:55:43 -06:00
Author
Owner
Copy link

@azurvii commented on GitHub (Aug 5, 2020):

I just found that the bind-mounting by FIREJAIL_X11 does not expose the mount in the host (mount shows the mount in the jail but not in the host). And I assume (and hope) that this mount is umounted when firejail exits.

If that is correct, this would be much cleaner than the manual mounting outside the jail (I'm scripting it for pulseaudio, and I don't have a good way yet to umount it automatically, considering a possible multiple instances situation).

<!-- gh-comment-id:668937346 --> @azurvii commented on GitHub (Aug 5, 2020): I just found that the bind-mounting by `FIREJAIL_X11` does not expose the mount in the host (`mount` shows the mount in the jail but not in the host). And I assume (and hope) that this mount is umounted when firejail exits. If that is correct, this would be much cleaner than the manual mounting outside the jail (I'm scripting it for pulseaudio, and I don't have a good way yet to umount it automatically, considering a possible multiple instances situation).
gitea-mirror commented 2026-05-05 08:55:44 -06:00
Author
Owner
Copy link

@smitsohu commented on GitHub (Aug 5, 2020):

And I assume (and hope) that this mount is umounted when firejail exits.

These mounts are destroyed when all processes in the sandbox mount namespace have terminated, or in other words, when Firejail exits.

Do you have any idea whether this hack would be formalized? E.g. to become a command line parameter. Also, as the solution is similar for #3484 as well, I think this should be able to be applied to pulseaudio as well (which needs to copy /etc/machine-id and bind-mount /$XDG_RUNTIME_DIR/pulse).

I guess a simple way to formalize this would be to just use an environment variable different from FIREJAIL_X11. And right, Firejail could do in principle the same with pulseaudio.

<!-- gh-comment-id:669087354 --> @smitsohu commented on GitHub (Aug 5, 2020): > And I assume (and hope) that this mount is umounted when firejail exits. These mounts are destroyed when all processes in the sandbox mount namespace have terminated, or in other words, when Firejail exits. > Do you have any idea whether this hack would be formalized? E.g. to become a command line parameter. Also, as the solution is similar for #3484 as well, I think this should be able to be applied to pulseaudio as well (which needs to copy /etc/machine-id and bind-mount /$XDG_RUNTIME_DIR/pulse). I guess a simple way to formalize this would be to just use an environment variable different from `FIREJAIL_X11`. And right, Firejail could do in principle the same with pulseaudio.
gitea-mirror commented 2026-05-05 08:55:44 -06:00
Author
Owner
Copy link

@smitsohu commented on GitHub (Aug 5, 2020):

but my assumption is that systemd/dbus that steam talks to is also bound by the --protocol parameter, which should restrict their outreaching activities. Correct me if I'm wrong.

The problem is that the process at the other end of the socket doesn't know about our own sandbox restrictions. If you allow a sandbox access to a socket, you open up unrestricted access to the service, and what that means depends on the service alone.

What does echo $DBUS_SESSION_BUS_ADDRESS say? Did you maybe bind mount that path in the chroot? Is the issue fixed by adding --nodbus or --dbus-user=none --dbus-system=none (depending on Firejail version)?

<!-- gh-comment-id:669141019 --> @smitsohu commented on GitHub (Aug 5, 2020): > but my assumption is that systemd/dbus that steam talks to is also bound by the --protocol parameter, which should restrict their outreaching activities. Correct me if I'm wrong. The problem is that the process at the other end of the socket doesn't know about our own sandbox restrictions. If you allow a sandbox access to a socket, you open up unrestricted access to the service, and what that means depends on the service alone. What does `echo $DBUS_SESSION_BUS_ADDRESS` say? Did you maybe bind mount that path in the chroot? Is the issue fixed by adding `--nodbus` or `--dbus-user=none --dbus-system=none` (depending on Firejail version)?
gitea-mirror commented 2026-05-05 08:55:45 -06:00
Author
Owner
Copy link

@azurvii commented on GitHub (Aug 6, 2020):

The problem is that the process at the other end of the socket doesn't know about our own sandbox restrictions. If you allow a sandbox access to a socket, you open up unrestricted access to the service, and what that means depends on the service alone.

Do you suggest that firejail mounts the dbus in chroot by default? Not stated in the manpage at least. I was saying that with an assumption that the dbus inside is a different one, and not the dbus outside.

What does echo $DBUS_SESSION_BUS_ADDRESS say? Did you maybe bind mount that path in the chroot? Is the issue fixed by adding --nodbus or --dbus-user=none --dbus-system=none (depending on Firejail version)?

With --protocol=unix:

$ echo $DBUS_SESSION_BUS_ADDRESS
unix:path=/run/user/1000/bus
$ ls /run/user/1000/bus
ls: cannot access '/run/user/1000/bus': No such file or directory

And when trying with an additional --nodbus, steam still partially worked (same: no web pages, but downloads work).
However, with --nodbus firejail added: Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
I am unable to locate anything like a dbus socket in either /run/user/1000/ or /tmp/.

There is a /run/user/1000/systemd folder in the chroot, somehow. But it seems systemd is defunct:

$ systemctl list-units
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down

I'm not sure how to test dbus. What I came up with:

$ dbus-send hello hello
Failed to open connection to "session" message bus: Failed to connect to socket /run/user/1000/bus: No such file or directory

seems to indicate that dbus is defunct too.

I'll try to find something to figure out which process is handling the network traffic. That might help to provide more clues.

<!-- gh-comment-id:669967072 --> @azurvii commented on GitHub (Aug 6, 2020): > The problem is that the process at the other end of the socket doesn't know about our own sandbox restrictions. If you allow a sandbox access to a socket, you open up unrestricted access to the service, and what that means depends on the service alone. Do you suggest that firejail mounts the dbus in chroot by default? Not stated in the manpage at least. I was saying that with an assumption that the dbus inside is a different one, and not the dbus outside. > What does `echo $DBUS_SESSION_BUS_ADDRESS` say? Did you maybe bind mount that path in the chroot? Is the issue fixed by adding `--nodbus` or `--dbus-user=none --dbus-system=none` (depending on Firejail version)? With `--protocol=unix`: ``` $ echo $DBUS_SESSION_BUS_ADDRESS unix:path=/run/user/1000/bus $ ls /run/user/1000/bus ls: cannot access '/run/user/1000/bus': No such file or directory ``` And when trying with an additional `--nodbus`, steam still partially worked (same: no web pages, but downloads work). However, with `--nodbus` firejail added: `Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.` I am unable to locate anything like a dbus socket in either `/run/user/1000/` or `/tmp/`. There is a `/run/user/1000/systemd` folder in the chroot, somehow. But it seems `systemd` is defunct: ``` $ systemctl list-units System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down ``` I'm not sure how to test dbus. What I came up with: ``` $ dbus-send hello hello Failed to open connection to "session" message bus: Failed to connect to socket /run/user/1000/bus: No such file or directory ``` seems to indicate that dbus is defunct too. I'll try to find something to figure out which process is handling the network traffic. That might help to provide more clues.
gitea-mirror commented 2026-05-05 08:55:45 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Aug 6, 2020):

To find a abstract unix socket, you must use ss/netstat or lsof.

<!-- gh-comment-id:669981744 --> @rusty-snake commented on GitHub (Aug 6, 2020): To find a abstract unix socket, you must use `ss`/`netstat` or `lsof`.
gitea-mirror commented 2026-05-05 08:55:45 -06:00
Author
Owner
Copy link

@smitsohu commented on GitHub (Aug 27, 2020):

I added environment variables FIREJAIL_CHROOT_X11 and FIREJAIL_CHROOT_PULSE, which expose X11 session and pulseaudio session in the chroot, respectively. You can give it a try!

Do you suggest that firejail mounts the dbus in chroot by default?

No, it doesn't do anything with D-Bus.

<!-- gh-comment-id:682192324 --> @smitsohu commented on GitHub (Aug 27, 2020): I added environment variables `FIREJAIL_CHROOT_X11` and `FIREJAIL_CHROOT_PULSE`, which expose X11 session and pulseaudio session in the chroot, respectively. You can give it a try! > Do you suggest that firejail mounts the dbus in chroot by default? No, it doesn't do anything with D-Bus.
gitea-mirror commented 2026-05-05 08:55:46 -06:00
Author
Owner
Copy link

@azurvii commented on GitHub (Mar 19, 2021):

Sorry for a much delayed response. I finally got the latest firejail in backports channel.
I tried launching steam with both env, and it worked like a charm! However, I had to manually mkdir -p /run/user/1000 and chown it. Otherwise FIREJAIL_CHROOT_PULSE would complain the folder was not found. I did not need to manually copy machine-id to get pulseaudio to work.
Thank you smitsohu!

<!-- gh-comment-id:802989936 --> @azurvii commented on GitHub (Mar 19, 2021): Sorry for a much delayed response. I finally got the latest firejail in backports channel. I tried launching steam with both env, and it worked like a charm! However, I had to manually `mkdir -p /run/user/1000` and `chown` it. Otherwise `FIREJAIL_CHROOT_PULSE` would complain the folder was not found. I did not need to manually copy machine-id to get pulseaudio to work. Thank you smitsohu!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2236
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?