github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #3600] is there virtual memory option ? #2259

New issue

Closed

opened 2026-05-05 08:57:02 -06:00 by gitea-mirror · 9 comments

gitea-mirror commented

2026-05-05 08:57:02 -06:00

Owner

Originally created by @seisdr on GitHub (Aug 22, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3600

like I want to use wine on specific amount of ram can I do that?

Originally created by @seisdr on GitHub (Aug 22, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3600 like I want to use wine on specific amount of ram can I do that?

gitea-mirror closed this issue

2026-05-05 08:57:03 -06:00

gitea-mirror commented

2026-05-05 08:57:04 -06:00

Author

Owner

@smitsohu commented on GitHub (Aug 24, 2020):

Yes, there is an --rlimit-as option.

You could also create a user owned cgroup and use Firejail's --cgroup option (but note there is no cgroup v2 support yet: #2896)

@smitsohu commented on GitHub (Aug 24, 2020): Yes, there is an `--rlimit-as` option. You could also create a user owned cgroup and use Firejail's `--cgroup` option (but note there is no cgroup v2 support yet: #2896)

gitea-mirror commented

2026-05-05 08:57:06 -06:00

Author

Owner

@seisdr commented on GitHub (Aug 24, 2020):

root@localhost:~# firejail --rlimit-as 400 ls
Warning: an existing sandbox was detected. 400 will run without any additional sandboxing features
/bin/bash: 400: command not found

it keep telling me there's existing sandbox

@seisdr commented on GitHub (Aug 24, 2020): ``` root@localhost:~# firejail --rlimit-as 400 ls Warning: an existing sandbox was detected. 400 will run without any additional sandboxing features /bin/bash: 400: command not found ```` it keep telling me there's existing sandbox

gitea-mirror commented

2026-05-05 08:57:07 -06:00

Author

Owner

@smitsohu commented on GitHub (Aug 24, 2020):

it keep telling me there's existing sandbox

It usually speaks the truth. Your shell is already sandboxed, and nesting Firejail sandboxes is not possible.

exit and try again. If necessary exit several times.

Two more remarks: You are executing application 400, what you probably want is firejail --rlimit-as=400 ls.
Finally, the limit is given in bytes, and 400 will be much to little. You will need megabytes of address space just to execute bash or ls.

@smitsohu commented on GitHub (Aug 24, 2020): > it keep telling me there's existing sandbox It usually speaks the truth. Your shell is already sandboxed, and nesting Firejail sandboxes is not possible. `exit` and try again. If necessary `exit` several times. Two more remarks: You are executing application `400`, what you probably want is `firejail --rlimit-as=400 ls`. Finally, the limit is given in bytes, and 400 will be much to little. You will need megabytes of address space just to execute bash or ls.

gitea-mirror commented

2026-05-05 08:57:07 -06:00

Author

Owner

@seisdr commented on GitHub (Aug 24, 2020):

well I need 4gb to execute winehq and my device is 2gb the environment I'm into is qemu which means it's sandboxed is there any option I can use to force firejail to work ?

@seisdr commented on GitHub (Aug 24, 2020): well I need 4gb to execute winehq and my device is 2gb the environment I'm into is qemu which means it's sandboxed is there any option I can use to force firejail to work ?

gitea-mirror commented

2026-05-05 08:57:08 -06:00

Author

Owner

@smitsohu commented on GitHub (Aug 24, 2020):

well I need 4gb to execute winehq and my device is 2gb

That's ok because it is virtual memory address space. If you want a limit on physical memory (or something closely related at least) I think cgroups are the only solution right now.

@smitsohu commented on GitHub (Aug 24, 2020): > well I need 4gb to execute winehq and my device is 2gb That's ok because it is virtual memory address space. If you want a limit on physical memory (or something closely related at least) I think cgroups are the only solution right now.

gitea-mirror commented

2026-05-05 08:57:08 -06:00

Author

Owner

@seisdr commented on GitHub (Aug 24, 2020):

how do I do that I look up cgroups is package on Linux

@seisdr commented on GitHub (Aug 24, 2020): how do I do that I look up cgroups is package on Linux

gitea-mirror commented

2026-05-05 08:57:08 -06:00

Author

Owner

@rusty-snake commented on GitHub (Nov 9, 2020):

https://github.com/pshved/timeout

@rusty-snake commented on GitHub (Nov 9, 2020): https://github.com/pshved/timeout

gitea-mirror commented

2026-05-05 08:57:09 -06:00

Author

Owner

@seisdr commented on GitHub (Nov 9, 2020):

yeah as i remember that didn't work
I'm closing this

@seisdr commented on GitHub (Nov 9, 2020): yeah as i remember that didn't work I'm closing this

gitea-mirror commented

2026-05-05 08:57:09 -06:00

Author

Owner

@rusty-snake commented on GitHub (Nov 10, 2020):

There are some links in the README.md. Short summary: for services use systemd for anything else there is no good solution.

@rusty-snake commented on GitHub (Nov 10, 2020): There are some links in the README.md. Short summary: for services use systemd for anything else there is no good solution.

gitea-mirror referenced this issue

2026-05-05 10:21:17 -06:00

[PR #2732] [CLOSED] improve/add support for arbitrary home directories #4501

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2259

No description provided.

Rows
Columns