github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #3709] Tor doesn't launch with Brave browser. #2337

New issue
Closed
opened 2026-05-05 09:01:22 -06:00 by gitea-mirror · 8 comments
gitea-mirror commented 2026-05-05 09:01:22 -06:00
Owner
Copy link

Originally created by @Bundy01 on GitHub (Oct 30, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3709

Write clear, concise and in textual form.

Bug and expected behavior
Running Tor's profile in Brave, this one has no web access (no connections).

No profile and disabling firejail
No problem whitout Firejail.

Environment

  • Linux distribution and version: Archlinux
  • Firejail version:
firejail version 0.9.64

Compile time support:
	- AppArmor support is enabled
	- AppImage support is enabled
	- chroot support is enabled
	- D-BUS proxy support is enabled
	- file and directory whitelisting support is enabled
	- file transfer support is enabled
	- firetunnel support is enabled
	- networking support is enabled
	- overlayfs support is enabled
	- private-home support is enabled
	- SELinux support is disabled
	- user namespace support is enabled
	- X11 sandboxing support is enabled

Additional context
The problem appeared with Version 0.9.64rc1.

Checklist

  • The upstream profile (and redirect profile if exists) have no changes fixing it.
  • The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
  • Programs needed for interaction are listed in the profile.
  • A short search for duplicates was performed.
  • If it is a AppImage, --profile=PROFILENAME is used to set the right profile.
debug output 
Autoselecting /bin/zsh as shell
Building quoted command line: 'brave' 
Command name #brave#
Found brave.profile profile in /etc/firejail directory
Reading profile /etc/firejail/brave.profile
Found chromium-common.profile profile in /etc/firejail directory
Reading profile /etc/firejail/chromium-common.profile
Found disable-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-common.inc
Found disable-devel.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-devel.inc
Found disable-exec.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-exec.inc
Found disable-interpreters.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-interpreters.inc
Found disable-programs.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-programs.inc
Found disable-passwdmgr.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-passwdmgr.inc
Found disable-xdg.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-xdg.inc
Found whitelist-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-common.inc
Found whitelist-var-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-var-common.inc
conditional BROWSER_DISABLE_U2F, nou2f
conditional BROWSER_DISABLE_U2F, private-dev
conditional HAS_NODBUS, env NO_CHROME_KDE_FILE_DIALOG=1
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
DISPLAY=:0 parsed as 0
Using the local network stack
Parent pid 56714, child pid 56715
Initializing child process
Host network configured
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp directory
Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file
Build protocol filter: unix,inet,inet6,netlink
sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol 
Dropping all capabilities
Drop privileges: pid 2, uid 1000, gid 100, nogroups 1
No supplementary groups
Mounting /proc filesystem representing the PID namespace
Basic read-only filesystem:
Mounting read-only /etc
2340 2301 8:2 /etc /etc ro,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673
mountid=2340 fsname=/etc dir=/etc fstype=ext4
Mounting noexec /etc
2341 2340 8:2 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673
mountid=2341 fsname=/etc dir=/etc fstype=ext4
Mounting read-only /var
2342 2301 8:2 /var /var ro,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673
mountid=2342 fsname=/var dir=/var fstype=ext4
Mounting noexec /var
2343 2342 8:2 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673
mountid=2343 fsname=/var dir=/var fstype=ext4
Mounting read-only /usr
2344 2301 8:2 /usr /usr ro,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673
mountid=2344 fsname=/usr dir=/usr fstype=ext4
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Create the new utmp file
Mount the new utmp file
Generating a new machine-id
installing a new /etc/machine-id
Cleaning /home directory
Cleaning /run/user directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/profile
Disable /run/firejail/x11
Mounting tmpfs on /dev
mounting /run/firejail/mnt/dev/snd directory
mounting /run/firejail/mnt/dev/dri directory
Process /dev/shm directory
Mounting tmpfs on ~/.cache
2381 2353 0:203 / ~/.cache rw,nosuid,nodev,relatime - tmpfs tmpfs rw,mode=700,uid=1000,gid=100,inode64
mountid=2381 fsname=/ dir=~/.cache fstype=tmpfs
Creating empty /run/firejail/mnt/dbus directory
Creating empty /run/firejail/mnt/dbus/user file
blacklist /run/user/1000/bus
Creating empty /run/firejail/mnt/dbus/system file
blacklist /run/dbus/system_bus_socket
blacklist /run/firejail/dbus
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Mounting read-only /proc/sys
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/power
Disable /sys/kernel/debug
Disable /sys/kernel/vmcoreinfo
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kcore
Disable /proc/kallsyms
Disable /usr/lib/modules/5.9.2-arch1-1/build (requested /usr/src/linux)
Disable /usr/lib/modules (requested /lib/modules)
Disable /boot
Disable /run/user/1000/gnupg
Disable /run/user/1000/systemd
Disable /proc/kmsg
Debug 456: new_name #~/.config/BraveSoftware#, whitelist
Debug 571: fname #~/.config/BraveSoftware#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.config/BraveSoftware
Debug 456: new_name #~/.config/brave-flags.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/brave-flags.conf
	expanded: ~/.config/brave-flags.conf
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.gnupg#, whitelist
Debug 571: fname #~/.gnupg#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.gnupg
Debug 456: new_name #~/Public#, whitelist
Debug 571: fname #~/Public#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/Public
Debug 456: new_name #~/.pki#, whitelist
Debug 571: fname #~/.pki#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.pki
Debug 456: new_name #~/.local/share/pki#, whitelist
Debug 571: fname #~/.local/share/pki#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.local/share/pki
Debug 456: new_name #~/.XCompose#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose
	expanded: ~/.XCompose
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.asoundrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc
	expanded: ~/.asoundrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/ibus#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ibus
	expanded: ~/.config/ibus
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/mimeapps.list#, whitelist
Debug 571: fname #~/.config/mimeapps.list#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.config/mimeapps.list
Debug 456: new_name #~/.config/pkcs11#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11
	expanded: ~/.config/pkcs11
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/user-dirs.dirs#, whitelist
Debug 571: fname #~/.config/user-dirs.dirs#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.config/user-dirs.dirs
Debug 456: new_name #~/.config/user-dirs.locale#, whitelist
Debug 571: fname #~/.config/user-dirs.locale#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.config/user-dirs.locale
Debug 456: new_name #~/.drirc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc
	expanded: ~/.drirc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.icons#, whitelist
Debug 571: fname #~/.icons#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.icons
Debug 456: new_name #~/.local/share/applications#, whitelist
Debug 571: fname #~/.local/share/applications#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.local/share/applications
Debug 456: new_name #~/.local/share/icons#, whitelist
Debug 571: fname #~/.local/share/icons#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.local/share/icons
Debug 456: new_name #~/.local/share/mime#, whitelist
Debug 571: fname #~/.local/share/mime#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.local/share/mime
Debug 456: new_name #~/.mime.types#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types
	expanded: ~/.mime.types
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.uim.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d
	expanded: ~/.uim.d
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/dconf#, whitelist
Debug 571: fname #~/.config/dconf#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.config/dconf
Debug 456: new_name #~/.cache/fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/fontconfig
	expanded: ~/.cache/fontconfig
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/fontconfig#, whitelist
Debug 571: fname #~/.config/fontconfig#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.config/fontconfig
Debug 456: new_name #~/.fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig
	expanded: ~/.fontconfig
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts
	expanded: ~/.fonts
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.fonts.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf
	expanded: ~/.fonts.conf
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.fonts.conf.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d
	expanded: ~/.fonts.conf.d
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.fonts.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d
	expanded: ~/.fonts.d
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.local/share/fonts#, whitelist
Debug 571: fname #~/.local/share/fonts#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.local/share/fonts
Debug 456: new_name #~/.pangorc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc
	expanded: ~/.pangorc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/gtk-2.0#, whitelist
Debug 571: fname #~/.config/gtk-2.0#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.config/gtk-2.0
Debug 456: new_name #~/.config/gtk-3.0#, whitelist
Debug 571: fname #~/.config/gtk-3.0#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.config/gtk-3.0
Debug 456: new_name #~/.config/gtk-4.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0
	expanded: ~/.config/gtk-4.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc
	expanded: ~/.config/gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc-2.0
	expanded: ~/.config/gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.gnome2#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2
	expanded: ~/.gnome2
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.gnome2-private#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private
	expanded: ~/.gnome2-private
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.gtk-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0
	expanded: ~/.gtk-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc
	expanded: ~/.gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.gtkrc-2.0#, whitelist
Debug 571: fname #~/.gtkrc-2.0#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.gtkrc-2.0
Debug 456: new_name #~/.kde/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc
	expanded: ~/.kde/share/config/gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0
	expanded: ~/.kde/share/config/gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde4/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc
	expanded: ~/.kde4/share/config/gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde4/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0
	expanded: ~/.kde4/share/config/gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.local/share/themes#, whitelist
Debug 571: fname #~/.local/share/themes#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.local/share/themes
Debug 456: new_name #~/.themes#, whitelist
Debug 571: fname #~/.themes#, cfg.homedir #~#
Replaced whitelist path: whitelist ~/.themes
Debug 456: new_name #~/.cache/kioexec/krun#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun
	expanded: ~/.cache/kioexec/krun
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/Kvantum#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Kvantum
	expanded: ~/.config/Kvantum
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/Trolltech.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Trolltech.conf
	expanded: ~/.config/Trolltech.conf
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kdeglobals
	expanded: ~/.config/kdeglobals
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kio_httprc
	expanded: ~/.config/kio_httprc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc
	expanded: ~/.config/kioslaverc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist
	expanded: ~/.config/ksslcablacklist
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.config/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qt5ct
	expanded: ~/.config/qt5ct
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals
	expanded: ~/.kde/share/config/kdeglobals
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc
	expanded: ~/.kde/share/config/kio_httprc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc
	expanded: ~/.kde/share/config/kioslaverc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist
	expanded: ~/.kde/share/config/ksslcablacklist
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc
	expanded: ~/.kde/share/config/oxygenrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons
	expanded: ~/.kde/share/icons
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde4/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals
	expanded: ~/.kde4/share/config/kdeglobals
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde4/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc
	expanded: ~/.kde4/share/config/kio_httprc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde4/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc
	expanded: ~/.kde4/share/config/kioslaverc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde4/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist
	expanded: ~/.kde4/share/config/ksslcablacklist
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde4/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc
	expanded: ~/.kde4/share/config/oxygenrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.kde4/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons
	expanded: ~/.kde4/share/icons
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #~/.local/share/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct
	expanded: ~/.local/share/qt5ct
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/lib/ca-certificates#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates
	expanded: /var/lib/ca-certificates
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/lib/dbus#, whitelist
Debug 456: new_name #/var/lib/menu-xdg#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg
	expanded: /var/lib/menu-xdg
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/lib/uim#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/uim
	expanded: /var/lib/uim
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/cache/fontconfig#, whitelist
Debug 456: new_name #/var/tmp#, whitelist
Debug 456: new_name #/var/run#, whitelist
Replaced whitelist path: whitelist /run
Debug 456: new_name #/var/lock#, whitelist
Replaced whitelist path: whitelist /run/lock
Mounting tmpfs on /var directory
Drop privileges: pid 3, uid 1000, gid 100, nogroups 0
Supplementary groups: 92 91 
Mounting a new /root directory
Mounting a new /home directory
Create a new user directory
Drop privileges: pid 4, uid 1000, gid 100, nogroups 0
Supplementary groups: 92 91 
Drop privileges: pid 5, uid 1000, gid 100, nogroups 0
Supplementary groups: 92 91 
Whitelisting ~/.config/BraveSoftware
2396 2395 8:3 /pc/.config/BraveSoftware ~/.config/BraveSoftware rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2396 fsname=/pc/.config/BraveSoftware dir=~/.config/BraveSoftware fstype=ext4
Whitelisting ~/.gnupg
2397 2395 8:3 /pc/.gnupg ~/.gnupg rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2397 fsname=/pc/.gnupg dir=~/.gnupg fstype=ext4
Whitelisting ~/Public
2398 2395 8:3 /pc/Public ~/Public rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2398 fsname=/pc/Public dir=~/Public fstype=ext4
Whitelisting ~/.pki
2399 2395 8:3 /pc/.pki ~/.pki rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2399 fsname=/pc/.pki dir=~/.pki fstype=ext4
Whitelisting ~/.local/share/pki
2400 2395 8:3 /pc/.local/share/pki ~/.local/share/pki rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2400 fsname=/pc/.local/share/pki dir=~/.local/share/pki fstype=ext4
Whitelisting ~/.config/mimeapps.list
2401 2395 8:3 /pc/.config/mimeapps.list ~/.config/mimeapps.list rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2401 fsname=/pc/.config/mimeapps.list dir=~/.config/mimeapps.list fstype=ext4
Whitelisting ~/.config/user-dirs.dirs
2402 2395 8:3 /pc/.config/user-dirs.dirs ~/.config/user-dirs.dirs rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2402 fsname=/pc/.config/user-dirs.dirs dir=~/.config/user-dirs.dirs fstype=ext4
Whitelisting ~/.config/user-dirs.locale
2403 2395 8:3 /pc/.config/user-dirs.locale ~/.config/user-dirs.locale rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2403 fsname=/pc/.config/user-dirs.locale dir=~/.config/user-dirs.locale fstype=ext4
Whitelisting ~/.icons
2404 2395 8:3 /pc/.icons ~/.icons rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2404 fsname=/pc/.icons dir=~/.icons fstype=ext4
Whitelisting ~/.local/share/applications
2405 2395 8:3 /pc/.local/share/applications ~/.local/share/applications rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2405 fsname=/pc/.local/share/applications dir=~/.local/share/applications fstype=ext4
Whitelisting ~/.local/share/icons
2406 2395 8:3 /pc/.local/share/icons ~/.local/share/icons rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2406 fsname=/pc/.local/share/icons dir=~/.local/share/icons fstype=ext4
Whitelisting ~/.local/share/mime
2407 2395 8:3 /pc/.local/share/mime ~/.local/share/mime rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2407 fsname=/pc/.local/share/mime dir=~/.local/share/mime fstype=ext4
Whitelisting ~/.config/dconf
2408 2395 8:3 /pc/.config/dconf ~/.config/dconf rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2408 fsname=/pc/.config/dconf dir=~/.config/dconf fstype=ext4
Whitelisting ~/.config/fontconfig
2409 2395 8:3 /pc/.config/fontconfig ~/.config/fontconfig rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2409 fsname=/pc/.config/fontconfig dir=~/.config/fontconfig fstype=ext4
Whitelisting ~/.local/share/fonts
2410 2395 8:3 /pc/.local/share/fonts ~/.local/share/fonts rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2410 fsname=/pc/.local/share/fonts dir=~/.local/share/fonts fstype=ext4
Whitelisting ~/.config/gtk-2.0
2411 2395 8:3 /pc/.config/gtk-2.0 ~/.config/gtk-2.0 rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2411 fsname=/pc/.config/gtk-2.0 dir=~/.config/gtk-2.0 fstype=ext4
Whitelisting ~/.config/gtk-3.0
2412 2395 8:3 /pc/.config/gtk-3.0 ~/.config/gtk-3.0 rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2412 fsname=/pc/.config/gtk-3.0 dir=~/.config/gtk-3.0 fstype=ext4
Whitelisting ~/.gtkrc-2.0
2413 2395 8:3 /pc/.gtkrc-2.0 ~/.gtkrc-2.0 rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2413 fsname=/pc/.gtkrc-2.0 dir=~/.gtkrc-2.0 fstype=ext4
Whitelisting ~/.local/share/themes
2414 2395 8:3 /pc/.local/share/themes ~/.local/share/themes rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2414 fsname=/pc/.local/share/themes dir=~/.local/share/themes fstype=ext4
Whitelisting ~/.themes
2415 2395 8:3 /pc/.themes ~/.themes rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2415 fsname=/pc/.themes dir=~/.themes fstype=ext4
Whitelisting /var/lib/dbus
2416 2391 8:2 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673
mountid=2416 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4
Whitelisting /var/cache/fontconfig
2417 2391 8:2 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673
mountid=2417 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4
Whitelisting /var/tmp
2418 2391 0:195 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64
mountid=2418 fsname=/ dir=/var/tmp fstype=tmpfs
Created symbolic link /var/run -> /run
Created symbolic link /var/lock -> /run/lock
Disable /etc/xdg/autostart
Mounting read-only ~/.Xauthority
2422 2395 0:206 /pc/.Xauthority ~/.Xauthority ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64
mountid=2422 fsname=/pc/.Xauthority dir=~/.Xauthority fstype=tmpfs
Mounting read-only ~/.config/dconf
2423 2408 8:3 /pc/.config/dconf ~/.config/dconf ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2423 fsname=/pc/.config/dconf dir=~/.config/dconf fstype=ext4
Disable /usr/bin/systemd-run
Disable /run/user/1000/systemd
Disable /etc/profile.d
Disable /etc/kernel
Disable /etc/grub.d
Disable /etc/apparmor
Disable /etc/apparmor.d
Disable /etc/modules-load.d
Mounting read-only ~/.bashrc
2432 2395 0:206 /pc/.bashrc ~/.bashrc ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64
mountid=2432 fsname=/pc/.bashrc dir=~/.bashrc fstype=tmpfs
Mounting read-only ~/.local/share/applications
2433 2405 8:3 /pc/.local/share/applications ~/.local/share/applications ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2433 fsname=/pc/.local/share/applications dir=~/.local/share/applications fstype=ext4
Mounting read-only ~/.config/mimeapps.list
2434 2401 8:3 /pc/.config/mimeapps.list ~/.config/mimeapps.list ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2434 fsname=/pc/.config/mimeapps.list dir=~/.config/mimeapps.list fstype=ext4
Mounting read-only ~/.config/user-dirs.dirs
2435 2402 8:3 /pc/.config/user-dirs.dirs ~/.config/user-dirs.dirs ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2435 fsname=/pc/.config/user-dirs.dirs dir=~/.config/user-dirs.dirs fstype=ext4
Mounting read-only ~/.config/user-dirs.locale
2436 2403 8:3 /pc/.config/user-dirs.locale ~/.config/user-dirs.locale ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2436 fsname=/pc/.config/user-dirs.locale dir=~/.config/user-dirs.locale fstype=ext4
Mounting read-only ~/.local/share/mime
2437 2407 8:3 /pc/.local/share/mime ~/.local/share/mime ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2437 fsname=/pc/.local/share/mime dir=~/.local/share/mime fstype=ext4
Not blacklist ~/.gnupg
Not blacklist ~/.pki
Not blacklist ~/.local/share/pki
Disable /etc/group-
Disable /etc/gshadow
Disable /etc/gshadow-
Disable /etc/passwd-
Disable /etc/shadow
Disable /etc/shadow-
Disable /etc/ssh
Warning: /sbin directory link was not blacklisted
Disable /usr/local/sbin
Warning: /usr/sbin directory link was not blacklisted
Disable /usr/bin/chage
Disable /usr/bin/chfn
Disable /usr/bin/chsh
Disable /usr/bin/expiry
Disable /usr/bin/fusermount
Disable /usr/bin/gpasswd
Disable /usr/bin/ksu
Disable /usr/bin/mount
Disable /usr/bin/newgidmap
Disable /usr/bin/newgrp
Disable /usr/bin/newuidmap
Disable /usr/bin/ntfs-3g
Disable /usr/bin/pkexec
Disable /usr/bin/sg
Disable /usr/bin/su
Disable /usr/bin/sudo
Disable /usr/bin/umount
Disable /usr/bin/unix_chkpwd
Disable /usr/lib/virtualbox
Disable /usr/lib/virtualbox (requested /usr/lib64/virtualbox)
Disable /usr/bin/bwrap
Not blacklist /proc/config.gz
Disable /usr/bin/resolvectl
Disable /usr/bin/as
Disable /usr/bin/gcc (requested /usr/bin/cc)
Disable /usr/bin/c++filt
Disable /usr/bin/c++
Disable /usr/bin/c89
Disable /usr/bin/c99
Disable /usr/bin/cpp
Disable /usr/bin/g++
Disable /usr/bin/gcc
Disable /usr/bin/gcc-ranlib
Disable /usr/bin/gcc-nm
Disable /usr/bin/gcc-ar
Disable /usr/bin/ld
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/share/java
Disable /usr/bin/openssl
Disable /usr/src
Disable /usr/local/src
Disable /usr/include
Disable /usr/local/include
Mounting noexec ~/.config/BraveSoftware
2499 2396 8:3 /pc/.config/BraveSoftware ~/.config/BraveSoftware rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2499 fsname=/pc/.config/BraveSoftware dir=~/.config/BraveSoftware fstype=ext4
Mounting noexec ~/.gnupg
2500 2397 8:3 /pc/.gnupg ~/.gnupg rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2500 fsname=/pc/.gnupg dir=~/.gnupg fstype=ext4
Mounting noexec ~/Public
2501 2398 8:3 /pc/Public ~/Public rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2501 fsname=/pc/Public dir=~/Public fstype=ext4
Mounting noexec ~/.pki
2502 2399 8:3 /pc/.pki ~/.pki rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2502 fsname=/pc/.pki dir=~/.pki fstype=ext4
Mounting noexec ~/.local/share/pki
2503 2400 8:3 /pc/.local/share/pki ~/.local/share/pki rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2503 fsname=/pc/.local/share/pki dir=~/.local/share/pki fstype=ext4
Mounting noexec ~/.config/mimeapps.list
2504 2434 8:3 /pc/.config/mimeapps.list ~/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2504 fsname=/pc/.config/mimeapps.list dir=~/.config/mimeapps.list fstype=ext4
Mounting noexec ~/.config/user-dirs.dirs
2505 2435 8:3 /pc/.config/user-dirs.dirs ~/.config/user-dirs.dirs ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2505 fsname=/pc/.config/user-dirs.dirs dir=~/.config/user-dirs.dirs fstype=ext4
Mounting noexec ~/.config/user-dirs.locale
2506 2436 8:3 /pc/.config/user-dirs.locale ~/.config/user-dirs.locale ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2506 fsname=/pc/.config/user-dirs.locale dir=~/.config/user-dirs.locale fstype=ext4
Mounting noexec ~/.icons
2507 2404 8:3 /pc/.icons ~/.icons rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2507 fsname=/pc/.icons dir=~/.icons fstype=ext4
Mounting noexec ~/.local/share/applications
2508 2433 8:3 /pc/.local/share/applications ~/.local/share/applications ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2508 fsname=/pc/.local/share/applications dir=~/.local/share/applications fstype=ext4
Mounting noexec ~/.local/share/icons
2509 2406 8:3 /pc/.local/share/icons ~/.local/share/icons rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2509 fsname=/pc/.local/share/icons dir=~/.local/share/icons fstype=ext4
Mounting noexec ~/.local/share/mime
2510 2437 8:3 /pc/.local/share/mime ~/.local/share/mime ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2510 fsname=/pc/.local/share/mime dir=~/.local/share/mime fstype=ext4
Mounting noexec ~/.config/dconf
2511 2423 8:3 /pc/.config/dconf ~/.config/dconf ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2511 fsname=/pc/.config/dconf dir=~/.config/dconf fstype=ext4
Mounting noexec ~/.config/fontconfig
2512 2409 8:3 /pc/.config/fontconfig ~/.config/fontconfig rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2512 fsname=/pc/.config/fontconfig dir=~/.config/fontconfig fstype=ext4
Mounting noexec ~/.local/share/fonts
2513 2410 8:3 /pc/.local/share/fonts ~/.local/share/fonts rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2513 fsname=/pc/.local/share/fonts dir=~/.local/share/fonts fstype=ext4
Mounting noexec ~/.config/gtk-2.0
2514 2411 8:3 /pc/.config/gtk-2.0 ~/.config/gtk-2.0 rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2514 fsname=/pc/.config/gtk-2.0 dir=~/.config/gtk-2.0 fstype=ext4
Mounting noexec ~/.config/gtk-3.0
2515 2412 8:3 /pc/.config/gtk-3.0 ~/.config/gtk-3.0 rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2515 fsname=/pc/.config/gtk-3.0 dir=~/.config/gtk-3.0 fstype=ext4
Mounting noexec ~/.gtkrc-2.0
2516 2413 8:3 /pc/.gtkrc-2.0 ~/.gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2516 fsname=/pc/.gtkrc-2.0 dir=~/.gtkrc-2.0 fstype=ext4
Mounting noexec ~/.local/share/themes
2517 2414 8:3 /pc/.local/share/themes ~/.local/share/themes rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2517 fsname=/pc/.local/share/themes dir=~/.local/share/themes fstype=ext4
Mounting noexec ~/.themes
2518 2415 8:3 /pc/.themes ~/.themes rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729
mountid=2518 fsname=/pc/.themes dir=~/.themes fstype=ext4
Mounting noexec /run/user/1000
2524 2523 0:27 /firejail/firejail.ro.dir /run/user/1000/systemd rw,nosuid,nodev master:23 - tmpfs tmpfs rw,size=1612792k,nr_inodes=819200,mode=755,inode64
mountid=2524 fsname=/firejail/firejail.ro.dir dir=/run/user/1000/systemd fstype=tmpfs
Warning: not remounting /run/user/1000/gvfs
Mounting noexec /dev/shm
2525 2374 0:201 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64
mountid=2525 fsname=/shm dir=/dev/shm fstype=tmpfs
Mounting noexec /var
2529 2526 0:195 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64
mountid=2529 fsname=/ dir=/var/tmp fstype=tmpfs
Disable /usr/bin/lua5.2
Disable /usr/bin/luac (requested /usr/bin/luac5.4)
Disable /usr/bin/lua
Disable /usr/bin/lua (requested /usr/bin/lua5.4)
Disable /usr/bin/luac5.2
Disable /usr/bin/luac
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua5.4.so)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2)
Disable /usr/lib/liblua5.2.so.5.2.4
Disable /usr/lib/liblua.so.5.4.1
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so.5.4)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4)
Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so)
Disable /usr/lib/libmozjs-52.so (requested /usr/lib64/libmozjs-52.so)
Disable /usr/bin/core_perl/cpan
Disable /usr/bin/core_perl
Disable /usr/bin/perl
Disable /usr/bin/site_perl
Disable /usr/bin/vendor_perl
Disable /usr/lib/perl5
Disable /usr/share/perl5
Disable /usr/lib/ruby
Disable /usr/lib/python2.7
Disable /usr/bin/python3.8
Disable /usr/bin/python3.8 (requested /usr/bin/python3)
Disable /usr/bin/python3.8-config
Disable /usr/bin/python3.8-config (requested /usr/bin/python3-config)
Disable /usr/lib/python3.8
Disable /usr/lib/python3.8 (requested /usr/lib64/python3.8)
Not blacklist ~/.config/BraveSoftware
Not blacklist ~/.config/brave-flags.conf
Disable ~/.themes
Disable /sys/fs
Disable /sys/module
Disable /mnt
Disable /run/mount
Disable /run/media
Mounting noexec /run/firejail/mnt/pulse
2568 2337 0:192 /pulse /run/firejail/mnt/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64
mountid=2568 fsname=/pulse dir=/run/firejail/mnt/pulse fstype=tmpfs
Creating empty ~/.config/pulse directory
Drop privileges: pid 6, uid 1000, gid 100, nogroups 0
Supplementary groups: 92 91 
Mounting /run/firejail/mnt/pulse on ~/.config/pulse
2569 2395 0:192 /pulse ~/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64
mountid=2569 fsname=/pulse dir=~/.config/pulse fstype=tmpfs
Current directory: ~
DISPLAY=:0 parsed as 0
Install protocol filter: unix,inet,inet6,netlink
configuring 22 seccomp entries in /run/firejail/mnt/seccomp/seccomp.protocol
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.protocol 
Dropping all capabilities
Drop privileges: pid 7, uid 1000, gid 100, nogroups 1
No supplementary groups
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 04 00 c000003e   jeq ARCH_64 0006 (false 0002)
 0002: 20 00 00 00000000   ld  data.syscall-number
 0003: 15 01 00 00000167   jeq unknown 0005 (false 0004)
 0004: 06 00 00 7fff0000   ret ALLOW
 0005: 05 00 00 00000006   jmp 000c
 0006: 20 00 00 00000004   ld  data.architecture
 0007: 15 01 00 c000003e   jeq ARCH_64 0009 (false 0008)
 0008: 06 00 00 7fff0000   ret ALLOW
 0009: 20 00 00 00000000   ld  data.syscall-number
 000a: 15 01 00 00000029   jeq socket 000c (false 000b)
 000b: 06 00 00 7fff0000   ret ALLOW
 000c: 20 00 00 00000010   ld  data.args[0]
 000d: 15 00 01 00000001   jeq 1 000e (false 000f)
 000e: 06 00 00 7fff0000   ret ALLOW
 000f: 15 00 01 00000002   jeq 2 0010 (false 0011)
 0010: 06 00 00 7fff0000   ret ALLOW
 0011: 15 00 01 0000000a   jeq a 0012 (false 0013)
 0012: 06 00 00 7fff0000   ret ALLOW
 0013: 15 00 01 00000010   jeq 10 0014 (false 0015)
 0014: 06 00 00 7fff0000   ret ALLOW
 0015: 06 00 00 0005005f   ret ERRNO(95)
configuring 101 seccomp entries in /run/firejail/mnt/seccomp/seccomp.32
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.32 
Dropping all capabilities
Drop privileges: pid 8, uid 1000, gid 100, nogroups 1
No supplementary groups
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 01 00 40000003   jeq ARCH_32 0003 (false 0002)
 0002: 06 00 00 7fff0000   ret ALLOW
 0003: 20 00 00 00000000   ld  data.syscall-number
 0004: 15 00 01 00000015   jeq 15 0005 (false 0006)
 0005: 06 00 00 00000001   ret KILL
 0006: 15 00 01 00000034   jeq 34 0007 (false 0008)
 0007: 06 00 00 00000001   ret KILL
 0008: 15 00 01 0000001a   jeq 1a 0009 (false 000a)
 0009: 06 00 00 00000001   ret KILL
 000a: 15 00 01 0000011b   jeq 11b 000b (false 000c)
 000b: 06 00 00 00000001   ret KILL
 000c: 15 00 01 00000155   jeq 155 000d (false 000e)
 000d: 06 00 00 00000001   ret KILL
 000e: 15 00 01 00000156   jeq 156 000f (false 0010)
 000f: 06 00 00 00000001   ret KILL
 0010: 15 00 01 0000007f   jeq 7f 0011 (false 0012)
 0011: 06 00 00 00000001   ret KILL
 0012: 15 00 01 00000080   jeq 80 0013 (false 0014)
 0013: 06 00 00 00000001   ret KILL
 0014: 15 00 01 0000015e   jeq 15e 0015 (false 0016)
 0015: 06 00 00 00000001   ret KILL
 0016: 15 00 01 00000081   jeq 81 0017 (false 0018)
 0017: 06 00 00 00000001   ret KILL
 0018: 15 00 01 0000006e   jeq 6e 0019 (false 001a)
 0019: 06 00 00 00000001   ret KILL
 001a: 15 00 01 00000065   jeq 65 001b (false 001c)
 001b: 06 00 00 00000001   ret KILL
 001c: 15 00 01 00000121   jeq 121 001d (false 001e)
 001d: 06 00 00 00000001   ret KILL
 001e: 15 00 01 00000057   jeq 57 001f (false 0020)
 001f: 06 00 00 00000001   ret KILL
 0020: 15 00 01 00000073   jeq 73 0021 (false 0022)
 0021: 06 00 00 00000001   ret KILL
 0022: 15 00 01 00000067   jeq 67 0023 (false 0024)
 0023: 06 00 00 00000001   ret KILL
 0024: 15 00 01 0000015b   jeq 15b 0025 (false 0026)
 0025: 06 00 00 00000001   ret KILL
 0026: 15 00 01 0000015c   jeq 15c 0027 (false 0028)
 0027: 06 00 00 00000001   ret KILL
 0028: 15 00 01 00000087   jeq 87 0029 (false 002a)
 0029: 06 00 00 00000001   ret KILL
 002a: 15 00 01 00000095   jeq 95 002b (false 002c)
 002b: 06 00 00 00000001   ret KILL
 002c: 15 00 01 0000007c   jeq 7c 002d (false 002e)
 002d: 06 00 00 00000001   ret KILL
 002e: 15 00 01 00000157   jeq 157 002f (false 0030)
 002f: 06 00 00 00000001   ret KILL
 0030: 15 00 01 000000fd   jeq fd 0031 (false 0032)
 0031: 06 00 00 00000001   ret KILL
 0032: 15 00 01 00000150   jeq 150 0033 (false 0034)
 0033: 06 00 00 00000001   ret KILL
 0034: 15 00 01 00000152   jeq 152 0035 (false 0036)
 0035: 06 00 00 00000001   ret KILL
 0036: 15 00 01 0000015d   jeq 15d 0037 (false 0038)
 0037: 06 00 00 00000001   ret KILL
 0038: 15 00 01 0000011e   jeq 11e 0039 (false 003a)
 0039: 06 00 00 00000001   ret KILL
 003a: 15 00 01 0000011f   jeq 11f 003b (false 003c)
 003b: 06 00 00 00000001   ret KILL
 003c: 15 00 01 00000120   jeq 120 003d (false 003e)
 003d: 06 00 00 00000001   ret KILL
 003e: 15 00 01 00000056   jeq 56 003f (false 0040)
 003f: 06 00 00 00000001   ret KILL
 0040: 15 00 01 00000033   jeq 33 0041 (false 0042)
 0041: 06 00 00 00000001   ret KILL
 0042: 15 00 01 0000007b   jeq 7b 0043 (false 0044)
 0043: 06 00 00 00000001   ret KILL
 0044: 15 00 01 000000d9   jeq d9 0045 (false 0046)
 0045: 06 00 00 00000001   ret KILL
 0046: 15 00 01 000000f5   jeq f5 0047 (false 0048)
 0047: 06 00 00 00000001   ret KILL
 0048: 15 00 01 000000f6   jeq f6 0049 (false 004a)
 0049: 06 00 00 00000001   ret KILL
 004a: 15 00 01 000000f7   jeq f7 004b (false 004c)
 004b: 06 00 00 00000001   ret KILL
 004c: 15 00 01 000000f8   jeq f8 004d (false 004e)
 004d: 06 00 00 00000001   ret KILL
 004e: 15 00 01 000000f9   jeq f9 004f (false 0050)
 004f: 06 00 00 00000001   ret KILL
 0050: 15 00 01 00000101   jeq 101 0051 (false 0052)
 0051: 06 00 00 00000001   ret KILL
 0052: 15 00 01 00000112   jeq 112 0053 (false 0054)
 0053: 06 00 00 00000001   ret KILL
 0054: 15 00 01 00000114   jeq 114 0055 (false 0056)
 0055: 06 00 00 00000001   ret KILL
 0056: 15 00 01 00000126   jeq 126 0057 (false 0058)
 0057: 06 00 00 00000001   ret KILL
 0058: 15 00 01 0000013d   jeq 13d 0059 (false 005a)
 0059: 06 00 00 00000001   ret KILL
 005a: 15 00 01 0000013c   jeq 13c 005b (false 005c)
 005b: 06 00 00 00000001   ret KILL
 005c: 15 00 01 0000003d   jeq 3d 005d (false 005e)
 005d: 06 00 00 00000001   ret KILL
 005e: 15 00 01 00000058   jeq 58 005f (false 0060)
 005f: 06 00 00 00000001   ret KILL
 0060: 15 00 01 000000a9   jeq a9 0061 (false 0062)
 0061: 06 00 00 00000001   ret KILL
 0062: 15 00 01 00000082   jeq 82 0063 (false 0064)
 0063: 06 00 00 00000001   ret KILL
 0064: 06 00 00 7fff0000   ret ALLOW
Dual 32/64 bit seccomp filter configured
Build default+drop seccomp filter
sbox run: /run/firejail/lib/fseccomp default drop /run/firejail/mnt/seccomp/seccomp /run/firejail/mnt/seccomp/seccomp.postexec !chroot 
Dropping all capabilities
Drop privileges: pid 9, uid 1000, gid 100, nogroups 1
No supplementary groups
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
sbox run: /run/firejail/lib/fsec-optimize /run/firejail/mnt/seccomp/seccomp 
Dropping all capabilities
Drop privileges: pid 10, uid 1000, gid 100, nogroups 1
No supplementary groups
configuring 136 seccomp entries in /run/firejail/mnt/seccomp/seccomp
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp 
Dropping all capabilities
Drop privileges: pid 11, uid 1000, gid 100, nogroups 1
No supplementary groups
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 01 00 c000003e   jeq ARCH_64 0003 (false 0002)
 0002: 06 00 00 7fff0000   ret ALLOW
 0003: 20 00 00 00000000   ld  data.syscall-number
 0004: 35 01 00 40000000   jge X32_ABI 0006 (false 0005)
 0005: 35 01 00 00000000   jge read 0007 (false 0006)
 0006: 06 00 00 00050001   ret ERRNO(1)
 0007: 15 00 01 000000a1   jeq chroot 0008 (false 0009)
 0008: 06 00 00 7fff0000   ret ALLOW
 0009: 15 00 01 0000009f   jeq adjtimex 000a (false 000b)
 000a: 06 00 00 00050001   ret ERRNO(1)
 000b: 15 00 01 00000131   jeq clock_adjtime 000c (false 000d)
 000c: 06 00 00 00050001   ret ERRNO(1)
 000d: 15 00 01 000000e3   jeq clock_settime 000e (false 000f)
 000e: 06 00 00 00050001   ret ERRNO(1)
 000f: 15 00 01 000000a4   jeq settimeofday 0010 (false 0011)
 0010: 06 00 00 00050001   ret ERRNO(1)
 0011: 15 00 01 0000009a   jeq modify_ldt 0012 (false 0013)
 0012: 06 00 00 00050001   ret ERRNO(1)
 0013: 15 00 01 000000d4   jeq lookup_dcookie 0014 (false 0015)
 0014: 06 00 00 00050001   ret ERRNO(1)
 0015: 15 00 01 0000012a   jeq perf_event_open 0016 (false 0017)
 0016: 06 00 00 00050001   ret ERRNO(1)
 0017: 15 00 01 00000137   jeq process_vm_writev 0018 (false 0019)
 0018: 06 00 00 00050001   ret ERRNO(1)
 0019: 15 00 01 000000b0   jeq delete_module 001a (false 001b)
 001a: 06 00 00 00050001   ret ERRNO(1)
 001b: 15 00 01 00000139   jeq finit_module 001c (false 001d)
 001c: 06 00 00 00050001   ret ERRNO(1)
 001d: 15 00 01 000000af   jeq init_module 001e (false 001f)
 001e: 06 00 00 00050001   ret ERRNO(1)
 001f: 15 00 01 000000a1   jeq chroot 0020 (false 0021)
 0020: 06 00 00 00050001   ret ERRNO(1)
 0021: 15 00 01 000000a5   jeq mount 0022 (false 0023)
 0022: 06 00 00 00050001   ret ERRNO(1)
 0023: 15 00 01 0000009b   jeq pivot_root 0024 (false 0025)
 0024: 06 00 00 00050001   ret ERRNO(1)
 0025: 15 00 01 000000a6   jeq umount2 0026 (false 0027)
 0026: 06 00 00 00050001   ret ERRNO(1)
 0027: 15 00 01 0000009c   jeq _sysctl 0028 (false 0029)
 0028: 06 00 00 00050001   ret ERRNO(1)
 0029: 15 00 01 000000b7   jeq afs_syscall 002a (false 002b)
 002a: 06 00 00 00050001   ret ERRNO(1)
 002b: 15 00 01 000000ae   jeq create_module 002c (false 002d)
 002c: 06 00 00 00050001   ret ERRNO(1)
 002d: 15 00 01 000000b1   jeq get_kernel_syms 002e (false 002f)
 002e: 06 00 00 00050001   ret ERRNO(1)
 002f: 15 00 01 000000b5   jeq getpmsg 0030 (false 0031)
 0030: 06 00 00 00050001   ret ERRNO(1)
 0031: 15 00 01 000000b6   jeq putpmsg 0032 (false 0033)
 0032: 06 00 00 00050001   ret ERRNO(1)
 0033: 15 00 01 000000b2   jeq query_module 0034 (false 0035)
 0034: 06 00 00 00050001   ret ERRNO(1)
 0035: 15 00 01 000000b9   jeq security 0036 (false 0037)
 0036: 06 00 00 00050001   ret ERRNO(1)
 0037: 15 00 01 0000008b   jeq sysfs 0038 (false 0039)
 0038: 06 00 00 00050001   ret ERRNO(1)
 0039: 15 00 01 000000b8   jeq tuxcall 003a (false 003b)
 003a: 06 00 00 00050001   ret ERRNO(1)
 003b: 15 00 01 00000086   jeq uselib 003c (false 003d)
 003c: 06 00 00 00050001   ret ERRNO(1)
 003d: 15 00 01 00000088   jeq ustat 003e (false 003f)
 003e: 06 00 00 00050001   ret ERRNO(1)
 003f: 15 00 01 000000ec   jeq vserver 0040 (false 0041)
 0040: 06 00 00 00050001   ret ERRNO(1)
 0041: 15 00 01 000000ad   jeq ioperm 0042 (false 0043)
 0042: 06 00 00 00050001   ret ERRNO(1)
 0043: 15 00 01 000000ac   jeq iopl 0044 (false 0045)
 0044: 06 00 00 00050001   ret ERRNO(1)
 0045: 15 00 01 000000f6   jeq kexec_load 0046 (false 0047)
 0046: 06 00 00 00050001   ret ERRNO(1)
 0047: 15 00 01 00000140   jeq kexec_file_load 0048 (false 0049)
 0048: 06 00 00 00050001   ret ERRNO(1)
 0049: 15 00 01 000000a9   jeq reboot 004a (false 004b)
 004a: 06 00 00 00050001   ret ERRNO(1)
 004b: 15 00 01 000000a7   jeq swapon 004c (false 004d)
 004c: 06 00 00 00050001   ret ERRNO(1)
 004d: 15 00 01 000000a8   jeq swapoff 004e (false 004f)
 004e: 06 00 00 00050001   ret ERRNO(1)
 004f: 15 00 01 00000130   jeq open_by_handle_at 0050 (false 0051)
 0050: 06 00 00 00050001   ret ERRNO(1)
 0051: 15 00 01 0000012f   jeq name_to_handle_at 0052 (false 0053)
 0052: 06 00 00 00050001   ret ERRNO(1)
 0053: 15 00 01 000000fb   jeq ioprio_set 0054 (false 0055)
 0054: 06 00 00 00050001   ret ERRNO(1)
 0055: 15 00 01 00000067   jeq syslog 0056 (false 0057)
 0056: 06 00 00 00050001   ret ERRNO(1)
 0057: 15 00 01 0000012c   jeq fanotify_init 0058 (false 0059)
 0058: 06 00 00 00050001   ret ERRNO(1)
 0059: 15 00 01 00000138   jeq kcmp 005a (false 005b)
 005a: 06 00 00 00050001   ret ERRNO(1)
 005b: 15 00 01 000000f8   jeq add_key 005c (false 005d)
 005c: 06 00 00 00050001   ret ERRNO(1)
 005d: 15 00 01 000000f9   jeq request_key 005e (false 005f)
 005e: 06 00 00 00050001   ret ERRNO(1)
 005f: 15 00 01 000000ed   jeq mbind 0060 (false 0061)
 0060: 06 00 00 00050001   ret ERRNO(1)
 0061: 15 00 01 00000100   jeq migrate_pages 0062 (false 0063)
 0062: 06 00 00 00050001   ret ERRNO(1)
 0063: 15 00 01 00000117   jeq move_pages 0064 (false 0065)
 0064: 06 00 00 00050001   ret ERRNO(1)
 0065: 15 00 01 000000fa   jeq keyctl 0066 (false 0067)
 0066: 06 00 00 00050001   ret ERRNO(1)
 0067: 15 00 01 000000ce   jeq io_setup 0068 (false 0069)
 0068: 06 00 00 00050001   ret ERRNO(1)
 0069: 15 00 01 000000cf   jeq io_destroy 006a (false 006b)
 006a: 06 00 00 00050001   ret ERRNO(1)
 006b: 15 00 01 000000d0   jeq io_getevents 006c (false 006d)
 006c: 06 00 00 00050001   ret ERRNO(1)
 006d: 15 00 01 000000d1   jeq io_submit 006e (false 006f)
 006e: 06 00 00 00050001   ret ERRNO(1)
 006f: 15 00 01 000000d2   jeq io_cancel 0070 (false 0071)
 0070: 06 00 00 00050001   ret ERRNO(1)
 0071: 15 00 01 000000d8   jeq remap_file_pages 0072 (false 0073)
 0072: 06 00 00 00050001   ret ERRNO(1)
 0073: 15 00 01 00000143   jeq userfaultfd 0074 (false 0075)
 0074: 06 00 00 00050001   ret ERRNO(1)
 0075: 15 00 01 000000a3   jeq acct 0076 (false 0077)
 0076: 06 00 00 00050001   ret ERRNO(1)
 0077: 15 00 01 00000141   jeq bpf 0078 (false 0079)
 0078: 06 00 00 00050001   ret ERRNO(1)
 0079: 15 00 01 000000b4   jeq nfsservctl 007a (false 007b)
 007a: 06 00 00 00050001   ret ERRNO(1)
 007b: 15 00 01 000000ab   jeq setdomainname 007c (false 007d)
 007c: 06 00 00 00050001   ret ERRNO(1)
 007d: 15 00 01 000000aa   jeq sethostname 007e (false 007f)
 007e: 06 00 00 00050001   ret ERRNO(1)
 007f: 15 00 01 00000099   jeq vhangup 0080 (false 0081)
 0080: 06 00 00 00050001   ret ERRNO(1)
 0081: 15 00 01 00000065   jeq ptrace 0082 (false 0083)
 0082: 06 00 00 00050001   ret ERRNO(1)
 0083: 15 00 01 00000087   jeq personality 0084 (false 0085)
 0084: 06 00 00 00050001   ret ERRNO(1)
 0085: 15 00 01 00000136   jeq process_vm_readv 0086 (false 0087)
 0086: 06 00 00 00050001   ret ERRNO(1)
 0087: 06 00 00 7fff0000   ret ALLOW
seccomp filter configured
Mounting read-only /run/firejail/mnt/seccomp
2571 2337 0:192 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755,inode64
mountid=2571 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs
Seccomp directory:
ls /run/firejail/mnt/seccomp
drwxr-xr-x root     root             160 .
drwxr-xr-x root     root             380 ..
-rw-r--r-- pc       users           1088 seccomp
-rw-r--r-- pc       users            808 seccomp.32
-rw-r--r-- pc       users            114 seccomp.list
-rw-r--r-- pc       users              0 seccomp.postexec
-rw-r--r-- pc       users              0 seccomp.postexec32
-rw-r--r-- pc       users            176 seccomp.protocol
Active seccomp files:
cat /run/firejail/mnt/seccomp/seccomp.list
/run/firejail/mnt/seccomp/seccomp.protocol
/run/firejail/mnt/seccomp/seccomp.32
/run/firejail/mnt/seccomp/seccomp
Dropping all capabilities
noroot user namespace installed
Dropping all capabilities
NO_NEW_PRIVS set
Drop privileges: pid 1, uid 1000, gid 100, nogroups 1
No supplementary groups
AppArmor enabled
starting application
LD_PRELOAD=(null)
execvp argument 0: brave
Child process initialized in 161.44 ms
Searching $PATH for brave
trying #/usr/local/sbin/brave#
trying #/usr/local/bin/brave#
Installing /run/firejail/mnt/seccomp/seccomp seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter
Warning: an existing sandbox was detected. /usr/bin/brave will run without any additional sandboxing features
monitoring pid 12

[12:29:1030/192913.361400:ERROR:bus.cc(393)] Failed to connect to the bus: Failed to connect to socket /run/firejail/mnt/dbus/system: Permission non accordée
Ouverture dans une session de navigateur existante.
Sandbox monitor: waitpid 12 retval 12 status 0
Sandbox monitor: monitoring 16
monitoring pid 16

Sandbox monitor: waitpid 16 retval 16 status 0
Sandbox monitor: monitoring 17
monitoring pid 17

Sandbox monitor: waitpid 17 retval 17 status 0

Parent is shutting down, bye...
Exiting the console by launching Tor 
[9:9:1030/193707.613550:ERROR:brave_new_tab_message_handler.cc(162)] Ads service is not initialized!
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[248:310:1030/193707.725499:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
[9:9:1030/193708.014320:ERROR:CONSOLE(0)] "Unchecked runtime.lastError: Unknown error.", source: chrome://newtab/ (0)
[9:9:1030/193708.015445:ERROR:CONSOLE(0)] "Unchecked runtime.lastError: Not available in Tor/incognito/guest profile", source: chrome://newtab/ (0)
[9:9:1030/193708.017333:ERROR:CONSOLE(0)] "Unchecked runtime.lastError: Not available in Tor/incognito/guest profile", source: chrome://newtab/ (0)
[9:9:1030/193708.083747:ERROR:CONSOLE(0)] "Unchecked runtime.lastError: Not available in Tor/incognito/guest profile", source: chrome://newtab/ (0)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[312:318:1030/193708.803578:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[319:325:1030/193709.897761:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[326:332:1030/193710.962206:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[333:339:1030/193712.030565:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[340:346:1030/193713.104311:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[347:353:1030/193714.184728:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[354:360:1030/193715.249432:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[361:367:1030/193716.318447:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[368:374:1030/193717.395087:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[375:381:1030/193718.460753:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[382:388:1030/193719.529239:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[389:395:1030/193720.600248:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[396:402:1030/193721.669012:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[403:409:1030/193722.732810:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[410:416:1030/193723.802245:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[417:423:1030/193724.877937:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[424:430:1030/193725.946906:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[431:437:1030/193727.014679:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[438:444:1030/193728.093059:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[451:462:1030/193729.251837:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[463:469:1030/193730.349036:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[470:476:1030/193731.435015:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[477:483:1030/193732.524889:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[484:490:1030/193733.599598:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
LaunchProcess: failed to execvp:
~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0
[491:497:1030/193734.673858:ERROR:tor_launcher_impl.cc(203)] tor exit (127)
...
Originally created by @Bundy01 on GitHub (Oct 30, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3709 Write clear, concise and in textual form. **Bug and expected behavior** Running Tor's profile in Brave, this one has no web access (no connections). **No profile and disabling firejail** No problem whitout Firejail. **Environment** - Linux distribution and version: Archlinux - Firejail version: ``` firejail version 0.9.64 Compile time support: - AppArmor support is enabled - AppImage support is enabled - chroot support is enabled - D-BUS proxy support is enabled - file and directory whitelisting support is enabled - file transfer support is enabled - firetunnel support is enabled - networking support is enabled - overlayfs support is enabled - private-home support is enabled - SELinux support is disabled - user namespace support is enabled - X11 sandboxing support is enabled ``` **Additional context** The problem appeared with Version 0.9.64rc1. **Checklist** - [ ] The upstream profile (and redirect profile if exists) have no changes fixing it. - [x] The program has a profile. (If not, request one in `https://github.com/netblue30/firejail/issues/1139`) - [x] Programs needed for interaction are listed in the profile. - [x] A short search for duplicates was performed. - [ ] If it is a AppImage, `--profile=PROFILENAME` is used to set the right profile. <details><summary> debug output </summary> ``` Autoselecting /bin/zsh as shell Building quoted command line: 'brave' Command name #brave# Found brave.profile profile in /etc/firejail directory Reading profile /etc/firejail/brave.profile Found chromium-common.profile profile in /etc/firejail directory Reading profile /etc/firejail/chromium-common.profile Found disable-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-common.inc Found disable-devel.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-devel.inc Found disable-exec.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-exec.inc Found disable-interpreters.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-interpreters.inc Found disable-programs.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-programs.inc Found disable-passwdmgr.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-passwdmgr.inc Found disable-xdg.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-xdg.inc Found whitelist-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-common.inc Found whitelist-var-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-var-common.inc conditional BROWSER_DISABLE_U2F, nou2f conditional BROWSER_DISABLE_U2F, private-dev conditional HAS_NODBUS, env NO_CHROME_KDE_FILE_DIALOG=1 Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, DISPLAY=:0 parsed as 0 Using the local network stack Parent pid 56714, child pid 56715 Initializing child process Host network configured PID namespace installed Mounting tmpfs on /run/firejail/mnt directory Creating empty /run/firejail/mnt/seccomp directory Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file Build protocol filter: unix,inet,inet6,netlink sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol Dropping all capabilities Drop privileges: pid 2, uid 1000, gid 100, nogroups 1 No supplementary groups Mounting /proc filesystem representing the PID namespace Basic read-only filesystem: Mounting read-only /etc 2340 2301 8:2 /etc /etc ro,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673 mountid=2340 fsname=/etc dir=/etc fstype=ext4 Mounting noexec /etc 2341 2340 8:2 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673 mountid=2341 fsname=/etc dir=/etc fstype=ext4 Mounting read-only /var 2342 2301 8:2 /var /var ro,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673 mountid=2342 fsname=/var dir=/var fstype=ext4 Mounting noexec /var 2343 2342 8:2 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673 mountid=2343 fsname=/var dir=/var fstype=ext4 Mounting read-only /usr 2344 2301 8:2 /usr /usr ro,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673 mountid=2344 fsname=/usr dir=/usr fstype=ext4 Mounting tmpfs on /var/lock Mounting tmpfs on /var/tmp Mounting tmpfs on /var/log Create the new utmp file Mount the new utmp file Generating a new machine-id installing a new /etc/machine-id Cleaning /home directory Cleaning /run/user directory Sanitizing /etc/passwd, UID_MIN 1000 Sanitizing /etc/group, GID_MIN 1000 Disable /run/firejail/network Disable /run/firejail/bandwidth Disable /run/firejail/name Disable /run/firejail/profile Disable /run/firejail/x11 Mounting tmpfs on /dev mounting /run/firejail/mnt/dev/snd directory mounting /run/firejail/mnt/dev/dri directory Process /dev/shm directory Mounting tmpfs on ~/.cache 2381 2353 0:203 / ~/.cache rw,nosuid,nodev,relatime - tmpfs tmpfs rw,mode=700,uid=1000,gid=100,inode64 mountid=2381 fsname=/ dir=~/.cache fstype=tmpfs Creating empty /run/firejail/mnt/dbus directory Creating empty /run/firejail/mnt/dbus/user file blacklist /run/user/1000/bus Creating empty /run/firejail/mnt/dbus/system file blacklist /run/dbus/system_bus_socket blacklist /run/firejail/dbus Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Mounting read-only /proc/sys Remounting /sys directory Disable /sys/firmware Disable /sys/hypervisor Disable /sys/power Disable /sys/kernel/debug Disable /sys/kernel/vmcoreinfo Disable /proc/sys/fs/binfmt_misc Disable /proc/sys/kernel/core_pattern Disable /proc/sys/kernel/modprobe Disable /proc/sysrq-trigger Disable /proc/sys/vm/panic_on_oom Disable /proc/irq Disable /proc/bus Disable /proc/sched_debug Disable /proc/timer_list Disable /proc/kcore Disable /proc/kallsyms Disable /usr/lib/modules/5.9.2-arch1-1/build (requested /usr/src/linux) Disable /usr/lib/modules (requested /lib/modules) Disable /boot Disable /run/user/1000/gnupg Disable /run/user/1000/systemd Disable /proc/kmsg Debug 456: new_name #~/.config/BraveSoftware#, whitelist Debug 571: fname #~/.config/BraveSoftware#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.config/BraveSoftware Debug 456: new_name #~/.config/brave-flags.conf#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/brave-flags.conf expanded: ~/.config/brave-flags.conf real path: (null) realpath: No such file or directory Debug 456: new_name #~/.gnupg#, whitelist Debug 571: fname #~/.gnupg#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.gnupg Debug 456: new_name #~/Public#, whitelist Debug 571: fname #~/Public#, cfg.homedir #~# Replaced whitelist path: whitelist ~/Public Debug 456: new_name #~/.pki#, whitelist Debug 571: fname #~/.pki#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.pki Debug 456: new_name #~/.local/share/pki#, whitelist Debug 571: fname #~/.local/share/pki#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.local/share/pki Debug 456: new_name #~/.XCompose#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose expanded: ~/.XCompose real path: (null) realpath: No such file or directory Debug 456: new_name #~/.asoundrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc expanded: ~/.asoundrc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/ibus#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ibus expanded: ~/.config/ibus real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/mimeapps.list#, whitelist Debug 571: fname #~/.config/mimeapps.list#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.config/mimeapps.list Debug 456: new_name #~/.config/pkcs11#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11 expanded: ~/.config/pkcs11 real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/user-dirs.dirs#, whitelist Debug 571: fname #~/.config/user-dirs.dirs#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.config/user-dirs.dirs Debug 456: new_name #~/.config/user-dirs.locale#, whitelist Debug 571: fname #~/.config/user-dirs.locale#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.config/user-dirs.locale Debug 456: new_name #~/.drirc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc expanded: ~/.drirc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.icons#, whitelist Debug 571: fname #~/.icons#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.icons Debug 456: new_name #~/.local/share/applications#, whitelist Debug 571: fname #~/.local/share/applications#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.local/share/applications Debug 456: new_name #~/.local/share/icons#, whitelist Debug 571: fname #~/.local/share/icons#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.local/share/icons Debug 456: new_name #~/.local/share/mime#, whitelist Debug 571: fname #~/.local/share/mime#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.local/share/mime Debug 456: new_name #~/.mime.types#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types expanded: ~/.mime.types real path: (null) realpath: No such file or directory Debug 456: new_name #~/.uim.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d expanded: ~/.uim.d real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/dconf#, whitelist Debug 571: fname #~/.config/dconf#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.config/dconf Debug 456: new_name #~/.cache/fontconfig#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/fontconfig expanded: ~/.cache/fontconfig real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/fontconfig#, whitelist Debug 571: fname #~/.config/fontconfig#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.config/fontconfig Debug 456: new_name #~/.fontconfig#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig expanded: ~/.fontconfig real path: (null) realpath: No such file or directory Debug 456: new_name #~/.fonts#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts expanded: ~/.fonts real path: (null) realpath: No such file or directory Debug 456: new_name #~/.fonts.conf#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf expanded: ~/.fonts.conf real path: (null) realpath: No such file or directory Debug 456: new_name #~/.fonts.conf.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d expanded: ~/.fonts.conf.d real path: (null) realpath: No such file or directory Debug 456: new_name #~/.fonts.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d expanded: ~/.fonts.d real path: (null) realpath: No such file or directory Debug 456: new_name #~/.local/share/fonts#, whitelist Debug 571: fname #~/.local/share/fonts#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.local/share/fonts Debug 456: new_name #~/.pangorc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc expanded: ~/.pangorc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/gtk-2.0#, whitelist Debug 571: fname #~/.config/gtk-2.0#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.config/gtk-2.0 Debug 456: new_name #~/.config/gtk-3.0#, whitelist Debug 571: fname #~/.config/gtk-3.0#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.config/gtk-3.0 Debug 456: new_name #~/.config/gtk-4.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0 expanded: ~/.config/gtk-4.0 real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc expanded: ~/.config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc-2.0 expanded: ~/.config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #~/.gnome2#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2 expanded: ~/.gnome2 real path: (null) realpath: No such file or directory Debug 456: new_name #~/.gnome2-private#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private expanded: ~/.gnome2-private real path: (null) realpath: No such file or directory Debug 456: new_name #~/.gtk-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0 expanded: ~/.gtk-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #~/.gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc expanded: ~/.gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.gtkrc-2.0#, whitelist Debug 571: fname #~/.gtkrc-2.0#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.gtkrc-2.0 Debug 456: new_name #~/.kde/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc expanded: ~/.kde/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0 expanded: ~/.kde/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde4/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc expanded: ~/.kde4/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde4/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0 expanded: ~/.kde4/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #~/.local/share/themes#, whitelist Debug 571: fname #~/.local/share/themes#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.local/share/themes Debug 456: new_name #~/.themes#, whitelist Debug 571: fname #~/.themes#, cfg.homedir #~# Replaced whitelist path: whitelist ~/.themes Debug 456: new_name #~/.cache/kioexec/krun#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun expanded: ~/.cache/kioexec/krun real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/Kvantum#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Kvantum expanded: ~/.config/Kvantum real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/Trolltech.conf#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Trolltech.conf expanded: ~/.config/Trolltech.conf real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kdeglobals expanded: ~/.config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kio_httprc expanded: ~/.config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc expanded: ~/.config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist expanded: ~/.config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #~/.config/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qt5ct expanded: ~/.config/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde/share/config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals expanded: ~/.kde/share/config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc expanded: ~/.kde/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc expanded: ~/.kde/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist expanded: ~/.kde/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc expanded: ~/.kde/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons expanded: ~/.kde/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde4/share/config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals expanded: ~/.kde4/share/config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde4/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc expanded: ~/.kde4/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde4/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc expanded: ~/.kde4/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde4/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist expanded: ~/.kde4/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde4/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc expanded: ~/.kde4/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #~/.kde4/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons expanded: ~/.kde4/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #~/.local/share/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct expanded: ~/.local/share/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/ca-certificates#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates expanded: /var/lib/ca-certificates real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/dbus#, whitelist Debug 456: new_name #/var/lib/menu-xdg#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg expanded: /var/lib/menu-xdg real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/uim#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/uim expanded: /var/lib/uim real path: (null) realpath: No such file or directory Debug 456: new_name #/var/cache/fontconfig#, whitelist Debug 456: new_name #/var/tmp#, whitelist Debug 456: new_name #/var/run#, whitelist Replaced whitelist path: whitelist /run Debug 456: new_name #/var/lock#, whitelist Replaced whitelist path: whitelist /run/lock Mounting tmpfs on /var directory Drop privileges: pid 3, uid 1000, gid 100, nogroups 0 Supplementary groups: 92 91 Mounting a new /root directory Mounting a new /home directory Create a new user directory Drop privileges: pid 4, uid 1000, gid 100, nogroups 0 Supplementary groups: 92 91 Drop privileges: pid 5, uid 1000, gid 100, nogroups 0 Supplementary groups: 92 91 Whitelisting ~/.config/BraveSoftware 2396 2395 8:3 /pc/.config/BraveSoftware ~/.config/BraveSoftware rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2396 fsname=/pc/.config/BraveSoftware dir=~/.config/BraveSoftware fstype=ext4 Whitelisting ~/.gnupg 2397 2395 8:3 /pc/.gnupg ~/.gnupg rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2397 fsname=/pc/.gnupg dir=~/.gnupg fstype=ext4 Whitelisting ~/Public 2398 2395 8:3 /pc/Public ~/Public rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2398 fsname=/pc/Public dir=~/Public fstype=ext4 Whitelisting ~/.pki 2399 2395 8:3 /pc/.pki ~/.pki rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2399 fsname=/pc/.pki dir=~/.pki fstype=ext4 Whitelisting ~/.local/share/pki 2400 2395 8:3 /pc/.local/share/pki ~/.local/share/pki rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2400 fsname=/pc/.local/share/pki dir=~/.local/share/pki fstype=ext4 Whitelisting ~/.config/mimeapps.list 2401 2395 8:3 /pc/.config/mimeapps.list ~/.config/mimeapps.list rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2401 fsname=/pc/.config/mimeapps.list dir=~/.config/mimeapps.list fstype=ext4 Whitelisting ~/.config/user-dirs.dirs 2402 2395 8:3 /pc/.config/user-dirs.dirs ~/.config/user-dirs.dirs rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2402 fsname=/pc/.config/user-dirs.dirs dir=~/.config/user-dirs.dirs fstype=ext4 Whitelisting ~/.config/user-dirs.locale 2403 2395 8:3 /pc/.config/user-dirs.locale ~/.config/user-dirs.locale rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2403 fsname=/pc/.config/user-dirs.locale dir=~/.config/user-dirs.locale fstype=ext4 Whitelisting ~/.icons 2404 2395 8:3 /pc/.icons ~/.icons rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2404 fsname=/pc/.icons dir=~/.icons fstype=ext4 Whitelisting ~/.local/share/applications 2405 2395 8:3 /pc/.local/share/applications ~/.local/share/applications rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2405 fsname=/pc/.local/share/applications dir=~/.local/share/applications fstype=ext4 Whitelisting ~/.local/share/icons 2406 2395 8:3 /pc/.local/share/icons ~/.local/share/icons rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2406 fsname=/pc/.local/share/icons dir=~/.local/share/icons fstype=ext4 Whitelisting ~/.local/share/mime 2407 2395 8:3 /pc/.local/share/mime ~/.local/share/mime rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2407 fsname=/pc/.local/share/mime dir=~/.local/share/mime fstype=ext4 Whitelisting ~/.config/dconf 2408 2395 8:3 /pc/.config/dconf ~/.config/dconf rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2408 fsname=/pc/.config/dconf dir=~/.config/dconf fstype=ext4 Whitelisting ~/.config/fontconfig 2409 2395 8:3 /pc/.config/fontconfig ~/.config/fontconfig rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2409 fsname=/pc/.config/fontconfig dir=~/.config/fontconfig fstype=ext4 Whitelisting ~/.local/share/fonts 2410 2395 8:3 /pc/.local/share/fonts ~/.local/share/fonts rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2410 fsname=/pc/.local/share/fonts dir=~/.local/share/fonts fstype=ext4 Whitelisting ~/.config/gtk-2.0 2411 2395 8:3 /pc/.config/gtk-2.0 ~/.config/gtk-2.0 rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2411 fsname=/pc/.config/gtk-2.0 dir=~/.config/gtk-2.0 fstype=ext4 Whitelisting ~/.config/gtk-3.0 2412 2395 8:3 /pc/.config/gtk-3.0 ~/.config/gtk-3.0 rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2412 fsname=/pc/.config/gtk-3.0 dir=~/.config/gtk-3.0 fstype=ext4 Whitelisting ~/.gtkrc-2.0 2413 2395 8:3 /pc/.gtkrc-2.0 ~/.gtkrc-2.0 rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2413 fsname=/pc/.gtkrc-2.0 dir=~/.gtkrc-2.0 fstype=ext4 Whitelisting ~/.local/share/themes 2414 2395 8:3 /pc/.local/share/themes ~/.local/share/themes rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2414 fsname=/pc/.local/share/themes dir=~/.local/share/themes fstype=ext4 Whitelisting ~/.themes 2415 2395 8:3 /pc/.themes ~/.themes rw,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2415 fsname=/pc/.themes dir=~/.themes fstype=ext4 Whitelisting /var/lib/dbus 2416 2391 8:2 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673 mountid=2416 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4 Whitelisting /var/cache/fontconfig 2417 2391 8:2 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw,stripe=32673 mountid=2417 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4 Whitelisting /var/tmp 2418 2391 0:195 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64 mountid=2418 fsname=/ dir=/var/tmp fstype=tmpfs Created symbolic link /var/run -> /run Created symbolic link /var/lock -> /run/lock Disable /etc/xdg/autostart Mounting read-only ~/.Xauthority 2422 2395 0:206 /pc/.Xauthority ~/.Xauthority ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=2422 fsname=/pc/.Xauthority dir=~/.Xauthority fstype=tmpfs Mounting read-only ~/.config/dconf 2423 2408 8:3 /pc/.config/dconf ~/.config/dconf ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2423 fsname=/pc/.config/dconf dir=~/.config/dconf fstype=ext4 Disable /usr/bin/systemd-run Disable /run/user/1000/systemd Disable /etc/profile.d Disable /etc/kernel Disable /etc/grub.d Disable /etc/apparmor Disable /etc/apparmor.d Disable /etc/modules-load.d Mounting read-only ~/.bashrc 2432 2395 0:206 /pc/.bashrc ~/.bashrc ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=2432 fsname=/pc/.bashrc dir=~/.bashrc fstype=tmpfs Mounting read-only ~/.local/share/applications 2433 2405 8:3 /pc/.local/share/applications ~/.local/share/applications ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2433 fsname=/pc/.local/share/applications dir=~/.local/share/applications fstype=ext4 Mounting read-only ~/.config/mimeapps.list 2434 2401 8:3 /pc/.config/mimeapps.list ~/.config/mimeapps.list ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2434 fsname=/pc/.config/mimeapps.list dir=~/.config/mimeapps.list fstype=ext4 Mounting read-only ~/.config/user-dirs.dirs 2435 2402 8:3 /pc/.config/user-dirs.dirs ~/.config/user-dirs.dirs ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2435 fsname=/pc/.config/user-dirs.dirs dir=~/.config/user-dirs.dirs fstype=ext4 Mounting read-only ~/.config/user-dirs.locale 2436 2403 8:3 /pc/.config/user-dirs.locale ~/.config/user-dirs.locale ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2436 fsname=/pc/.config/user-dirs.locale dir=~/.config/user-dirs.locale fstype=ext4 Mounting read-only ~/.local/share/mime 2437 2407 8:3 /pc/.local/share/mime ~/.local/share/mime ro,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2437 fsname=/pc/.local/share/mime dir=~/.local/share/mime fstype=ext4 Not blacklist ~/.gnupg Not blacklist ~/.pki Not blacklist ~/.local/share/pki Disable /etc/group- Disable /etc/gshadow Disable /etc/gshadow- Disable /etc/passwd- Disable /etc/shadow Disable /etc/shadow- Disable /etc/ssh Warning: /sbin directory link was not blacklisted Disable /usr/local/sbin Warning: /usr/sbin directory link was not blacklisted Disable /usr/bin/chage Disable /usr/bin/chfn Disable /usr/bin/chsh Disable /usr/bin/expiry Disable /usr/bin/fusermount Disable /usr/bin/gpasswd Disable /usr/bin/ksu Disable /usr/bin/mount Disable /usr/bin/newgidmap Disable /usr/bin/newgrp Disable /usr/bin/newuidmap Disable /usr/bin/ntfs-3g Disable /usr/bin/pkexec Disable /usr/bin/sg Disable /usr/bin/su Disable /usr/bin/sudo Disable /usr/bin/umount Disable /usr/bin/unix_chkpwd Disable /usr/lib/virtualbox Disable /usr/lib/virtualbox (requested /usr/lib64/virtualbox) Disable /usr/bin/bwrap Not blacklist /proc/config.gz Disable /usr/bin/resolvectl Disable /usr/bin/as Disable /usr/bin/gcc (requested /usr/bin/cc) Disable /usr/bin/c++filt Disable /usr/bin/c++ Disable /usr/bin/c89 Disable /usr/bin/c99 Disable /usr/bin/cpp Disable /usr/bin/g++ Disable /usr/bin/gcc Disable /usr/bin/gcc-ranlib Disable /usr/bin/gcc-nm Disable /usr/bin/gcc-ar Disable /usr/bin/ld Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/share/java Disable /usr/bin/openssl Disable /usr/src Disable /usr/local/src Disable /usr/include Disable /usr/local/include Mounting noexec ~/.config/BraveSoftware 2499 2396 8:3 /pc/.config/BraveSoftware ~/.config/BraveSoftware rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2499 fsname=/pc/.config/BraveSoftware dir=~/.config/BraveSoftware fstype=ext4 Mounting noexec ~/.gnupg 2500 2397 8:3 /pc/.gnupg ~/.gnupg rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2500 fsname=/pc/.gnupg dir=~/.gnupg fstype=ext4 Mounting noexec ~/Public 2501 2398 8:3 /pc/Public ~/Public rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2501 fsname=/pc/Public dir=~/Public fstype=ext4 Mounting noexec ~/.pki 2502 2399 8:3 /pc/.pki ~/.pki rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2502 fsname=/pc/.pki dir=~/.pki fstype=ext4 Mounting noexec ~/.local/share/pki 2503 2400 8:3 /pc/.local/share/pki ~/.local/share/pki rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2503 fsname=/pc/.local/share/pki dir=~/.local/share/pki fstype=ext4 Mounting noexec ~/.config/mimeapps.list 2504 2434 8:3 /pc/.config/mimeapps.list ~/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2504 fsname=/pc/.config/mimeapps.list dir=~/.config/mimeapps.list fstype=ext4 Mounting noexec ~/.config/user-dirs.dirs 2505 2435 8:3 /pc/.config/user-dirs.dirs ~/.config/user-dirs.dirs ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2505 fsname=/pc/.config/user-dirs.dirs dir=~/.config/user-dirs.dirs fstype=ext4 Mounting noexec ~/.config/user-dirs.locale 2506 2436 8:3 /pc/.config/user-dirs.locale ~/.config/user-dirs.locale ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2506 fsname=/pc/.config/user-dirs.locale dir=~/.config/user-dirs.locale fstype=ext4 Mounting noexec ~/.icons 2507 2404 8:3 /pc/.icons ~/.icons rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2507 fsname=/pc/.icons dir=~/.icons fstype=ext4 Mounting noexec ~/.local/share/applications 2508 2433 8:3 /pc/.local/share/applications ~/.local/share/applications ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2508 fsname=/pc/.local/share/applications dir=~/.local/share/applications fstype=ext4 Mounting noexec ~/.local/share/icons 2509 2406 8:3 /pc/.local/share/icons ~/.local/share/icons rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2509 fsname=/pc/.local/share/icons dir=~/.local/share/icons fstype=ext4 Mounting noexec ~/.local/share/mime 2510 2437 8:3 /pc/.local/share/mime ~/.local/share/mime ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2510 fsname=/pc/.local/share/mime dir=~/.local/share/mime fstype=ext4 Mounting noexec ~/.config/dconf 2511 2423 8:3 /pc/.config/dconf ~/.config/dconf ro,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2511 fsname=/pc/.config/dconf dir=~/.config/dconf fstype=ext4 Mounting noexec ~/.config/fontconfig 2512 2409 8:3 /pc/.config/fontconfig ~/.config/fontconfig rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2512 fsname=/pc/.config/fontconfig dir=~/.config/fontconfig fstype=ext4 Mounting noexec ~/.local/share/fonts 2513 2410 8:3 /pc/.local/share/fonts ~/.local/share/fonts rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2513 fsname=/pc/.local/share/fonts dir=~/.local/share/fonts fstype=ext4 Mounting noexec ~/.config/gtk-2.0 2514 2411 8:3 /pc/.config/gtk-2.0 ~/.config/gtk-2.0 rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2514 fsname=/pc/.config/gtk-2.0 dir=~/.config/gtk-2.0 fstype=ext4 Mounting noexec ~/.config/gtk-3.0 2515 2412 8:3 /pc/.config/gtk-3.0 ~/.config/gtk-3.0 rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2515 fsname=/pc/.config/gtk-3.0 dir=~/.config/gtk-3.0 fstype=ext4 Mounting noexec ~/.gtkrc-2.0 2516 2413 8:3 /pc/.gtkrc-2.0 ~/.gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2516 fsname=/pc/.gtkrc-2.0 dir=~/.gtkrc-2.0 fstype=ext4 Mounting noexec ~/.local/share/themes 2517 2414 8:3 /pc/.local/share/themes ~/.local/share/themes rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2517 fsname=/pc/.local/share/themes dir=~/.local/share/themes fstype=ext4 Mounting noexec ~/.themes 2518 2415 8:3 /pc/.themes ~/.themes rw,nosuid,nodev,noexec,relatime master:31 - ext4 /dev/sda3 rw,commit=120,stripe=32729 mountid=2518 fsname=/pc/.themes dir=~/.themes fstype=ext4 Mounting noexec /run/user/1000 2524 2523 0:27 /firejail/firejail.ro.dir /run/user/1000/systemd rw,nosuid,nodev master:23 - tmpfs tmpfs rw,size=1612792k,nr_inodes=819200,mode=755,inode64 mountid=2524 fsname=/firejail/firejail.ro.dir dir=/run/user/1000/systemd fstype=tmpfs Warning: not remounting /run/user/1000/gvfs Mounting noexec /dev/shm 2525 2374 0:201 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=2525 fsname=/shm dir=/dev/shm fstype=tmpfs Mounting noexec /var 2529 2526 0:195 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64 mountid=2529 fsname=/ dir=/var/tmp fstype=tmpfs Disable /usr/bin/lua5.2 Disable /usr/bin/luac (requested /usr/bin/luac5.4) Disable /usr/bin/lua Disable /usr/bin/lua (requested /usr/bin/lua5.4) Disable /usr/bin/luac5.2 Disable /usr/bin/luac Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2) Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua5.4.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2) Disable /usr/lib/liblua5.2.so.5.2.4 Disable /usr/lib/liblua.so.5.4.1 Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so) Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so.5.4) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4) Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so) Disable /usr/lib/libmozjs-52.so (requested /usr/lib64/libmozjs-52.so) Disable /usr/bin/core_perl/cpan Disable /usr/bin/core_perl Disable /usr/bin/perl Disable /usr/bin/site_perl Disable /usr/bin/vendor_perl Disable /usr/lib/perl5 Disable /usr/share/perl5 Disable /usr/lib/ruby Disable /usr/lib/python2.7 Disable /usr/bin/python3.8 Disable /usr/bin/python3.8 (requested /usr/bin/python3) Disable /usr/bin/python3.8-config Disable /usr/bin/python3.8-config (requested /usr/bin/python3-config) Disable /usr/lib/python3.8 Disable /usr/lib/python3.8 (requested /usr/lib64/python3.8) Not blacklist ~/.config/BraveSoftware Not blacklist ~/.config/brave-flags.conf Disable ~/.themes Disable /sys/fs Disable /sys/module Disable /mnt Disable /run/mount Disable /run/media Mounting noexec /run/firejail/mnt/pulse 2568 2337 0:192 /pulse /run/firejail/mnt/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=2568 fsname=/pulse dir=/run/firejail/mnt/pulse fstype=tmpfs Creating empty ~/.config/pulse directory Drop privileges: pid 6, uid 1000, gid 100, nogroups 0 Supplementary groups: 92 91 Mounting /run/firejail/mnt/pulse on ~/.config/pulse 2569 2395 0:192 /pulse ~/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=2569 fsname=/pulse dir=~/.config/pulse fstype=tmpfs Current directory: ~ DISPLAY=:0 parsed as 0 Install protocol filter: unix,inet,inet6,netlink configuring 22 seccomp entries in /run/firejail/mnt/seccomp/seccomp.protocol sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.protocol Dropping all capabilities Drop privileges: pid 7, uid 1000, gid 100, nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 04 00 c000003e jeq ARCH_64 0006 (false 0002) 0002: 20 00 00 00000000 ld data.syscall-number 0003: 15 01 00 00000167 jeq unknown 0005 (false 0004) 0004: 06 00 00 7fff0000 ret ALLOW 0005: 05 00 00 00000006 jmp 000c 0006: 20 00 00 00000004 ld data.architecture 0007: 15 01 00 c000003e jeq ARCH_64 0009 (false 0008) 0008: 06 00 00 7fff0000 ret ALLOW 0009: 20 00 00 00000000 ld data.syscall-number 000a: 15 01 00 00000029 jeq socket 000c (false 000b) 000b: 06 00 00 7fff0000 ret ALLOW 000c: 20 00 00 00000010 ld data.args[0] 000d: 15 00 01 00000001 jeq 1 000e (false 000f) 000e: 06 00 00 7fff0000 ret ALLOW 000f: 15 00 01 00000002 jeq 2 0010 (false 0011) 0010: 06 00 00 7fff0000 ret ALLOW 0011: 15 00 01 0000000a jeq a 0012 (false 0013) 0012: 06 00 00 7fff0000 ret ALLOW 0013: 15 00 01 00000010 jeq 10 0014 (false 0015) 0014: 06 00 00 7fff0000 ret ALLOW 0015: 06 00 00 0005005f ret ERRNO(95) configuring 101 seccomp entries in /run/firejail/mnt/seccomp/seccomp.32 sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.32 Dropping all capabilities Drop privileges: pid 8, uid 1000, gid 100, nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 40000003 jeq ARCH_32 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 15 00 01 00000015 jeq 15 0005 (false 0006) 0005: 06 00 00 00000001 ret KILL 0006: 15 00 01 00000034 jeq 34 0007 (false 0008) 0007: 06 00 00 00000001 ret KILL 0008: 15 00 01 0000001a jeq 1a 0009 (false 000a) 0009: 06 00 00 00000001 ret KILL 000a: 15 00 01 0000011b jeq 11b 000b (false 000c) 000b: 06 00 00 00000001 ret KILL 000c: 15 00 01 00000155 jeq 155 000d (false 000e) 000d: 06 00 00 00000001 ret KILL 000e: 15 00 01 00000156 jeq 156 000f (false 0010) 000f: 06 00 00 00000001 ret KILL 0010: 15 00 01 0000007f jeq 7f 0011 (false 0012) 0011: 06 00 00 00000001 ret KILL 0012: 15 00 01 00000080 jeq 80 0013 (false 0014) 0013: 06 00 00 00000001 ret KILL 0014: 15 00 01 0000015e jeq 15e 0015 (false 0016) 0015: 06 00 00 00000001 ret KILL 0016: 15 00 01 00000081 jeq 81 0017 (false 0018) 0017: 06 00 00 00000001 ret KILL 0018: 15 00 01 0000006e jeq 6e 0019 (false 001a) 0019: 06 00 00 00000001 ret KILL 001a: 15 00 01 00000065 jeq 65 001b (false 001c) 001b: 06 00 00 00000001 ret KILL 001c: 15 00 01 00000121 jeq 121 001d (false 001e) 001d: 06 00 00 00000001 ret KILL 001e: 15 00 01 00000057 jeq 57 001f (false 0020) 001f: 06 00 00 00000001 ret KILL 0020: 15 00 01 00000073 jeq 73 0021 (false 0022) 0021: 06 00 00 00000001 ret KILL 0022: 15 00 01 00000067 jeq 67 0023 (false 0024) 0023: 06 00 00 00000001 ret KILL 0024: 15 00 01 0000015b jeq 15b 0025 (false 0026) 0025: 06 00 00 00000001 ret KILL 0026: 15 00 01 0000015c jeq 15c 0027 (false 0028) 0027: 06 00 00 00000001 ret KILL 0028: 15 00 01 00000087 jeq 87 0029 (false 002a) 0029: 06 00 00 00000001 ret KILL 002a: 15 00 01 00000095 jeq 95 002b (false 002c) 002b: 06 00 00 00000001 ret KILL 002c: 15 00 01 0000007c jeq 7c 002d (false 002e) 002d: 06 00 00 00000001 ret KILL 002e: 15 00 01 00000157 jeq 157 002f (false 0030) 002f: 06 00 00 00000001 ret KILL 0030: 15 00 01 000000fd jeq fd 0031 (false 0032) 0031: 06 00 00 00000001 ret KILL 0032: 15 00 01 00000150 jeq 150 0033 (false 0034) 0033: 06 00 00 00000001 ret KILL 0034: 15 00 01 00000152 jeq 152 0035 (false 0036) 0035: 06 00 00 00000001 ret KILL 0036: 15 00 01 0000015d jeq 15d 0037 (false 0038) 0037: 06 00 00 00000001 ret KILL 0038: 15 00 01 0000011e jeq 11e 0039 (false 003a) 0039: 06 00 00 00000001 ret KILL 003a: 15 00 01 0000011f jeq 11f 003b (false 003c) 003b: 06 00 00 00000001 ret KILL 003c: 15 00 01 00000120 jeq 120 003d (false 003e) 003d: 06 00 00 00000001 ret KILL 003e: 15 00 01 00000056 jeq 56 003f (false 0040) 003f: 06 00 00 00000001 ret KILL 0040: 15 00 01 00000033 jeq 33 0041 (false 0042) 0041: 06 00 00 00000001 ret KILL 0042: 15 00 01 0000007b jeq 7b 0043 (false 0044) 0043: 06 00 00 00000001 ret KILL 0044: 15 00 01 000000d9 jeq d9 0045 (false 0046) 0045: 06 00 00 00000001 ret KILL 0046: 15 00 01 000000f5 jeq f5 0047 (false 0048) 0047: 06 00 00 00000001 ret KILL 0048: 15 00 01 000000f6 jeq f6 0049 (false 004a) 0049: 06 00 00 00000001 ret KILL 004a: 15 00 01 000000f7 jeq f7 004b (false 004c) 004b: 06 00 00 00000001 ret KILL 004c: 15 00 01 000000f8 jeq f8 004d (false 004e) 004d: 06 00 00 00000001 ret KILL 004e: 15 00 01 000000f9 jeq f9 004f (false 0050) 004f: 06 00 00 00000001 ret KILL 0050: 15 00 01 00000101 jeq 101 0051 (false 0052) 0051: 06 00 00 00000001 ret KILL 0052: 15 00 01 00000112 jeq 112 0053 (false 0054) 0053: 06 00 00 00000001 ret KILL 0054: 15 00 01 00000114 jeq 114 0055 (false 0056) 0055: 06 00 00 00000001 ret KILL 0056: 15 00 01 00000126 jeq 126 0057 (false 0058) 0057: 06 00 00 00000001 ret KILL 0058: 15 00 01 0000013d jeq 13d 0059 (false 005a) 0059: 06 00 00 00000001 ret KILL 005a: 15 00 01 0000013c jeq 13c 005b (false 005c) 005b: 06 00 00 00000001 ret KILL 005c: 15 00 01 0000003d jeq 3d 005d (false 005e) 005d: 06 00 00 00000001 ret KILL 005e: 15 00 01 00000058 jeq 58 005f (false 0060) 005f: 06 00 00 00000001 ret KILL 0060: 15 00 01 000000a9 jeq a9 0061 (false 0062) 0061: 06 00 00 00000001 ret KILL 0062: 15 00 01 00000082 jeq 82 0063 (false 0064) 0063: 06 00 00 00000001 ret KILL 0064: 06 00 00 7fff0000 ret ALLOW Dual 32/64 bit seccomp filter configured Build default+drop seccomp filter sbox run: /run/firejail/lib/fseccomp default drop /run/firejail/mnt/seccomp/seccomp /run/firejail/mnt/seccomp/seccomp.postexec !chroot Dropping all capabilities Drop privileges: pid 9, uid 1000, gid 100, nogroups 1 No supplementary groups Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, sbox run: /run/firejail/lib/fsec-optimize /run/firejail/mnt/seccomp/seccomp Dropping all capabilities Drop privileges: pid 10, uid 1000, gid 100, nogroups 1 No supplementary groups configuring 136 seccomp entries in /run/firejail/mnt/seccomp/seccomp sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp Dropping all capabilities Drop privileges: pid 11, uid 1000, gid 100, nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 c000003e jeq ARCH_64 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 35 01 00 40000000 jge X32_ABI 0006 (false 0005) 0005: 35 01 00 00000000 jge read 0007 (false 0006) 0006: 06 00 00 00050001 ret ERRNO(1) 0007: 15 00 01 000000a1 jeq chroot 0008 (false 0009) 0008: 06 00 00 7fff0000 ret ALLOW 0009: 15 00 01 0000009f jeq adjtimex 000a (false 000b) 000a: 06 00 00 00050001 ret ERRNO(1) 000b: 15 00 01 00000131 jeq clock_adjtime 000c (false 000d) 000c: 06 00 00 00050001 ret ERRNO(1) 000d: 15 00 01 000000e3 jeq clock_settime 000e (false 000f) 000e: 06 00 00 00050001 ret ERRNO(1) 000f: 15 00 01 000000a4 jeq settimeofday 0010 (false 0011) 0010: 06 00 00 00050001 ret ERRNO(1) 0011: 15 00 01 0000009a jeq modify_ldt 0012 (false 0013) 0012: 06 00 00 00050001 ret ERRNO(1) 0013: 15 00 01 000000d4 jeq lookup_dcookie 0014 (false 0015) 0014: 06 00 00 00050001 ret ERRNO(1) 0015: 15 00 01 0000012a jeq perf_event_open 0016 (false 0017) 0016: 06 00 00 00050001 ret ERRNO(1) 0017: 15 00 01 00000137 jeq process_vm_writev 0018 (false 0019) 0018: 06 00 00 00050001 ret ERRNO(1) 0019: 15 00 01 000000b0 jeq delete_module 001a (false 001b) 001a: 06 00 00 00050001 ret ERRNO(1) 001b: 15 00 01 00000139 jeq finit_module 001c (false 001d) 001c: 06 00 00 00050001 ret ERRNO(1) 001d: 15 00 01 000000af jeq init_module 001e (false 001f) 001e: 06 00 00 00050001 ret ERRNO(1) 001f: 15 00 01 000000a1 jeq chroot 0020 (false 0021) 0020: 06 00 00 00050001 ret ERRNO(1) 0021: 15 00 01 000000a5 jeq mount 0022 (false 0023) 0022: 06 00 00 00050001 ret ERRNO(1) 0023: 15 00 01 0000009b jeq pivot_root 0024 (false 0025) 0024: 06 00 00 00050001 ret ERRNO(1) 0025: 15 00 01 000000a6 jeq umount2 0026 (false 0027) 0026: 06 00 00 00050001 ret ERRNO(1) 0027: 15 00 01 0000009c jeq _sysctl 0028 (false 0029) 0028: 06 00 00 00050001 ret ERRNO(1) 0029: 15 00 01 000000b7 jeq afs_syscall 002a (false 002b) 002a: 06 00 00 00050001 ret ERRNO(1) 002b: 15 00 01 000000ae jeq create_module 002c (false 002d) 002c: 06 00 00 00050001 ret ERRNO(1) 002d: 15 00 01 000000b1 jeq get_kernel_syms 002e (false 002f) 002e: 06 00 00 00050001 ret ERRNO(1) 002f: 15 00 01 000000b5 jeq getpmsg 0030 (false 0031) 0030: 06 00 00 00050001 ret ERRNO(1) 0031: 15 00 01 000000b6 jeq putpmsg 0032 (false 0033) 0032: 06 00 00 00050001 ret ERRNO(1) 0033: 15 00 01 000000b2 jeq query_module 0034 (false 0035) 0034: 06 00 00 00050001 ret ERRNO(1) 0035: 15 00 01 000000b9 jeq security 0036 (false 0037) 0036: 06 00 00 00050001 ret ERRNO(1) 0037: 15 00 01 0000008b jeq sysfs 0038 (false 0039) 0038: 06 00 00 00050001 ret ERRNO(1) 0039: 15 00 01 000000b8 jeq tuxcall 003a (false 003b) 003a: 06 00 00 00050001 ret ERRNO(1) 003b: 15 00 01 00000086 jeq uselib 003c (false 003d) 003c: 06 00 00 00050001 ret ERRNO(1) 003d: 15 00 01 00000088 jeq ustat 003e (false 003f) 003e: 06 00 00 00050001 ret ERRNO(1) 003f: 15 00 01 000000ec jeq vserver 0040 (false 0041) 0040: 06 00 00 00050001 ret ERRNO(1) 0041: 15 00 01 000000ad jeq ioperm 0042 (false 0043) 0042: 06 00 00 00050001 ret ERRNO(1) 0043: 15 00 01 000000ac jeq iopl 0044 (false 0045) 0044: 06 00 00 00050001 ret ERRNO(1) 0045: 15 00 01 000000f6 jeq kexec_load 0046 (false 0047) 0046: 06 00 00 00050001 ret ERRNO(1) 0047: 15 00 01 00000140 jeq kexec_file_load 0048 (false 0049) 0048: 06 00 00 00050001 ret ERRNO(1) 0049: 15 00 01 000000a9 jeq reboot 004a (false 004b) 004a: 06 00 00 00050001 ret ERRNO(1) 004b: 15 00 01 000000a7 jeq swapon 004c (false 004d) 004c: 06 00 00 00050001 ret ERRNO(1) 004d: 15 00 01 000000a8 jeq swapoff 004e (false 004f) 004e: 06 00 00 00050001 ret ERRNO(1) 004f: 15 00 01 00000130 jeq open_by_handle_at 0050 (false 0051) 0050: 06 00 00 00050001 ret ERRNO(1) 0051: 15 00 01 0000012f jeq name_to_handle_at 0052 (false 0053) 0052: 06 00 00 00050001 ret ERRNO(1) 0053: 15 00 01 000000fb jeq ioprio_set 0054 (false 0055) 0054: 06 00 00 00050001 ret ERRNO(1) 0055: 15 00 01 00000067 jeq syslog 0056 (false 0057) 0056: 06 00 00 00050001 ret ERRNO(1) 0057: 15 00 01 0000012c jeq fanotify_init 0058 (false 0059) 0058: 06 00 00 00050001 ret ERRNO(1) 0059: 15 00 01 00000138 jeq kcmp 005a (false 005b) 005a: 06 00 00 00050001 ret ERRNO(1) 005b: 15 00 01 000000f8 jeq add_key 005c (false 005d) 005c: 06 00 00 00050001 ret ERRNO(1) 005d: 15 00 01 000000f9 jeq request_key 005e (false 005f) 005e: 06 00 00 00050001 ret ERRNO(1) 005f: 15 00 01 000000ed jeq mbind 0060 (false 0061) 0060: 06 00 00 00050001 ret ERRNO(1) 0061: 15 00 01 00000100 jeq migrate_pages 0062 (false 0063) 0062: 06 00 00 00050001 ret ERRNO(1) 0063: 15 00 01 00000117 jeq move_pages 0064 (false 0065) 0064: 06 00 00 00050001 ret ERRNO(1) 0065: 15 00 01 000000fa jeq keyctl 0066 (false 0067) 0066: 06 00 00 00050001 ret ERRNO(1) 0067: 15 00 01 000000ce jeq io_setup 0068 (false 0069) 0068: 06 00 00 00050001 ret ERRNO(1) 0069: 15 00 01 000000cf jeq io_destroy 006a (false 006b) 006a: 06 00 00 00050001 ret ERRNO(1) 006b: 15 00 01 000000d0 jeq io_getevents 006c (false 006d) 006c: 06 00 00 00050001 ret ERRNO(1) 006d: 15 00 01 000000d1 jeq io_submit 006e (false 006f) 006e: 06 00 00 00050001 ret ERRNO(1) 006f: 15 00 01 000000d2 jeq io_cancel 0070 (false 0071) 0070: 06 00 00 00050001 ret ERRNO(1) 0071: 15 00 01 000000d8 jeq remap_file_pages 0072 (false 0073) 0072: 06 00 00 00050001 ret ERRNO(1) 0073: 15 00 01 00000143 jeq userfaultfd 0074 (false 0075) 0074: 06 00 00 00050001 ret ERRNO(1) 0075: 15 00 01 000000a3 jeq acct 0076 (false 0077) 0076: 06 00 00 00050001 ret ERRNO(1) 0077: 15 00 01 00000141 jeq bpf 0078 (false 0079) 0078: 06 00 00 00050001 ret ERRNO(1) 0079: 15 00 01 000000b4 jeq nfsservctl 007a (false 007b) 007a: 06 00 00 00050001 ret ERRNO(1) 007b: 15 00 01 000000ab jeq setdomainname 007c (false 007d) 007c: 06 00 00 00050001 ret ERRNO(1) 007d: 15 00 01 000000aa jeq sethostname 007e (false 007f) 007e: 06 00 00 00050001 ret ERRNO(1) 007f: 15 00 01 00000099 jeq vhangup 0080 (false 0081) 0080: 06 00 00 00050001 ret ERRNO(1) 0081: 15 00 01 00000065 jeq ptrace 0082 (false 0083) 0082: 06 00 00 00050001 ret ERRNO(1) 0083: 15 00 01 00000087 jeq personality 0084 (false 0085) 0084: 06 00 00 00050001 ret ERRNO(1) 0085: 15 00 01 00000136 jeq process_vm_readv 0086 (false 0087) 0086: 06 00 00 00050001 ret ERRNO(1) 0087: 06 00 00 7fff0000 ret ALLOW seccomp filter configured Mounting read-only /run/firejail/mnt/seccomp 2571 2337 0:192 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755,inode64 mountid=2571 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs Seccomp directory: ls /run/firejail/mnt/seccomp drwxr-xr-x root root 160 . drwxr-xr-x root root 380 .. -rw-r--r-- pc users 1088 seccomp -rw-r--r-- pc users 808 seccomp.32 -rw-r--r-- pc users 114 seccomp.list -rw-r--r-- pc users 0 seccomp.postexec -rw-r--r-- pc users 0 seccomp.postexec32 -rw-r--r-- pc users 176 seccomp.protocol Active seccomp files: cat /run/firejail/mnt/seccomp/seccomp.list /run/firejail/mnt/seccomp/seccomp.protocol /run/firejail/mnt/seccomp/seccomp.32 /run/firejail/mnt/seccomp/seccomp Dropping all capabilities noroot user namespace installed Dropping all capabilities NO_NEW_PRIVS set Drop privileges: pid 1, uid 1000, gid 100, nogroups 1 No supplementary groups AppArmor enabled starting application LD_PRELOAD=(null) execvp argument 0: brave Child process initialized in 161.44 ms Searching $PATH for brave trying #/usr/local/sbin/brave# trying #/usr/local/bin/brave# Installing /run/firejail/mnt/seccomp/seccomp seccomp filter Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter Warning: an existing sandbox was detected. /usr/bin/brave will run without any additional sandboxing features monitoring pid 12 [12:29:1030/192913.361400:ERROR:bus.cc(393)] Failed to connect to the bus: Failed to connect to socket /run/firejail/mnt/dbus/system: Permission non accordée Ouverture dans une session de navigateur existante. Sandbox monitor: waitpid 12 retval 12 status 0 Sandbox monitor: monitoring 16 monitoring pid 16 Sandbox monitor: waitpid 16 retval 16 status 0 Sandbox monitor: monitoring 17 monitoring pid 17 Sandbox monitor: waitpid 17 retval 17 status 0 Parent is shutting down, bye... ``` </details> <details><summary> Exiting the console by launching Tor </summary> ``` [9:9:1030/193707.613550:ERROR:brave_new_tab_message_handler.cc(162)] Ads service is not initialized! LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [248:310:1030/193707.725499:ERROR:tor_launcher_impl.cc(203)] tor exit (127) [9:9:1030/193708.014320:ERROR:CONSOLE(0)] "Unchecked runtime.lastError: Unknown error.", source: chrome://newtab/ (0) [9:9:1030/193708.015445:ERROR:CONSOLE(0)] "Unchecked runtime.lastError: Not available in Tor/incognito/guest profile", source: chrome://newtab/ (0) [9:9:1030/193708.017333:ERROR:CONSOLE(0)] "Unchecked runtime.lastError: Not available in Tor/incognito/guest profile", source: chrome://newtab/ (0) [9:9:1030/193708.083747:ERROR:CONSOLE(0)] "Unchecked runtime.lastError: Not available in Tor/incognito/guest profile", source: chrome://newtab/ (0) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [312:318:1030/193708.803578:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [319:325:1030/193709.897761:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [326:332:1030/193710.962206:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [333:339:1030/193712.030565:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [340:346:1030/193713.104311:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [347:353:1030/193714.184728:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [354:360:1030/193715.249432:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [361:367:1030/193716.318447:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [368:374:1030/193717.395087:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [375:381:1030/193718.460753:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [382:388:1030/193719.529239:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [389:395:1030/193720.600248:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [396:402:1030/193721.669012:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [403:409:1030/193722.732810:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [410:416:1030/193723.802245:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [417:423:1030/193724.877937:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [424:430:1030/193725.946906:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [431:437:1030/193727.014679:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [438:444:1030/193728.093059:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [451:462:1030/193729.251837:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [463:469:1030/193730.349036:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [470:476:1030/193731.435015:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [477:483:1030/193732.524889:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [484:490:1030/193733.599598:ERROR:tor_launcher_impl.cc(203)] tor exit (127) LaunchProcess: failed to execvp: ~/.config/BraveSoftware/Brave-Browser/*********************************/1.0.12/tor-0.3.5.11-linux-brave-0 [491:497:1030/193734.673858:ERROR:tor_launcher_impl.cc(203)] tor exit (127) ... ``` </details>
gitea-mirror commented 2026-05-05 09:01:25 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Oct 30, 2020):

As I get these error, it tries to run something in ~/.config/BraveSoftware/Brave-Browser. Can you try

ignore apparmor
ignore noexec ${HOME}
<!-- gh-comment-id:719749833 --> @rusty-snake commented on GitHub (Oct 30, 2020): As I get these error, it tries to run something in `~/.config/BraveSoftware/Brave-Browser`. Can you try ``` ignore apparmor ignore noexec ${HOME} ```
gitea-mirror commented 2026-05-05 09:01:26 -06:00
Author
Owner
Copy link

@Bundy01 commented on GitHub (Oct 30, 2020):

Hi,
adding ignore noexec ${HOME} in the profile of brave solved the problem.
Thanks.

<!-- gh-comment-id:719754730 --> @Bundy01 commented on GitHub (Oct 30, 2020): Hi, adding `ignore noexec ${HOME}` in the profile of brave solved the problem. Thanks.
gitea-mirror commented 2026-05-05 09:01:27 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Nov 1, 2020):

adding ignore noexec ${HOME} in the profile of brave solved the problem.

We had this problem for our tor profiles also, so we removed noexec from them. Tor is running from user directory, and they update live their executables. Probably brave brings in some tor programs and stores them in the user directory.

<!-- gh-comment-id:720108736 --> @netblue30 commented on GitHub (Nov 1, 2020): > adding ignore noexec ${HOME} in the profile of brave solved the problem. We had this problem for our tor profiles also, so we removed noexec from them. Tor is running from user directory, and they update live their executables. Probably brave brings in some tor programs and stores them in the user directory.
gitea-mirror commented 2026-05-05 09:01:28 -06:00
Author
Owner
Copy link

@odiferousmint commented on GitHub (Dec 11, 2020):

I would like to report that ignore noexec ${HOME} does not solve it for me. Any thoughts?

I am still getting:

LaunchProcess: failed to execvp:
/home/odiferousmint/.config/BraveSoftware/Brave-Browser/xxx

even when I run it with a profile that has the following:

include /etc/firejail/brave.profile

ignore apparmor
ignore noexec ${HOME}

$ firejail --version
firejail version 0.9.64

Compile time support:
        - AppArmor support is enabled
        - AppImage support is enabled
        - chroot support is enabled
        - D-BUS proxy support is enabled
        - file and directory whitelisting support is enabled
        - file transfer support is enabled
        - firetunnel support is enabled
        - networking support is enabled
        - overlayfs support is enabled
        - private-home support is enabled
        - SELinux support is disabled
        - user namespace support is enabled
        - X11 sandboxing support is enabled

Edit: it does work. Order matters!

ignore noexec ${HOME}

include /etc/firejail/brave.profile

in ~/.config/firejail/brave.profile solved it.

<!-- gh-comment-id:743366502 --> @odiferousmint commented on GitHub (Dec 11, 2020): I would like to report that `ignore noexec ${HOME}` does not solve it for me. Any thoughts? I am still getting: ``` LaunchProcess: failed to execvp: /home/odiferousmint/.config/BraveSoftware/Brave-Browser/xxx ``` even when I run it with a profile that has the following: ``` include /etc/firejail/brave.profile ignore apparmor ignore noexec ${HOME} ``` --- ``` $ firejail --version firejail version 0.9.64 Compile time support: - AppArmor support is enabled - AppImage support is enabled - chroot support is enabled - D-BUS proxy support is enabled - file and directory whitelisting support is enabled - file transfer support is enabled - firetunnel support is enabled - networking support is enabled - overlayfs support is enabled - private-home support is enabled - SELinux support is disabled - user namespace support is enabled - X11 sandboxing support is enabled ``` --- **Edit**: it does work. Order matters! ``` ignore noexec ${HOME} include /etc/firejail/brave.profile ``` in `~/.config/firejail/brave.profile` solved it.
gitea-mirror commented 2026-05-05 09:01:29 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Dec 11, 2020):

@odiferousmint the ignore has no effect, because it comes after apparmor/noexec ${HOME}. Remove the include /etc/firejail/brave.profile and make sure you edit brave.local and not brave.profile.

<!-- gh-comment-id:743372083 --> @rusty-snake commented on GitHub (Dec 11, 2020): @odiferousmint the `ignore` has no effect, because it comes after `apparmor`/`noexec ${HOME}`. Remove the `include /etc/firejail/brave.profile` and make sure you edit brave.local and not brave.profile.
gitea-mirror commented 2026-05-05 09:01:29 -06:00
Author
Owner
Copy link

@odiferousmint commented on GitHub (Dec 11, 2020):

I edited my previous message, it works the way I described, too. Where is the brave.local file supposed to be located at? If it requires root, I will stick to the way I am currently using it. Thank you by the way for the swift reply. :)

<!-- gh-comment-id:743373642 --> @odiferousmint commented on GitHub (Dec 11, 2020): I edited my previous message, it works the way I described, too. Where is the `brave.local` file supposed to be located at? If it requires root, I will stick to the way I am currently using it. Thank you by the way for the swift reply. :)
gitea-mirror commented 2026-05-05 09:01:30 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Dec 11, 2020):

Every profile (except some alias profiles) have a include <PROFILE-NAME>.local at the top (and a include globals.local) for users customizations. Own customizations should go in those files. You can create is under ~/.config/firejail or /etc/firejail. A file in ~/.config/firejail has a higher priority as a file in /etc/firejail.

<!-- gh-comment-id:743382963 --> @rusty-snake commented on GitHub (Dec 11, 2020): Every profile (except some alias profiles) have a `include <PROFILE-NAME>.local` at the top (and a `include globals.local`) for users customizations. Own customizations should go in those files. You can create is under ~/.config/firejail or /etc/firejail. A file in ~/.config/firejail has a higher priority as a file in /etc/firejail.
gitea-mirror commented 2026-05-05 09:01:31 -06:00
Author
Owner
Copy link

@odiferousmint commented on GitHub (Dec 11, 2020):

Oh alrighties, so I suppose the way I did it is fine.

<!-- gh-comment-id:743386077 --> @odiferousmint commented on GitHub (Dec 11, 2020): Oh alrighties, so I suppose the way I did it is fine.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2337
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?