github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #3725] Firefox widevinecdm crashes (e.g. Amazon Prime Video) #2349

New issue

Closed

opened 2026-05-05 09:01:58 -06:00 by gitea-mirror · 22 comments

gitea-mirror commented

2026-05-05 09:01:58 -06:00

Owner

Originally created by @Utini2000 on GitHub (Nov 5, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3725

Write clear, concise and in textual form.

Bug and expected behavior
When activating the firejail profile for firefox, Amazon Prime will not work anymore because the plugin "widevinecdm" crashes.

No profile and disabling firejail
When disabling firejail, everything will work fine.

Reproduce
Steps to reproduce the behavior:
sudo firecfg
start firefox
play a video on amazon prime video (won't work)
close firefox
sudo firecfg --clean
start firefox
play a video on amazon prime video (will work)

Environment

Archlinux x86_64 Linux 5.8.16.a-1-hardened
firejail version 0.9.64

Additional context
Other context about the problem like related errors to understand the problem.

Checklist

[ x ] The upstream profile (and redirect profile if exists) have no changes fixing it.
[ x ] The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
[ x ] Programs needed for interaction are listed in the profile.
[ x ] A short search for duplicates was performed.
[ x ] If it is a AppImage, --profile=PROFILENAME is used to set the right profile.

debug output


firejail --debug firefox
Autoselecting /bin/zsh as shell
Building quoted command line: 'firefox' 
Command name #firefox#
Found firefox.profile profile in /etc/firejail directory
Reading profile /etc/firejail/firefox.profile
Found whitelist-usr-share-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Found firefox-common.profile profile in /etc/firejail directory
Reading profile /etc/firejail/firefox-common.profile
Found disable-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-common.inc
Found disable-devel.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-devel.inc
Found disable-exec.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-exec.inc
Found disable-interpreters.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-interpreters.inc
Found disable-programs.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-programs.inc
Found whitelist-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-common.inc
Found whitelist-var-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: Warning: NVIDIA card detected, nogroups command disabled
conditional BROWSER_DISABLE_U2F, nou2f
conditional BROWSER_DISABLE_U2F, private-dev
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
DISPLAY=:0 parsed as 0
xdg-dbus-proxy arg: unix:path=/run/user/1000/bus
xdg-dbus-proxy arg: /run/firejail/dbus/1000/47441-user
xdg-dbus-proxy arg: --filter
xdg-dbus-proxy arg: --own=org.mozilla.firefox.*
xdg-dbus-proxy arg: --own=org.mpris.MediaPlayer2.firefox.*
starting xdg-dbus-proxy
sbox exec: /usr/bin/xdg-dbus-proxy --fd=8 --args=9 
Dropping all capabilities
Drop privileges: pid 47442, uid 1000, gid 985, nogroups 1
No supplementary groups
xdg-dbus-proxy initialized
Using the local network stack
Parent pid 47441, child pid 47444
Initializing child process
Host network configured
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp directory
Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file
Build protocol filter: unix,inet,inet6,netlink
sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol 
Dropping all capabilities
Drop privileges: pid 2, uid 1000, gid 985, nogroups 1
No supplementary groups
Mounting /proc filesystem representing the PID namespace
Basic read-only filesystem:
Mounting read-only /etc
727 684 254:1 /etc /etc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=727 fsname=/etc dir=/etc fstype=ext4
Mounting noexec /etc
728 727 254:1 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=728 fsname=/etc dir=/etc fstype=ext4
Mounting read-only /var
729 684 254:1 /var /var ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=729 fsname=/var dir=/var fstype=ext4
Mounting noexec /var
730 729 254:1 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=730 fsname=/var dir=/var fstype=ext4
Mounting read-only /usr
731 684 254:1 /usr /usr ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=731 fsname=/usr dir=/usr fstype=ext4
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Create the new utmp file
Mount the new utmp file
Cleaning /home directory
Cleaning /run/user directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /home/Username/.config/firejail
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/profile
Disable /run/firejail/x11
Mounting tmpfs on /dev
mounting /run/firejail/mnt/dev/snd directory
mounting /run/firejail/mnt/dev/dri directory
mounting /run/firejail/mnt/dev/nvidia0 file
mounting /run/firejail/mnt/dev/nvidiactl file
mounting /run/firejail/mnt/dev/nvidia-modeset file
mounting /run/firejail/mnt/dev/video0 file
mounting /run/firejail/mnt/dev/video1 file
Process /dev/shm directory
Generate private-tmp whitelist commands
Creating empty /run/firejail/mnt/dbus directory
Creating empty /run/firejail/mnt/dbus/user file
blacklist /run/user/1000/bus
Creating empty /run/firejail/mnt/dbus/system file
blacklist /run/dbus/system_bus_socket
blacklist /run/firejail/dbus
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Mounting read-only /proc/sys
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/power
Disable /sys/kernel/debug
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kallsyms
Disable /usr/lib/modules/5.9.3-arch1-1/build (requested /usr/src/linux)
Disable /usr/lib/modules (requested /lib/modules)
Disable /boot
Disable /run/user/1000/gnupg
Disable /run/user/1000/systemd
Disable /proc/kmsg
Debug 456: new_name #/home/Username/.cache/mozilla/firefox#, whitelist
Debug 571: fname #/home/Username/.cache/mozilla/firefox#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.cache/mozilla/firefox
Debug 456: new_name #/home/Username/.mozilla#, whitelist
Debug 571: fname #/home/Username/.mozilla#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.mozilla
Debug 456: new_name #/usr/share/doc#, whitelist
Debug 456: new_name #/usr/share/firefox#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/firefox
        expanded: /usr/share/firefox
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/gtk-doc/html#, whitelist
Debug 456: new_name #/usr/share/mozilla#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/mozilla
        expanded: /usr/share/mozilla
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/webext#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/webext
        expanded: /usr/share/webext
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/alsa#, whitelist
Debug 456: new_name #/usr/share/applications#, whitelist
Debug 456: new_name #/usr/share/ca-certificates#, whitelist
Debug 456: new_name #/usr/share/crypto-policies#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/crypto-policies
        expanded: /usr/share/crypto-policies
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/cursors#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/cursors
        expanded: /usr/share/cursors
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/dconf#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/dconf
        expanded: /usr/share/dconf
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/distro-info#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/distro-info
        expanded: /usr/share/distro-info
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/drirc.d#, whitelist
Debug 456: new_name #/usr/share/enchant#, whitelist
Debug 456: new_name #/usr/share/enchant-2#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/enchant-2
        expanded: /usr/share/enchant-2
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/file#, whitelist
Debug 456: new_name #/usr/share/fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/fontconfig
        expanded: /usr/share/fontconfig
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/fonts#, whitelist
Debug 456: new_name #/usr/share/gir-1.0#, whitelist
Debug 456: new_name #/usr/share/gjs-1.0#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/gjs-1.0
        expanded: /usr/share/gjs-1.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/glib-2.0#, whitelist
Debug 456: new_name #/usr/share/glvnd#, whitelist
Debug 456: new_name #/usr/share/gtk-2.0#, whitelist
Debug 456: new_name #/usr/share/gtk-3.0#, whitelist
Debug 456: new_name #/usr/share/gtk-engines#, whitelist
Debug 456: new_name #/usr/share/gtksourceview-3.0#, whitelist
Debug 456: new_name #/usr/share/gtksourceview-4#, whitelist
Debug 456: new_name #/usr/share/hunspell#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/hunspell
        expanded: /usr/share/hunspell
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/hwdata#, whitelist
Debug 456: new_name #/usr/share/icons#, whitelist
Debug 456: new_name #/usr/share/icu#, whitelist
Debug 456: new_name #/usr/share/knotifications5#, whitelist
Debug 456: new_name #/usr/share/kservices5#, whitelist
Debug 456: new_name #/usr/share/Kvantum#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/Kvantum
        expanded: /usr/share/Kvantum
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/kxmlgui5#, whitelist
Debug 456: new_name #/usr/share/libdrm#, whitelist
Debug 456: new_name #/usr/share/libthai#, whitelist
Debug 456: new_name #/usr/share/locale#, whitelist
Debug 456: new_name #/usr/share/mime#, whitelist
Debug 456: new_name #/usr/share/misc#, whitelist
Debug 456: new_name #/usr/share/Modules#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/Modules
        expanded: /usr/share/Modules
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/myspell#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/myspell
        expanded: /usr/share/myspell
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/p11-kit#, whitelist
Debug 456: new_name #/usr/share/perl#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/perl
        expanded: /usr/share/perl
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/perl5#, whitelist
Debug 456: new_name #/usr/share/pixmaps#, whitelist
Debug 456: new_name #/usr/share/pki#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/pki
        expanded: /usr/share/pki
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/plasma#, whitelist
Debug 456: new_name #/usr/share/publicsuffix#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/publicsuffix
        expanded: /usr/share/publicsuffix
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/qt#, whitelist
Debug 456: new_name #/usr/share/qt4#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/qt4
        expanded: /usr/share/qt4
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/qt5#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/qt5
        expanded: /usr/share/qt5
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/qt5ct
        expanded: /usr/share/qt5ct
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/sounds#, whitelist
Debug 456: new_name #/usr/share/tcl8.6#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/tcl8.6
        expanded: /usr/share/tcl8.6
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/tcltk#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/tcltk
        expanded: /usr/share/tcltk
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/terminfo#, whitelist
Debug 456: new_name #/usr/share/texlive#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/texlive
        expanded: /usr/share/texlive
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/texmf#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/texmf
        expanded: /usr/share/texmf
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/themes#, whitelist
Debug 456: new_name #/usr/share/thumbnail.so#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/thumbnail.so
        expanded: /usr/share/thumbnail.so
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/X11#, whitelist
Debug 456: new_name #/usr/share/xml#, whitelist
Debug 456: new_name #/usr/share/zoneinfo#, whitelist
Directory ${DOWNLOADS} resolved as Downloads
Debug 456: new_name #/home/Username/Downloads#, whitelist
Debug 571: fname #/home/Username/Downloads#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/Downloads
Debug 456: new_name #/home/Username/.pki#, whitelist
Debug 571: fname #/home/Username/.pki#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.pki
Debug 456: new_name #/home/Username/.local/share/pki#, whitelist
Debug 571: fname #/home/Username/.local/share/pki#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.local/share/pki
Debug 456: new_name #/home/Username/.XCompose#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose
        expanded: /home/Username/.XCompose
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.asoundrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc
        expanded: /home/Username/.asoundrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/ibus#, whitelist
Debug 571: fname #/home/Username/.config/ibus#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/ibus
Debug 456: new_name #/home/Username/.config/mimeapps.list#, whitelist
Debug 571: fname #/home/Username/.config/mimeapps.list#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/mimeapps.list
Debug 456: new_name #/home/Username/.config/pkcs11#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11
        expanded: /home/Username/.config/pkcs11
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/user-dirs.dirs#, whitelist
Debug 571: fname #/home/Username/.config/user-dirs.dirs#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/user-dirs.dirs
Debug 456: new_name #/home/Username/.config/user-dirs.locale#, whitelist
Debug 571: fname #/home/Username/.config/user-dirs.locale#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/user-dirs.locale
Debug 456: new_name #/home/Username/.drirc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc
        expanded: /home/Username/.drirc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons
        expanded: /home/Username/.icons
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/applications#, whitelist
Debug 571: fname #/home/Username/.local/share/applications#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.local/share/applications
Debug 456: new_name #/home/Username/.local/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/icons
        expanded: /home/Username/.local/share/icons
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/mime#, whitelist
Debug 571: fname #/home/Username/.local/share/mime#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.local/share/mime
Debug 456: new_name #/home/Username/.mime.types#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types
        expanded: /home/Username/.mime.types
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.uim.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d
        expanded: /home/Username/.uim.d
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/dconf#, whitelist
Debug 571: fname #/home/Username/.config/dconf#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/dconf
Debug 456: new_name #/home/Username/.cache/fontconfig#, whitelist
Debug 571: fname #/home/Username/.cache/fontconfig#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.cache/fontconfig
Debug 456: new_name #/home/Username/.config/fontconfig#, whitelist
Debug 571: fname #/home/Username/.config/fontconfig#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/fontconfig
Debug 456: new_name #/home/Username/.fontconfig#, whitelist
Debug 571: fname #/home/Username/.fontconfig#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.fontconfig
Debug 456: new_name #/home/Username/.fonts#, whitelist
Debug 571: fname #/home/Username/.fonts#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.fonts
Debug 456: new_name #/home/Username/.fonts.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf
        expanded: /home/Username/.fonts.conf
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.fonts.conf.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d
        expanded: /home/Username/.fonts.conf.d
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.fonts.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d
        expanded: /home/Username/.fonts.d
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/fonts
        expanded: /home/Username/.local/share/fonts
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.pangorc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc
        expanded: /home/Username/.pangorc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/gtk-2.0#, whitelist
Debug 571: fname #/home/Username/.config/gtk-2.0#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/gtk-2.0
Debug 456: new_name #/home/Username/.config/gtk-3.0#, whitelist
Debug 571: fname #/home/Username/.config/gtk-3.0#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/gtk-3.0
Debug 456: new_name #/home/Username/.config/gtk-4.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0
        expanded: /home/Username/.config/gtk-4.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/gtkrc#, whitelist
Debug 571: fname #/home/Username/.config/gtkrc#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/gtkrc
Debug 456: new_name #/home/Username/.config/gtkrc-2.0#, whitelist
Debug 571: fname #/home/Username/.config/gtkrc-2.0#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/gtkrc-2.0
Debug 456: new_name #/home/Username/.gnome2#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2
        expanded: /home/Username/.gnome2
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.gnome2-private#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private
        expanded: /home/Username/.gnome2-private
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.gtk-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0
        expanded: /home/Username/.gtk-2.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc
        expanded: /home/Username/.gtkrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.gtkrc-2.0#, whitelist
Debug 571: fname #/home/Username/.gtkrc-2.0#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.gtkrc-2.0
Debug 456: new_name #/home/Username/.kde/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc
        expanded: /home/Username/.kde/share/config/gtkrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0
        expanded: /home/Username/.kde/share/config/gtkrc-2.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc
        expanded: /home/Username/.kde4/share/config/gtkrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0
        expanded: /home/Username/.kde4/share/config/gtkrc-2.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes
        expanded: /home/Username/.local/share/themes
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes
        expanded: /home/Username/.themes
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.cache/kioexec/krun#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun
        expanded: /home/Username/.cache/kioexec/krun
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/Kvantum#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Kvantum
        expanded: /home/Username/.config/Kvantum
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/Trolltech.conf#, whitelist
Debug 571: fname #/home/Username/.config/Trolltech.conf#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/Trolltech.conf
Debug 456: new_name #/home/Username/.config/kdeglobals#, whitelist
Debug 571: fname #/home/Username/.config/kdeglobals#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/kdeglobals
Debug 456: new_name #/home/Username/.config/kio_httprc#, whitelist
Debug 571: fname #/home/Username/.config/kio_httprc#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/kio_httprc
Debug 456: new_name #/home/Username/.config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc
        expanded: /home/Username/.config/kioslaverc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist
        expanded: /home/Username/.config/ksslcablacklist
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qt5ct
        expanded: /home/Username/.config/qt5ct
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals
        expanded: /home/Username/.kde/share/config/kdeglobals
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc
        expanded: /home/Username/.kde/share/config/kio_httprc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc
        expanded: /home/Username/.kde/share/config/kioslaverc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist
        expanded: /home/Username/.kde/share/config/ksslcablacklist
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc
        expanded: /home/Username/.kde/share/config/oxygenrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons
        expanded: /home/Username/.kde/share/icons
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/kdeglobals#, whitelist
Debug 571: fname #/home/Username/.kde4/share/config/kdeglobals#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.kde4/share/config/kdeglobals
Debug 456: new_name #/home/Username/.kde4/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc
        expanded: /home/Username/.kde4/share/config/kio_httprc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc
        expanded: /home/Username/.kde4/share/config/kioslaverc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist
        expanded: /home/Username/.kde4/share/config/ksslcablacklist
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc
        expanded: /home/Username/.kde4/share/config/oxygenrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons
        expanded: /home/Username/.kde4/share/icons
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct
        expanded: /home/Username/.local/share/qt5ct
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/var/lib/ca-certificates#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates
        expanded: /var/lib/ca-certificates
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/var/lib/dbus#, whitelist
Debug 456: new_name #/var/lib/menu-xdg#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg
        expanded: /var/lib/menu-xdg
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/var/lib/uim#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/uim
        expanded: /var/lib/uim
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/var/cache/fontconfig#, whitelist
Debug 456: new_name #/var/tmp#, whitelist
Debug 456: new_name #/var/run#, whitelist
Replaced whitelist path: whitelist /run
Debug 456: new_name #/var/lock#, whitelist
Replaced whitelist path: whitelist /run/lock
Debug 456: new_name #/tmp/.X11-unix#, whitelist
Mounting tmpfs on /tmp directory
Mounting tmpfs on /var directory
Mounting tmpfs on /usr/share directory
Drop privileges: pid 3, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Mounting a new /root directory
Mounting a new /home directory
Create a new user directory
Drop privileges: pid 4, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Drop privileges: pid 5, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Whitelisting /home/Username/.cache/mozilla/firefox
1379 1287 254:1 /home/Username/.cache/mozilla/firefox /home/Username/.cache/mozilla/firefox rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1379 fsname=/home/Username/.cache/mozilla/firefox dir=/home/Username/.cache/mozilla/firefox fstype=ext4
Whitelisting /home/Username/.mozilla
1482 1287 254:1 /home/Username/.mozilla /home/Username/.mozilla rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1482 fsname=/home/Username/.mozilla dir=/home/Username/.mozilla fstype=ext4
Whitelisting /usr/share/doc
1500 1160 254:1 /usr/share/doc /usr/share/doc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1500 fsname=/usr/share/doc dir=/usr/share/doc fstype=ext4
Whitelisting /usr/share/gtk-doc/html
1501 1160 254:1 /usr/share/gtk-doc/html /usr/share/gtk-doc/html ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1501 fsname=/usr/share/gtk-doc/html dir=/usr/share/gtk-doc/html fstype=ext4
Whitelisting /usr/share/alsa
1643 1160 254:1 /usr/share/alsa /usr/share/alsa ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1643 fsname=/usr/share/alsa dir=/usr/share/alsa fstype=ext4
Whitelisting /usr/share/applications
1658 1160 254:1 /usr/share/applications /usr/share/applications ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1658 fsname=/usr/share/applications dir=/usr/share/applications fstype=ext4
Whitelisting /usr/share/ca-certificates
1659 1160 254:1 /usr/share/ca-certificates /usr/share/ca-certificates ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1659 fsname=/usr/share/ca-certificates dir=/usr/share/ca-certificates fstype=ext4
Whitelisting /usr/share/drirc.d
1773 1160 254:1 /usr/share/drirc.d /usr/share/drirc.d ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1773 fsname=/usr/share/drirc.d dir=/usr/share/drirc.d fstype=ext4
Whitelisting /usr/share/enchant
1811 1160 254:1 /usr/share/enchant /usr/share/enchant ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1811 fsname=/usr/share/enchant dir=/usr/share/enchant fstype=ext4
Whitelisting /usr/share/file
1848 1160 254:1 /usr/share/file /usr/share/file ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1848 fsname=/usr/share/file dir=/usr/share/file fstype=ext4
Whitelisting /usr/share/fonts
1855 1160 254:1 /usr/share/fonts /usr/share/fonts ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1855 fsname=/usr/share/fonts dir=/usr/share/fonts fstype=ext4
Whitelisting /usr/share/gir-1.0
1948 1160 254:1 /usr/share/gir-1.0 /usr/share/gir-1.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1948 fsname=/usr/share/gir-1.0 dir=/usr/share/gir-1.0 fstype=ext4
Whitelisting /usr/share/glib-2.0
1949 1160 254:1 /usr/share/glib-2.0 /usr/share/glib-2.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1949 fsname=/usr/share/glib-2.0 dir=/usr/share/glib-2.0 fstype=ext4
Whitelisting /usr/share/glvnd
1961 1160 254:1 /usr/share/glvnd /usr/share/glvnd ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1961 fsname=/usr/share/glvnd dir=/usr/share/glvnd fstype=ext4
Whitelisting /usr/share/gtk-2.0
1962 1160 254:1 /usr/share/gtk-2.0 /usr/share/gtk-2.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1962 fsname=/usr/share/gtk-2.0 dir=/usr/share/gtk-2.0 fstype=ext4
Whitelisting /usr/share/gtk-3.0
1977 1160 254:1 /usr/share/gtk-3.0 /usr/share/gtk-3.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1977 fsname=/usr/share/gtk-3.0 dir=/usr/share/gtk-3.0 fstype=ext4
Whitelisting /usr/share/gtk-engines
1978 1160 254:1 /usr/share/gtk-engines /usr/share/gtk-engines ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1978 fsname=/usr/share/gtk-engines dir=/usr/share/gtk-engines fstype=ext4
Whitelisting /usr/share/gtksourceview-3.0
1979 1160 254:1 /usr/share/gtksourceview-3.0 /usr/share/gtksourceview-3.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1979 fsname=/usr/share/gtksourceview-3.0 dir=/usr/share/gtksourceview-3.0 fstype=ext4
Whitelisting /usr/share/gtksourceview-4
1980 1160 254:1 /usr/share/gtksourceview-4 /usr/share/gtksourceview-4 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1980 fsname=/usr/share/gtksourceview-4 dir=/usr/share/gtksourceview-4 fstype=ext4
Whitelisting /usr/share/hwdata
1981 1160 254:1 /usr/share/hwdata /usr/share/hwdata ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1981 fsname=/usr/share/hwdata dir=/usr/share/hwdata fstype=ext4
Whitelisting /usr/share/icons
1982 1160 254:1 /usr/share/icons /usr/share/icons ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1982 fsname=/usr/share/icons dir=/usr/share/icons fstype=ext4
Whitelisting /usr/share/icu
1983 1160 254:1 /usr/share/icu /usr/share/icu ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1983 fsname=/usr/share/icu dir=/usr/share/icu fstype=ext4
Whitelisting /usr/share/knotifications5
1984 1160 254:1 /usr/share/knotifications5 /usr/share/knotifications5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1984 fsname=/usr/share/knotifications5 dir=/usr/share/knotifications5 fstype=ext4
Whitelisting /usr/share/kservices5
1985 1160 254:1 /usr/share/kservices5 /usr/share/kservices5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1985 fsname=/usr/share/kservices5 dir=/usr/share/kservices5 fstype=ext4
Whitelisting /usr/share/kxmlgui5
1986 1160 254:1 /usr/share/kxmlgui5 /usr/share/kxmlgui5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1986 fsname=/usr/share/kxmlgui5 dir=/usr/share/kxmlgui5 fstype=ext4
Whitelisting /usr/share/libdrm
1987 1160 254:1 /usr/share/libdrm /usr/share/libdrm ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1987 fsname=/usr/share/libdrm dir=/usr/share/libdrm fstype=ext4
Whitelisting /usr/share/libthai
1988 1160 254:1 /usr/share/libthai /usr/share/libthai ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1988 fsname=/usr/share/libthai dir=/usr/share/libthai fstype=ext4
Whitelisting /usr/share/locale
1989 1160 254:1 /usr/share/locale /usr/share/locale ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1989 fsname=/usr/share/locale dir=/usr/share/locale fstype=ext4
Whitelisting /usr/share/mime
1990 1160 254:1 /usr/share/mime /usr/share/mime ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1990 fsname=/usr/share/mime dir=/usr/share/mime fstype=ext4
Whitelisting /usr/share/misc
1991 1160 254:1 /usr/share/misc /usr/share/misc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1991 fsname=/usr/share/misc dir=/usr/share/misc fstype=ext4
Whitelisting /usr/share/p11-kit
1992 1160 254:1 /usr/share/p11-kit /usr/share/p11-kit ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1992 fsname=/usr/share/p11-kit dir=/usr/share/p11-kit fstype=ext4
Whitelisting /usr/share/perl5
1993 1160 254:1 /usr/share/perl5 /usr/share/perl5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1993 fsname=/usr/share/perl5 dir=/usr/share/perl5 fstype=ext4
Whitelisting /usr/share/pixmaps
1994 1160 254:1 /usr/share/pixmaps /usr/share/pixmaps ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1994 fsname=/usr/share/pixmaps dir=/usr/share/pixmaps fstype=ext4
Whitelisting /usr/share/plasma
1995 1160 254:1 /usr/share/plasma /usr/share/plasma ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1995 fsname=/usr/share/plasma dir=/usr/share/plasma fstype=ext4
Whitelisting /usr/share/qt
1996 1160 254:1 /usr/share/qt /usr/share/qt ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1996 fsname=/usr/share/qt dir=/usr/share/qt fstype=ext4
Whitelisting /usr/share/sounds
1997 1160 254:1 /usr/share/sounds /usr/share/sounds ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1997 fsname=/usr/share/sounds dir=/usr/share/sounds fstype=ext4
Whitelisting /usr/share/terminfo
1998 1160 254:1 /usr/share/terminfo /usr/share/terminfo ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1998 fsname=/usr/share/terminfo dir=/usr/share/terminfo fstype=ext4
Whitelisting /usr/share/themes
1999 1160 254:1 /usr/share/themes /usr/share/themes ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1999 fsname=/usr/share/themes dir=/usr/share/themes fstype=ext4
Whitelisting /usr/share/X11
2000 1160 254:1 /usr/share/X11 /usr/share/X11 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2000 fsname=/usr/share/X11 dir=/usr/share/X11 fstype=ext4
Whitelisting /usr/share/xml
2001 1160 254:1 /usr/share/xml /usr/share/xml ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2001 fsname=/usr/share/xml dir=/usr/share/xml fstype=ext4
Whitelisting /usr/share/zoneinfo
2002 1160 254:1 /usr/share/zoneinfo /usr/share/zoneinfo ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2002 fsname=/usr/share/zoneinfo dir=/usr/share/zoneinfo fstype=ext4
Whitelisting /home/Username/Downloads
2003 1287 254:1 /home/Username/Downloads /home/Username/Downloads rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2003 fsname=/home/Username/Downloads dir=/home/Username/Downloads fstype=ext4
Whitelisting /home/Username/.pki
2004 1287 254:1 /home/Username/.pki /home/Username/.pki rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2004 fsname=/home/Username/.pki dir=/home/Username/.pki fstype=ext4
Whitelisting /home/Username/.local/share/pki
2005 1287 254:1 /home/Username/.local/share/pki /home/Username/.local/share/pki rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2005 fsname=/home/Username/.local/share/pki dir=/home/Username/.local/share/pki fstype=ext4
Whitelisting /home/Username/.config/ibus
2006 1287 254:1 /home/Username/.config/ibus /home/Username/.config/ibus rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2006 fsname=/home/Username/.config/ibus dir=/home/Username/.config/ibus fstype=ext4
Whitelisting /home/Username/.config/mimeapps.list
2007 1287 254:1 /home/Username/.config/mimeapps.list /home/Username/.config/mimeapps.list rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2007 fsname=/home/Username/.config/mimeapps.list dir=/home/Username/.config/mimeapps.list fstype=ext4
Whitelisting /home/Username/.config/user-dirs.dirs
2008 1287 254:1 /home/Username/.config/user-dirs.dirs /home/Username/.config/user-dirs.dirs rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2008 fsname=/home/Username/.config/user-dirs.dirs dir=/home/Username/.config/user-dirs.dirs fstype=ext4
Whitelisting /home/Username/.config/user-dirs.locale
2009 1287 254:1 /home/Username/.config/user-dirs.locale /home/Username/.config/user-dirs.locale rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2009 fsname=/home/Username/.config/user-dirs.locale dir=/home/Username/.config/user-dirs.locale fstype=ext4
Whitelisting /home/Username/.local/share/applications
2010 1287 254:1 /home/Username/.local/share/applications /home/Username/.local/share/applications rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2010 fsname=/home/Username/.local/share/applications dir=/home/Username/.local/share/applications fstype=ext4
Whitelisting /home/Username/.local/share/mime
2011 1287 254:1 /home/Username/.local/share/mime /home/Username/.local/share/mime rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2011 fsname=/home/Username/.local/share/mime dir=/home/Username/.local/share/mime fstype=ext4
Whitelisting /home/Username/.config/dconf
2012 1287 254:1 /home/Username/.config/dconf /home/Username/.config/dconf rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2012 fsname=/home/Username/.config/dconf dir=/home/Username/.config/dconf fstype=ext4
Whitelisting /home/Username/.cache/fontconfig
2013 1287 254:1 /home/Username/.cache/fontconfig /home/Username/.cache/fontconfig rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2013 fsname=/home/Username/.cache/fontconfig dir=/home/Username/.cache/fontconfig fstype=ext4
Whitelisting /home/Username/.config/fontconfig
2014 1287 254:1 /home/Username/.config/fontconfig /home/Username/.config/fontconfig rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2014 fsname=/home/Username/.config/fontconfig dir=/home/Username/.config/fontconfig fstype=ext4
Whitelisting /home/Username/.fontconfig
2015 1287 254:1 /home/Username/.fontconfig /home/Username/.fontconfig rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2015 fsname=/home/Username/.fontconfig dir=/home/Username/.fontconfig fstype=ext4
Whitelisting /home/Username/.fonts
2016 1287 254:1 /home/Username/.fonts /home/Username/.fonts rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2016 fsname=/home/Username/.fonts dir=/home/Username/.fonts fstype=ext4
Whitelisting /home/Username/.config/gtk-2.0
2017 1287 254:1 /home/Username/.config/gtk-2.0 /home/Username/.config/gtk-2.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2017 fsname=/home/Username/.config/gtk-2.0 dir=/home/Username/.config/gtk-2.0 fstype=ext4
Whitelisting /home/Username/.config/gtk-3.0
2018 1287 254:1 /home/Username/.config/gtk-3.0 /home/Username/.config/gtk-3.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2018 fsname=/home/Username/.config/gtk-3.0 dir=/home/Username/.config/gtk-3.0 fstype=ext4
Whitelisting /home/Username/.config/gtkrc
2019 1287 254:1 /home/Username/.config/gtkrc /home/Username/.config/gtkrc rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2019 fsname=/home/Username/.config/gtkrc dir=/home/Username/.config/gtkrc fstype=ext4
Whitelisting /home/Username/.config/gtkrc-2.0
2020 1287 254:1 /home/Username/.config/gtkrc-2.0 /home/Username/.config/gtkrc-2.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2020 fsname=/home/Username/.config/gtkrc-2.0 dir=/home/Username/.config/gtkrc-2.0 fstype=ext4
Whitelisting /home/Username/.gtkrc-2.0
2021 1287 254:1 /home/Username/.gtkrc-2.0 /home/Username/.gtkrc-2.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2021 fsname=/home/Username/.gtkrc-2.0 dir=/home/Username/.gtkrc-2.0 fstype=ext4
Whitelisting /home/Username/.config/Trolltech.conf
2022 1287 254:1 /home/Username/.config/Trolltech.conf /home/Username/.config/Trolltech.conf rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2022 fsname=/home/Username/.config/Trolltech.conf dir=/home/Username/.config/Trolltech.conf fstype=ext4
Whitelisting /home/Username/.config/kdeglobals
2023 1287 254:1 /home/Username/.config/kdeglobals /home/Username/.config/kdeglobals rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2023 fsname=/home/Username/.config/kdeglobals dir=/home/Username/.config/kdeglobals fstype=ext4
Whitelisting /home/Username/.config/kio_httprc
2024 1287 254:1 /home/Username/.config/kio_httprc /home/Username/.config/kio_httprc rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2024 fsname=/home/Username/.config/kio_httprc dir=/home/Username/.config/kio_httprc fstype=ext4
Whitelisting /home/Username/.kde4/share/config/kdeglobals
2025 1287 254:1 /home/Username/.kde4/share/config/kdeglobals /home/Username/.kde4/share/config/kdeglobals rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2025 fsname=/home/Username/.kde4/share/config/kdeglobals dir=/home/Username/.kde4/share/config/kdeglobals fstype=ext4
Whitelisting /var/lib/dbus
2026 1093 254:1 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2026 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4
Whitelisting /var/cache/fontconfig
2027 1093 254:1 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2027 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4
Whitelisting /var/tmp
2028 1093 0:96 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw
mountid=2028 fsname=/ dir=/var/tmp fstype=tmpfs
Created symbolic link /var/run -> /run
Created symbolic link /var/lock -> /run/lock
Whitelisting /tmp/.X11-unix
2029 715 0:47 /.X11-unix /tmp/.X11-unix rw,nosuid,nodev master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600
mountid=2029 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs
Disable /etc/X11/Xsession.d
Disable /etc/xdg/autostart
Mounting read-only /home/Username/.Xauthority
2036 1287 0:108 /Username/.Xauthority /home/Username/.Xauthority ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2036 fsname=/Username/.Xauthority dir=/home/Username/.Xauthority fstype=tmpfs
Mounting read-only /home/Username/.config/kdeglobals
2037 2023 254:1 /home/Username/.config/kdeglobals /home/Username/.config/kdeglobals ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2037 fsname=/home/Username/.config/kdeglobals dir=/home/Username/.config/kdeglobals fstype=ext4
Mounting read-only /home/Username/.config/kio_httprc
2038 2024 254:1 /home/Username/.config/kio_httprc /home/Username/.config/kio_httprc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2038 fsname=/home/Username/.config/kio_httprc dir=/home/Username/.config/kio_httprc fstype=ext4
Mounting read-only /home/Username/.kde4/share/config/kdeglobals
2039 2025 254:1 /home/Username/.kde4/share/config/kdeglobals /home/Username/.kde4/share/config/kdeglobals ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2039 fsname=/home/Username/.kde4/share/config/kdeglobals dir=/home/Username/.kde4/share/config/kdeglobals fstype=ext4
Disable /run/user/1000/klauncherLdudZi.1.slave-socket
Disable /run/user/1000/kdeinit5__0
Mounting read-only /home/Username/.config/dconf
2042 2012 254:1 /home/Username/.config/dconf /home/Username/.config/dconf ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2042 fsname=/home/Username/.config/dconf dir=/home/Username/.config/dconf fstype=ext4
Disable /usr/bin/systemd-run
Disable /run/user/1000/systemd
Disable /usr/bin/veracrypt
Disable /usr/share/applications/veracrypt.desktop
Disable /usr/share/pixmaps/veracrypt.xpm
Disable /etc/profile.d
Disable /etc/kernel
Disable /etc/grub.d
Disable /etc/dkms
Disable /etc/apparmor
Disable /etc/apparmor.d
Disable /etc/modules-load.d
Disable /etc/logrotate.d
Disable /etc/logrotate.conf
Mounting read-only /home/Username/.bashrc
2057 1287 0:108 /Username/.bashrc /home/Username/.bashrc ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2057 fsname=/Username/.bashrc dir=/home/Username/.bashrc fstype=tmpfs
Mounting read-only /home/Username/.local/share/applications
2058 2010 254:1 /home/Username/.local/share/applications /home/Username/.local/share/applications ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2058 fsname=/home/Username/.local/share/applications dir=/home/Username/.local/share/applications fstype=ext4
Mounting read-only /home/Username/.config/mimeapps.list
2059 2007 254:1 /home/Username/.config/mimeapps.list /home/Username/.config/mimeapps.list ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2059 fsname=/home/Username/.config/mimeapps.list dir=/home/Username/.config/mimeapps.list fstype=ext4
Mounting read-only /home/Username/.config/user-dirs.dirs
2060 2008 254:1 /home/Username/.config/user-dirs.dirs /home/Username/.config/user-dirs.dirs ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2060 fsname=/home/Username/.config/user-dirs.dirs dir=/home/Username/.config/user-dirs.dirs fstype=ext4
Mounting read-only /home/Username/.config/user-dirs.locale
2061 2009 254:1 /home/Username/.config/user-dirs.locale /home/Username/.config/user-dirs.locale ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2061 fsname=/home/Username/.config/user-dirs.locale dir=/home/Username/.config/user-dirs.locale fstype=ext4
Mounting read-only /home/Username/.local/share/mime
2062 2011 254:1 /home/Username/.local/share/mime /home/Username/.local/share/mime ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2062 fsname=/home/Username/.local/share/mime dir=/home/Username/.local/share/mime fstype=ext4
Not blacklist /home/Username/.pki
Not blacklist /home/Username/.local/share/pki
Disable /etc/group-
Disable /etc/gshadow
Disable /etc/gshadow-
Disable /etc/passwd-
Disable /etc/shadow
Disable /etc/shadow-
Disable /etc/ssh
Warning: /sbin directory link was not blacklisted
Disable /usr/local/sbin
Warning: /usr/sbin directory link was not blacklisted
Disable /usr/bin/chage
Disable /usr/bin/chfn
Disable /usr/bin/chsh
Disable /usr/bin/expiry
Disable /usr/bin/fusermount
Disable /usr/bin/gpasswd
Disable /usr/bin/ksu
Disable /usr/bin/mount
Disable /usr/bin/netcat (requested /usr/bin/nc)
Disable /usr/bin/newgidmap
Disable /usr/bin/newgrp
Disable /usr/bin/newuidmap
Disable /usr/bin/ntfs-3g
Disable /usr/bin/pkexec
Disable /usr/bin/sg
Disable /usr/bin/su
Disable /usr/bin/sudo
Disable /usr/bin/umount
Disable /usr/bin/unix_chkpwd
Disable /usr/bin/xev
Disable /usr/bin/xinput
Disable /usr/bin/bwrap
Disable /proc/config.gz
Disable /usr/bin/dig
Disable /usr/bin/nslookup
Disable /usr/bin/host
Disable /usr/bin/resolvectl
Disable /usr/bin/clang-refactor
Disable /usr/bin/clang-format
Disable /usr/bin/clang-10 (requested /usr/bin/clang)
Disable /usr/bin/clang-reorder-fields
Disable /usr/bin/clang-query
Disable /usr/bin/clang-scan-deps
Disable /usr/bin/clang-10
Disable /usr/bin/clang-check
Disable /usr/bin/clang-move
Disable /usr/bin/clang-doc
Disable /usr/bin/clang-10 (requested /usr/bin/clang-cl)
Disable /usr/bin/clang-10 (requested /usr/bin/clang-cpp)
Disable /usr/bin/clang-apply-replacements
Disable /usr/bin/clang-rename
Disable /usr/bin/clang-offload-bundler
Disable /usr/bin/clang-tidy
Disable /usr/bin/clang-10 (requested /usr/bin/clang++)
Disable /usr/bin/clangd
Disable /usr/bin/clang-offload-wrapper
Disable /usr/bin/clang-extdef-mapping
Disable /usr/bin/clang-import-test
Disable /usr/bin/clang-change-namespace
Disable /usr/bin/clang-include-fixer
Disable /usr/bin/llvm-spirv
Disable /usr/bin/as
Disable /usr/bin/gcc (requested /usr/bin/cc)
Disable /usr/bin/c++filt
Disable /usr/bin/c++
Disable /usr/bin/c89
Disable /usr/bin/c99
Disable /usr/bin/cpp
Disable /usr/bin/cpp2html
Disable /usr/bin/g++
Disable /usr/bin/gcc-ar
Disable /usr/bin/gcc-ranlib
Disable /usr/bin/gcc
Disable /usr/bin/gcc-nm
Disable /usr/bin/gdb
Disable /usr/bin/ld
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/bin/openssl
Disable /usr/bin/openssl-1.0
Disable /usr/src
Disable /usr/local/src
Disable /usr/include
Disable /usr/local/include
Mounting noexec /home/Username/.cache/mozilla/firefox
2155 1379 254:1 /home/Username/.cache/mozilla/firefox /home/Username/.cache/mozilla/firefox rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2155 fsname=/home/Username/.cache/mozilla/firefox dir=/home/Username/.cache/mozilla/firefox fstype=ext4
Mounting noexec /home/Username/.mozilla
2156 1482 254:1 /home/Username/.mozilla /home/Username/.mozilla rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2156 fsname=/home/Username/.mozilla dir=/home/Username/.mozilla fstype=ext4
Mounting noexec /home/Username/Downloads
2157 2003 254:1 /home/Username/Downloads /home/Username/Downloads rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2157 fsname=/home/Username/Downloads dir=/home/Username/Downloads fstype=ext4
Mounting noexec /home/Username/.pki
2158 2004 254:1 /home/Username/.pki /home/Username/.pki rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2158 fsname=/home/Username/.pki dir=/home/Username/.pki fstype=ext4
Mounting noexec /home/Username/.local/share/pki
2159 2005 254:1 /home/Username/.local/share/pki /home/Username/.local/share/pki rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2159 fsname=/home/Username/.local/share/pki dir=/home/Username/.local/share/pki fstype=ext4
Mounting noexec /home/Username/.config/ibus
2160 2006 254:1 /home/Username/.config/ibus /home/Username/.config/ibus rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2160 fsname=/home/Username/.config/ibus dir=/home/Username/.config/ibus fstype=ext4
Mounting noexec /home/Username/.config/mimeapps.list
2161 2059 254:1 /home/Username/.config/mimeapps.list /home/Username/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2161 fsname=/home/Username/.config/mimeapps.list dir=/home/Username/.config/mimeapps.list fstype=ext4
Mounting noexec /home/Username/.config/user-dirs.dirs
2162 2060 254:1 /home/Username/.config/user-dirs.dirs /home/Username/.config/user-dirs.dirs ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2162 fsname=/home/Username/.config/user-dirs.dirs dir=/home/Username/.config/user-dirs.dirs fstype=ext4
Mounting noexec /home/Username/.config/user-dirs.locale
2163 2061 254:1 /home/Username/.config/user-dirs.locale /home/Username/.config/user-dirs.locale ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2163 fsname=/home/Username/.config/user-dirs.locale dir=/home/Username/.config/user-dirs.locale fstype=ext4
Mounting noexec /home/Username/.local/share/applications
2164 2058 254:1 /home/Username/.local/share/applications /home/Username/.local/share/applications ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2164 fsname=/home/Username/.local/share/applications dir=/home/Username/.local/share/applications fstype=ext4
Mounting noexec /home/Username/.local/share/mime
2165 2062 254:1 /home/Username/.local/share/mime /home/Username/.local/share/mime ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2165 fsname=/home/Username/.local/share/mime dir=/home/Username/.local/share/mime fstype=ext4
Mounting noexec /home/Username/.config/dconf
2166 2042 254:1 /home/Username/.config/dconf /home/Username/.config/dconf ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2166 fsname=/home/Username/.config/dconf dir=/home/Username/.config/dconf fstype=ext4
Mounting noexec /home/Username/.cache/fontconfig
2167 2013 254:1 /home/Username/.cache/fontconfig /home/Username/.cache/fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2167 fsname=/home/Username/.cache/fontconfig dir=/home/Username/.cache/fontconfig fstype=ext4
Mounting noexec /home/Username/.config/fontconfig
2168 2014 254:1 /home/Username/.config/fontconfig /home/Username/.config/fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2168 fsname=/home/Username/.config/fontconfig dir=/home/Username/.config/fontconfig fstype=ext4
Mounting noexec /home/Username/.fontconfig
2169 2015 254:1 /home/Username/.fontconfig /home/Username/.fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2169 fsname=/home/Username/.fontconfig dir=/home/Username/.fontconfig fstype=ext4
Mounting noexec /home/Username/.fonts
2170 2016 254:1 /home/Username/.fonts /home/Username/.fonts rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2170 fsname=/home/Username/.fonts dir=/home/Username/.fonts fstype=ext4
Mounting noexec /home/Username/.config/gtk-2.0
2171 2017 254:1 /home/Username/.config/gtk-2.0 /home/Username/.config/gtk-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2171 fsname=/home/Username/.config/gtk-2.0 dir=/home/Username/.config/gtk-2.0 fstype=ext4
Mounting noexec /home/Username/.config/gtk-3.0
2172 2018 254:1 /home/Username/.config/gtk-3.0 /home/Username/.config/gtk-3.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2172 fsname=/home/Username/.config/gtk-3.0 dir=/home/Username/.config/gtk-3.0 fstype=ext4
Mounting noexec /home/Username/.config/gtkrc
2173 2019 254:1 /home/Username/.config/gtkrc /home/Username/.config/gtkrc rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2173 fsname=/home/Username/.config/gtkrc dir=/home/Username/.config/gtkrc fstype=ext4
Mounting noexec /home/Username/.config/gtkrc-2.0
2174 2020 254:1 /home/Username/.config/gtkrc-2.0 /home/Username/.config/gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2174 fsname=/home/Username/.config/gtkrc-2.0 dir=/home/Username/.config/gtkrc-2.0 fstype=ext4
Mounting noexec /home/Username/.gtkrc-2.0
2175 2021 254:1 /home/Username/.gtkrc-2.0 /home/Username/.gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2175 fsname=/home/Username/.gtkrc-2.0 dir=/home/Username/.gtkrc-2.0 fstype=ext4
Mounting noexec /home/Username/.config/Trolltech.conf
2176 2022 254:1 /home/Username/.config/Trolltech.conf /home/Username/.config/Trolltech.conf rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2176 fsname=/home/Username/.config/Trolltech.conf dir=/home/Username/.config/Trolltech.conf fstype=ext4
Mounting noexec /home/Username/.config/kdeglobals
2177 2037 254:1 /home/Username/.config/kdeglobals /home/Username/.config/kdeglobals ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2177 fsname=/home/Username/.config/kdeglobals dir=/home/Username/.config/kdeglobals fstype=ext4
Mounting noexec /home/Username/.config/kio_httprc
2178 2038 254:1 /home/Username/.config/kio_httprc /home/Username/.config/kio_httprc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2178 fsname=/home/Username/.config/kio_httprc dir=/home/Username/.config/kio_httprc fstype=ext4
Mounting noexec /home/Username/.kde4/share/config/kdeglobals
2179 2039 254:1 /home/Username/.kde4/share/config/kdeglobals /home/Username/.kde4/share/config/kdeglobals ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2179 fsname=/home/Username/.kde4/share/config/kdeglobals dir=/home/Username/.kde4/share/config/kdeglobals fstype=ext4
Mounting noexec /run/user/1000
2187 2180 0:23 /firejail/firejail.ro.file /run/user/1000/kdeinit5__0 rw,nosuid,nodev,relatime master:14 - tmpfs run rw,mode=755
mountid=2187 fsname=/firejail/firejail.ro.file dir=/run/user/1000/kdeinit5__0 fstype=tmpfs
Warning: not remounting /run/user/1000/gvfs
Mounting noexec /dev/shm
2188 914 0:102 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2188 fsname=/shm dir=/dev/shm fstype=tmpfs
Mounting noexec /tmp
2190 2189 0:47 /.X11-unix /tmp/.X11-unix rw,nosuid,nodev master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600
mountid=2190 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs
Mounting noexec /tmp/.X11-unix
2191 2190 0:47 /.X11-unix /tmp/.X11-unix rw,nosuid,nodev,noexec master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600
mountid=2191 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs
Mounting noexec /var
2195 2192 0:96 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw
mountid=2195 fsname=/ dir=/var/tmp fstype=tmpfs
Disable /usr/bin/luac5.2
Disable /usr/bin/luajit-2.0.5
Disable /usr/bin/lua (requested /usr/bin/lua5.4)
Disable /usr/bin/luac (requested /usr/bin/luac5.4)
Disable /usr/bin/lua
Disable /usr/bin/luajit-2.0.5 (requested /usr/bin/luajit)
Disable /usr/bin/lua5.2
Disable /usr/bin/luac
Disable /usr/lib/liblua.so.5.4.1
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so)
Disable /usr/lib/libluajit-5.1.so.2.0.5
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so.2)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so.5.4)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so)
Disable /usr/lib/liblua5.2.so.5.2.4
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua5.4.so)
Disable /usr/lib/lua
Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so)
Disable /usr/bin/core_perl/cpan
Disable /usr/bin/core_perl
Disable /usr/bin/perl
Disable /usr/bin/site_perl
Disable /usr/bin/vendor_perl
Disable /usr/lib/perl5
Disable /usr/share/perl5
Disable /usr/lib/ruby
Disable /usr/bin/python2.7-config
Disable /usr/bin/python2.7-config (requested /usr/bin/python2-config)
Disable /usr/bin/python2.7 (requested /usr/bin/python2)
Disable /usr/bin/python2.7
Disable /usr/lib/python2.7
Disable /usr/bin/python3.8-config (requested /usr/bin/python3-config)
Disable /usr/bin/python3.8 (requested /usr/bin/python3)
Disable /usr/bin/python3.8
Disable /usr/bin/python3.8-config
Disable /usr/lib/python3.7
Disable /usr/lib/python3.8
Disable /usr/lib/python3.7 (requested /usr/lib64/python3.7)
Disable /usr/lib/python3.8 (requested /usr/lib64/python3.8)
Not blacklist /home/Username/.mozilla
Not blacklist /home/Username/.cache/mozilla
Mounting read-only /tmp/.X11-unix
2239 2191 0:47 /.X11-unix /tmp/.X11-unix ro,nosuid,nodev,noexec master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600
mountid=2239 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs
Disable /sys/fs
Disable /sys/module
Disable /mnt
Disable /media
Disable /run/mount
Disable /run/media
Mounting noexec /run/firejail/mnt/pulse
2246 724 0:55 /pulse /run/firejail/mnt/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2246 fsname=/pulse dir=/run/firejail/mnt/pulse fstype=tmpfs
Creating empty /home/Username/.config/pulse directory
Drop privileges: pid 6, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Mounting /run/firejail/mnt/pulse on /home/Username/.config/pulse
2247 1287 0:55 /pulse /home/Username/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2247 fsname=/pulse dir=/home/Username/.config/pulse fstype=tmpfs
Current directory: /home/Username
DISPLAY=:0 parsed as 0
Install protocol filter: unix,inet,inet6,netlink
configuring 22 seccomp entries in /run/firejail/mnt/seccomp/seccomp.protocol
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.protocol 
Dropping all capabilities
Drop privileges: pid 7, uid 1000, gid 985, nogroups 1
No supplementary groups
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 04 00 c000003e   jeq ARCH_64 0006 (false 0002)
 0002: 20 00 00 00000000   ld  data.syscall-number
 0003: 15 01 00 00000167   jeq unknown 0005 (false 0004)
 0004: 06 00 00 7fff0000   ret ALLOW
 0005: 05 00 00 00000006   jmp 000c
 0006: 20 00 00 00000004   ld  data.architecture
 0007: 15 01 00 c000003e   jeq ARCH_64 0009 (false 0008)
 0008: 06 00 00 7fff0000   ret ALLOW
 0009: 20 00 00 00000000   ld  data.syscall-number
 000a: 15 01 00 00000029   jeq socket 000c (false 000b)
 000b: 06 00 00 7fff0000   ret ALLOW
 000c: 20 00 00 00000010   ld  data.args[0]
 000d: 15 00 01 00000001   jeq 1 000e (false 000f)
 000e: 06 00 00 7fff0000   ret ALLOW
 000f: 15 00 01 00000002   jeq 2 0010 (false 0011)
 0010: 06 00 00 7fff0000   ret ALLOW
 0011: 15 00 01 0000000a   jeq a 0012 (false 0013)
 0012: 06 00 00 7fff0000   ret ALLOW
 0013: 15 00 01 00000010   jeq 10 0014 (false 0015)
 0014: 06 00 00 7fff0000   ret ALLOW
 0015: 06 00 00 0005005f   ret ERRNO(95)
configuring 101 seccomp entries in /run/firejail/mnt/seccomp/seccomp.32
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.32 
Dropping all capabilities
Drop privileges: pid 8, uid 1000, gid 985, nogroups 1
No supplementary groups
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 01 00 40000003   jeq ARCH_32 0003 (false 0002)
 0002: 06 00 00 7fff0000   ret ALLOW
 0003: 20 00 00 00000000   ld  data.syscall-number
 0004: 15 00 01 00000015   jeq 15 0005 (false 0006)
 0005: 06 00 00 00000001   ret KILL
 0006: 15 00 01 00000034   jeq 34 0007 (false 0008)
 0007: 06 00 00 00000001   ret KILL
 0008: 15 00 01 0000001a   jeq 1a 0009 (false 000a)
 0009: 06 00 00 00000001   ret KILL
 000a: 15 00 01 0000011b   jeq 11b 000b (false 000c)
 000b: 06 00 00 00000001   ret KILL
 000c: 15 00 01 00000155   jeq 155 000d (false 000e)
 000d: 06 00 00 00000001   ret KILL
 000e: 15 00 01 00000156   jeq 156 000f (false 0010)
 000f: 06 00 00 00000001   ret KILL
 0010: 15 00 01 0000007f   jeq 7f 0011 (false 0012)
 0011: 06 00 00 00000001   ret KILL
 0012: 15 00 01 00000080   jeq 80 0013 (false 0014)
 0013: 06 00 00 00000001   ret KILL
 0014: 15 00 01 0000015e   jeq 15e 0015 (false 0016)
 0015: 06 00 00 00000001   ret KILL
 0016: 15 00 01 00000081   jeq 81 0017 (false 0018)
 0017: 06 00 00 00000001   ret KILL
 0018: 15 00 01 0000006e   jeq 6e 0019 (false 001a)
 0019: 06 00 00 00000001   ret KILL
 001a: 15 00 01 00000065   jeq 65 001b (false 001c)
 001b: 06 00 00 00000001   ret KILL
 001c: 15 00 01 00000121   jeq 121 001d (false 001e)
 001d: 06 00 00 00000001   ret KILL
 001e: 15 00 01 00000057   jeq 57 001f (false 0020)
 001f: 06 00 00 00000001   ret KILL
 0020: 15 00 01 00000073   jeq 73 0021 (false 0022)
 0021: 06 00 00 00000001   ret KILL
 0022: 15 00 01 00000067   jeq 67 0023 (false 0024)
 0023: 06 00 00 00000001   ret KILL
 0024: 15 00 01 0000015b   jeq 15b 0025 (false 0026)
 0025: 06 00 00 00000001   ret KILL
 0026: 15 00 01 0000015c   jeq 15c 0027 (false 0028)
 0027: 06 00 00 00000001   ret KILL
 0028: 15 00 01 00000087   jeq 87 0029 (false 002a)
 0029: 06 00 00 00000001   ret KILL
 002a: 15 00 01 00000095   jeq 95 002b (false 002c)
 002b: 06 00 00 00000001   ret KILL
 002c: 15 00 01 0000007c   jeq 7c 002d (false 002e)
 002d: 06 00 00 00000001   ret KILL
 002e: 15 00 01 00000157   jeq 157 002f (false 0030)
 002f: 06 00 00 00000001   ret KILL
 0030: 15 00 01 000000fd   jeq fd 0031 (false 0032)
 0031: 06 00 00 00000001   ret KILL
 0032: 15 00 01 00000150   jeq 150 0033 (false 0034)
 0033: 06 00 00 00000001   ret KILL
 0034: 15 00 01 00000152   jeq 152 0035 (false 0036)
 0035: 06 00 00 00000001   ret KILL
 0036: 15 00 01 0000015d   jeq 15d 0037 (false 0038)
 0037: 06 00 00 00000001   ret KILL
 0038: 15 00 01 0000011e   jeq 11e 0039 (false 003a)
 0039: 06 00 00 00000001   ret KILL
 003a: 15 00 01 0000011f   jeq 11f 003b (false 003c)
 003b: 06 00 00 00000001   ret KILL
 003c: 15 00 01 00000120   jeq 120 003d (false 003e)
 003d: 06 00 00 00000001   ret KILL
 003e: 15 00 01 00000056   jeq 56 003f (false 0040)
 003f: 06 00 00 00000001   ret KILL
 0040: 15 00 01 00000033   jeq 33 0041 (false 0042)
 0041: 06 00 00 00000001   ret KILL
 0042: 15 00 01 0000007b   jeq 7b 0043 (false 0044)
 0043: 06 00 00 00000001   ret KILL
 0044: 15 00 01 000000d9   jeq d9 0045 (false 0046)
 0045: 06 00 00 00000001   ret KILL
 0046: 15 00 01 000000f5   jeq f5 0047 (false 0048)
 0047: 06 00 00 00000001   ret KILL
 0048: 15 00 01 000000f6   jeq f6 0049 (false 004a)
 0049: 06 00 00 00000001   ret KILL
 004a: 15 00 01 000000f7   jeq f7 004b (false 004c)
 004b: 06 00 00 00000001   ret KILL
 004c: 15 00 01 000000f8   jeq f8 004d (false 004e)
 004d: 06 00 00 00000001   ret KILL
 004e: 15 00 01 000000f9   jeq f9 004f (false 0050)
 004f: 06 00 00 00000001   ret KILL
 0050: 15 00 01 00000101   jeq 101 0051 (false 0052)
 0051: 06 00 00 00000001   ret KILL
 0052: 15 00 01 00000112   jeq 112 0053 (false 0054)
 0053: 06 00 00 00000001   ret KILL
 0054: 15 00 01 00000114   jeq 114 0055 (false 0056)
 0055: 06 00 00 00000001   ret KILL
 0056: 15 00 01 00000126   jeq 126 0057 (false 0058)
 0057: 06 00 00 00000001   ret KILL
 0058: 15 00 01 0000013d   jeq 13d 0059 (false 005a)
 0059: 06 00 00 00000001   ret KILL
 005a: 15 00 01 0000013c   jeq 13c 005b (false 005c)
 005b: 06 00 00 00000001   ret KILL
 005c: 15 00 01 0000003d   jeq 3d 005d (false 005e)
 005d: 06 00 00 00000001   ret KILL
 005e: 15 00 01 00000058   jeq 58 005f (false 0060)
 005f: 06 00 00 00000001   ret KILL
 0060: 15 00 01 000000a9   jeq a9 0061 (false 0062)
 0061: 06 00 00 00000001   ret KILL
 0062: 15 00 01 00000082   jeq 82 0063 (false 0064)
 0063: 06 00 00 00000001   ret KILL
 0064: 06 00 00 7fff0000   ret ALLOW
Dual 32/64 bit seccomp filter configured
Build default+drop seccomp filter
sbox run: /run/firejail/lib/fseccomp default drop /run/firejail/mnt/seccomp/seccomp /run/firejail/mnt/seccomp/seccomp.postexec !chroot 
Dropping all capabilities
Drop privileges: pid 9, uid 1000, gid 985, nogroups 1
No supplementary groups
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
sbox run: /run/firejail/lib/fsec-optimize /run/firejail/mnt/seccomp/seccomp 
Dropping all capabilities
Drop privileges: pid 10, uid 1000, gid 985, nogroups 1
No supplementary groups
configuring 136 seccomp entries in /run/firejail/mnt/seccomp/seccomp
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp 
Dropping all capabilities
Drop privileges: pid 11, uid 1000, gid 985, nogroups 1
No supplementary groups
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 01 00 c000003e   jeq ARCH_64 0003 (false 0002)
 0002: 06 00 00 7fff0000   ret ALLOW
 0003: 20 00 00 00000000   ld  data.syscall-number
 0004: 35 01 00 40000000   jge X32_ABI 0006 (false 0005)
 0005: 35 01 00 00000000   jge read 0007 (false 0006)
 0006: 06 00 00 00050001   ret ERRNO(1)
 0007: 15 00 01 000000a1   jeq chroot 0008 (false 0009)
 0008: 06 00 00 7fff0000   ret ALLOW
 0009: 15 00 01 0000009f   jeq adjtimex 000a (false 000b)
 000a: 06 00 00 00050001   ret ERRNO(1)
 000b: 15 00 01 00000131   jeq clock_adjtime 000c (false 000d)
 000c: 06 00 00 00050001   ret ERRNO(1)
 000d: 15 00 01 000000e3   jeq clock_settime 000e (false 000f)
 000e: 06 00 00 00050001   ret ERRNO(1)
 000f: 15 00 01 000000a4   jeq settimeofday 0010 (false 0011)
 0010: 06 00 00 00050001   ret ERRNO(1)
 0011: 15 00 01 0000009a   jeq modify_ldt 0012 (false 0013)
 0012: 06 00 00 00050001   ret ERRNO(1)
 0013: 15 00 01 000000d4   jeq lookup_dcookie 0014 (false 0015)
 0014: 06 00 00 00050001   ret ERRNO(1)
 0015: 15 00 01 0000012a   jeq perf_event_open 0016 (false 0017)
 0016: 06 00 00 00050001   ret ERRNO(1)
 0017: 15 00 01 00000137   jeq process_vm_writev 0018 (false 0019)
 0018: 06 00 00 00050001   ret ERRNO(1)
 0019: 15 00 01 000000b0   jeq delete_module 001a (false 001b)
 001a: 06 00 00 00050001   ret ERRNO(1)
 001b: 15 00 01 00000139   jeq finit_module 001c (false 001d)
 001c: 06 00 00 00050001   ret ERRNO(1)
 001d: 15 00 01 000000af   jeq init_module 001e (false 001f)
 001e: 06 00 00 00050001   ret ERRNO(1)
 001f: 15 00 01 000000a1   jeq chroot 0020 (false 0021)
 0020: 06 00 00 00050001   ret ERRNO(1)
 0021: 15 00 01 000000a5   jeq mount 0022 (false 0023)
 0022: 06 00 00 00050001   ret ERRNO(1)
 0023: 15 00 01 0000009b   jeq pivot_root 0024 (false 0025)
 0024: 06 00 00 00050001   ret ERRNO(1)
 0025: 15 00 01 000000a6   jeq umount2 0026 (false 0027)
 0026: 06 00 00 00050001   ret ERRNO(1)
 0027: 15 00 01 0000009c   jeq _sysctl 0028 (false 0029)
 0028: 06 00 00 00050001   ret ERRNO(1)
 0029: 15 00 01 000000b7   jeq afs_syscall 002a (false 002b)
 002a: 06 00 00 00050001   ret ERRNO(1)
 002b: 15 00 01 000000ae   jeq create_module 002c (false 002d)
 002c: 06 00 00 00050001   ret ERRNO(1)
 002d: 15 00 01 000000b1   jeq get_kernel_syms 002e (false 002f)
 002e: 06 00 00 00050001   ret ERRNO(1)
 002f: 15 00 01 000000b5   jeq getpmsg 0030 (false 0031)
 0030: 06 00 00 00050001   ret ERRNO(1)
 0031: 15 00 01 000000b6   jeq putpmsg 0032 (false 0033)
 0032: 06 00 00 00050001   ret ERRNO(1)
 0033: 15 00 01 000000b2   jeq query_module 0034 (false 0035)
 0034: 06 00 00 00050001   ret ERRNO(1)
 0035: 15 00 01 000000b9   jeq security 0036 (false 0037)
 0036: 06 00 00 00050001   ret ERRNO(1)
 0037: 15 00 01 0000008b   jeq sysfs 0038 (false 0039)
 0038: 06 00 00 00050001   ret ERRNO(1)
 0039: 15 00 01 000000b8   jeq tuxcall 003a (false 003b)
 003a: 06 00 00 00050001   ret ERRNO(1)
 003b: 15 00 01 00000086   jeq uselib 003c (false 003d)
 003c: 06 00 00 00050001   ret ERRNO(1)
 003d: 15 00 01 00000088   jeq ustat 003e (false 003f)
 003e: 06 00 00 00050001   ret ERRNO(1)
 003f: 15 00 01 000000ec   jeq vserver 0040 (false 0041)
 0040: 06 00 00 00050001   ret ERRNO(1)
 0041: 15 00 01 000000ad   jeq ioperm 0042 (false 0043)
 0042: 06 00 00 00050001   ret ERRNO(1)
 0043: 15 00 01 000000ac   jeq iopl 0044 (false 0045)
 0044: 06 00 00 00050001   ret ERRNO(1)
 0045: 15 00 01 000000f6   jeq kexec_load 0046 (false 0047)
 0046: 06 00 00 00050001   ret ERRNO(1)
 0047: 15 00 01 00000140   jeq kexec_file_load 0048 (false 0049)
 0048: 06 00 00 00050001   ret ERRNO(1)
 0049: 15 00 01 000000a9   jeq reboot 004a (false 004b)
 004a: 06 00 00 00050001   ret ERRNO(1)
 004b: 15 00 01 000000a7   jeq swapon 004c (false 004d)
 004c: 06 00 00 00050001   ret ERRNO(1)
 004d: 15 00 01 000000a8   jeq swapoff 004e (false 004f)
 004e: 06 00 00 00050001   ret ERRNO(1)
 004f: 15 00 01 00000130   jeq open_by_handle_at 0050 (false 0051)
 0050: 06 00 00 00050001   ret ERRNO(1)
 0051: 15 00 01 0000012f   jeq name_to_handle_at 0052 (false 0053)
 0052: 06 00 00 00050001   ret ERRNO(1)
 0053: 15 00 01 000000fb   jeq ioprio_set 0054 (false 0055)
 0054: 06 00 00 00050001   ret ERRNO(1)
 0055: 15 00 01 00000067   jeq syslog 0056 (false 0057)
 0056: 06 00 00 00050001   ret ERRNO(1)
 0057: 15 00 01 0000012c   jeq fanotify_init 0058 (false 0059)
 0058: 06 00 00 00050001   ret ERRNO(1)
 0059: 15 00 01 00000138   jeq kcmp 005a (false 005b)
 005a: 06 00 00 00050001   ret ERRNO(1)
 005b: 15 00 01 000000f8   jeq add_key 005c (false 005d)
 005c: 06 00 00 00050001   ret ERRNO(1)
 005d: 15 00 01 000000f9   jeq request_key 005e (false 005f)
 005e: 06 00 00 00050001   ret ERRNO(1)
 005f: 15 00 01 000000ed   jeq mbind 0060 (false 0061)
 0060: 06 00 00 00050001   ret ERRNO(1)
 0061: 15 00 01 00000100   jeq migrate_pages 0062 (false 0063)
 0062: 06 00 00 00050001   ret ERRNO(1)
 0063: 15 00 01 00000117   jeq move_pages 0064 (false 0065)
 0064: 06 00 00 00050001   ret ERRNO(1)
 0065: 15 00 01 000000fa   jeq keyctl 0066 (false 0067)
 0066: 06 00 00 00050001   ret ERRNO(1)
 0067: 15 00 01 000000ce   jeq io_setup 0068 (false 0069)
 0068: 06 00 00 00050001   ret ERRNO(1)
 0069: 15 00 01 000000cf   jeq io_destroy 006a (false 006b)
 006a: 06 00 00 00050001   ret ERRNO(1)
 006b: 15 00 01 000000d0   jeq io_getevents 006c (false 006d)
 006c: 06 00 00 00050001   ret ERRNO(1)
 006d: 15 00 01 000000d1   jeq io_submit 006e (false 006f)
 006e: 06 00 00 00050001   ret ERRNO(1)
 006f: 15 00 01 000000d2   jeq io_cancel 0070 (false 0071)
 0070: 06 00 00 00050001   ret ERRNO(1)
 0071: 15 00 01 000000d8   jeq remap_file_pages 0072 (false 0073)
 0072: 06 00 00 00050001   ret ERRNO(1)
 0073: 15 00 01 00000143   jeq userfaultfd 0074 (false 0075)
 0074: 06 00 00 00050001   ret ERRNO(1)
 0075: 15 00 01 000000a3   jeq acct 0076 (false 0077)
 0076: 06 00 00 00050001   ret ERRNO(1)
 0077: 15 00 01 00000141   jeq bpf 0078 (false 0079)
 0078: 06 00 00 00050001   ret ERRNO(1)
 0079: 15 00 01 000000b4   jeq nfsservctl 007a (false 007b)
 007a: 06 00 00 00050001   ret ERRNO(1)
 007b: 15 00 01 000000ab   jeq setdomainname 007c (false 007d)
 007c: 06 00 00 00050001   ret ERRNO(1)
 007d: 15 00 01 000000aa   jeq sethostname 007e (false 007f)
 007e: 06 00 00 00050001   ret ERRNO(1)
 007f: 15 00 01 00000099   jeq vhangup 0080 (false 0081)
 0080: 06 00 00 00050001   ret ERRNO(1)
 0081: 15 00 01 00000065   jeq ptrace 0082 (false 0083)
 0082: 06 00 00 00050001   ret ERRNO(1)
 0083: 15 00 01 00000087   jeq personality 0084 (false 0085)
 0084: 06 00 00 00050001   ret ERRNO(1)
 0085: 15 00 01 00000136   jeq process_vm_readv 0086 (false 0087)
 0086: 06 00 00 00050001   ret ERRNO(1)
 0087: 06 00 00 7fff0000   ret ALLOW
seccomp filter configured
Mounting read-only /run/firejail/mnt/seccomp
2249 724 0:55 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755
mountid=2249 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs
Seccomp directory:
ls /run/firejail/mnt/seccomp
drwxr-xr-x root     root             160 .
drwxr-xr-x root     root             400 ..
-rw-r--r-- Username   users           1088 seccomp
-rw-r--r-- Username   users            808 seccomp.32
-rw-r--r-- Username   users            114 seccomp.list
-rw-r--r-- Username   users              0 seccomp.postexec
-rw-r--r-- Username   users              0 seccomp.postexec32
-rw-r--r-- Username   users            176 seccomp.protocol
Active seccomp files:
cat /run/firejail/mnt/seccomp/seccomp.list
/run/firejail/mnt/seccomp/seccomp.protocol
/run/firejail/mnt/seccomp/seccomp.32
/run/firejail/mnt/seccomp/seccomp
Dropping all capabilities
noroot user namespace installed
Dropping all capabilities
NO_NEW_PRIVS set
Drop privileges: pid 1, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Warning: Cannot confine the application using AppArmor.
Maybe firejail-default AppArmor profile is not loaded into the kernel.
As root, run "aa-enforce firejail-default" to load it.
starting application
LD_PRELOAD=(null)
execvp argument 0: firefox
Child process initialized in 117.56 ms
Searching $PATH for firefox
trying #/usr/local/sbin/firefox#
trying #/usr/local/bin/firefox#
Installing /run/firejail/mnt/seccomp/seccomp seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter
Warning: an existing sandbox was detected. /usr/bin/firefox will run without any additional sandboxing features
monitoring pid 12


(firefox:12): Gtk-WARNING **: 20:03:23.178: Theme parsing error: gtk.css:2:0: Expected semicolon

(firefox:12): Gtk-WARNING **: 20:03:23.178: Theme parsing error: gtk.css:3:0: Expected semicolon

(firefox:12): Gtk-WARNING **: 20:03:23.178: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory
libGL error: failed to create dri screen
libGL error: failed to load driver: nouveau
Can't find symbol 'eglGetNativeClientBufferANDROID'.
Can't find symbol 'eglQuerySurfacePointerANGLE'.
Can't find symbol 'eglCreateStreamProducerD3DTextureANGLE'.
Can't find symbol 'eglStreamPostD3DTextureANGLE'.
libEGL warning: DRI2: failed to create dri screen

(/usr/lib/firefox/firefox:125): Gtk-WARNING **: 20:03:23.576: Theme parsing error: gtk.css:2:0: Expected semicolon

(/usr/lib/firefox/firefox:125): Gtk-WARNING **: 20:03:23.576: Theme parsing error: gtk.css:3:0: Expected semicolon

(/usr/lib/firefox/firefox:125): Gtk-WARNING **: 20:03:23.577: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory

(/usr/lib/firefox/firefox:190): Gtk-WARNING **: 20:03:24.192: Theme parsing error: gtk.css:2:0: Expected semicolon

(/usr/lib/firefox/firefox:190): Gtk-WARNING **: 20:03:24.192: Theme parsing error: gtk.css:3:0: Expected semicolon

(/usr/lib/firefox/firefox:190): Gtk-WARNING **: 20:03:24.192: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory

(/usr/lib/firefox/firefox:209): Gtk-WARNING **: 20:03:24.281: Theme parsing error: gtk.css:2:0: Expected semicolon

(/usr/lib/firefox/firefox:209): Gtk-WARNING **: 20:03:24.281: Theme parsing error: gtk.css:3:0: Expected semicolon

(/usr/lib/firefox/firefox:209): Gtk-WARNING **: 20:03:24.281: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory

(/usr/lib/firefox/firefox:232): Gtk-WARNING **: 20:03:24.369: Theme parsing error: gtk.css:2:0: Expected semicolon

(/usr/lib/firefox/firefox:232): Gtk-WARNING **: 20:03:24.369: Theme parsing error: gtk.css:3:0: Expected semicolon

(/usr/lib/firefox/firefox:232): Gtk-WARNING **: 20:03:24.370: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory

(/usr/lib/firefox/firefox:338): Gtk-WARNING **: 20:03:25.819: Theme parsing error: gtk.css:2:0: Expected semicolon

(/usr/lib/firefox/firefox:338): Gtk-WARNING **: 20:03:25.819: Theme parsing error: gtk.css:3:0: Expected semicolon

(/usr/lib/firefox/firefox:338): Gtk-WARNING **: 20:03:25.820: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory
Can't find symbol 'eglGetNativeClientBufferANDROID'.
Can't find symbol 'eglQuerySurfacePointerANGLE'.
Can't find symbol 'eglCreateStreamProducerD3DTextureANGLE'.
Can't find symbol 'eglStreamPostD3DTextureANGLE'.
libEGL warning: DRI2: failed to create dri screen
libEGL warning: DRI2: failed to create dri screen
libEGL warning: DRI2: failed to create dri screen

###!!! [Parent][MessageChannel::Call] Error: Channel error: cannot send/recv

Sandbox monitor: waitpid 12 retval 12 status 0
Sandbox monitor: monitoring 125
monitoring pid 125

Sandbox monitor: waitpid 125 retval 125 status 0
Sandbox monitor: monitoring 209
monitoring pid 209

Sandbox monitor: waitpid 209 retval 209 status 0
Sandbox monitor: monitoring 232
monitoring pid 232

Sandbox monitor: waitpid 232 retval 232 status 0
Sandbox monitor: monitoring 338
monitoring pid 338

Sandbox monitor: waitpid 338 retval 338 status 0

Parent is shutting down, bye...

Originally created by @Utini2000 on GitHub (Nov 5, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3725 Write clear, concise and in textual form. **Bug and expected behavior** When activating the firejail profile for firefox, Amazon Prime will not work anymore because the plugin "widevinecdm" crashes. **No profile and disabling firejail** When disabling firejail, everything will work fine. **Reproduce** Steps to reproduce the behavior: sudo firecfg start firefox play a video on amazon prime video (won't work) close firefox sudo firecfg --clean start firefox play a video on amazon prime video (will work) **Environment** - Archlinux x86_64 Linux 5.8.16.a-1-hardened - firejail version 0.9.64 **Additional context** Other context about the problem like related errors to understand the problem. **Checklist** - [ x ] The upstream profile (and redirect profile if exists) have no changes fixing it. - [ x ] The program has a profile. (If not, request one in `https://github.com/netblue30/firejail/issues/1139`) - [ x ] Programs needed for interaction are listed in the profile. - [ x ] A short search for duplicates was performed. - [ x ] If it is a AppImage, `--profile=PROFILENAME` is used to set the right profile. <details><summary> debug output </summary> ``` firejail --debug firefox Autoselecting /bin/zsh as shell Building quoted command line: 'firefox' Command name #firefox# Found firefox.profile profile in /etc/firejail directory Reading profile /etc/firejail/firefox.profile Found whitelist-usr-share-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-usr-share-common.inc Found firefox-common.profile profile in /etc/firejail directory Reading profile /etc/firejail/firefox-common.profile Found disable-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-common.inc Found disable-devel.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-devel.inc Found disable-exec.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-exec.inc Found disable-interpreters.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-interpreters.inc Found disable-programs.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-programs.inc Found whitelist-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-common.inc Found whitelist-var-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-var-common.inc Warning: Warning: NVIDIA card detected, nogroups command disabled conditional BROWSER_DISABLE_U2F, nou2f conditional BROWSER_DISABLE_U2F, private-dev Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, DISPLAY=:0 parsed as 0 xdg-dbus-proxy arg: unix:path=/run/user/1000/bus xdg-dbus-proxy arg: /run/firejail/dbus/1000/47441-user xdg-dbus-proxy arg: --filter xdg-dbus-proxy arg: --own=org.mozilla.firefox.* xdg-dbus-proxy arg: --own=org.mpris.MediaPlayer2.firefox.* starting xdg-dbus-proxy sbox exec: /usr/bin/xdg-dbus-proxy --fd=8 --args=9 Dropping all capabilities Drop privileges: pid 47442, uid 1000, gid 985, nogroups 1 No supplementary groups xdg-dbus-proxy initialized Using the local network stack Parent pid 47441, child pid 47444 Initializing child process Host network configured PID namespace installed Mounting tmpfs on /run/firejail/mnt directory Creating empty /run/firejail/mnt/seccomp directory Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file Build protocol filter: unix,inet,inet6,netlink sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol Dropping all capabilities Drop privileges: pid 2, uid 1000, gid 985, nogroups 1 No supplementary groups Mounting /proc filesystem representing the PID namespace Basic read-only filesystem: Mounting read-only /etc 727 684 254:1 /etc /etc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=727 fsname=/etc dir=/etc fstype=ext4 Mounting noexec /etc 728 727 254:1 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=728 fsname=/etc dir=/etc fstype=ext4 Mounting read-only /var 729 684 254:1 /var /var ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=729 fsname=/var dir=/var fstype=ext4 Mounting noexec /var 730 729 254:1 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=730 fsname=/var dir=/var fstype=ext4 Mounting read-only /usr 731 684 254:1 /usr /usr ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=731 fsname=/usr dir=/usr fstype=ext4 Mounting tmpfs on /var/lock Mounting tmpfs on /var/tmp Mounting tmpfs on /var/log Create the new utmp file Mount the new utmp file Cleaning /home directory Cleaning /run/user directory Sanitizing /etc/passwd, UID_MIN 1000 Sanitizing /etc/group, GID_MIN 1000 Disable /home/Username/.config/firejail Disable /run/firejail/network Disable /run/firejail/bandwidth Disable /run/firejail/name Disable /run/firejail/profile Disable /run/firejail/x11 Mounting tmpfs on /dev mounting /run/firejail/mnt/dev/snd directory mounting /run/firejail/mnt/dev/dri directory mounting /run/firejail/mnt/dev/nvidia0 file mounting /run/firejail/mnt/dev/nvidiactl file mounting /run/firejail/mnt/dev/nvidia-modeset file mounting /run/firejail/mnt/dev/video0 file mounting /run/firejail/mnt/dev/video1 file Process /dev/shm directory Generate private-tmp whitelist commands Creating empty /run/firejail/mnt/dbus directory Creating empty /run/firejail/mnt/dbus/user file blacklist /run/user/1000/bus Creating empty /run/firejail/mnt/dbus/system file blacklist /run/dbus/system_bus_socket blacklist /run/firejail/dbus Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Mounting read-only /proc/sys Remounting /sys directory Disable /sys/firmware Disable /sys/hypervisor Disable /sys/power Disable /sys/kernel/debug Disable /proc/sys/fs/binfmt_misc Disable /proc/sys/kernel/core_pattern Disable /proc/sys/kernel/modprobe Disable /proc/sysrq-trigger Disable /proc/sys/vm/panic_on_oom Disable /proc/irq Disable /proc/bus Disable /proc/sched_debug Disable /proc/timer_list Disable /proc/kallsyms Disable /usr/lib/modules/5.9.3-arch1-1/build (requested /usr/src/linux) Disable /usr/lib/modules (requested /lib/modules) Disable /boot Disable /run/user/1000/gnupg Disable /run/user/1000/systemd Disable /proc/kmsg Debug 456: new_name #/home/Username/.cache/mozilla/firefox#, whitelist Debug 571: fname #/home/Username/.cache/mozilla/firefox#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.cache/mozilla/firefox Debug 456: new_name #/home/Username/.mozilla#, whitelist Debug 571: fname #/home/Username/.mozilla#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.mozilla Debug 456: new_name #/usr/share/doc#, whitelist Debug 456: new_name #/usr/share/firefox#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/firefox expanded: /usr/share/firefox real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/gtk-doc/html#, whitelist Debug 456: new_name #/usr/share/mozilla#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/mozilla expanded: /usr/share/mozilla real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/webext#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/webext expanded: /usr/share/webext real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/alsa#, whitelist Debug 456: new_name #/usr/share/applications#, whitelist Debug 456: new_name #/usr/share/ca-certificates#, whitelist Debug 456: new_name #/usr/share/crypto-policies#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/crypto-policies expanded: /usr/share/crypto-policies real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/cursors#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/cursors expanded: /usr/share/cursors real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/dconf#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/dconf expanded: /usr/share/dconf real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/distro-info#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/distro-info expanded: /usr/share/distro-info real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/drirc.d#, whitelist Debug 456: new_name #/usr/share/enchant#, whitelist Debug 456: new_name #/usr/share/enchant-2#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/enchant-2 expanded: /usr/share/enchant-2 real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/file#, whitelist Debug 456: new_name #/usr/share/fontconfig#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/fontconfig expanded: /usr/share/fontconfig real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/fonts#, whitelist Debug 456: new_name #/usr/share/gir-1.0#, whitelist Debug 456: new_name #/usr/share/gjs-1.0#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/gjs-1.0 expanded: /usr/share/gjs-1.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/glib-2.0#, whitelist Debug 456: new_name #/usr/share/glvnd#, whitelist Debug 456: new_name #/usr/share/gtk-2.0#, whitelist Debug 456: new_name #/usr/share/gtk-3.0#, whitelist Debug 456: new_name #/usr/share/gtk-engines#, whitelist Debug 456: new_name #/usr/share/gtksourceview-3.0#, whitelist Debug 456: new_name #/usr/share/gtksourceview-4#, whitelist Debug 456: new_name #/usr/share/hunspell#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/hunspell expanded: /usr/share/hunspell real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/hwdata#, whitelist Debug 456: new_name #/usr/share/icons#, whitelist Debug 456: new_name #/usr/share/icu#, whitelist Debug 456: new_name #/usr/share/knotifications5#, whitelist Debug 456: new_name #/usr/share/kservices5#, whitelist Debug 456: new_name #/usr/share/Kvantum#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/Kvantum expanded: /usr/share/Kvantum real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/kxmlgui5#, whitelist Debug 456: new_name #/usr/share/libdrm#, whitelist Debug 456: new_name #/usr/share/libthai#, whitelist Debug 456: new_name #/usr/share/locale#, whitelist Debug 456: new_name #/usr/share/mime#, whitelist Debug 456: new_name #/usr/share/misc#, whitelist Debug 456: new_name #/usr/share/Modules#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/Modules expanded: /usr/share/Modules real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/myspell#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/myspell expanded: /usr/share/myspell real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/p11-kit#, whitelist Debug 456: new_name #/usr/share/perl#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/perl expanded: /usr/share/perl real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/perl5#, whitelist Debug 456: new_name #/usr/share/pixmaps#, whitelist Debug 456: new_name #/usr/share/pki#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/pki expanded: /usr/share/pki real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/plasma#, whitelist Debug 456: new_name #/usr/share/publicsuffix#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/publicsuffix expanded: /usr/share/publicsuffix real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/qt#, whitelist Debug 456: new_name #/usr/share/qt4#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/qt4 expanded: /usr/share/qt4 real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/qt5#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/qt5 expanded: /usr/share/qt5 real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/qt5ct expanded: /usr/share/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/sounds#, whitelist Debug 456: new_name #/usr/share/tcl8.6#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/tcl8.6 expanded: /usr/share/tcl8.6 real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/tcltk#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/tcltk expanded: /usr/share/tcltk real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/terminfo#, whitelist Debug 456: new_name #/usr/share/texlive#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/texlive expanded: /usr/share/texlive real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/texmf#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/texmf expanded: /usr/share/texmf real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/themes#, whitelist Debug 456: new_name #/usr/share/thumbnail.so#, whitelist Removed whitelist/nowhitelist path: whitelist /usr/share/thumbnail.so expanded: /usr/share/thumbnail.so real path: (null) realpath: No such file or directory Debug 456: new_name #/usr/share/X11#, whitelist Debug 456: new_name #/usr/share/xml#, whitelist Debug 456: new_name #/usr/share/zoneinfo#, whitelist Directory ${DOWNLOADS} resolved as Downloads Debug 456: new_name #/home/Username/Downloads#, whitelist Debug 571: fname #/home/Username/Downloads#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/Downloads Debug 456: new_name #/home/Username/.pki#, whitelist Debug 571: fname #/home/Username/.pki#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.pki Debug 456: new_name #/home/Username/.local/share/pki#, whitelist Debug 571: fname #/home/Username/.local/share/pki#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.local/share/pki Debug 456: new_name #/home/Username/.XCompose#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose expanded: /home/Username/.XCompose real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.asoundrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc expanded: /home/Username/.asoundrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.config/ibus#, whitelist Debug 571: fname #/home/Username/.config/ibus#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/ibus Debug 456: new_name #/home/Username/.config/mimeapps.list#, whitelist Debug 571: fname #/home/Username/.config/mimeapps.list#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/mimeapps.list Debug 456: new_name #/home/Username/.config/pkcs11#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11 expanded: /home/Username/.config/pkcs11 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.config/user-dirs.dirs#, whitelist Debug 571: fname #/home/Username/.config/user-dirs.dirs#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/user-dirs.dirs Debug 456: new_name #/home/Username/.config/user-dirs.locale#, whitelist Debug 571: fname #/home/Username/.config/user-dirs.locale#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/user-dirs.locale Debug 456: new_name #/home/Username/.drirc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc expanded: /home/Username/.drirc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons expanded: /home/Username/.icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.local/share/applications#, whitelist Debug 571: fname #/home/Username/.local/share/applications#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.local/share/applications Debug 456: new_name #/home/Username/.local/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/icons expanded: /home/Username/.local/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.local/share/mime#, whitelist Debug 571: fname #/home/Username/.local/share/mime#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.local/share/mime Debug 456: new_name #/home/Username/.mime.types#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types expanded: /home/Username/.mime.types real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.uim.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d expanded: /home/Username/.uim.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.config/dconf#, whitelist Debug 571: fname #/home/Username/.config/dconf#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/dconf Debug 456: new_name #/home/Username/.cache/fontconfig#, whitelist Debug 571: fname #/home/Username/.cache/fontconfig#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.cache/fontconfig Debug 456: new_name #/home/Username/.config/fontconfig#, whitelist Debug 571: fname #/home/Username/.config/fontconfig#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/fontconfig Debug 456: new_name #/home/Username/.fontconfig#, whitelist Debug 571: fname #/home/Username/.fontconfig#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.fontconfig Debug 456: new_name #/home/Username/.fonts#, whitelist Debug 571: fname #/home/Username/.fonts#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.fonts Debug 456: new_name #/home/Username/.fonts.conf#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf expanded: /home/Username/.fonts.conf real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.fonts.conf.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d expanded: /home/Username/.fonts.conf.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.fonts.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d expanded: /home/Username/.fonts.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.local/share/fonts#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/fonts expanded: /home/Username/.local/share/fonts real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.pangorc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc expanded: /home/Username/.pangorc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.config/gtk-2.0#, whitelist Debug 571: fname #/home/Username/.config/gtk-2.0#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/gtk-2.0 Debug 456: new_name #/home/Username/.config/gtk-3.0#, whitelist Debug 571: fname #/home/Username/.config/gtk-3.0#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/gtk-3.0 Debug 456: new_name #/home/Username/.config/gtk-4.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0 expanded: /home/Username/.config/gtk-4.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.config/gtkrc#, whitelist Debug 571: fname #/home/Username/.config/gtkrc#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/gtkrc Debug 456: new_name #/home/Username/.config/gtkrc-2.0#, whitelist Debug 571: fname #/home/Username/.config/gtkrc-2.0#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/gtkrc-2.0 Debug 456: new_name #/home/Username/.gnome2#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2 expanded: /home/Username/.gnome2 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.gnome2-private#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private expanded: /home/Username/.gnome2-private real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.gtk-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0 expanded: /home/Username/.gtk-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc expanded: /home/Username/.gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.gtkrc-2.0#, whitelist Debug 571: fname #/home/Username/.gtkrc-2.0#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.gtkrc-2.0 Debug 456: new_name #/home/Username/.kde/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc expanded: /home/Username/.kde/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0 expanded: /home/Username/.kde/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde4/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc expanded: /home/Username/.kde4/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde4/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0 expanded: /home/Username/.kde4/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.local/share/themes#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes expanded: /home/Username/.local/share/themes real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.themes#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes expanded: /home/Username/.themes real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.cache/kioexec/krun#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun expanded: /home/Username/.cache/kioexec/krun real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.config/Kvantum#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Kvantum expanded: /home/Username/.config/Kvantum real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.config/Trolltech.conf#, whitelist Debug 571: fname #/home/Username/.config/Trolltech.conf#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/Trolltech.conf Debug 456: new_name #/home/Username/.config/kdeglobals#, whitelist Debug 571: fname #/home/Username/.config/kdeglobals#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/kdeglobals Debug 456: new_name #/home/Username/.config/kio_httprc#, whitelist Debug 571: fname #/home/Username/.config/kio_httprc#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.config/kio_httprc Debug 456: new_name #/home/Username/.config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc expanded: /home/Username/.config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist expanded: /home/Username/.config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.config/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qt5ct expanded: /home/Username/.config/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde/share/config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals expanded: /home/Username/.kde/share/config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc expanded: /home/Username/.kde/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc expanded: /home/Username/.kde/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist expanded: /home/Username/.kde/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc expanded: /home/Username/.kde/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons expanded: /home/Username/.kde/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde4/share/config/kdeglobals#, whitelist Debug 571: fname #/home/Username/.kde4/share/config/kdeglobals#, cfg.homedir #/home/Username# Replaced whitelist path: whitelist /home/Username/.kde4/share/config/kdeglobals Debug 456: new_name #/home/Username/.kde4/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc expanded: /home/Username/.kde4/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde4/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc expanded: /home/Username/.kde4/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde4/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist expanded: /home/Username/.kde4/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde4/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc expanded: /home/Username/.kde4/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.kde4/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons expanded: /home/Username/.kde4/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/Username/.local/share/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct expanded: /home/Username/.local/share/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/ca-certificates#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates expanded: /var/lib/ca-certificates real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/dbus#, whitelist Debug 456: new_name #/var/lib/menu-xdg#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg expanded: /var/lib/menu-xdg real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/uim#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/uim expanded: /var/lib/uim real path: (null) realpath: No such file or directory Debug 456: new_name #/var/cache/fontconfig#, whitelist Debug 456: new_name #/var/tmp#, whitelist Debug 456: new_name #/var/run#, whitelist Replaced whitelist path: whitelist /run Debug 456: new_name #/var/lock#, whitelist Replaced whitelist path: whitelist /run/lock Debug 456: new_name #/tmp/.X11-unix#, whitelist Mounting tmpfs on /tmp directory Mounting tmpfs on /var directory Mounting tmpfs on /usr/share directory Drop privileges: pid 3, uid 1000, gid 985, nogroups 0 Warning: cleaning all supplementary groups Mounting a new /root directory Mounting a new /home directory Create a new user directory Drop privileges: pid 4, uid 1000, gid 985, nogroups 0 Warning: cleaning all supplementary groups Drop privileges: pid 5, uid 1000, gid 985, nogroups 0 Warning: cleaning all supplementary groups Whitelisting /home/Username/.cache/mozilla/firefox 1379 1287 254:1 /home/Username/.cache/mozilla/firefox /home/Username/.cache/mozilla/firefox rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1379 fsname=/home/Username/.cache/mozilla/firefox dir=/home/Username/.cache/mozilla/firefox fstype=ext4 Whitelisting /home/Username/.mozilla 1482 1287 254:1 /home/Username/.mozilla /home/Username/.mozilla rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1482 fsname=/home/Username/.mozilla dir=/home/Username/.mozilla fstype=ext4 Whitelisting /usr/share/doc 1500 1160 254:1 /usr/share/doc /usr/share/doc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1500 fsname=/usr/share/doc dir=/usr/share/doc fstype=ext4 Whitelisting /usr/share/gtk-doc/html 1501 1160 254:1 /usr/share/gtk-doc/html /usr/share/gtk-doc/html ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1501 fsname=/usr/share/gtk-doc/html dir=/usr/share/gtk-doc/html fstype=ext4 Whitelisting /usr/share/alsa 1643 1160 254:1 /usr/share/alsa /usr/share/alsa ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1643 fsname=/usr/share/alsa dir=/usr/share/alsa fstype=ext4 Whitelisting /usr/share/applications 1658 1160 254:1 /usr/share/applications /usr/share/applications ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1658 fsname=/usr/share/applications dir=/usr/share/applications fstype=ext4 Whitelisting /usr/share/ca-certificates 1659 1160 254:1 /usr/share/ca-certificates /usr/share/ca-certificates ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1659 fsname=/usr/share/ca-certificates dir=/usr/share/ca-certificates fstype=ext4 Whitelisting /usr/share/drirc.d 1773 1160 254:1 /usr/share/drirc.d /usr/share/drirc.d ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1773 fsname=/usr/share/drirc.d dir=/usr/share/drirc.d fstype=ext4 Whitelisting /usr/share/enchant 1811 1160 254:1 /usr/share/enchant /usr/share/enchant ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1811 fsname=/usr/share/enchant dir=/usr/share/enchant fstype=ext4 Whitelisting /usr/share/file 1848 1160 254:1 /usr/share/file /usr/share/file ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1848 fsname=/usr/share/file dir=/usr/share/file fstype=ext4 Whitelisting /usr/share/fonts 1855 1160 254:1 /usr/share/fonts /usr/share/fonts ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1855 fsname=/usr/share/fonts dir=/usr/share/fonts fstype=ext4 Whitelisting /usr/share/gir-1.0 1948 1160 254:1 /usr/share/gir-1.0 /usr/share/gir-1.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1948 fsname=/usr/share/gir-1.0 dir=/usr/share/gir-1.0 fstype=ext4 Whitelisting /usr/share/glib-2.0 1949 1160 254:1 /usr/share/glib-2.0 /usr/share/glib-2.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1949 fsname=/usr/share/glib-2.0 dir=/usr/share/glib-2.0 fstype=ext4 Whitelisting /usr/share/glvnd 1961 1160 254:1 /usr/share/glvnd /usr/share/glvnd ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1961 fsname=/usr/share/glvnd dir=/usr/share/glvnd fstype=ext4 Whitelisting /usr/share/gtk-2.0 1962 1160 254:1 /usr/share/gtk-2.0 /usr/share/gtk-2.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1962 fsname=/usr/share/gtk-2.0 dir=/usr/share/gtk-2.0 fstype=ext4 Whitelisting /usr/share/gtk-3.0 1977 1160 254:1 /usr/share/gtk-3.0 /usr/share/gtk-3.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1977 fsname=/usr/share/gtk-3.0 dir=/usr/share/gtk-3.0 fstype=ext4 Whitelisting /usr/share/gtk-engines 1978 1160 254:1 /usr/share/gtk-engines /usr/share/gtk-engines ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1978 fsname=/usr/share/gtk-engines dir=/usr/share/gtk-engines fstype=ext4 Whitelisting /usr/share/gtksourceview-3.0 1979 1160 254:1 /usr/share/gtksourceview-3.0 /usr/share/gtksourceview-3.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1979 fsname=/usr/share/gtksourceview-3.0 dir=/usr/share/gtksourceview-3.0 fstype=ext4 Whitelisting /usr/share/gtksourceview-4 1980 1160 254:1 /usr/share/gtksourceview-4 /usr/share/gtksourceview-4 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1980 fsname=/usr/share/gtksourceview-4 dir=/usr/share/gtksourceview-4 fstype=ext4 Whitelisting /usr/share/hwdata 1981 1160 254:1 /usr/share/hwdata /usr/share/hwdata ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1981 fsname=/usr/share/hwdata dir=/usr/share/hwdata fstype=ext4 Whitelisting /usr/share/icons 1982 1160 254:1 /usr/share/icons /usr/share/icons ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1982 fsname=/usr/share/icons dir=/usr/share/icons fstype=ext4 Whitelisting /usr/share/icu 1983 1160 254:1 /usr/share/icu /usr/share/icu ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1983 fsname=/usr/share/icu dir=/usr/share/icu fstype=ext4 Whitelisting /usr/share/knotifications5 1984 1160 254:1 /usr/share/knotifications5 /usr/share/knotifications5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1984 fsname=/usr/share/knotifications5 dir=/usr/share/knotifications5 fstype=ext4 Whitelisting /usr/share/kservices5 1985 1160 254:1 /usr/share/kservices5 /usr/share/kservices5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1985 fsname=/usr/share/kservices5 dir=/usr/share/kservices5 fstype=ext4 Whitelisting /usr/share/kxmlgui5 1986 1160 254:1 /usr/share/kxmlgui5 /usr/share/kxmlgui5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1986 fsname=/usr/share/kxmlgui5 dir=/usr/share/kxmlgui5 fstype=ext4 Whitelisting /usr/share/libdrm 1987 1160 254:1 /usr/share/libdrm /usr/share/libdrm ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1987 fsname=/usr/share/libdrm dir=/usr/share/libdrm fstype=ext4 Whitelisting /usr/share/libthai 1988 1160 254:1 /usr/share/libthai /usr/share/libthai ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1988 fsname=/usr/share/libthai dir=/usr/share/libthai fstype=ext4 Whitelisting /usr/share/locale 1989 1160 254:1 /usr/share/locale /usr/share/locale ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1989 fsname=/usr/share/locale dir=/usr/share/locale fstype=ext4 Whitelisting /usr/share/mime 1990 1160 254:1 /usr/share/mime /usr/share/mime ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1990 fsname=/usr/share/mime dir=/usr/share/mime fstype=ext4 Whitelisting /usr/share/misc 1991 1160 254:1 /usr/share/misc /usr/share/misc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1991 fsname=/usr/share/misc dir=/usr/share/misc fstype=ext4 Whitelisting /usr/share/p11-kit 1992 1160 254:1 /usr/share/p11-kit /usr/share/p11-kit ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1992 fsname=/usr/share/p11-kit dir=/usr/share/p11-kit fstype=ext4 Whitelisting /usr/share/perl5 1993 1160 254:1 /usr/share/perl5 /usr/share/perl5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1993 fsname=/usr/share/perl5 dir=/usr/share/perl5 fstype=ext4 Whitelisting /usr/share/pixmaps 1994 1160 254:1 /usr/share/pixmaps /usr/share/pixmaps ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1994 fsname=/usr/share/pixmaps dir=/usr/share/pixmaps fstype=ext4 Whitelisting /usr/share/plasma 1995 1160 254:1 /usr/share/plasma /usr/share/plasma ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1995 fsname=/usr/share/plasma dir=/usr/share/plasma fstype=ext4 Whitelisting /usr/share/qt 1996 1160 254:1 /usr/share/qt /usr/share/qt ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1996 fsname=/usr/share/qt dir=/usr/share/qt fstype=ext4 Whitelisting /usr/share/sounds 1997 1160 254:1 /usr/share/sounds /usr/share/sounds ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1997 fsname=/usr/share/sounds dir=/usr/share/sounds fstype=ext4 Whitelisting /usr/share/terminfo 1998 1160 254:1 /usr/share/terminfo /usr/share/terminfo ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1998 fsname=/usr/share/terminfo dir=/usr/share/terminfo fstype=ext4 Whitelisting /usr/share/themes 1999 1160 254:1 /usr/share/themes /usr/share/themes ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=1999 fsname=/usr/share/themes dir=/usr/share/themes fstype=ext4 Whitelisting /usr/share/X11 2000 1160 254:1 /usr/share/X11 /usr/share/X11 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2000 fsname=/usr/share/X11 dir=/usr/share/X11 fstype=ext4 Whitelisting /usr/share/xml 2001 1160 254:1 /usr/share/xml /usr/share/xml ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2001 fsname=/usr/share/xml dir=/usr/share/xml fstype=ext4 Whitelisting /usr/share/zoneinfo 2002 1160 254:1 /usr/share/zoneinfo /usr/share/zoneinfo ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2002 fsname=/usr/share/zoneinfo dir=/usr/share/zoneinfo fstype=ext4 Whitelisting /home/Username/Downloads 2003 1287 254:1 /home/Username/Downloads /home/Username/Downloads rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2003 fsname=/home/Username/Downloads dir=/home/Username/Downloads fstype=ext4 Whitelisting /home/Username/.pki 2004 1287 254:1 /home/Username/.pki /home/Username/.pki rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2004 fsname=/home/Username/.pki dir=/home/Username/.pki fstype=ext4 Whitelisting /home/Username/.local/share/pki 2005 1287 254:1 /home/Username/.local/share/pki /home/Username/.local/share/pki rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2005 fsname=/home/Username/.local/share/pki dir=/home/Username/.local/share/pki fstype=ext4 Whitelisting /home/Username/.config/ibus 2006 1287 254:1 /home/Username/.config/ibus /home/Username/.config/ibus rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2006 fsname=/home/Username/.config/ibus dir=/home/Username/.config/ibus fstype=ext4 Whitelisting /home/Username/.config/mimeapps.list 2007 1287 254:1 /home/Username/.config/mimeapps.list /home/Username/.config/mimeapps.list rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2007 fsname=/home/Username/.config/mimeapps.list dir=/home/Username/.config/mimeapps.list fstype=ext4 Whitelisting /home/Username/.config/user-dirs.dirs 2008 1287 254:1 /home/Username/.config/user-dirs.dirs /home/Username/.config/user-dirs.dirs rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2008 fsname=/home/Username/.config/user-dirs.dirs dir=/home/Username/.config/user-dirs.dirs fstype=ext4 Whitelisting /home/Username/.config/user-dirs.locale 2009 1287 254:1 /home/Username/.config/user-dirs.locale /home/Username/.config/user-dirs.locale rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2009 fsname=/home/Username/.config/user-dirs.locale dir=/home/Username/.config/user-dirs.locale fstype=ext4 Whitelisting /home/Username/.local/share/applications 2010 1287 254:1 /home/Username/.local/share/applications /home/Username/.local/share/applications rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2010 fsname=/home/Username/.local/share/applications dir=/home/Username/.local/share/applications fstype=ext4 Whitelisting /home/Username/.local/share/mime 2011 1287 254:1 /home/Username/.local/share/mime /home/Username/.local/share/mime rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2011 fsname=/home/Username/.local/share/mime dir=/home/Username/.local/share/mime fstype=ext4 Whitelisting /home/Username/.config/dconf 2012 1287 254:1 /home/Username/.config/dconf /home/Username/.config/dconf rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2012 fsname=/home/Username/.config/dconf dir=/home/Username/.config/dconf fstype=ext4 Whitelisting /home/Username/.cache/fontconfig 2013 1287 254:1 /home/Username/.cache/fontconfig /home/Username/.cache/fontconfig rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2013 fsname=/home/Username/.cache/fontconfig dir=/home/Username/.cache/fontconfig fstype=ext4 Whitelisting /home/Username/.config/fontconfig 2014 1287 254:1 /home/Username/.config/fontconfig /home/Username/.config/fontconfig rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2014 fsname=/home/Username/.config/fontconfig dir=/home/Username/.config/fontconfig fstype=ext4 Whitelisting /home/Username/.fontconfig 2015 1287 254:1 /home/Username/.fontconfig /home/Username/.fontconfig rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2015 fsname=/home/Username/.fontconfig dir=/home/Username/.fontconfig fstype=ext4 Whitelisting /home/Username/.fonts 2016 1287 254:1 /home/Username/.fonts /home/Username/.fonts rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2016 fsname=/home/Username/.fonts dir=/home/Username/.fonts fstype=ext4 Whitelisting /home/Username/.config/gtk-2.0 2017 1287 254:1 /home/Username/.config/gtk-2.0 /home/Username/.config/gtk-2.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2017 fsname=/home/Username/.config/gtk-2.0 dir=/home/Username/.config/gtk-2.0 fstype=ext4 Whitelisting /home/Username/.config/gtk-3.0 2018 1287 254:1 /home/Username/.config/gtk-3.0 /home/Username/.config/gtk-3.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2018 fsname=/home/Username/.config/gtk-3.0 dir=/home/Username/.config/gtk-3.0 fstype=ext4 Whitelisting /home/Username/.config/gtkrc 2019 1287 254:1 /home/Username/.config/gtkrc /home/Username/.config/gtkrc rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2019 fsname=/home/Username/.config/gtkrc dir=/home/Username/.config/gtkrc fstype=ext4 Whitelisting /home/Username/.config/gtkrc-2.0 2020 1287 254:1 /home/Username/.config/gtkrc-2.0 /home/Username/.config/gtkrc-2.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2020 fsname=/home/Username/.config/gtkrc-2.0 dir=/home/Username/.config/gtkrc-2.0 fstype=ext4 Whitelisting /home/Username/.gtkrc-2.0 2021 1287 254:1 /home/Username/.gtkrc-2.0 /home/Username/.gtkrc-2.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2021 fsname=/home/Username/.gtkrc-2.0 dir=/home/Username/.gtkrc-2.0 fstype=ext4 Whitelisting /home/Username/.config/Trolltech.conf 2022 1287 254:1 /home/Username/.config/Trolltech.conf /home/Username/.config/Trolltech.conf rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2022 fsname=/home/Username/.config/Trolltech.conf dir=/home/Username/.config/Trolltech.conf fstype=ext4 Whitelisting /home/Username/.config/kdeglobals 2023 1287 254:1 /home/Username/.config/kdeglobals /home/Username/.config/kdeglobals rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2023 fsname=/home/Username/.config/kdeglobals dir=/home/Username/.config/kdeglobals fstype=ext4 Whitelisting /home/Username/.config/kio_httprc 2024 1287 254:1 /home/Username/.config/kio_httprc /home/Username/.config/kio_httprc rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2024 fsname=/home/Username/.config/kio_httprc dir=/home/Username/.config/kio_httprc fstype=ext4 Whitelisting /home/Username/.kde4/share/config/kdeglobals 2025 1287 254:1 /home/Username/.kde4/share/config/kdeglobals /home/Username/.kde4/share/config/kdeglobals rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2025 fsname=/home/Username/.kde4/share/config/kdeglobals dir=/home/Username/.kde4/share/config/kdeglobals fstype=ext4 Whitelisting /var/lib/dbus 2026 1093 254:1 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2026 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4 Whitelisting /var/cache/fontconfig 2027 1093 254:1 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2027 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4 Whitelisting /var/tmp 2028 1093 0:96 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw mountid=2028 fsname=/ dir=/var/tmp fstype=tmpfs Created symbolic link /var/run -> /run Created symbolic link /var/lock -> /run/lock Whitelisting /tmp/.X11-unix 2029 715 0:47 /.X11-unix /tmp/.X11-unix rw,nosuid,nodev master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600 mountid=2029 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs Disable /etc/X11/Xsession.d Disable /etc/xdg/autostart Mounting read-only /home/Username/.Xauthority 2036 1287 0:108 /Username/.Xauthority /home/Username/.Xauthority ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755 mountid=2036 fsname=/Username/.Xauthority dir=/home/Username/.Xauthority fstype=tmpfs Mounting read-only /home/Username/.config/kdeglobals 2037 2023 254:1 /home/Username/.config/kdeglobals /home/Username/.config/kdeglobals ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2037 fsname=/home/Username/.config/kdeglobals dir=/home/Username/.config/kdeglobals fstype=ext4 Mounting read-only /home/Username/.config/kio_httprc 2038 2024 254:1 /home/Username/.config/kio_httprc /home/Username/.config/kio_httprc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2038 fsname=/home/Username/.config/kio_httprc dir=/home/Username/.config/kio_httprc fstype=ext4 Mounting read-only /home/Username/.kde4/share/config/kdeglobals 2039 2025 254:1 /home/Username/.kde4/share/config/kdeglobals /home/Username/.kde4/share/config/kdeglobals ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2039 fsname=/home/Username/.kde4/share/config/kdeglobals dir=/home/Username/.kde4/share/config/kdeglobals fstype=ext4 Disable /run/user/1000/klauncherLdudZi.1.slave-socket Disable /run/user/1000/kdeinit5__0 Mounting read-only /home/Username/.config/dconf 2042 2012 254:1 /home/Username/.config/dconf /home/Username/.config/dconf ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2042 fsname=/home/Username/.config/dconf dir=/home/Username/.config/dconf fstype=ext4 Disable /usr/bin/systemd-run Disable /run/user/1000/systemd Disable /usr/bin/veracrypt Disable /usr/share/applications/veracrypt.desktop Disable /usr/share/pixmaps/veracrypt.xpm Disable /etc/profile.d Disable /etc/kernel Disable /etc/grub.d Disable /etc/dkms Disable /etc/apparmor Disable /etc/apparmor.d Disable /etc/modules-load.d Disable /etc/logrotate.d Disable /etc/logrotate.conf Mounting read-only /home/Username/.bashrc 2057 1287 0:108 /Username/.bashrc /home/Username/.bashrc ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755 mountid=2057 fsname=/Username/.bashrc dir=/home/Username/.bashrc fstype=tmpfs Mounting read-only /home/Username/.local/share/applications 2058 2010 254:1 /home/Username/.local/share/applications /home/Username/.local/share/applications ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2058 fsname=/home/Username/.local/share/applications dir=/home/Username/.local/share/applications fstype=ext4 Mounting read-only /home/Username/.config/mimeapps.list 2059 2007 254:1 /home/Username/.config/mimeapps.list /home/Username/.config/mimeapps.list ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2059 fsname=/home/Username/.config/mimeapps.list dir=/home/Username/.config/mimeapps.list fstype=ext4 Mounting read-only /home/Username/.config/user-dirs.dirs 2060 2008 254:1 /home/Username/.config/user-dirs.dirs /home/Username/.config/user-dirs.dirs ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2060 fsname=/home/Username/.config/user-dirs.dirs dir=/home/Username/.config/user-dirs.dirs fstype=ext4 Mounting read-only /home/Username/.config/user-dirs.locale 2061 2009 254:1 /home/Username/.config/user-dirs.locale /home/Username/.config/user-dirs.locale ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2061 fsname=/home/Username/.config/user-dirs.locale dir=/home/Username/.config/user-dirs.locale fstype=ext4 Mounting read-only /home/Username/.local/share/mime 2062 2011 254:1 /home/Username/.local/share/mime /home/Username/.local/share/mime ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2062 fsname=/home/Username/.local/share/mime dir=/home/Username/.local/share/mime fstype=ext4 Not blacklist /home/Username/.pki Not blacklist /home/Username/.local/share/pki Disable /etc/group- Disable /etc/gshadow Disable /etc/gshadow- Disable /etc/passwd- Disable /etc/shadow Disable /etc/shadow- Disable /etc/ssh Warning: /sbin directory link was not blacklisted Disable /usr/local/sbin Warning: /usr/sbin directory link was not blacklisted Disable /usr/bin/chage Disable /usr/bin/chfn Disable /usr/bin/chsh Disable /usr/bin/expiry Disable /usr/bin/fusermount Disable /usr/bin/gpasswd Disable /usr/bin/ksu Disable /usr/bin/mount Disable /usr/bin/netcat (requested /usr/bin/nc) Disable /usr/bin/newgidmap Disable /usr/bin/newgrp Disable /usr/bin/newuidmap Disable /usr/bin/ntfs-3g Disable /usr/bin/pkexec Disable /usr/bin/sg Disable /usr/bin/su Disable /usr/bin/sudo Disable /usr/bin/umount Disable /usr/bin/unix_chkpwd Disable /usr/bin/xev Disable /usr/bin/xinput Disable /usr/bin/bwrap Disable /proc/config.gz Disable /usr/bin/dig Disable /usr/bin/nslookup Disable /usr/bin/host Disable /usr/bin/resolvectl Disable /usr/bin/clang-refactor Disable /usr/bin/clang-format Disable /usr/bin/clang-10 (requested /usr/bin/clang) Disable /usr/bin/clang-reorder-fields Disable /usr/bin/clang-query Disable /usr/bin/clang-scan-deps Disable /usr/bin/clang-10 Disable /usr/bin/clang-check Disable /usr/bin/clang-move Disable /usr/bin/clang-doc Disable /usr/bin/clang-10 (requested /usr/bin/clang-cl) Disable /usr/bin/clang-10 (requested /usr/bin/clang-cpp) Disable /usr/bin/clang-apply-replacements Disable /usr/bin/clang-rename Disable /usr/bin/clang-offload-bundler Disable /usr/bin/clang-tidy Disable /usr/bin/clang-10 (requested /usr/bin/clang++) Disable /usr/bin/clangd Disable /usr/bin/clang-offload-wrapper Disable /usr/bin/clang-extdef-mapping Disable /usr/bin/clang-import-test Disable /usr/bin/clang-change-namespace Disable /usr/bin/clang-include-fixer Disable /usr/bin/llvm-spirv Disable /usr/bin/as Disable /usr/bin/gcc (requested /usr/bin/cc) Disable /usr/bin/c++filt Disable /usr/bin/c++ Disable /usr/bin/c89 Disable /usr/bin/c99 Disable /usr/bin/cpp Disable /usr/bin/cpp2html Disable /usr/bin/g++ Disable /usr/bin/gcc-ar Disable /usr/bin/gcc-ranlib Disable /usr/bin/gcc Disable /usr/bin/gcc-nm Disable /usr/bin/gdb Disable /usr/bin/ld Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/bin/openssl Disable /usr/bin/openssl-1.0 Disable /usr/src Disable /usr/local/src Disable /usr/include Disable /usr/local/include Mounting noexec /home/Username/.cache/mozilla/firefox 2155 1379 254:1 /home/Username/.cache/mozilla/firefox /home/Username/.cache/mozilla/firefox rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2155 fsname=/home/Username/.cache/mozilla/firefox dir=/home/Username/.cache/mozilla/firefox fstype=ext4 Mounting noexec /home/Username/.mozilla 2156 1482 254:1 /home/Username/.mozilla /home/Username/.mozilla rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2156 fsname=/home/Username/.mozilla dir=/home/Username/.mozilla fstype=ext4 Mounting noexec /home/Username/Downloads 2157 2003 254:1 /home/Username/Downloads /home/Username/Downloads rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2157 fsname=/home/Username/Downloads dir=/home/Username/Downloads fstype=ext4 Mounting noexec /home/Username/.pki 2158 2004 254:1 /home/Username/.pki /home/Username/.pki rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2158 fsname=/home/Username/.pki dir=/home/Username/.pki fstype=ext4 Mounting noexec /home/Username/.local/share/pki 2159 2005 254:1 /home/Username/.local/share/pki /home/Username/.local/share/pki rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2159 fsname=/home/Username/.local/share/pki dir=/home/Username/.local/share/pki fstype=ext4 Mounting noexec /home/Username/.config/ibus 2160 2006 254:1 /home/Username/.config/ibus /home/Username/.config/ibus rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2160 fsname=/home/Username/.config/ibus dir=/home/Username/.config/ibus fstype=ext4 Mounting noexec /home/Username/.config/mimeapps.list 2161 2059 254:1 /home/Username/.config/mimeapps.list /home/Username/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2161 fsname=/home/Username/.config/mimeapps.list dir=/home/Username/.config/mimeapps.list fstype=ext4 Mounting noexec /home/Username/.config/user-dirs.dirs 2162 2060 254:1 /home/Username/.config/user-dirs.dirs /home/Username/.config/user-dirs.dirs ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2162 fsname=/home/Username/.config/user-dirs.dirs dir=/home/Username/.config/user-dirs.dirs fstype=ext4 Mounting noexec /home/Username/.config/user-dirs.locale 2163 2061 254:1 /home/Username/.config/user-dirs.locale /home/Username/.config/user-dirs.locale ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2163 fsname=/home/Username/.config/user-dirs.locale dir=/home/Username/.config/user-dirs.locale fstype=ext4 Mounting noexec /home/Username/.local/share/applications 2164 2058 254:1 /home/Username/.local/share/applications /home/Username/.local/share/applications ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2164 fsname=/home/Username/.local/share/applications dir=/home/Username/.local/share/applications fstype=ext4 Mounting noexec /home/Username/.local/share/mime 2165 2062 254:1 /home/Username/.local/share/mime /home/Username/.local/share/mime ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2165 fsname=/home/Username/.local/share/mime dir=/home/Username/.local/share/mime fstype=ext4 Mounting noexec /home/Username/.config/dconf 2166 2042 254:1 /home/Username/.config/dconf /home/Username/.config/dconf ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2166 fsname=/home/Username/.config/dconf dir=/home/Username/.config/dconf fstype=ext4 Mounting noexec /home/Username/.cache/fontconfig 2167 2013 254:1 /home/Username/.cache/fontconfig /home/Username/.cache/fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2167 fsname=/home/Username/.cache/fontconfig dir=/home/Username/.cache/fontconfig fstype=ext4 Mounting noexec /home/Username/.config/fontconfig 2168 2014 254:1 /home/Username/.config/fontconfig /home/Username/.config/fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2168 fsname=/home/Username/.config/fontconfig dir=/home/Username/.config/fontconfig fstype=ext4 Mounting noexec /home/Username/.fontconfig 2169 2015 254:1 /home/Username/.fontconfig /home/Username/.fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2169 fsname=/home/Username/.fontconfig dir=/home/Username/.fontconfig fstype=ext4 Mounting noexec /home/Username/.fonts 2170 2016 254:1 /home/Username/.fonts /home/Username/.fonts rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2170 fsname=/home/Username/.fonts dir=/home/Username/.fonts fstype=ext4 Mounting noexec /home/Username/.config/gtk-2.0 2171 2017 254:1 /home/Username/.config/gtk-2.0 /home/Username/.config/gtk-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2171 fsname=/home/Username/.config/gtk-2.0 dir=/home/Username/.config/gtk-2.0 fstype=ext4 Mounting noexec /home/Username/.config/gtk-3.0 2172 2018 254:1 /home/Username/.config/gtk-3.0 /home/Username/.config/gtk-3.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2172 fsname=/home/Username/.config/gtk-3.0 dir=/home/Username/.config/gtk-3.0 fstype=ext4 Mounting noexec /home/Username/.config/gtkrc 2173 2019 254:1 /home/Username/.config/gtkrc /home/Username/.config/gtkrc rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2173 fsname=/home/Username/.config/gtkrc dir=/home/Username/.config/gtkrc fstype=ext4 Mounting noexec /home/Username/.config/gtkrc-2.0 2174 2020 254:1 /home/Username/.config/gtkrc-2.0 /home/Username/.config/gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2174 fsname=/home/Username/.config/gtkrc-2.0 dir=/home/Username/.config/gtkrc-2.0 fstype=ext4 Mounting noexec /home/Username/.gtkrc-2.0 2175 2021 254:1 /home/Username/.gtkrc-2.0 /home/Username/.gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2175 fsname=/home/Username/.gtkrc-2.0 dir=/home/Username/.gtkrc-2.0 fstype=ext4 Mounting noexec /home/Username/.config/Trolltech.conf 2176 2022 254:1 /home/Username/.config/Trolltech.conf /home/Username/.config/Trolltech.conf rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2176 fsname=/home/Username/.config/Trolltech.conf dir=/home/Username/.config/Trolltech.conf fstype=ext4 Mounting noexec /home/Username/.config/kdeglobals 2177 2037 254:1 /home/Username/.config/kdeglobals /home/Username/.config/kdeglobals ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2177 fsname=/home/Username/.config/kdeglobals dir=/home/Username/.config/kdeglobals fstype=ext4 Mounting noexec /home/Username/.config/kio_httprc 2178 2038 254:1 /home/Username/.config/kio_httprc /home/Username/.config/kio_httprc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2178 fsname=/home/Username/.config/kio_httprc dir=/home/Username/.config/kio_httprc fstype=ext4 Mounting noexec /home/Username/.kde4/share/config/kdeglobals 2179 2039 254:1 /home/Username/.kde4/share/config/kdeglobals /home/Username/.kde4/share/config/kdeglobals ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw mountid=2179 fsname=/home/Username/.kde4/share/config/kdeglobals dir=/home/Username/.kde4/share/config/kdeglobals fstype=ext4 Mounting noexec /run/user/1000 2187 2180 0:23 /firejail/firejail.ro.file /run/user/1000/kdeinit5__0 rw,nosuid,nodev,relatime master:14 - tmpfs run rw,mode=755 mountid=2187 fsname=/firejail/firejail.ro.file dir=/run/user/1000/kdeinit5__0 fstype=tmpfs Warning: not remounting /run/user/1000/gvfs Mounting noexec /dev/shm 2188 914 0:102 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755 mountid=2188 fsname=/shm dir=/dev/shm fstype=tmpfs Mounting noexec /tmp 2190 2189 0:47 /.X11-unix /tmp/.X11-unix rw,nosuid,nodev master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600 mountid=2190 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs Mounting noexec /tmp/.X11-unix 2191 2190 0:47 /.X11-unix /tmp/.X11-unix rw,nosuid,nodev,noexec master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600 mountid=2191 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs Mounting noexec /var 2195 2192 0:96 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw mountid=2195 fsname=/ dir=/var/tmp fstype=tmpfs Disable /usr/bin/luac5.2 Disable /usr/bin/luajit-2.0.5 Disable /usr/bin/lua (requested /usr/bin/lua5.4) Disable /usr/bin/luac (requested /usr/bin/luac5.4) Disable /usr/bin/lua Disable /usr/bin/luajit-2.0.5 (requested /usr/bin/luajit) Disable /usr/bin/lua5.2 Disable /usr/bin/luac Disable /usr/lib/liblua.so.5.4.1 Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so) Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so) Disable /usr/lib/libluajit-5.1.so.2.0.5 Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so.2) Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so.5.4) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so) Disable /usr/lib/liblua5.2.so.5.2.4 Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2) Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua5.4.so) Disable /usr/lib/lua Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so) Disable /usr/bin/core_perl/cpan Disable /usr/bin/core_perl Disable /usr/bin/perl Disable /usr/bin/site_perl Disable /usr/bin/vendor_perl Disable /usr/lib/perl5 Disable /usr/share/perl5 Disable /usr/lib/ruby Disable /usr/bin/python2.7-config Disable /usr/bin/python2.7-config (requested /usr/bin/python2-config) Disable /usr/bin/python2.7 (requested /usr/bin/python2) Disable /usr/bin/python2.7 Disable /usr/lib/python2.7 Disable /usr/bin/python3.8-config (requested /usr/bin/python3-config) Disable /usr/bin/python3.8 (requested /usr/bin/python3) Disable /usr/bin/python3.8 Disable /usr/bin/python3.8-config Disable /usr/lib/python3.7 Disable /usr/lib/python3.8 Disable /usr/lib/python3.7 (requested /usr/lib64/python3.7) Disable /usr/lib/python3.8 (requested /usr/lib64/python3.8) Not blacklist /home/Username/.mozilla Not blacklist /home/Username/.cache/mozilla Mounting read-only /tmp/.X11-unix 2239 2191 0:47 /.X11-unix /tmp/.X11-unix ro,nosuid,nodev,noexec master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600 mountid=2239 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs Disable /sys/fs Disable /sys/module Disable /mnt Disable /media Disable /run/mount Disable /run/media Mounting noexec /run/firejail/mnt/pulse 2246 724 0:55 /pulse /run/firejail/mnt/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755 mountid=2246 fsname=/pulse dir=/run/firejail/mnt/pulse fstype=tmpfs Creating empty /home/Username/.config/pulse directory Drop privileges: pid 6, uid 1000, gid 985, nogroups 0 Warning: cleaning all supplementary groups Mounting /run/firejail/mnt/pulse on /home/Username/.config/pulse 2247 1287 0:55 /pulse /home/Username/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755 mountid=2247 fsname=/pulse dir=/home/Username/.config/pulse fstype=tmpfs Current directory: /home/Username DISPLAY=:0 parsed as 0 Install protocol filter: unix,inet,inet6,netlink configuring 22 seccomp entries in /run/firejail/mnt/seccomp/seccomp.protocol sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.protocol Dropping all capabilities Drop privileges: pid 7, uid 1000, gid 985, nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 04 00 c000003e jeq ARCH_64 0006 (false 0002) 0002: 20 00 00 00000000 ld data.syscall-number 0003: 15 01 00 00000167 jeq unknown 0005 (false 0004) 0004: 06 00 00 7fff0000 ret ALLOW 0005: 05 00 00 00000006 jmp 000c 0006: 20 00 00 00000004 ld data.architecture 0007: 15 01 00 c000003e jeq ARCH_64 0009 (false 0008) 0008: 06 00 00 7fff0000 ret ALLOW 0009: 20 00 00 00000000 ld data.syscall-number 000a: 15 01 00 00000029 jeq socket 000c (false 000b) 000b: 06 00 00 7fff0000 ret ALLOW 000c: 20 00 00 00000010 ld data.args[0] 000d: 15 00 01 00000001 jeq 1 000e (false 000f) 000e: 06 00 00 7fff0000 ret ALLOW 000f: 15 00 01 00000002 jeq 2 0010 (false 0011) 0010: 06 00 00 7fff0000 ret ALLOW 0011: 15 00 01 0000000a jeq a 0012 (false 0013) 0012: 06 00 00 7fff0000 ret ALLOW 0013: 15 00 01 00000010 jeq 10 0014 (false 0015) 0014: 06 00 00 7fff0000 ret ALLOW 0015: 06 00 00 0005005f ret ERRNO(95) configuring 101 seccomp entries in /run/firejail/mnt/seccomp/seccomp.32 sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.32 Dropping all capabilities Drop privileges: pid 8, uid 1000, gid 985, nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 40000003 jeq ARCH_32 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 15 00 01 00000015 jeq 15 0005 (false 0006) 0005: 06 00 00 00000001 ret KILL 0006: 15 00 01 00000034 jeq 34 0007 (false 0008) 0007: 06 00 00 00000001 ret KILL 0008: 15 00 01 0000001a jeq 1a 0009 (false 000a) 0009: 06 00 00 00000001 ret KILL 000a: 15 00 01 0000011b jeq 11b 000b (false 000c) 000b: 06 00 00 00000001 ret KILL 000c: 15 00 01 00000155 jeq 155 000d (false 000e) 000d: 06 00 00 00000001 ret KILL 000e: 15 00 01 00000156 jeq 156 000f (false 0010) 000f: 06 00 00 00000001 ret KILL 0010: 15 00 01 0000007f jeq 7f 0011 (false 0012) 0011: 06 00 00 00000001 ret KILL 0012: 15 00 01 00000080 jeq 80 0013 (false 0014) 0013: 06 00 00 00000001 ret KILL 0014: 15 00 01 0000015e jeq 15e 0015 (false 0016) 0015: 06 00 00 00000001 ret KILL 0016: 15 00 01 00000081 jeq 81 0017 (false 0018) 0017: 06 00 00 00000001 ret KILL 0018: 15 00 01 0000006e jeq 6e 0019 (false 001a) 0019: 06 00 00 00000001 ret KILL 001a: 15 00 01 00000065 jeq 65 001b (false 001c) 001b: 06 00 00 00000001 ret KILL 001c: 15 00 01 00000121 jeq 121 001d (false 001e) 001d: 06 00 00 00000001 ret KILL 001e: 15 00 01 00000057 jeq 57 001f (false 0020) 001f: 06 00 00 00000001 ret KILL 0020: 15 00 01 00000073 jeq 73 0021 (false 0022) 0021: 06 00 00 00000001 ret KILL 0022: 15 00 01 00000067 jeq 67 0023 (false 0024) 0023: 06 00 00 00000001 ret KILL 0024: 15 00 01 0000015b jeq 15b 0025 (false 0026) 0025: 06 00 00 00000001 ret KILL 0026: 15 00 01 0000015c jeq 15c 0027 (false 0028) 0027: 06 00 00 00000001 ret KILL 0028: 15 00 01 00000087 jeq 87 0029 (false 002a) 0029: 06 00 00 00000001 ret KILL 002a: 15 00 01 00000095 jeq 95 002b (false 002c) 002b: 06 00 00 00000001 ret KILL 002c: 15 00 01 0000007c jeq 7c 002d (false 002e) 002d: 06 00 00 00000001 ret KILL 002e: 15 00 01 00000157 jeq 157 002f (false 0030) 002f: 06 00 00 00000001 ret KILL 0030: 15 00 01 000000fd jeq fd 0031 (false 0032) 0031: 06 00 00 00000001 ret KILL 0032: 15 00 01 00000150 jeq 150 0033 (false 0034) 0033: 06 00 00 00000001 ret KILL 0034: 15 00 01 00000152 jeq 152 0035 (false 0036) 0035: 06 00 00 00000001 ret KILL 0036: 15 00 01 0000015d jeq 15d 0037 (false 0038) 0037: 06 00 00 00000001 ret KILL 0038: 15 00 01 0000011e jeq 11e 0039 (false 003a) 0039: 06 00 00 00000001 ret KILL 003a: 15 00 01 0000011f jeq 11f 003b (false 003c) 003b: 06 00 00 00000001 ret KILL 003c: 15 00 01 00000120 jeq 120 003d (false 003e) 003d: 06 00 00 00000001 ret KILL 003e: 15 00 01 00000056 jeq 56 003f (false 0040) 003f: 06 00 00 00000001 ret KILL 0040: 15 00 01 00000033 jeq 33 0041 (false 0042) 0041: 06 00 00 00000001 ret KILL 0042: 15 00 01 0000007b jeq 7b 0043 (false 0044) 0043: 06 00 00 00000001 ret KILL 0044: 15 00 01 000000d9 jeq d9 0045 (false 0046) 0045: 06 00 00 00000001 ret KILL 0046: 15 00 01 000000f5 jeq f5 0047 (false 0048) 0047: 06 00 00 00000001 ret KILL 0048: 15 00 01 000000f6 jeq f6 0049 (false 004a) 0049: 06 00 00 00000001 ret KILL 004a: 15 00 01 000000f7 jeq f7 004b (false 004c) 004b: 06 00 00 00000001 ret KILL 004c: 15 00 01 000000f8 jeq f8 004d (false 004e) 004d: 06 00 00 00000001 ret KILL 004e: 15 00 01 000000f9 jeq f9 004f (false 0050) 004f: 06 00 00 00000001 ret KILL 0050: 15 00 01 00000101 jeq 101 0051 (false 0052) 0051: 06 00 00 00000001 ret KILL 0052: 15 00 01 00000112 jeq 112 0053 (false 0054) 0053: 06 00 00 00000001 ret KILL 0054: 15 00 01 00000114 jeq 114 0055 (false 0056) 0055: 06 00 00 00000001 ret KILL 0056: 15 00 01 00000126 jeq 126 0057 (false 0058) 0057: 06 00 00 00000001 ret KILL 0058: 15 00 01 0000013d jeq 13d 0059 (false 005a) 0059: 06 00 00 00000001 ret KILL 005a: 15 00 01 0000013c jeq 13c 005b (false 005c) 005b: 06 00 00 00000001 ret KILL 005c: 15 00 01 0000003d jeq 3d 005d (false 005e) 005d: 06 00 00 00000001 ret KILL 005e: 15 00 01 00000058 jeq 58 005f (false 0060) 005f: 06 00 00 00000001 ret KILL 0060: 15 00 01 000000a9 jeq a9 0061 (false 0062) 0061: 06 00 00 00000001 ret KILL 0062: 15 00 01 00000082 jeq 82 0063 (false 0064) 0063: 06 00 00 00000001 ret KILL 0064: 06 00 00 7fff0000 ret ALLOW Dual 32/64 bit seccomp filter configured Build default+drop seccomp filter sbox run: /run/firejail/lib/fseccomp default drop /run/firejail/mnt/seccomp/seccomp /run/firejail/mnt/seccomp/seccomp.postexec !chroot Dropping all capabilities Drop privileges: pid 9, uid 1000, gid 985, nogroups 1 No supplementary groups Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, sbox run: /run/firejail/lib/fsec-optimize /run/firejail/mnt/seccomp/seccomp Dropping all capabilities Drop privileges: pid 10, uid 1000, gid 985, nogroups 1 No supplementary groups configuring 136 seccomp entries in /run/firejail/mnt/seccomp/seccomp sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp Dropping all capabilities Drop privileges: pid 11, uid 1000, gid 985, nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 c000003e jeq ARCH_64 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 35 01 00 40000000 jge X32_ABI 0006 (false 0005) 0005: 35 01 00 00000000 jge read 0007 (false 0006) 0006: 06 00 00 00050001 ret ERRNO(1) 0007: 15 00 01 000000a1 jeq chroot 0008 (false 0009) 0008: 06 00 00 7fff0000 ret ALLOW 0009: 15 00 01 0000009f jeq adjtimex 000a (false 000b) 000a: 06 00 00 00050001 ret ERRNO(1) 000b: 15 00 01 00000131 jeq clock_adjtime 000c (false 000d) 000c: 06 00 00 00050001 ret ERRNO(1) 000d: 15 00 01 000000e3 jeq clock_settime 000e (false 000f) 000e: 06 00 00 00050001 ret ERRNO(1) 000f: 15 00 01 000000a4 jeq settimeofday 0010 (false 0011) 0010: 06 00 00 00050001 ret ERRNO(1) 0011: 15 00 01 0000009a jeq modify_ldt 0012 (false 0013) 0012: 06 00 00 00050001 ret ERRNO(1) 0013: 15 00 01 000000d4 jeq lookup_dcookie 0014 (false 0015) 0014: 06 00 00 00050001 ret ERRNO(1) 0015: 15 00 01 0000012a jeq perf_event_open 0016 (false 0017) 0016: 06 00 00 00050001 ret ERRNO(1) 0017: 15 00 01 00000137 jeq process_vm_writev 0018 (false 0019) 0018: 06 00 00 00050001 ret ERRNO(1) 0019: 15 00 01 000000b0 jeq delete_module 001a (false 001b) 001a: 06 00 00 00050001 ret ERRNO(1) 001b: 15 00 01 00000139 jeq finit_module 001c (false 001d) 001c: 06 00 00 00050001 ret ERRNO(1) 001d: 15 00 01 000000af jeq init_module 001e (false 001f) 001e: 06 00 00 00050001 ret ERRNO(1) 001f: 15 00 01 000000a1 jeq chroot 0020 (false 0021) 0020: 06 00 00 00050001 ret ERRNO(1) 0021: 15 00 01 000000a5 jeq mount 0022 (false 0023) 0022: 06 00 00 00050001 ret ERRNO(1) 0023: 15 00 01 0000009b jeq pivot_root 0024 (false 0025) 0024: 06 00 00 00050001 ret ERRNO(1) 0025: 15 00 01 000000a6 jeq umount2 0026 (false 0027) 0026: 06 00 00 00050001 ret ERRNO(1) 0027: 15 00 01 0000009c jeq _sysctl 0028 (false 0029) 0028: 06 00 00 00050001 ret ERRNO(1) 0029: 15 00 01 000000b7 jeq afs_syscall 002a (false 002b) 002a: 06 00 00 00050001 ret ERRNO(1) 002b: 15 00 01 000000ae jeq create_module 002c (false 002d) 002c: 06 00 00 00050001 ret ERRNO(1) 002d: 15 00 01 000000b1 jeq get_kernel_syms 002e (false 002f) 002e: 06 00 00 00050001 ret ERRNO(1) 002f: 15 00 01 000000b5 jeq getpmsg 0030 (false 0031) 0030: 06 00 00 00050001 ret ERRNO(1) 0031: 15 00 01 000000b6 jeq putpmsg 0032 (false 0033) 0032: 06 00 00 00050001 ret ERRNO(1) 0033: 15 00 01 000000b2 jeq query_module 0034 (false 0035) 0034: 06 00 00 00050001 ret ERRNO(1) 0035: 15 00 01 000000b9 jeq security 0036 (false 0037) 0036: 06 00 00 00050001 ret ERRNO(1) 0037: 15 00 01 0000008b jeq sysfs 0038 (false 0039) 0038: 06 00 00 00050001 ret ERRNO(1) 0039: 15 00 01 000000b8 jeq tuxcall 003a (false 003b) 003a: 06 00 00 00050001 ret ERRNO(1) 003b: 15 00 01 00000086 jeq uselib 003c (false 003d) 003c: 06 00 00 00050001 ret ERRNO(1) 003d: 15 00 01 00000088 jeq ustat 003e (false 003f) 003e: 06 00 00 00050001 ret ERRNO(1) 003f: 15 00 01 000000ec jeq vserver 0040 (false 0041) 0040: 06 00 00 00050001 ret ERRNO(1) 0041: 15 00 01 000000ad jeq ioperm 0042 (false 0043) 0042: 06 00 00 00050001 ret ERRNO(1) 0043: 15 00 01 000000ac jeq iopl 0044 (false 0045) 0044: 06 00 00 00050001 ret ERRNO(1) 0045: 15 00 01 000000f6 jeq kexec_load 0046 (false 0047) 0046: 06 00 00 00050001 ret ERRNO(1) 0047: 15 00 01 00000140 jeq kexec_file_load 0048 (false 0049) 0048: 06 00 00 00050001 ret ERRNO(1) 0049: 15 00 01 000000a9 jeq reboot 004a (false 004b) 004a: 06 00 00 00050001 ret ERRNO(1) 004b: 15 00 01 000000a7 jeq swapon 004c (false 004d) 004c: 06 00 00 00050001 ret ERRNO(1) 004d: 15 00 01 000000a8 jeq swapoff 004e (false 004f) 004e: 06 00 00 00050001 ret ERRNO(1) 004f: 15 00 01 00000130 jeq open_by_handle_at 0050 (false 0051) 0050: 06 00 00 00050001 ret ERRNO(1) 0051: 15 00 01 0000012f jeq name_to_handle_at 0052 (false 0053) 0052: 06 00 00 00050001 ret ERRNO(1) 0053: 15 00 01 000000fb jeq ioprio_set 0054 (false 0055) 0054: 06 00 00 00050001 ret ERRNO(1) 0055: 15 00 01 00000067 jeq syslog 0056 (false 0057) 0056: 06 00 00 00050001 ret ERRNO(1) 0057: 15 00 01 0000012c jeq fanotify_init 0058 (false 0059) 0058: 06 00 00 00050001 ret ERRNO(1) 0059: 15 00 01 00000138 jeq kcmp 005a (false 005b) 005a: 06 00 00 00050001 ret ERRNO(1) 005b: 15 00 01 000000f8 jeq add_key 005c (false 005d) 005c: 06 00 00 00050001 ret ERRNO(1) 005d: 15 00 01 000000f9 jeq request_key 005e (false 005f) 005e: 06 00 00 00050001 ret ERRNO(1) 005f: 15 00 01 000000ed jeq mbind 0060 (false 0061) 0060: 06 00 00 00050001 ret ERRNO(1) 0061: 15 00 01 00000100 jeq migrate_pages 0062 (false 0063) 0062: 06 00 00 00050001 ret ERRNO(1) 0063: 15 00 01 00000117 jeq move_pages 0064 (false 0065) 0064: 06 00 00 00050001 ret ERRNO(1) 0065: 15 00 01 000000fa jeq keyctl 0066 (false 0067) 0066: 06 00 00 00050001 ret ERRNO(1) 0067: 15 00 01 000000ce jeq io_setup 0068 (false 0069) 0068: 06 00 00 00050001 ret ERRNO(1) 0069: 15 00 01 000000cf jeq io_destroy 006a (false 006b) 006a: 06 00 00 00050001 ret ERRNO(1) 006b: 15 00 01 000000d0 jeq io_getevents 006c (false 006d) 006c: 06 00 00 00050001 ret ERRNO(1) 006d: 15 00 01 000000d1 jeq io_submit 006e (false 006f) 006e: 06 00 00 00050001 ret ERRNO(1) 006f: 15 00 01 000000d2 jeq io_cancel 0070 (false 0071) 0070: 06 00 00 00050001 ret ERRNO(1) 0071: 15 00 01 000000d8 jeq remap_file_pages 0072 (false 0073) 0072: 06 00 00 00050001 ret ERRNO(1) 0073: 15 00 01 00000143 jeq userfaultfd 0074 (false 0075) 0074: 06 00 00 00050001 ret ERRNO(1) 0075: 15 00 01 000000a3 jeq acct 0076 (false 0077) 0076: 06 00 00 00050001 ret ERRNO(1) 0077: 15 00 01 00000141 jeq bpf 0078 (false 0079) 0078: 06 00 00 00050001 ret ERRNO(1) 0079: 15 00 01 000000b4 jeq nfsservctl 007a (false 007b) 007a: 06 00 00 00050001 ret ERRNO(1) 007b: 15 00 01 000000ab jeq setdomainname 007c (false 007d) 007c: 06 00 00 00050001 ret ERRNO(1) 007d: 15 00 01 000000aa jeq sethostname 007e (false 007f) 007e: 06 00 00 00050001 ret ERRNO(1) 007f: 15 00 01 00000099 jeq vhangup 0080 (false 0081) 0080: 06 00 00 00050001 ret ERRNO(1) 0081: 15 00 01 00000065 jeq ptrace 0082 (false 0083) 0082: 06 00 00 00050001 ret ERRNO(1) 0083: 15 00 01 00000087 jeq personality 0084 (false 0085) 0084: 06 00 00 00050001 ret ERRNO(1) 0085: 15 00 01 00000136 jeq process_vm_readv 0086 (false 0087) 0086: 06 00 00 00050001 ret ERRNO(1) 0087: 06 00 00 7fff0000 ret ALLOW seccomp filter configured Mounting read-only /run/firejail/mnt/seccomp 2249 724 0:55 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755 mountid=2249 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs Seccomp directory: ls /run/firejail/mnt/seccomp drwxr-xr-x root root 160 . drwxr-xr-x root root 400 .. -rw-r--r-- Username users 1088 seccomp -rw-r--r-- Username users 808 seccomp.32 -rw-r--r-- Username users 114 seccomp.list -rw-r--r-- Username users 0 seccomp.postexec -rw-r--r-- Username users 0 seccomp.postexec32 -rw-r--r-- Username users 176 seccomp.protocol Active seccomp files: cat /run/firejail/mnt/seccomp/seccomp.list /run/firejail/mnt/seccomp/seccomp.protocol /run/firejail/mnt/seccomp/seccomp.32 /run/firejail/mnt/seccomp/seccomp Dropping all capabilities noroot user namespace installed Dropping all capabilities NO_NEW_PRIVS set Drop privileges: pid 1, uid 1000, gid 985, nogroups 0 Warning: cleaning all supplementary groups Warning: Cannot confine the application using AppArmor. Maybe firejail-default AppArmor profile is not loaded into the kernel. As root, run "aa-enforce firejail-default" to load it. starting application LD_PRELOAD=(null) execvp argument 0: firefox Child process initialized in 117.56 ms Searching $PATH for firefox trying #/usr/local/sbin/firefox# trying #/usr/local/bin/firefox# Installing /run/firejail/mnt/seccomp/seccomp seccomp filter Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter Warning: an existing sandbox was detected. /usr/bin/firefox will run without any additional sandboxing features monitoring pid 12 (firefox:12): Gtk-WARNING **: 20:03:23.178: Theme parsing error: gtk.css:2:0: Expected semicolon (firefox:12): Gtk-WARNING **: 20:03:23.178: Theme parsing error: gtk.css:3:0: Expected semicolon (firefox:12): Gtk-WARNING **: 20:03:23.178: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory libGL error: failed to create dri screen libGL error: failed to load driver: nouveau Can't find symbol 'eglGetNativeClientBufferANDROID'. Can't find symbol 'eglQuerySurfacePointerANGLE'. Can't find symbol 'eglCreateStreamProducerD3DTextureANGLE'. Can't find symbol 'eglStreamPostD3DTextureANGLE'. libEGL warning: DRI2: failed to create dri screen (/usr/lib/firefox/firefox:125): Gtk-WARNING **: 20:03:23.576: Theme parsing error: gtk.css:2:0: Expected semicolon (/usr/lib/firefox/firefox:125): Gtk-WARNING **: 20:03:23.576: Theme parsing error: gtk.css:3:0: Expected semicolon (/usr/lib/firefox/firefox:125): Gtk-WARNING **: 20:03:23.577: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory (/usr/lib/firefox/firefox:190): Gtk-WARNING **: 20:03:24.192: Theme parsing error: gtk.css:2:0: Expected semicolon (/usr/lib/firefox/firefox:190): Gtk-WARNING **: 20:03:24.192: Theme parsing error: gtk.css:3:0: Expected semicolon (/usr/lib/firefox/firefox:190): Gtk-WARNING **: 20:03:24.192: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory (/usr/lib/firefox/firefox:209): Gtk-WARNING **: 20:03:24.281: Theme parsing error: gtk.css:2:0: Expected semicolon (/usr/lib/firefox/firefox:209): Gtk-WARNING **: 20:03:24.281: Theme parsing error: gtk.css:3:0: Expected semicolon (/usr/lib/firefox/firefox:209): Gtk-WARNING **: 20:03:24.281: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory (/usr/lib/firefox/firefox:232): Gtk-WARNING **: 20:03:24.369: Theme parsing error: gtk.css:2:0: Expected semicolon (/usr/lib/firefox/firefox:232): Gtk-WARNING **: 20:03:24.369: Theme parsing error: gtk.css:3:0: Expected semicolon (/usr/lib/firefox/firefox:232): Gtk-WARNING **: 20:03:24.370: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory (/usr/lib/firefox/firefox:338): Gtk-WARNING **: 20:03:25.819: Theme parsing error: gtk.css:2:0: Expected semicolon (/usr/lib/firefox/firefox:338): Gtk-WARNING **: 20:03:25.819: Theme parsing error: gtk.css:3:0: Expected semicolon (/usr/lib/firefox/firefox:338): Gtk-WARNING **: 20:03:25.820: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory Can't find symbol 'eglGetNativeClientBufferANDROID'. Can't find symbol 'eglQuerySurfacePointerANGLE'. Can't find symbol 'eglCreateStreamProducerD3DTextureANGLE'. Can't find symbol 'eglStreamPostD3DTextureANGLE'. libEGL warning: DRI2: failed to create dri screen libEGL warning: DRI2: failed to create dri screen libEGL warning: DRI2: failed to create dri screen ###!!! [Parent][MessageChannel::Call] Error: Channel error: cannot send/recv Sandbox monitor: waitpid 12 retval 12 status 0 Sandbox monitor: monitoring 125 monitoring pid 125 Sandbox monitor: waitpid 125 retval 125 status 0 Sandbox monitor: monitoring 209 monitoring pid 209 Sandbox monitor: waitpid 209 retval 209 status 0 Sandbox monitor: monitoring 232 monitoring pid 232 Sandbox monitor: waitpid 232 retval 232 status 0 Sandbox monitor: monitoring 338 monitoring pid 338 Sandbox monitor: waitpid 338 retval 338 status 0 Parent is shutting down, bye... ``` </details>

gitea-mirror

2026-05-05 09:01:58 -06:00

closed this issue
added the
information_old
label

gitea-mirror commented

2026-05-05 09:02:02 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Nov 5, 2020):

[ x ] A short search for duplicates was performed.

#3681
#3645
#3390

@SkewedZeppelin commented on GitHub (Nov 5, 2020): > [ x ] A short search for duplicates was performed. #3681 #3645 #3390

gitea-mirror commented

2026-05-05 09:02:03 -06:00

Author

Owner

@Utini2000 commented on GitHub (Nov 5, 2020):

Oh crap... sorry but I really searched. Must be blind today :S

@Utini2000 commented on GitHub (Nov 5, 2020): Oh crap... sorry but I really searched. Must be blind today :S

gitea-mirror commented

2026-05-05 09:02:03 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Nov 5, 2020):

It happens...
:)

@SkewedZeppelin commented on GitHub (Nov 5, 2020): It happens... :)

gitea-mirror commented

2026-05-05 09:02:04 -06:00

Author

Owner

@Utini2000 commented on GitHub (Nov 5, 2020):

@SkewedZeppelin I cannot fix the issue though

I created /home/.config/firejail/firefox.local and added:
browser-allow-drm yes

This line does not work at all and firefox won't start.
It is also not included in /etc/firejail/firefox.profile

The following line starts firefox but DRM will will not play:
?BROWSER_ALLOW_DRM: yes

@Utini2000 commented on GitHub (Nov 5, 2020): @SkewedZeppelin I cannot fix the issue though I created /home/.config/firejail/firefox.local and added: ` browser-allow-drm yes ` This line does not work at all and firefox won't start. It is also not included in /etc/firejail/firefox.profile The following line starts firefox but DRM will will not play: ` ?BROWSER_ALLOW_DRM: yes `

gitea-mirror commented

2026-05-05 09:02:05 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Nov 5, 2020):

That line goes into /etc/firejail/firejail.config

@SkewedZeppelin commented on GitHub (Nov 5, 2020): That line goes into /etc/firejail/firejail.config

gitea-mirror commented

2026-05-05 09:02:06 -06:00

Author

Owner

@Utini2000 commented on GitHub (Nov 5, 2020):

But in that case the next update will overwrite it again?

@Utini2000 commented on GitHub (Nov 5, 2020): But in that case the next update will overwrite it again?

gitea-mirror commented

2026-05-05 09:02:07 -06:00

Author

Owner

@reinerh commented on GitHub (Nov 5, 2020):

Does Arch just overwrite config files that the user has modified?

@reinerh commented on GitHub (Nov 5, 2020): Does Arch just overwrite config files that the user has modified?

gitea-mirror commented

2026-05-05 09:02:07 -06:00

Author

Owner

@Jazzyboy1 commented on GitHub (Nov 6, 2020):

Changing browser-allow-drm no to browser-allow-drm yes in /etc/firejail/firejail.config did nothing for me.

Widevine was still crashing until I added ignore noexec ${HOME} to ~/.config/firejail/firefox.local.

I suspect the ?BROWSER_ALLOW_DRM flag wasn't working on my system for some reason.

For reference:
OS: Manjaro 20.2 Nibia
Kernel: x86_64 Linux 5.7.19-2-MANJARO
DE: KDE 5.75.0 / Plasma 5.20.2

And my firefox.local file just contains these lines:

dbus-user.talk org.freedesktop.Notifications
include firefox-common-addons.inc
ignore noexec ${HOME}

I've only had this issue since installing a large number of package updates today, which included updates for firejail and firefox among many other packages.

@Jazzyboy1 commented on GitHub (Nov 6, 2020): Changing `browser-allow-drm no` to `browser-allow-drm yes` in `/etc/firejail/firejail.config` did nothing for me. Widevine was still crashing until I added `ignore noexec ${HOME}` to `~/.config/firejail/firefox.local`. I suspect the `?BROWSER_ALLOW_DRM` flag wasn't working on my system for some reason. For reference: OS: Manjaro 20.2 Nibia Kernel: x86_64 Linux 5.7.19-2-MANJARO DE: KDE 5.75.0 / Plasma 5.20.2 And my `firefox.local` file just contains these lines: ``` dbus-user.talk org.freedesktop.Notifications include firefox-common-addons.inc ignore noexec ${HOME} ``` I've only had this issue since installing a large number of package updates today, which included updates for firejail and firefox among many other packages.

gitea-mirror commented

2026-05-05 09:02:08 -06:00

Author

Owner

@rusty-snake commented on GitHub (Nov 6, 2020):

Changing browser-allow-drm no to browser-allow-drm yes in /etc/firejail/firejail.config did nothing for me.

Has you uncommented it? Are there any global.local or firefox-common.local files? If you edited BROWSER_ALLOW_DRM in firefox.profile: have you made any typos?

@rusty-snake commented on GitHub (Nov 6, 2020): > Changing browser-allow-drm no to browser-allow-drm yes in /etc/firejail/firejail.config did nothing for me. Has you uncommented it? Are there any `global.local` or `firefox-common.local` files? If you edited `BROWSER_ALLOW_DRM` in `firefox.profile`: have you made any typos?

gitea-mirror commented

2026-05-05 09:02:09 -06:00

Author

Owner

@Jazzyboy1 commented on GitHub (Nov 6, 2020):

.... I actually did not uncomment it. I feel like such an idiot right now. Sorry for the trouble.

It works fine now after uncommenting that line. (so I removed the ignore noexec ${HOME} from my firefox.local)
Thanks

@Jazzyboy1 commented on GitHub (Nov 6, 2020): .... I actually did not uncomment it. I feel like such an idiot right now. Sorry for the trouble. It works fine now after uncommenting that line. (so I removed the `ignore noexec ${HOME}` from my firefox.local) Thanks

gitea-mirror commented

2026-05-05 09:02:10 -06:00

Author

Owner

@Utini2000 commented on GitHub (Nov 6, 2020):

@Jazzyboy1 can you please post the changes you now have in:

~/.config/firejail/firefox.local
and
/etc/firejail/firejail.config

I believe I re-produced all your steps and didn't get it to work. But I might have done something wrong so I would love to double check with your files :-)

@Utini2000 commented on GitHub (Nov 6, 2020): @Jazzyboy1 can you please post the changes you now have in: ~/.config/firejail/firefox.local and /etc/firejail/firejail.config I believe I re-produced all your steps and didn't get it to work. But I might have done something wrong so I would love to double check with your files :-)

gitea-mirror commented

2026-05-05 09:02:10 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Nov 6, 2020):

All you need:

sudo sed -i 's/# browser-allow-drm no/browser-allow-drm yes/'
/etc/firejail/firejail.config

@SkewedZeppelin commented on GitHub (Nov 6, 2020): All you need: sudo sed -i 's/# browser-allow-drm no/browser-allow-drm yes/' /etc/firejail/firejail.config

gitea-mirror commented

2026-05-05 09:02:10 -06:00

Author

Owner

@Utini2000 commented on GitHub (Nov 6, 2020):

Alright, but with the next update it might be gone and break firefox again.
Why can't this be done in the ~/.config/firejail/firefox.local ?

@Utini2000 commented on GitHub (Nov 6, 2020): Alright, but with the next update it might be gone and break firefox again. Why can't this be done in the ~/.config/firejail/firefox.local ?

gitea-mirror commented

2026-05-05 09:02:11 -06:00

Author

Owner

@reinerh commented on GitHub (Nov 6, 2020):

Because these are settings supposed to be set by the system administrator and should not be overwritable by users.

@reinerh commented on GitHub (Nov 6, 2020): Because these are settings supposed to be set by the system administrator and should not be overwritable by users.

gitea-mirror commented

2026-05-05 09:02:11 -06:00

Author

Owner

@reinerh commented on GitHub (Nov 6, 2020):

Also I would be highly surprised if settings are gone after an upgrade in Arch... This would mean users can never touch a file in /etc?

@reinerh commented on GitHub (Nov 6, 2020): Also I would be highly surprised if settings are gone after an upgrade in Arch... This would mean users can never touch a file in /etc?

gitea-mirror commented

2026-05-05 09:02:12 -06:00

Author

Owner

@Utini2000 commented on GitHub (Nov 6, 2020):

Files won't be gone after an update. you get a message to manually compare new and old files. One more manual step to do when updating.

@Utini2000 commented on GitHub (Nov 6, 2020): Files won't be gone after an update. you get a message to manually compare new and old files. One more manual step to do when updating.

gitea-mirror commented

2026-05-05 09:02:12 -06:00

Author

Owner

@Utini2000 commented on GitHub (Nov 6, 2020):

All you need: sudo sed -i 's/# browser-allow-drm no/browser-allow-drm yes/' /etc/firejail/firejail.config

Does not work for me:
sed: no input files zsh: permission denied: /etc/firejail/firejail.config

Also for me there is no "browser-allow-drm" line is in firefox.profile?
How ever, there is in firefox-commong.profile

---- Update:
Okay I realized you set "browser-allow-drm" in "/etc/firejail/firejail.config" and not in the firefox specific file. So this will allow it system wide? Why not allow it for firefox only?

@Utini2000 commented on GitHub (Nov 6, 2020): > All you need: sudo sed -i 's/# browser-allow-drm no/browser-allow-drm yes/' /etc/firejail/firejail.config Does not work for me: ` sed: no input files zsh: permission denied: /etc/firejail/firejail.config ` Also for me there is no "browser-allow-drm" line is in firefox.profile? How ever, there is in firefox-commong.profile ---- Update: Okay I realized you set "browser-allow-drm" in "/etc/firejail/firejail.config" and not in the firefox specific file. So this will allow it system wide? Why not allow it for firefox only?

gitea-mirror commented

2026-05-05 09:02:12 -06:00

Author

Owner

@rusty-snake commented on GitHub (Nov 6, 2020):

permission denied

for root ???!

Why can't this be done in the ~/.config/firejail/firefox.local ?

You can not set conditions in profile, but you can set the command behind a condition unconditional to your locals. However using the condition is the suggested by, because if widevine requires new permissions (for example whitelist /var/lib/widevine), then we will add these commands behind this condition. So you set browser-allow-drm once and it works also if new things are added to this condition.

@rusty-snake commented on GitHub (Nov 6, 2020): > permission denied for root ???! > Why can't this be done in the ~/.config/firejail/firefox.local ? You can not set conditions in profile, but you can set the command behind a condition unconditional to your locals. However using the condition is the suggested by, because if widevine requires new permissions (for example `whitelist /var/lib/widevine`), then we will add these commands behind this condition. So you set browser-allow-drm once and it works also if new things are added to this condition.

gitea-mirror commented

2026-05-05 09:02:13 -06:00

Author

Owner

@Utini2000 commented on GitHub (Nov 6, 2020):

Yes even with sudo :o

Hmm but what if I want to allow DRM only in a specific browser instead of allowing DRM on my whole system?

@Utini2000 commented on GitHub (Nov 6, 2020): Yes even with sudo :o Hmm but what if I want to allow DRM only in a specific browser instead of allowing DRM on my whole system?

gitea-mirror commented

2026-05-05 09:02:13 -06:00

Author

Owner

@rusty-snake commented on GitHub (Nov 6, 2020):

instead of allowing DRM on my whole system?

browser-allow-drm only allows drm in briwser with drm support (firefox and chrom*).

set browser-allow-drm yes and add noexec ${HOME} to BROWSER.local to opt-out
add ignore noexec ${HOME} to firefox.local

@rusty-snake commented on GitHub (Nov 6, 2020): > instead of allowing DRM on my whole system? browser-allow-drm only allows drm in briwser with drm support (firefox and chrom*). 1. set browser-allow-drm yes and add `noexec ${HOME}` to BROWSER.local to opt-out 2. add `ignore noexec ${HOME}` to firefox.local

gitea-mirror commented

2026-05-05 09:02:14 -06:00

Author

Owner

@Utini2000 commented on GitHub (Nov 6, 2020):

Thanks, I will give it a try later.
I would still prefer to blacklist it for the whole system and whitelist it application specific instead of whitelistening it to the whole system and blacklisting it to specific apps.

@Utini2000 commented on GitHub (Nov 6, 2020): Thanks, I will give it a try later. I would still prefer to blacklist it for the whole system and whitelist it application specific instead of whitelistening it to the whole system and blacklisting it to specific apps.

gitea-mirror commented

2026-05-05 09:02:14 -06:00

Author

Owner

@rusty-snake commented on GitHub (Dec 16, 2020):

I'm closing here due to inactivity, please fell free to request to reopen if you have more questions.

@rusty-snake commented on GitHub (Dec 16, 2020): I'm closing here due to inactivity, please fell free to request to reopen if you have more questions.

gitea-mirror referenced this issue

2026-05-05 10:16:57 -06:00

[PR #2349] [MERGED] comment machine-id in libreoffice.profile #4271

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2349

No description provided.

Rows
Columns