[GH-ISSUE #3739] Steam doesn't work with symlinked steamfolder #2361

New issue

Closed

opened 2026-05-05 09:02:34 -06:00 by gitea-mirror · 5 comments

gitea-mirror commented 2026-05-05 09:02:34 -06:00

Owner

Copy link

Originally created by @TheOneric on GitHub (Nov 11, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3739

Some Manjaro update(not sure if firejail or steam update caused this) between a few weeks ago and now, steam stopped working with firejail and my custom steam locations (via symlink). The symlink targets are on another ext4-partition and are owned by the same user and group running steam.
On startup I get

cp: cannot create regular file '/usr/games/Games-SSD/Steam-Runtime/local-share-Steam/bootstrap.tar.xz': Read-only file system

As the ~/.steam folder is a symlink and I guess it might make sense to require the symlink target to be whitelisted, I now atempted to whitelist the symlinked folders in /usr/games/Games-{HDD,SSD} (details at the end together with debug output) in /etc/firejail/steam.local, but now this fails with:

Error: invalid whitelist path /usr/games/Games-HDD/SteamLibrary
Error: proc 10271 cannot sync with peer: unexpected EOF
Peer 10273 unexpectedly exited with status 1

No profile and disabling firejail

• Calling steam with --no-profile doesn't change anything.
• Calling steam by /usr/bin/steam didn't change anything.

Reproduce
Steps to reproduce the behavior:

1. Run in shell firejail steam, firejail --noprofile steam or to work around issues with controllers and #3267 (probably no longer needed)

   firejail '--seccomp.drop=@clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@swap,open_by_handle_at,name_to_handle_at,ioprio_set,ni_syscall,syslog,fanotify_init,add_key,request_key,mbind,migrate_pages,move_pages,keyctl,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,set_mempolicyvmsplice,umount,userfaultfd,acct,bpf,chroot,mount,nfsservctl,pivot_root,setdomainname,sethostname,umount2,vhangup' --ignore=seccomp --ignore=private-dev steam
   

while ~/.steam is a symlink to /usr/games/Games-SSD/Steam-Runtime.

Environment

• Firejail Version 0.9.64 , firejail --version lists all but SELinux as enabled
• Manjaro Linux

Checklist

• The upstream profile (and redirect profile if exists) have no changes fixing it.
• The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
• Programs needed for interaction are listed in the profile.
• A short search for duplicates was performed.
• Used LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 PROGRAM to get english error-messages.

debug output

OUTPUT OF `firejail --debug steam`

Reading profile /etc/firejail/steam.profile
Autoselecting /bin/bash as shell
Building quoted command line: 'steam' 
Command name #steam#
Found steam.profile profile in /etc/firejail directory
Reading profile /etc/firejail/allow-java.inc
Found steam.local profile in /etc/firejail directory
Found allow-java.inc profile in /etc/firejail directory
Reading profile /etc/firejail/allow-python2.inc
Found allow-python2.inc profile in /etc/firejail directory
Reading profile /etc/firejail/allow-python3.inc
Found allow-python3.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-common.inc
Found disable-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-devel.inc
Found disable-devel.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-interpreters.inc
Found disable-interpreters.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-passwdmgr.inc
Found disable-passwdmgr.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-programs.inc
Found disable-programs.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-common.inc
Found whitelist-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-var-common.inc
Found whitelist-var-common.inc profile in /etc/firejail directory
DISPLAY=:0.0 parsed as 0
Parent pid 8158, child pid 8160
Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown,
Using the local network stack
Warning: file /etc/alternatives not found.
Warning: skipping alternatives for private /etc
Warning: file /etc/asound.conf not found.
Warning: skipping asound.conf for private /etc
Warning: file /etc/bumblebee not found.
Warning: skipping bumblebee for private /etc
Warning: file /etc/crypto-policies not found.
Warning: skipping crypto-policies for private /etc
Warning: file /etc/drirc not found.
Warning: skipping drirc for private /etc
Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown,
Using the local network stack
Initializing child process
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp directory
Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file
Build protocol filter: unix,inet,inet6,netlink
sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol 
Mounting /proc filesystem representing the PID namespace
Basic read-only filesystem:
Mounting read-only /etc
451 408 259:3 /etc /etc ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=451 fsname=/etc dir=/etc fstype=ext4
Mounting noexec /etc
452 451 259:3 /etc /etc ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=452 fsname=/etc dir=/etc fstype=ext4
Mounting read-only /var
453 408 259:3 /var /var ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=453 fsname=/var dir=/var fstype=ext4
Mounting noexec /var
454 453 259:3 /var /var ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=454 fsname=/var dir=/var fstype=ext4
Mounting read-only /usr
457 455 8:1 / /usr/games/Games-HDD rw,relatime master:116 - ext4 /dev/sda1 rw
mountid=457 fsname=/ dir=/usr/games/Games-HDD fstype=ext4
Mounting read-only /usr/games/Games-SSD
458 456 259:4 / /usr/games/Games-SSD ro,noatime master:108 - ext4 /dev/nvme0n1p4 rw
mountid=458 fsname=/ dir=/usr/games/Games-SSD fstype=ext4
Mounting read-only /usr/games/Games-HDD
459 457 8:1 / /usr/games/Games-HDD ro,relatime master:116 - ext4 /dev/sda1 rw
mountid=459 fsname=/ dir=/usr/games/Games-HDD fstype=ext4
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Create the new utmp file
Mount the new utmp file
Cleaning /home directory
Cleaning /run/user directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/profile
Disable /run/firejail/x11
Mounting tmpfs on /dev
mounting /run/firejail/mnt/dev/snd directory
mounting /run/firejail/mnt/dev/dri directory
Process /dev/shm directory
Generate private-tmp whitelist commands
blacklist /run/firejail/dbus
Mounting read-only /proc/sys
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/power
Disable /sys/kernel/debug
Disable /sys/kernel/vmcoreinfo
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kcore
Disable /proc/kallsyms
Disable /usr/lib/modules (requested /lib/modules)
Disable /boot
Disable /run/user/1001/gnupg
Disable /run/user/1001/systemd
Disable /proc/kmsg
Copying files in the new /etc directory:
copying /etc/ca-certificates to private /etc
Creating empty /run/firejail/mnt/etc/ca-certificates directory
sbox run: /run/firejail/lib/fcopy /etc/ca-certificates /run/firejail/mnt/etc/ca-certificates 
copying /etc/dbus-1 to private /etc
Creating empty /run/firejail/mnt/etc/dbus-1 directory
sbox run: /run/firejail/lib/fcopy /etc/dbus-1 /run/firejail/mnt/etc/dbus-1 
copying /etc/fonts to private /etc
Creating empty /run/firejail/mnt/etc/fonts directory
sbox run: /run/firejail/lib/fcopy /etc/fonts /run/firejail/mnt/etc/fonts 
copying /etc/group to private /etc
sbox run: /run/firejail/lib/fcopy /etc/group /run/firejail/mnt/etc 
copying /etc/gtk-2.0 to private /etc
Creating empty /run/firejail/mnt/etc/gtk-2.0 directory
sbox run: /run/firejail/lib/fcopy /etc/gtk-2.0 /run/firejail/mnt/etc/gtk-2.0 
copying /etc/gtk-3.0 to private /etc
Creating empty /run/firejail/mnt/etc/gtk-3.0 directory
sbox run: /run/firejail/lib/fcopy /etc/gtk-3.0 /run/firejail/mnt/etc/gtk-3.0 
copying /etc/host.conf to private /etc
sbox run: /run/firWarning: file /etc/nvidia not found.
Warning: skipping nvidia for private /etc
Warning: file /etc/pki not found.
Warning: skipping pki for private /etc
Private /etc installed in 52.32 ms
ejail/lib/fcopy /etc/host.conf /run/firejail/mnt/etc 
copying /etc/hostname to private /etc
sbox run: /run/firejail/lib/fcopy /etc/hostname /run/firejail/mnt/etc 
copying /etc/hosts to private /etc
sbox run: /run/firejail/lib/fcopy /etc/hosts /run/firejail/mnt/etc 
copying /etc/ld.so.cache to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.cache /run/firejail/mnt/etc 
copying /etc/ld.so.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf /run/firejail/mnt/etc 
copying /etc/ld.so.conf.d to private /etc
Creating empty /run/firejail/mnt/etc/ld.so.conf.d directory
sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf.d /run/firejail/mnt/etc/ld.so.conf.d 
copying /etc/ld.so.preload to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.preload /run/firejail/mnt/etc 
copying /etc/localtime to private /etc
sbox run: /run/firejail/lib/fcopy /etc/localtime /run/firejail/mnt/etc 
copying /etc/lsb-release to private /etc
sbox run: /run/firejail/lib/fcopy /etc/lsb-release /run/firejail/mnt/etc 
copying /etc/machine-id to private /etc
sbox run: /run/firejail/lib/fcopy /etc/machine-id /run/firejail/mnt/etc 
copying /etc/mime.types to private /etc
sbox run: /run/firejail/lib/fcopy /etc/mime.types /run/firejail/mnt/etc 
copying /etc/os-release to private /etc
sbox run: /run/firejail/lib/fcopy /etc/os-release /run/firejail/mnt/etc 
copying /etc/passwd to private /etc
sbox run: /run/firejail/lib/fcopy /etc/passwd /run/firejail/mnt/etc 
copying /etc/pulse to private /etc
Creating empty /run/firejail/mnt/etc/pulse directory
sbox run: /run/firejail/lib/fcopy /etc/pulse /run/firejail/mnt/etc/pulse 
copying /etc/resolv.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/resolv.conf /run/firejail/mnt/etc 
copying /etc/services to private /etc
sbox run: /run/firejail/lib/fcopy /etc/services /run/firejail/mnt/etc 
copying /etc/ssl to private /etc
Creating empty /run/firejail/mnt/etc/ssl directory
sbox run: /run/firejail/lib/fcopy /etc/ssl /run/firejail/mnt/etc/ssl 
Mount-bind /run/firejail/mnt/etc on top of /etc
Debug 456: new_name #/home/oneric/.config/unity3d#, whitelist
Debug 571: fname #/home/oneric/.config/unity3d#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.killingfloor#, whitelist
Debug 571: fname #/home/oneric/.killingfloor#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/3909/PapersPlease#, whitelist
Debug 571: fname #/home/oneric/.local/share/3909/PapersPlease#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/aspyr-media#, whitelist
Debug 571: fname #/home/oneric/.local/share/aspyr-media#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/cdprojektred#, whitelist
Debug 571: fname #/home/oneric/.local/share/cdprojektred#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/FasterThanLight#, whitelist
Debug 571: fname #/home/oneric/.local/share/FasterThanLight#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/feral-interactive#, whitelist
Debug 571: fname #/home/oneric/.local/share/feral-interactive#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/IntoTheBreach#, whitelist
Debug 571: fname #/home/oneric/.local/share/IntoTheBreach#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/Paradox Interactive#, whitelist
Debug 571: fname #/home/oneric/.local/share/Paradox Interactive#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/Steam#, whitelist
Debug 571: fname #/usr/games/Games-SSD/Steam-Runtime/local-share-Steam#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/SuperHexagon#, whitelist
Debug 571: fname #/home/oneric/.local/share/SuperHexagon#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/Terraria#, whitelist
Debug 571: fname #/home/oneric/.local/share/Terraria#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/vpltd#, whitelist
Debug 571: fname #/home/oneric/.local/share/vpltd#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/vulkan#, whitelist
Debug 571: fname #/home/oneric/.local/share/vulkan#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.mbwarband#, whitelist
Debug 571: fname #/home/oneric/.mbwarband#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.paradoxinteractive#, whitelist
Debug 571: fname #/home/oneric/.paradoxinteractive#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.steam#, whitelist
Debug 571: fname #/usr/games/Games-SSD/Steam-Runtime/.steam#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.steampath#, whitelist
Cannot find /usr/etc
Replaced whitelist path: whitelist /home/oneric/.config/unity3d
Replaced whitelist path: whitelist /home/oneric/.killingfloor
Replaced whitelist path: whitelist /home/oneric/.local/share/3909/PapersPlease
Replaced whitelist path: whitelist /home/oneric/.local/share/aspyr-media
Replaced whitelist path: whitelist /home/oneric/.local/share/cdprojektred
Replaced whitelist path: whitelist /home/oneric/.local/share/FasterThanLight
Replaced whitelist path: whitelist /home/oneric/.local/share/feral-interactive
Replaced whitelist path: whitelist /home/oneric/.local/share/IntoTheBreach
Replaced whitelist path: whitelist /home/oneric/.local/share/Paradox Interactive
Replaced whitelist path: whitelist /usr/games/Games-SSD/Steam-Runtime/local-share-Steam
Replaced whitelist path: whitelist /home/oneric/.local/share/SuperHexagon
Replaced whitelist path: whitelist /home/oneric/.local/share/Terraria
Replaced whitelist path: whitelist /home/oneric/.local/share/vpltd
Replaced whitelist path: whitelist /home/oneric/.local/share/vulkan
Replaced whitelist path: whitelist /home/oneric/.mbwarband
Replaced whitelist path: whitelist /home/oneric/.paradoxinteractive
Replaced whitelist path: whitelist /usr/games/Games-SSD/Steam-Runtime/.steam
Removed whitelist/nowhitelist path: whitelist ${HOME}/.steampath
	expanded: /home/oneric/.steampath
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.steampid#, whitelist
Debug 571: fname #/usr/games/Games-SSD/Steam-Runtime/.steam/steam.pid#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.XCompose#, whitelist
Replaced whitelist path: whitelist /usr/games/Games-SSD/Steam-Runtime/.steam/steam.pid
Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose
	expanded: /home/oneric/.XCompose
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.asoundrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc
	expanded: /home/oneric/.asoundrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/ibus#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ibus
	expanded: /home/oneric/.config/ibus
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/mimeapps.list#, whitelist
Debug 571: fname #/home/oneric/.config/mimeapps.list#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.config/pkcs11#, whitelist
Replaced whitelist path: whitelist /home/oneric/.config/mimeapps.list
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11
	expanded: /home/oneric/.config/pkcs11
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/user-dirs.dirs#, whitelist
Debug 571: fname #/home/oneric/.config/user-dirs.dirs#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.config/user-dirs.locale#, whitelist
Debug 571: fname #/home/oneric/.config/user-dirs.locale#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.drirc#, whitelist
Replaced whitelist path: whitelist /home/oneric/.config/user-dirs.dirs
Replaced whitelist path: whitelist /home/oneric/.config/user-dirs.locale
Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc
	expanded: /home/oneric/.drirc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons
	expanded: /home/oneric/.icons
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.local/share/applications#, whitelist
Debug 571: fname #/home/oneric/.local/share/applications#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/icons#, whitelist
Debug 571: fname #/home/oneric/.local/share/icons#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.local/share/mime#, whitelist
Debug 571: fname #/home/oneric/.local/share/mime#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.mime.types#, whitelist
Replaced whitelist path: whitelist /home/oneric/.local/share/applications
Replaced whitelist path: whitelist /home/oneric/.local/share/icons
Replaced whitelist path: whitelist /home/oneric/.local/share/mime
Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types
	expanded: /home/oneric/.mime.types
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.uim.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d
	expanded: /home/oneric/.uim.d
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/dconf#, whitelist
Debug 571: fname #/home/oneric/.config/dconf#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.cache/fontconfig#, whitelist
Debug 571: fname #/home/oneric/.cache/fontconfig#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.config/fontconfig#, whitelist
Replaced whitelist path: whitelist /home/oneric/.config/dconf
Replaced whitelist path: whitelist /home/oneric/.cache/fontconfig
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/fontconfig
	expanded: /home/oneric/.config/fontconfig
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig
	expanded: /home/oneric/.fontconfig
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts
	expanded: /home/oneric/.fonts
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.fonts.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf
	expanded: /home/oneric/.fonts.conf
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.fonts.conf.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d
	expanded: /home/oneric/.fonts.conf.d
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.fonts.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d
	expanded: /home/oneric/.fonts.d
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.local/share/fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/fonts
	expanded: /home/oneric/.local/share/fonts
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.pangorc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc
	expanded: /home/oneric/.pangorc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/gtk-2.0#, whitelist
Debug 571: fname #/home/oneric/.config/gtk-2.0#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.config/gtk-3.0#, whitelist
Debug 571: fname #/home/oneric/.config/gtk-3.0#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.config/gtk-4.0#, whitelist
Replaced whitelist path: whitelist /home/oneric/.config/gtk-2.0
Replaced whitelist path: whitelist /home/oneric/.config/gtk-3.0
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0
	expanded: /home/oneric/.config/gtk-4.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc
	expanded: /home/oneric/.config/gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc-2.0
	expanded: /home/oneric/.config/gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.gnome2#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2
	expanded: /home/oneric/.gnome2
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.gnome2-private#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private
	expanded: /home/oneric/.gnome2-private
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.gtk-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0
	expanded: /home/oneric/.gtk-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc
	expanded: /home/oneric/.gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc-2.0
	expanded: /home/oneric/.gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc
	expanded: /home/oneric/.kde/share/config/gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0
	expanded: /home/oneric/.kde/share/config/gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde4/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc
	expanded: /home/oneric/.kde4/share/config/gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde4/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0
	expanded: /home/oneric/.kde4/share/config/gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.local/share/themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes
	expanded: /home/oneric/.local/share/themes
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes
	expanded: /home/oneric/.themes
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.cache/kioexec/krun#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun
	expanded: /home/oneric/.cache/kioexec/krun
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/Kvantum#, whitelist
Debug 571: fname #/home/oneric/.config/Kvantum#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.config/Trolltech.conf#, whitelist
Replaced whitelist path: whitelist /home/oneric/.config/Kvantum
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Trolltech.conf
	expanded: /home/oneric/.config/Trolltech.conf
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kdeglobals
	expanded: /home/oneric/.config/kdeglobals
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kio_httprc
	expanded: /home/oneric/.config/kio_httprc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc
	expanded: /home/oneric/.config/kioslaverc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist
	expanded: /home/oneric/.config/ksslcablacklist
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.config/qt5ct#, whitelist
Debug 571: fname #/home/oneric/.config/qt5ct#, cfg.homedir #/home/oneric#
Debug 456: new_name #/home/oneric/.kde/share/config/kdeglobals#, whitelist
Replaced whitelist path: whitelist /home/oneric/.config/qt5ct
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals
	expanded: /home/oneric/.kde/share/config/kdeglobals
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc
	expanded: /home/oneric/.kde/share/config/kio_httprc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc
	expanded: /home/oneric/.kde/share/config/kioslaverc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist
	expanded: /home/oneric/.kde/share/config/ksslcablacklist
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc
	expanded: /home/oneric/.kde/share/config/oxygenrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons
	expanded: /home/oneric/.kde/share/icons
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde4/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals
	expanded: /home/oneric/.kde4/share/config/kdeglobals
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde4/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc
	expanded: /home/oneric/.kde4/share/config/kio_httprc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde4/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc
	expanded: /home/oneric/.kde4/share/config/kioslaverc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde4/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist
	expanded: /home/oneric/.kde4/share/config/ksslcablacklist
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde4/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc
	expanded: /home/oneric/.kde4/share/config/oxygenrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.kde4/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons
	expanded: /home/oneric/.kde4/share/icons
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/oneric/.local/share/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct
	expanded: /home/oneric/.local/share/qt5ct
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/lib/ca-certificates#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates
	expanded: /var/lib/ca-certificates
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/lib/dbus#, whitelist
Debug 456: new_name #/var/lib/menu-xdg#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg
	expanded: /var/lib/menu-xdg
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/lib/uim#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/uim
	expanded: /var/lib/uim
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/cache/fontconfig#, whitelist
Debug 456: new_name #/var/tmp#, whitelist
Debug 456: new_name #/var/run#, whitelist
Debug 456: new_name #/var/lock#, whitelist
Debug 456: new_name #/tmp/.X11-unix#, whitelist
Replaced whitelist path: whitelist /run
Replaced whitelist path: whitelist /run/lock
Mounting tmpfs on /tmp directory
Mounting tmpfs on /var directory
Mounting a new /root directory
Mounting a new /home directory
Create a new user directory
Whitelisting /home/oneric/.config/unity3d
589 588 259:3 /home/oneric/.config/unity3d /home/oneric/.config/unity3d rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=589 fsname=/home/oneric/.config/unity3d dir=/home/oneric/.config/unity3d fstype=ext4
Whitelisting /home/oneric/.killingfloor
590 588 259:3 /home/oneric/.killingfloor /home/oneric/.killingfloor rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=590 fsname=/home/oneric/.killingfloor dir=/home/oneric/.killingfloor fstype=ext4
Whitelisting /home/oneric/.local/share/3909/PapersPlease
591 588 259:3 /home/oneric/.local/share/3909/PapersPlease /home/oneric/.local/share/3909/PapersPlease rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=591 fsname=/home/oneric/.local/share/3909/PapersPlease dir=/home/oneric/.local/share/3909/PapersPlease fstype=ext4
Whitelisting /home/oneric/.local/share/aspyr-media
592 588 259:3 /home/oneric/.local/share/aspyr-media /home/oneric/.local/share/aspyr-media rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=592 fsname=/home/oneric/.local/share/aspyr-media dir=/home/oneric/.local/share/aspyr-media fstype=ext4
Whitelisting /home/oneric/.local/share/cdprojektred
593 588 259:3 /home/oneric/.local/share/cdprojektred /home/oneric/.local/share/cdprojektred rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=593 fsname=/home/oneric/.local/share/cdprojektred dir=/home/oneric/.local/share/cdprojektred fstype=ext4
Whitelisting /home/oneric/.local/share/FasterThanLight
594 588 259:3 /home/oneric/.local/share/FasterThanLight /home/oneric/.local/share/FasterThanLight rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=594 fsname=/home/oneric/.local/share/FasterThanLight dir=/home/oneric/.local/share/FasterThanLight fstype=ext4
Whitelisting /home/oneric/.local/share/feral-interactive
595 588 259:3 /home/oneric/.local/share/feral-interactive /home/oneric/.local/share/feral-interactive rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=595 fsname=/home/oneric/.local/share/feral-interactive dir=/home/oneric/.local/share/feral-interactive fstype=ext4
Whitelisting /home/oneric/.local/share/IntoTheBreach
596 588 259:3 /home/oneric/.local/share/IntoTheBreach /home/oneric/.local/share/IntoTheBreach rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=596 fsname=/home/oneric/.local/share/IntoTheBreach dir=/home/oneric/.local/share/IntoTheBreach fstype=ext4
Whitelisting /home/oneric/.local/share/Paradox Interactive
597 588 259:3 /home/oneric/.local/share/Paradox\040Interactive /home/oneric/.local/share/Paradox\040Interactive rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=597 fsname=/home/oneric/.local/share/Paradox Interactive dir=/home/oneric/.local/share/Paradox Interactive fstype=ext4
Created symbolic link /home/oneric/.local/share/Steam -> /usr/games/Games-SSD/Steam-Runtime/local-share-Steam
Whitelisting /home/oneric/.local/share/SuperHexagon
601 588 259:3 /home/oneric/.local/share/SuperHexagon /home/oneric/.local/share/SuperHexagon rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=601 fsname=/home/oneric/.local/share/SuperHexagon dir=/home/oneric/.local/share/SuperHexagon fstype=ext4
Whitelisting /home/oneric/.local/share/Terraria
602 588 259:3 /home/oneric/.local/share/Terraria /home/oneric/.local/share/Terraria rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=602 fsname=/home/oneric/.local/share/Terraria dir=/home/oneric/.local/share/Terraria fstype=ext4
Whitelisting /home/oneric/.local/share/vpltd
614 588 259:3 /home/oneric/.local/share/vpltd /home/oneric/.local/share/vpltd rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=614 fsname=/home/oneric/.local/share/vpltd dir=/home/oneric/.local/share/vpltd fstype=ext4
Whitelisting /home/oneric/.local/share/vulkan
615 588 259:3 /home/oneric/.local/share/vulkan /home/oneric/.local/share/vulkan rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=615 fsname=/home/oneric/.local/share/vulkan dir=/home/oneric/.local/share/vulkan fstype=ext4
Whitelisting /home/oneric/.mbwarband
635 588 259:3 /home/oneric/.mbwarband /home/oneric/.mbwarband rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=635 fsname=/home/oneric/.mbwarband dir=/home/oneric/.mbwarband fstype=ext4
Whitelisting /home/oneric/.paradoxinteractive
636 588 259:3 /home/oneric/.paradoxinteractive /home/oneric/.paradoxinteractive rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=636 fsname=/home/oneric/.paradoxinteractive dir=/home/oneric/.paradoxinteractive fstype=ext4
Created symbolic link /home/oneric/.steam -> /usr/games/Games-SSD/Steam-Runtime/.steam
Created symbolic link /home/oneric/.steampid -> /usr/games/Games-SSD/Steam-Runtime/.steam/steam.pid
Whitelisting /home/oneric/.config/mimeapps.list
673 588 259:3 /home/oneric/.config/mimeapps.list /home/oneric/.config/mimeapps.list rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=673 fsname=/home/oneric/.config/mimeapps.list dir=/home/oneric/.config/mimeapps.list fstype=ext4
Whitelisting /home/oneric/.config/user-dirs.dirs
674 588 259:3 /home/oneric/.config/user-dirs.dirs /home/oneric/.config/user-dirs.dirs rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=674 fsname=/home/oneric/.config/user-dirs.dirs dir=/home/oneric/.config/user-dirs.dirs fstype=ext4
Whitelisting /home/oneric/.config/user-dirs.locale
714 588 259:3 /home/oneric/.config/user-dirs.locale /home/oneric/.config/user-dirs.locale rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=714 fsname=/home/oneric/.config/user-dirs.locale dir=/home/oneric/.config/user-dirs.locale fstype=ext4
Whitelisting /home/oneric/.local/share/applications
715 588 259:3 /home/oneric/.local/share/applications /home/oneric/.local/share/applications rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=715 fsname=/home/oneric/.local/share/applications dir=/home/oneric/.local/share/applications fstype=ext4
Whitelisting /home/oneric/.local/share/icons
758 588 259:3 /home/oneric/.local/share/icons /home/oneric/.local/share/icons rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=758 fsname=/home/oneric/.local/share/icons dir=/home/oneric/.local/share/icons fstype=ext4
Whitelisting /home/oneric/.local/share/mime
759 588 259:3 /home/oneric/.local/share/mime /home/oneric/.local/share/mime rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=759 fsname=/home/oneric/.local/share/mime dir=/home/oneric/.local/share/mime fstype=ext4
Whitelisting /home/oneric/.config/dconf
810 588 259:3 /home/oneric/.config/dconf /home/oneric/.config/dconf rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=810 fsname=/home/oneric/.config/dconf dir=/home/oneric/.config/dconf fstype=ext4
Whitelisting /home/oneric/.cache/fontconfig
811 588 259:3 /home/oneric/.cache/fontconfig /home/oneric/.cache/fontconfig rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=811 fsname=/home/oneric/.cache/fontconfig dir=/home/oneric/.cache/fontconfig fstype=ext4
Whitelisting /home/oneric/.config/gtk-2.0
812 588 259:3 /home/oneric/.config/gtk-2.0 /home/oneric/.config/gtk-2.0 rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=812 fsname=/home/oneric/.config/gtk-2.0 dir=/home/oneric/.config/gtk-2.0 fstype=ext4
Whitelisting /home/oneric/.config/gtk-3.0
813 588 259:3 /home/oneric/.config/gtk-3.0 /home/oneric/.config/gtk-3.0 rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=813 fsname=/home/oneric/.config/gtk-3.0 dir=/home/oneric/.config/gtk-3.0 fstype=ext4
Whitelisting /home/oneric/.config/Kvantum
814 588 259:3 /home/oneric/.config/Kvantum /home/oneric/.config/Kvantum rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=814 fsname=/home/oneric/.config/Kvantum dir=/home/oneric/.config/Kvantum fstype=ext4
Whitelisting /home/oneric/.config/qt5ct
815 588 259:3 /home/oneric/.config/qt5ct /home/oneric/.config/qt5ct rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=815 fsname=/home/oneric/.config/qt5ct dir=/home/oneric/.config/qt5ct fstype=ext4
Whitelisting /var/lib/dbus
816 585 259:3 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=816 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4
Whitelisting /var/cache/fontconfig
817 585 259:3 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=817 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4
Whitelisting /var/tmp
818 585 0:55 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64
mountid=818 fsname=/ dir=/var/tmp fstype=tmpfs
Created symbolic link /var/run -> /run
Created symbolic link /var/lock -> /run/lock
Whitelisting /tmp/.X11-unix
819 581 8:6 /.X11-unix /tmp/.X11-unix rw,noatime master:120 - ext4 /dev/sda6 rw
mountid=819 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=ext4
Mounting read-only /home/oneric/.Xauthority
823 588 0:67 /oneric/.Xauthority /home/oneric/.Xauthority ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64
mountid=823 fsname=/oneric/.Xauthority dir=/home/oneric/.Xauthority fstype=tmpfs
Mounting read-only /home/oneric/.config/dconf
824 810 259:3 /home/oneric/.config/dconf /home/oneric/.config/dconf ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=824 fsname=/home/oneric/.config/dconf dir=/home/oneric/.config/dconf fstype=ext4
Disable /usr/bin/systemd-run
Disable /usr/bin/systemd-run (requested /bin/systemd-run)
Disable /run/user/1001/systemd
Mounting read-only /home/oneric/.local/share/applications
828 715 259:3 /home/oneric/.local/share/applications /home/oneric/.local/share/applications ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=828 fsname=/home/oneric/.local/share/applications dir=/home/oneric/.local/share/applications fstype=ext4
Mounting read-only /home/oneric/.config/mimeapps.list
829 673 259:3 /home/oneric/.config/mimeapps.list /home/oneric/.config/mimeapps.list ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=829 fsname=/home/oneric/.config/mimeapps.list dir=/home/oneric/.config/mimeapps.list fstype=ext4
Mounting read-only /home/oneric/.config/user-dirs.dirs
830 674 259:3 /home/oneric/.config/user-dirs.dirs /home/oneric/.config/user-dirs.dirs ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=830 fsname=/home/oneric/.config/user-dirs.dirs dir=/home/oneric/.config/user-dirs.dirs fstype=ext4
Mounting read-only /home/oneric/.config/user-dirs.locale
831 714 259:3 /home/oneric/.config/user-dirs.locale /home/oneric/.config/user-dirs.locale ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=831 fsname=/home/oneric/.config/user-dirs.locale dir=/home/oneric/.config/user-dirs.locale fstype=ext4
Mounting read-only /home/oneric/.local/share/mime
832 759 259:3 /home/oneric/.local/share/mime /home/oneric/.local/share/mime ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=832 fsname=/home/oneric/.local/share/mime dir=/home/oneric/.local/share/mime fstype=ext4
Not blacklist /sbin
Disable /usr/local/sbin
Not blacklist /usr/sbin
Disable /usr/bin/chage
Disable /usr/bin/chage (requested /bin/chage)
Disable /usr/bin/chfn
Disable /usr/bin/chfn (requested /bin/chfn)
Disable /usr/bin/chsh
Disable /usr/bin/chsh (requested /bin/chsh)
Disable /usr/bin/crontab
Disable /usr/bin/crontab (requested /bin/crontab)
Disable /usr/bin/evtest
Disable /usr/bin/evtest (requested /bin/evtest)
Disable /usr/bin/expiry
Disable /usr/bin/expiry (requested /bin/expiry)
Disable /usr/bin/fusermount
Disable /usr/bin/fusermount (requested /bin/fusermount)
Disable /usr/bin/gksu-polkit (requested /usr/bin/gksu)
Disable /usr/bin/gksu-polkit (requested /bin/gksu)
Disable /usr/bin/gpasswd
Disable /usr/bin/gpasswd (requested /bin/gpasswd)
Disable /usr/bin/ksu
Disable /usr/bin/ksu (requested /bin/ksu)
Disable /usr/bin/mount
Disable /usr/bin/mount (requested /bin/mount)
Disable /usr/bin/mount.ecryptfs_private
Disable /usr/bin/mount.ecryptfs_private (requested /bin/mount.ecryptfs_private)
Disable /usr/bin/nc
Disable /usr/bin/nc (requested /bin/nc)
Disable /usr/bin/newgidmap
Disable /usr/bin/newgidmap (requested /bin/newgidmap)
Disable /usr/bin/newgrp
Disable /usr/bin/newgrp (requested /bin/newgrp)
Disable /usr/bin/newuidmap
Disable /usr/bin/newuidmap (requested /bin/newuidmap)
Disable /usr/bin/ntfs-3g
Disable /usr/bin/ntfs-3g (requested /bin/ntfs-3g)
Disable /usr/bin/pkexec
Disable /usr/bin/pkexec (requested /bin/pkexec)
Disable /usr/bin/sg
Disable /usr/bin/sg (requested /bin/sg)
Disable /usr/bin/su
Disable /usr/bin/su (requested /bin/su)
Disable /usr/bin/sudo
Disable /usr/bin/sudo (requested /bin/sudo)
Disable /usr/bin/umount
Disable /usr/bin/umount (requested /bin/umount)
Disable /usr/bin/unix_chkpwd
Disable /usr/bin/unix_chkpwd (requested /bin/unix_chkpwd)
Disable /usr/bin/xev
Disable /usr/bin/xev (requested /bin/xev)
Disable /usr/lib/virtualbox
Disable /usr/lib/virtualbox (requested /usr/lib64/virtualbox)
Disable /usr/bin/xfce4-terminal
Disable /usr/bin/xfce4-terminal (requested /bin/xfce4-terminal)
Disable /usr/bin/bwrap
Disable /usr/bin/bwrap (requested /bin/bwrap)
Disable /proc/config.gz
Disable /usr/bin/resolvectl
Disable /usr/bin/resolvectl (requested /bin/resolvectl)
Disable /usr/bin/as
Disable /usr/bin/as (requested /bin/as)
Disable /usr/bin/gcc (requested /usr/bin/cc)
Disable /usr/bin/gcc (requested /bin/cc)
Disable /usr/bin/c++
Disable /usr/bin/c++filt
Disable /usr/bin/c++ (requested /bin/c++)
Disable /usr/bin/c++filt (requested /bin/c++filt)
Disable /usr/bin/c89
Disable /usr/bin/c89 (requested /bin/c89)
Disable /usr/bin/c99
Disable /usr/bin/c99 (requested /bin/c99)
Disable /usr/bin/cpp
Disable /usr/bin/cpp (requested /bin/cpp)
Disable /usr/bin/g++
Disable /usr/bin/g++ (requested /bin/g++)
Disable /usr/bin/gcc-ranlib
Disable /usr/bin/gcc-nm
Disable /usr/bin/gcc
Disable /usr/bin/gcc-ar
Disable /usr/bin/gcc-ranlib (requested /bin/gcc-ranlib)
Disable /usr/bin/gcc-nm (requested /bin/gcc-nm)
Disable /usr/bin/gcc (requested /bin/gcc)
Disable /usr/bin/gcc-ar (requested /bin/gcc-ar)
Disable /usr/bin/ld
Disable /usr/bin/ld (requested /bin/ld)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 (requested /bin/x86_64-pc-linux-gnu-gcc-10.2.0)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib (requested /bin/x86_64-pc-linux-gnu-gcc-ranlib)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc (requested /bin/x86_64-pc-linux-gnu-gcc)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm (requested /bin/x86_64-pc-linux-gnu-gcc-nm)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar (requested /bin/x86_64-pc-linux-gnu-gcc-ar)
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/bin/x86_64-pc-linux-gnu-g++ (requested /bin/x86_64-pc-linux-gnu-g++)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 (requested /bin/x86_64-pc-linux-gnu-gcc-10.2.0)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib (requested /bin/x86_64-pc-linux-gnu-gcc-ranlib)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc (requested /bin/x86_64-pc-linux-gnu-gcc)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm (requested /bin/x86_64-pc-linux-gnu-gcc-nm)
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar (requested /bin/x86_64-pc-linux-gnu-gcc-ar)
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/bin/x86_64-pc-linux-gnu-g++ (requested /bin/x86_64-pc-linux-gnu-g++)
Disable /usr/lib/go/bin/go (requested /usr/bin/go)
Disable /usr/lib/go/bin/go (requested /bin/go)
Disable /usr/lib/go/bin/gofmt (requested /usr/bin/gofmt)
Disable /usr/lib/go/bin/gofmt (requested /bin/gofmt)
Not blacklist /home/oneric/bin/java
Not blacklist /home/oneric/.local/bin/java
Not blacklist /usr/local/bin/java
Not blacklist /usr/bin/java
Not blacklist /bin/java
Not blacklist /usr/local/sbin/java
Not blacklist /usr/bin/site_perl/java
Not blacklist /usr/bin/vendor_perl/java
Not blacklist /usr/bin/core_perl/java
Not blacklist /etc/java
Not blacklist /usr/lib/java
Not blacklist /usr/share/java
Disable /usr/bin/openssl
Disable /usr/bin/openssl (requested /bin/openssl)
Disable /usr/bin/openssl-1.0
Disable /usr/bin/openssl-1.0 (requested /bin/openssl-1.0)
Disable /usr/bin/rust-gdb
Disable /usr/bin/rust-gdb (requested /bin/rust-gdb)
Disable /usr/bin/rust-lldb
Disable /usr/bin/rust-lldb (requested /bin/rust-lldb)
Disable /usr/bin/rustc
Disable /usr/bin/rustc (requested /bin/rustc)
Disable /usr/src
Disable /usr/local/src
Disable /usr/include
Disable /usr/local/include
Disable /usr/bin/luac
Disable /usr/bin/luac5.2
Disable /usr/bin/lua
Disable /usr/bin/lua (requested /usr/bin/lua5.4)
Disable /usr/bin/luajit-2.0.5
Disable /usr/bin/lua5.2
Disable /usr/bin/luajit-2.0.5 (requested /usr/bin/luajit)
Disable /usr/bin/luac (requested /usr/bin/luac5.4)
Disable /usr/bin/luac (requested /bin/luac)
Disable /usr/bin/luac5.2 (requested /bin/luac5.2)
Disable /usr/bin/lua (requested /bin/lua)
Disable /usr/bin/lua (requested /bin/lua5.4)
Disable /usr/bin/luajit-2.0.5 (requested /bin/luajit-2.0.5)
Disable /usr/bin/lua5.2 (requested /bin/lua5.2)
Disable /usr/bin/luajit-2.0.5 (requested /bin/luajit)
Disable /usr/bin/luac (requested /bin/luac5.4)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2)
Disable /usr/lib/liblua.so.5.4.1
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua5.4.so)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4)
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so.2)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so.5.4)
Disable /usr/lib/liblua5.2.so.5.2.4
Disable /usr/lib/libluajit-5.1.so.2.0.5
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so)
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so)
Disable /usr/lib/lua
Disable /usr/share/lua
Disable /usr/share/luajit-2.0.5
Disable /usr/lib/libmozjs-68.so (requested /usr/lib64/libmozjs-68.so)
Disable /usr/lib/libmozjs-60.so (requested /usr/lib64/libmozjs-60.so)
Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so)
Disable /usr/bin/node
Disable /usr/bin/node (requested /bin/node)
Disable /usr/bin/core_perl/cpan
Disable /usr/bin/core_perl
Disable /usr/bin/core_perl (requested /bin/core_perl)
Disable /usr/bin/perl
Disable /usr/bin/perl (requested /bin/perl)
Disable /usr/bin/site_perl
Disable /usr/bin/site_perl (requested /bin/site_perl)
Disable /usr/bin/vendor_perl
Disable /usr/bin/vendor_perl (requested /bin/vendor_perl)
Disable /usr/lib/perl5
Disable /usr/share/perl5
Disable /usr/bin/ruby
Disable /usr/bin/ruby (requested /bin/ruby)
Disable /usr/lib/ruby
Not blacklist /home/oneric/bin/python2*
Not blacklist /home/oneric/.local/bin/python2*
Not blacklist /usr/local/bin/python2*
Not blacklist /usr/bin/python2.7
Not blacklist /usr/bin/python2
Not blacklist /usr/bin/python2.7-config
Not blacklist /usr/bin/python2-config
Not blacklist /bin/python2.7
Not blacklist /bin/python2
Not blacklist /bin/python2.7-config
Not blacklist /bin/python2-config
Not blacklist /usr/local/sbin/python2*
Not blacklist /usr/bin/site_perl/python2*
Not blacklist /usr/bin/vendor_perl/python2*
Not blacklist /usr/bin/core_perl/python2*
Not blacklist /usr/include/python2*
Not blacklist /usr/lib/python2.7
Not blacklist /usr/local/lib/python2*
Not blacklist /usr/share/python2*
Not blacklist /home/oneric/bin/python3*
Not blacklist /home/oneric/.local/bin/python3*
Not blacklist /usr/local/bin/python3*
Not blacklist /usr/bin/python3.8-config
Not blacklist /usr/bin/python3.8
Not blacklist /usr/bin/python3
Not blacklist /usr/bin/python3-config
Not blacklist /bin/python3.8-config
Not blacklist /bin/python3.8
Not blacklist /bin/python3
Not blacklist /bin/python3-config
Not blacklist /usr/local/sbin/python3*
Not blacklist /usr/bin/site_perl/python3*
Not blacklist /usr/bin/vendor_perl/python3*
Not blacklist /usr/bin/core_perl/python3*
Not blacklist /usr/include/python3*
Not blacklist /usr/lib/python3.8
Not blacklist /usr/lib64/python3.8
Not blacklist /usr/local/lib/python3*
Not blacklist /usr/share/python3*
Not blacklist /home/oneric/.java
DISPLAY=:0.0 parsed as 0
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 04 00 c000003e   jeq ARCH_64 0006 (false 0002)
 0002: 20 00 00 00000000   ld  data.syscall-number
 0003: 15 01 00 00000167   jeq unknown 0005 (false 0004)
 0004: 06 00 00 7fff0000   ret ALLOW
 0005: 05 00 00 00000006   jmp 000c
 0006: 20 00 00 00000004   ld  data.architecture
 0007: 15 01 00 c000003e   jeq ARCH_64 0009 (false 0008)
 0008: 06 00 00 7fff0000   ret ALLOW
 0009: 20 00 00 00000000   ld  data.syscall-number
 000a: 15 01 00 00000029   jeq socket 000c (false 000b)
 000b: 06 00 00 7fff0000   ret ALLOW
 000c: 20 00 00 00000010   ld  data.args[0]
 000d: 15 00 01 00000001   jeq 1 000e (false 000f)
 000e: 06 00 00 7fff0000   ret ALLOW
 000f: 15 00 01 00000002   jeq 2 0010 (false 0011)
 0010: 06 00 00 7fff0000   ret ALLOW
 0011: 15 00 01 0000000a   jeq a 0012 (false 0013)
 0012: 06 00 00 7fff0000   ret ALLOW
 0013: 15 00 01 00000010   jeq 10 0014 (false 0015)
 0014: 06 00 00 7fff0000   ret ALLOW
 0015: 06 00 00 0005005f   ret ERRNO(95)
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 01 00 40000003   jeq ARCH_32 0003 (false 0002)
 0002: 06 00 00 7fff0000   ret ALLOW
 0003: 20 00 00 00000000   ld  data.syscall-number
 0004: 15 00 01 00000015   jeq 15 0005 (false 0006)
 0005: 06 00 00 00000001   ret KILL
 0006: 15 00 01 00000034   jeq 34 0007 (false 0008)
 0007: 06 00 00 00000001   ret KILL
 0008: 15 00 01 0000001a   jeq 1a 0009 (false 000a)
 0009: 06 00 00 00000001   ret KILL
 000a: 15 00 01 0000011b   jeq 11b 000b (false 000c)
 000b: 06 00 00 00000001   ret KILL
 000c: 15 00 01 00000155   jeq 155 000d (false 000e)
 000d: 06 00 00 00000001   ret KILL
 000e: 15 00 01 00000156   jeq 156 000f (false 0010)
 000f: 06 00 00 00000001   ret KILL
 0010: 15 00 01 0000007f   jeq 7f 0011 (false 0012)
 0011: 06 00 00 00000001   ret KILL
 0012: 15 00 01 00000080   jeq 80 0013 (false 0014)
 0013: 06 00 00 00000001   ret KILL
 0014: 15 00 01 0000015e   jeq 15e 0015 (false 0016)
 0015: 06 00 00 00000001   ret KILL
 0016: 15 00 01 00000081   jeq 81 0017 (false 0018)
 0017: 06 00 00 00000001   ret KILL
 0018: 15 00 01 0000006e   jeq 6e 0019 (false 001a)
 0019: 06 00 00 00000001   ret KILL
 001a: 15 00 01 00000065   jeq 65 001b (false 001c)
 001b: 06 00 00 00000001   ret KILL
 001c: 15 00 01 00000121   jeq 121 001d (false 001e)
 001d: 06 00 00 00000001   ret KILL
 001e: 15 00 01 00000057   jeq 57 001f (false 0020)
 001f: 06 00 00 00000001   ret KILL
 0020: 15 00 01 00000073   jeq 73 0021 (false 0022)
 0021: 06 00 00 00000001   ret KILL
 0022: 15 00 01 00000067   jeq 67 0023 (false 0024)
 0023: 06 00 00 00000001   ret KILL
 0024: 15 00 01 0000015b   jeq 15b 0025 (false 0026)
 0025: 06 00 00 00000001   ret KILL
 0026: 15 00 01 0000015c   jeq 15c 0027 (false 0028)
 0027: 06 00 00 00000001   ret KILL
 0028: 15 00 01 00000087   jeq 87 0029 (false 002a)
 0029: 06 00 00 00000001   ret KILL
 002a: 15 00 01 00000095   jeq 95 002b (false 002c)
 002b: 06 00 00 00000001   ret KILL
 002c: 15 00 01 0000007c   jeq 7c 002d (false 002e)
 002d: 06 00 00 00000001   ret KILL
 002e: 15 00 01 00000157   jeq 157 002f (false 0030)
 002f: 06 00 00 00000001   ret KILL
 0030: 15 00 01 000000fd   jeq fd 0031 (false 0032)
 0031: 06 00 00 00000001   ret KILL
 0032: 15 00 01 00000150   jeq 150 0033 (false 0034)
 0033: 06 00 00 00000001   ret KILL
 0034: 15 00 01 00000152   jeq 152 0035 (false 0036)
 0035: 06 00 00 00000001   ret KILL
 0036: 15 00 01 0000015d   jeq 15d 0037 (false 0038)
 0037: 06 00 00 00000001   ret KILL
 0038: 15 00 01 0000011e   jeq 11e 0039 (false 003a)
 0039: 06 00 00 00000001   ret KILL
 003a: 15 00 01 0000011f   jeq 11f 003b (false 003c)
 003b: 06 00 00 00000001   ret KILL
 003c: 15 00 01 00000120   jeq 120 003d (false 003e)
 003d: 06 00 00 00000001   ret KILL
 003e: 15 00 01 00000056   jeq 56 003f (false 0040)
 003f: 06 00 00 00000001   ret KILL
 0040: 15 00 01 00000033   jeq 33 0041 (false 0042)
 0041: 06 00 00 00000001   ret KILL
 0042: 15 00 01 0000007b   jeq 7b 0043 (false 0044)
 0043: 06 00 00 00000001   ret KILL
 0044: 15 00 01 000000d9   jeq d9 0045 (false 0046)
 0045: 06 00 00 00000001   ret KILL
 0046: 15 00 01 000000f5   jeq f5 0047 (false 0048)
 0047: 06 00 00 00000001   ret KILL
 0048: 15 00 01 000000f6   jeq f6 0049 (false 004a)
 0049: 06 00 00 00000001   ret KILL
 004a: 15 00 01 000000f7   jeq f7 004b (false 004c)
 004b: 06 00 00 00000001   ret KILL
 004c: 15 00 01 000000f8   jeq f8 004d (false 004e)
 004d: 06 00 00 00000001   ret KILL
 004e: 15 00 01 000000f9   jeq f9 004f (false 0050)
 004f: 06 00 00 00000001   ret KILL
 0050: 15 00 01 00000101   jeq 101 0051 (false 0052)
 0051: 06 00 00 00000001   ret KILL
 0052: 15 00 01 00000112   jeq 112 0053 (false 0054)
 0053: 06 00 00 00000001   ret KILL
 0054: 15 00 01 00000114   jeq 114 0055 (false 0056)
 0055: 06 00 00 00000001   ret KILL
 0056: 15 00 01 00000126   jeq 126 0057 (false 0058)
 0057: 06 00 00 00000001   ret KILL
 0058: 15 00 01 0000013d   jeq 13d 0059 (false 005a)
 0059: 06 00 00 00000001   ret KILL
 005a: 15 00 01 0000013c   jeq 13c 005b (false 005c)
 005b: 06 00 00 00000001   ret KILL
 005c: 15 00 01 0000003d   jeq 3d 005d (false 005e)
 005d: 06 00 00 00000001   ret KILL
 005e: 15 00 01 00000058   jeq 58 005f (false 0060)
 005f: 06 00 00 00000001   ret KILL
 0060: 15 00 01 000000a9   jeq a9 0061 (false 0062)
 0061: 06 00 00 00000001   ret KILL
 0062: 15 00 01 00000082   jeq 82 0063 (false 0064)
 0063: 06 00 00 00000001   ret KILL
 0064: 06 00 00 7fff0000   ret ALLOW
Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown,
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 01 00 c000003e   jeq ARCH_64 0003 (false 0002)
 0002: 06 00 00 7fff0000   ret ALLOW
 0003: 20 00 00 00000000   ld  data.syscall-number
 0004: 35 01 00 40000000   jge X32_ABI 0006 (false 0005)
 0005: 35 01 00 00000000   jge read 0007 (false 0006)
 0006: 06 00 00 00050001   ret ERRNO(1)
 0007: 15 00 01 00000065   jeq ptrace 0008 (false 0009)
 0008: 06 00 00 7fff0000   ret ALLOW
 0009: 15 00 01 0000009f   jeq adjtimex 000a (false 000b)
 000a: 06 00 00 00050001   ret ERRNO(1)
 000b: 15 00 01 00000131   jeq clock_adjtime 000c (false 000d)
 000c: 06 00 00 00050001   ret ERRNO(1)
 000d: 15 00 01 000000e3   jeq clock_settime 000e (false 000f)
 000e: 06 00 00 00050001   ret ERRNO(1)
 000f: 15 00 01 000000a4   jeq settimeofday 0010 (false 0011)
 0010: 06 00 00 00050001   ret ERRNO(1)
 0011: 15 00 01 0000009a   jeq modify_ldt 0012 (false 0013)
 0012: 06 00 00 00050001   ret ERRNO(1)
 0013: 15 00 01 000000d4   jeq lookup_dcookie 0014 (false 0015)
 0014: 06 00 00 00050001   ret ERRNO(1)
 0015: 15 00 01 0000012a   jeq perf_event_open 0016 (false 0017)
 0016: 06 00 00 00050001   ret ERRNO(1)
 0017: 15 00 01 00000137   jeq process_vm_writev 0018 (false 0019)
 0018: 06 00 00 00050001   ret ERRNO(1)
 0019: 15 00 01 000000b0   jeq delete_module 001a (false 001b)
 001a: 06 00 00 00050001   ret ERRNO(1)
 001b: 15 00 01 00000139   jeq finit_module 001c (false 001d)
 001c: 06 00 00 00050001   ret ERRNO(1)
 001d: 15 00 01 000000af   jeq init_module 001e (false 001f)
 001e: 06 00 00 00050001   ret ERRNO(1)
 001f: 15 00 01 000000a1   jeq chroot 0020 (false 0021)
 0020: 06 00 00 00050001   ret ERRNO(1)
 0021: 15 00 01 000000a5   jeq mount 0022 (false 0023)
 0022: 06 00 00 00050001   ret ERRNO(1)
 0023: 15 00 01 0000009b   jeq pivot_root 0024 (false 0025)
 0024: 06 00 00 00050001   ret ERRNO(1)
 0025: 15 00 01 000000a6   jeq umount2 0026 (false 0027)
 0026: 06 00 00 00050001   ret ERRNO(1)
 0027: 15 00 01 0000009c   jeq _sysctl 0028 (false 0029)
 0028: 06 00 00 00050001   ret ERRNO(1)
 0029: 15 00 01 000000b7   jeq afs_syscall 002a (false 002b)
 002a: 06 00 00 00050001   ret ERRNO(1)
 002b: 15 00 01 000000ae   jeq create_module 002c (false 002d)
 002c: 06 00 00 00050001   ret ERRNO(1)
 002d: 15 00 01 000000b1   jeq get_kernel_syms 002e (false 002f)
 002e: 06 00 00 00050001   ret ERRNO(1)
 002f: 15 00 01 000000b5   jeq getpmsg 0030 (false 0031)
 0030: 06 00 00 00050001   ret ERRNO(1)
 0031: 15 00 01 000000b6   jeq putpmsg 0032 (false 0033)
 0032: 06 00 00 00050001   ret ERRNO(1)
 0033: 15 00 01 000000b2   jeq query_module 0034 (false 0035)
 0034: 06 00 00 00050001   ret ERRNO(1)
 0035: 15 00 01 000000b9   jeq security 0036 (false 0037)
 0036: 06 00 00 00050001   ret ERRNO(1)
 0037: 15 00 01 0000008b   jeq sysfs 0038 (false 0039)
 0038: 06 00 00 00050001   ret ERRNO(1)
 0039: 15 00 01 000000b8   jeq tuxcall 003a (false 003b)
 003a: 06 00 00 00050001   ret ERRNO(1)
 003b: 15 00 01 00000086   jeq uselib 003c (false 003d)
 003c: 06 00 00 00050001   ret ERRNO(1)
 003d: 15 00 01 00000088   jeq ustat 003e (false 003f)
 003e: 06 00 00 00050001   ret ERRNO(1)
 003f: 15 00 01 000000ec   jeq vserver 0040 (false 0041)
 0040: 06 00 00 00050001   ret ERRNO(1)
 0041: 15 00 01 000000ad   jeq ioperm 0042 (false 0043)
 0042: 06 00 00 00050001   ret ERRNO(1)
 0043: 15 00 01 000000ac   jeq iopl 0044 (false 0045)
 0044: 06 00 00 00050001   ret ERRNO(1)
 0045: 15 00 01 000000f6   jeq kexec_load 0046 (false 0047)
 0046: 06 00 00 00050001   ret ERRNO(1)
 0047: 15 00 01 00000140   jeq kexec_file_load 0048 (false 0049)
 0048: 06 00 00 00050001   ret ERRNO(1)
 0049: 15 00 01 000000a9   jeq reboot 004a (false 004b)
 004a: 06 00 00 00050001   ret ERRNO(1)
 004b: 15 00 01 000000a7   jeq swapon 004c (false 004d)
 004c: 06 00 00 00050001   ret ERRNO(1)
 004d: 15 00 01 000000a8   jeq swapoff 004e (false 004f)
 004e: 06 00 00 00050001   ret ERRNO(1)
 004f: 15 00 01 00000130   jeq open_by_handle_at 0050 (false 0051)
 0050: 06 00 00 00050001   ret ERRNO(1)
 0051: 15 00 01 0000012f   jeq name_to_handle_at 0052 (false 0053)
 0052: 06 00 00 00050001   ret ERRNO(1)
 0053: 15 00 01 000000fb   jeq ioprio_set 0054 (false 0055)
 0054: 06 00 00 00050001   ret ERRNO(1)
 0055: 15 00 01 00000067   jeq syslog 0056 (false 0057)
 0056: 06 00 00 00050001   ret ERRNO(1)
 0057: 15 00 01 0000012c   jeq fanotify_init 0058 (false 0059)
 0058: 06 00 00 00050001   ret ERRNO(1)
 0059: 15 00 01 00000138   jeq kcmp 005a (false 005b)
 005a: 06 00 00 00050001   ret ERRNO(1)
 005b: 15 00 01 000000f8   jeq add_key 005c (false 005d)
 005c: 06 00 00 00050001   ret ERRNO(1)
 005d: 15 00 01 000000f9   jeq request_key 005e (false 005f)
 005e: 06 00 00 00050001   ret ERRNO(1)
 005f: 15 00 01 000000ed   jeq mbind 0060 (false 0061)
 0060: 06 00 00 00050001   ret ERRNO(1)
 0061: 15 00 01 00000100   jeq migrate_pages 0062 (false 0063)
 0062: 06 00 00 00050001   ret ERRNO(1)
 0063: 15 00 01 00000117   jeq move_pages 0064 (false 0065)
 0064: 06 00 00 00050001   ret ERRNO(1)
 0065: 15 00 01 000000fa   jeq keyctl 0066 (false 0067)
 0066: 06 00 00 00050001   ret ERRNO(1)
 0067: 15 00 01 000000ce   jeq io_setup 0068 (false 0069)
 0068: 06 00 00 00050001   ret ERRNO(1)
 0069: 15 00 01 000000cf   jeq io_destroy 006a (false 006b)
 006a: 06 00 00 00050001   ret ERRNO(1)
 006b: 15 00 01 000000d0   jeq io_getevents 006c (false 006d)
 006c: 06 00 00 00050001   ret ERRNO(1)
 006d: 15 00 01 000000d1   jeq io_submit 006e (false 006f)
 006e: 06 00 00 00050001   ret ERRNO(1)
 006f: 15 00 01 000000d2   jeq io_cancel 0070 (false 0071)
 0070: 06 00 00 00050001   ret ERRNO(1)
 0071: 15 00 01 000000d8   jeq remap_file_pages 0072 (false 0073)
 0072: 06 00 00 00050001   ret ERRNO(1)
 0073: 15 00 01 00000143   jeq userfaultfd 0074 (false 0075)
 0074: 06 00 00 00050001   ret ERRNO(1)
 0075: 15 00 01 000000a3   jeq acct 0076 (false 0077)
 0076: 06 00 00 00050001   ret ERRNO(1)
 0077: 15 00 01 00000141   jeq bpf 0078 (false 0079)
 0078: 06 00 00 00050001   ret ERRNO(1)
 0079: 15 00 01 000000b4   jeq nfsservctl 007a (false 007b)
 007a: 06 00 00 00050001   ret ERRNO(1)
 007b: 15 00 01 000000ab   jeq setdomainname 007c (false 007d)
 007c: 06 00 00 00050001   ret ERRNO(1)
 007d: 15 00 01 000000aa   jeq sethostname 007e (false 007f)
 007e: 06 00 00 00050001   ret ERRNO(1)
 007f: 15 00 01 00000099   jeq vhangup 0080 (false 0081)
 0080: 06 00 00 00050001   ret ERRNO(1)
 0081: 15 00 01 00000065   jeq ptrace 0082 (false 0083)
 0082: 06 00 00 00050001   ret ERRNO(1)
 0083: 15 00 01 00000087   jeq personality 0084 (false 0085)
 0084: 06 00 00 00050001   ret ERRNO(1)
 0085: 15 00 01 00000136   jeq process_vm_readv 0086 (false 0087)
 0086: 06 00 00 00050001   ret ERRNO(1)
 0087: 06 00 00 7fff0000   ret ALLOW
Not blacklist /home/oneric/.killingfloor
Not blacklist /home/oneric/.local/share/3909/PapersPlease
Not blacklist /home/oneric/.local/share/Steam
Not blacklist /home/oneric/.local/share/SuperHexagon
Not blacklist /home/oneric/.local/share/Terraria
Not blacklist /home/oneric/.local/share/aspyr-media
Not blacklist /home/oneric/.local/share/cdprojektred
Not blacklist /home/oneric/.local/share/FasterThanLight
Not blacklist /home/oneric/.local/share/feral-interactive
Not blacklist /home/oneric/.local/share/IntoTheBreach
Not blacklist /home/oneric/.local/share/Paradox Interactive
Not blacklist /home/oneric/.local/share/vpltd
Not blacklist /home/oneric/.local/share/vulkan
Not blacklist /home/oneric/.mbwarband
Not blacklist /home/oneric/.paradoxinteractive
Not blacklist /home/oneric/.steam
Not blacklist /home/oneric/.steampath
Not blacklist /home/oneric/.steampid
Mounting read-only /tmp/.X11-unix
1020 819 8:6 /.X11-unix /tmp/.X11-unix ro,noatime master:120 - ext4 /dev/sda6 rw
mountid=1020 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=ext4
Disable /sys/fs
Disable /sys/module
Mounting noexec /run/firejail/mnt/pulse
1023 448 0:49 /pulse /run/firejail/mnt/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64
mountid=1023 fsname=/pulse dir=/run/firejail/mnt/pulse fstype=tmpfs
Creating empty /home/oneric/.config/pulse directory
Mounting /run/firejail/mnt/pulse on /home/oneric/.config/pulse
1024 588 0:49 /pulse /home/oneric/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64
mountid=1024 fsname=/pulse dir=/home/oneric/.config/pulse fstype=tmpfs
Current directory: /home/oneric
Install protocol filter: unix,inet,inet6,netlink
configuring 22 seccomp entries in /run/firejail/mnt/seccomp/seccomp.protocol
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.protocol 
configuring 101 seccomp entries in /run/firejail/mnt/seccomp/seccomp.32
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.32 
Dual 32/64 bit seccomp filter configured
Build default+drop seccomp filter
sbox run: /run/firejail/lib/fseccomp default drop /run/firejail/mnt/seccomp/seccomp /run/firejail/mnt/seccomp/seccomp.postexec !ptrace 
sbox run: /run/firejail/lib/fsec-optimize /run/firejail/mnt/seccomp/seccomp 
configuring 136 seccomp entries in /run/firejail/mnt/seccomp/seccomp
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp 
seccomp filter configured
Mounting read-only /run/firejail/mnt/seccomp
1026 448 0:49 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755,inode64
mountid=1026 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs
Seccomp directory:
ls /run/firejail/mnt/seccomp
drwxr-xr-x root     root             160 .
drwxr-xr-x root     root             380 ..
-rw-r--r-- oneric   games           1088 seccomp
-rw-r--r-- oneric   games            808 seccomp.32
-rw-r--r-- oneric   games            114 seccomp.list
-rw-r--r-- oneric   games              0 seccomp.postexec
-rw-r--r-- oneric   games              0 seccomp.postexec32
-rw-r--r-- oneric   games            176 seccomp.protocol
Active seccomp files:
cat /run/firejail/mnt/seccomp/seccomp.list
/run/firejail/mnt/seccomp/seccomp.protocol
/run/firejail/mnt/seccomp/seccomp.32
/run/firejail/mnt/seccomp/seccomp
Dropping all capabilities
noroot user namespace installed
Dropping all capabilities
NO_NEW_PRIVS set
Drop privileges: pid 1, uid 1001, gid 60, nogroups 1
No supplementary groups
Child process initialized in 191.11 ms
starting application
LD_PRELOAD=(null)
execvp argument 0: steam
Manjaro steam native configuration found!
cp: reguläre Datei '/usr/games/Games-SSD/Steam-Runtime/local-share-Steam/bootstrap.tar.xz' kann nicht angelegt werden: Das Dateisystem ist nur lesbar

Parent is shutting down, bye...

With this in /etc/firejail/steam.local :

# Remove our custom folders from blacklists
noblacklist /usr/games/Games-HDD/SteamLibrary
noblacklist /usr/games/Games-HDD/SAVEFILES
noblacklist /usr/games/Games-HDD/LutrisLibrary
noblacklist /usr/games/Games-HDD/Origin Games
noblacklist /usr/games/Games-SSD/SteamLibrary
noblacklist /usr/games/Games-SSD/Steam-Runtime
noblacklist /usr/games/Games-SSD/GOG Galaxy
# And also whitelist them
whitelist /usr/games/Games-HDD/SteamLibrary
whitelist /usr/games/Games-HDD/SAVEFILES
whitelist /usr/games/Games-HDD/LutrisLibrary
whitelist /usr/games/Games-HDD/Origin Games
whitelist /usr/games/Games-SSD/SteamLibrary
whitelist /usr/games/Games-SSD/Steam-Runtime
whitelist /usr/games/Games-SSD/GOG Galaxy

firejail --debug steam outputs:

Reading profile /etc/firejail/steam.profile
Autoselecting /bin/bash as shell
Building quoted command line: 'steam' 
Command name #steam#
Found steam.profile profile in /etc/firejail directory
Reading profile /etc/firejail/steam.local
Found steam.local profile in /etc/firejail directory
Reading profile /etc/firejail/allow-java.inc
Found allow-java.inc profile in /etc/firejail directory
Reading profile /etc/firejail/allow-python2.inc
Found allow-python2.inc profile in /etc/firejail directory
Reading profile /etc/firejail/allow-python3.inc
Found allow-python3.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-common.inc
Found disable-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-devel.inc
Found disable-devel.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-interpreters.inc
Found disable-interpreters.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-passwdmgr.inc
Found disable-passwdmgr.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-programs.inc
Found disable-programs.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-common.inc
Found whitelist-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-var-common.inc
Found whitelist-var-common.inc profile in /etc/firejail directory
DISPLAY=:0.0 parsed as 0
Parent pid 8975, child pid 8977
Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown,
Using the local network stack
Warning: file /etc/alternatives not found.
Warning: skipping alternatives for private /etc
Warning: file /etc/asound.conf not found.
Warning: skipping asound.conf for private /etc
Warning: file /etc/bumblebee not found.
Warning: skipping bumblebee for private /etc
Warning: file /etc/crypto-policies not found.
Warning: skipping crypto-policies for private /etc
Warning: file /etc/drirc not found.
Warning: skipping drirc for private /etc
Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown,
Using the local network stack
Initializing child process
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp directory
Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file
Build protocol filter: unix,inet,inet6,netlink
sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol 
Mounting /proc filesystem representing the PID namespace
Basic read-only filesystem:
Mounting read-only /etc
451 408 259:3 /etc /etc ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=451 fsname=/etc dir=/etc fstype=ext4
Mounting noexec /etc
452 451 259:3 /etc /etc ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=452 fsname=/etc dir=/etc fstype=ext4
Mounting read-only /var
453 408 259:3 /var /var ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=453 fsname=/var dir=/var fstype=ext4
Mounting noexec /var
454 453 259:3 /var /var ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw
mountid=454 fsname=/var dir=/var fstype=ext4
Mounting read-only /usr
457 455 8:1 / /usr/games/Games-HDD rw,relatime master:116 - ext4 /dev/sda1 rw
mountid=457 fsname=/ dir=/usr/games/Games-HDD fstype=ext4
Mounting read-only /usr/games/Games-SSD
458 456 259:4 / /usr/games/Games-SSD ro,noatime master:108 - ext4 /dev/nvme0n1p4 rw
mountid=458 fsname=/ dir=/usr/games/Games-SSD fstype=ext4
Mounting read-only /usr/games/Games-HDD
459 457 8:1 / /usr/games/Games-HDD ro,relatime master:116 - ext4 /dev/sda1 rw
mountid=459 fsname=/ dir=/usr/games/Games-HDD fstype=ext4
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Create the new utmp file
Mount the new utmp file
Cleaning /home directory
Cleaning /run/user directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/profile
Disable /run/firejail/x11
Mounting tmpfs on /dev
mounting /run/firejail/mnt/dev/snd directory
mounting /run/firejail/mnt/dev/dri directory
Process /dev/shm directory
Generate private-tmp whitelist commands
blacklist /run/firejail/dbus
Mounting read-only /proc/sys
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/power
Disable /sys/kernel/debug
Disable /sys/kernel/vmcoreinfo
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kcore
Disable /proc/kallsyms
Disable /usr/lib/modules (requested /lib/modules)
Disable /boot
Disable /run/user/1001/gnupg
Disable /run/user/1001/systemd
Disable /proc/kmsg
Copying files in the new /etc directory:
copying /etc/ca-certificates to private /etc
Creating empty /run/firejail/mnt/etc/ca-certificates directory
sbox run: /run/firejail/lib/fcopy /etc/ca-certificates /run/firejail/mnt/etc/ca-certificates 
copying /etc/dbus-1 to private /etc
Creating empty /run/firejail/mnt/etc/dbus-1 directory
sbox run: /run/firejail/lib/fcopy /etc/dbus-1 /run/firejail/mnt/etc/dbus-1 
copying /etc/fonts to private /etc
Creating empty /run/firejail/mnt/etc/fonts directory
sbox run: /run/firejail/lib/fcopy /etc/fonts /run/firejail/mnt/etc/fonts 
copying /etc/group to private /etc
sbox run: /run/firejail/lib/fcopy /etc/group /run/firejail/mnt/etc 
copying /etc/gtk-2.0 to private /etc
Creating empty /run/firejail/mnt/etc/gtk-2.0 directory
sbox run: /run/firejail/lib/fcopy /etc/gtk-2.0 /run/firejail/mnt/etc/gtk-2.0 
copying /etc/gtk-3.0 to private /etc
Creating empty /run/firejail/mnt/etc/gtk-3.0 directory
sbox run: /run/firejail/lib/fcopy /etc/gtk-3.0 /run/firejail/mnt/etc/gtk-3.0 
copying /etc/host.conf to private /etc
sbox run: /run/firWarning: file /etc/nvidia not found.
Warning: skipping nvidia for private /etc
Warning: file /etc/pki not found.
Warning: skipping pki for private /etc
Private /etc installed in 41.72 ms
ejail/lib/fcopy /etc/host.conf /run/firejail/mnt/etc 
copying /etc/hostname to private /etc
sbox run: /run/firejail/lib/fcopy /etc/hostname /run/firejail/mnt/etc 
copying /etc/hosts to private /etc
sbox run: /run/firejail/lib/fcopy /etc/hosts /run/firejail/mnt/etc 
copying /etc/ld.so.cache to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.cache /run/firejail/mnt/etc 
copying /etc/ld.so.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf /run/firejail/mnt/etc 
copying /etc/ld.so.conf.d to private /etc
Creating empty /run/firejail/mnt/etc/ld.so.conf.d directory
sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf.d /run/firejail/mnt/etc/ld.so.conf.d 
copying /etc/ld.so.preload to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.preload /run/firejail/mnt/etc 
copying /etc/localtime to private /etc
sbox run: /run/firejail/lib/fcopy /etc/localtime /run/firejail/mnt/etc 
copying /etc/lsb-release to private /etc
sbox run: /run/firejail/lib/fcopy /etc/lsb-release /run/firejail/mnt/etc 
copying /etc/machine-id to private /etc
sbox run: /run/firejail/lib/fcopy /etc/machine-id /run/firejail/mnt/etc 
copying /etc/mime.types to private /etc
sbox run: /run/firejail/lib/fcopy /etc/mime.types /run/firejail/mnt/etc 
copying /etc/os-release to private /etc
sbox run: /run/firejail/lib/fcopy /etc/os-release /run/firejail/mnt/etc 
copying /etc/passwd to private /etc
sbox run: /run/firejail/lib/fcopy /etc/passwd /run/firejail/mnt/etc 
copying /etc/pulse to private /etc
Creating empty /run/firejail/mnt/etc/pulse directory
sbox run: /run/firejail/lib/fcopy /etc/pulse /run/firejail/mnt/etc/pulse 
copying /etc/resolv.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/resolv.conf /run/firejail/mnt/etc 
copying /etc/services to private /etc
sbox run: /run/firejail/lib/fcopy /etc/services /run/firejail/mnt/etc 
copying /etc/ssl to private /etc
Creating empty /run/firejail/mnt/etc/ssl directory
sbox run: /run/firejail/lib/fcopy /etc/ssl /run/firejail/mnt/etc/ssl 
Mount-bind /run/firejail/mnt/etc on top of /etc
Debug 456: new_name #/usr/games/Games-HDD/SteamLibrary#, whitelist
Error: invalid whitelist path /usr/games/Games-HDD/SteamLibrary
Cannot find /usr/etc
Error: proc 8975 cannot sync with peer: unexpected EOF
Peer 8977 unexpectedly exited with status 1

Originally created by @TheOneric on GitHub (Nov 11, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3739 Some Manjaro update(not sure if firejail or steam update caused this) between a few weeks ago and now, steam stopped working with firejail and my custom steam locations (via symlink). The symlink targets are on another ext4-partition and are owned by the same user and group running steam. On startup I get ``` cp: cannot create regular file '/usr/games/Games-SSD/Steam-Runtime/local-share-Steam/bootstrap.tar.xz': Read-only file system ``` As the `~/.steam` folder is a symlink and I guess it might make sense to require the symlink target to be whitelisted, I now atempted to whitelist the symlinked folders in `/usr/games/Games-{HDD,SSD}` (details at the end together with debug output) in /etc/firejail/steam.local, but now this fails with: ``` Error: invalid whitelist path /usr/games/Games-HDD/SteamLibrary Error: proc 10271 cannot sync with peer: unexpected EOF Peer 10273 unexpectedly exited with status 1 ``` **No profile and disabling firejail** - Calling steam with `--no-profile` doesn't change anything. - Calling steam by /usr/bin/steam didn't change anything. **Reproduce** Steps to reproduce the behavior: 1. Run in shell `firejail steam`, `firejail --noprofile steam` or to work around issues with controllers and #3267 (probably no longer needed) ``` firejail '--seccomp.drop=@clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@swap,open_by_handle_at,name_to_handle_at,ioprio_set,ni_syscall,syslog,fanotify_init,add_key,request_key,mbind,migrate_pages,move_pages,keyctl,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,set_mempolicyvmsplice,umount,userfaultfd,acct,bpf,chroot,mount,nfsservctl,pivot_root,setdomainname,sethostname,umount2,vhangup' --ignore=seccomp --ignore=private-dev steam ``` while `~/.steam` is a symlink to `/usr/games/Games-SSD/Steam-Runtime`. **Environment** - Firejail Version 0.9.64 , `firejail --version` lists all but SELinux as enabled - Manjaro Linux **Checklist** - [x] The upstream profile (and redirect profile if exists) have no changes fixing it. - [x] The program has a profile. (If not, request one in `https://github.com/netblue30/firejail/issues/1139`) - [x] Programs needed for interaction are listed in the profile. - [x] A short search for duplicates was performed. - [x] Used `LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 PROGRAM` to get english error-messages. <details><summary> debug output </summary> OUTPUT OF `firejail --debug steam` ``` Reading profile /etc/firejail/steam.profile Autoselecting /bin/bash as shell Building quoted command line: 'steam' Command name #steam# Found steam.profile profile in /etc/firejail directory Reading profile /etc/firejail/allow-java.inc Found steam.local profile in /etc/firejail directory Found allow-java.inc profile in /etc/firejail directory Reading profile /etc/firejail/allow-python2.inc Found allow-python2.inc profile in /etc/firejail directory Reading profile /etc/firejail/allow-python3.inc Found allow-python3.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-common.inc Found disable-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-devel.inc Found disable-devel.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-interpreters.inc Found disable-interpreters.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-passwdmgr.inc Found disable-passwdmgr.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-programs.inc Found disable-programs.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-common.inc Found whitelist-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-var-common.inc Found whitelist-var-common.inc profile in /etc/firejail directory DISPLAY=:0.0 parsed as 0 Parent pid 8158, child pid 8160 Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown, Using the local network stack Warning: file /etc/alternatives not found. Warning: skipping alternatives for private /etc Warning: file /etc/asound.conf not found. Warning: skipping asound.conf for private /etc Warning: file /etc/bumblebee not found. Warning: skipping bumblebee for private /etc Warning: file /etc/crypto-policies not found. Warning: skipping crypto-policies for private /etc Warning: file /etc/drirc not found. Warning: skipping drirc for private /etc Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown, Using the local network stack Initializing child process PID namespace installed Mounting tmpfs on /run/firejail/mnt directory Creating empty /run/firejail/mnt/seccomp directory Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file Build protocol filter: unix,inet,inet6,netlink sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol Mounting /proc filesystem representing the PID namespace Basic read-only filesystem: Mounting read-only /etc 451 408 259:3 /etc /etc ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=451 fsname=/etc dir=/etc fstype=ext4 Mounting noexec /etc 452 451 259:3 /etc /etc ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=452 fsname=/etc dir=/etc fstype=ext4 Mounting read-only /var 453 408 259:3 /var /var ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=453 fsname=/var dir=/var fstype=ext4 Mounting noexec /var 454 453 259:3 /var /var ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=454 fsname=/var dir=/var fstype=ext4 Mounting read-only /usr 457 455 8:1 / /usr/games/Games-HDD rw,relatime master:116 - ext4 /dev/sda1 rw mountid=457 fsname=/ dir=/usr/games/Games-HDD fstype=ext4 Mounting read-only /usr/games/Games-SSD 458 456 259:4 / /usr/games/Games-SSD ro,noatime master:108 - ext4 /dev/nvme0n1p4 rw mountid=458 fsname=/ dir=/usr/games/Games-SSD fstype=ext4 Mounting read-only /usr/games/Games-HDD 459 457 8:1 / /usr/games/Games-HDD ro,relatime master:116 - ext4 /dev/sda1 rw mountid=459 fsname=/ dir=/usr/games/Games-HDD fstype=ext4 Mounting tmpfs on /var/lock Mounting tmpfs on /var/tmp Mounting tmpfs on /var/log Create the new utmp file Mount the new utmp file Cleaning /home directory Cleaning /run/user directory Sanitizing /etc/passwd, UID_MIN 1000 Sanitizing /etc/group, GID_MIN 1000 Disable /run/firejail/network Disable /run/firejail/bandwidth Disable /run/firejail/name Disable /run/firejail/profile Disable /run/firejail/x11 Mounting tmpfs on /dev mounting /run/firejail/mnt/dev/snd directory mounting /run/firejail/mnt/dev/dri directory Process /dev/shm directory Generate private-tmp whitelist commands blacklist /run/firejail/dbus Mounting read-only /proc/sys Remounting /sys directory Disable /sys/firmware Disable /sys/hypervisor Disable /sys/power Disable /sys/kernel/debug Disable /sys/kernel/vmcoreinfo Disable /proc/sys/fs/binfmt_misc Disable /proc/sys/kernel/core_pattern Disable /proc/sys/kernel/modprobe Disable /proc/sysrq-trigger Disable /proc/sys/vm/panic_on_oom Disable /proc/irq Disable /proc/bus Disable /proc/sched_debug Disable /proc/timer_list Disable /proc/kcore Disable /proc/kallsyms Disable /usr/lib/modules (requested /lib/modules) Disable /boot Disable /run/user/1001/gnupg Disable /run/user/1001/systemd Disable /proc/kmsg Copying files in the new /etc directory: copying /etc/ca-certificates to private /etc Creating empty /run/firejail/mnt/etc/ca-certificates directory sbox run: /run/firejail/lib/fcopy /etc/ca-certificates /run/firejail/mnt/etc/ca-certificates copying /etc/dbus-1 to private /etc Creating empty /run/firejail/mnt/etc/dbus-1 directory sbox run: /run/firejail/lib/fcopy /etc/dbus-1 /run/firejail/mnt/etc/dbus-1 copying /etc/fonts to private /etc Creating empty /run/firejail/mnt/etc/fonts directory sbox run: /run/firejail/lib/fcopy /etc/fonts /run/firejail/mnt/etc/fonts copying /etc/group to private /etc sbox run: /run/firejail/lib/fcopy /etc/group /run/firejail/mnt/etc copying /etc/gtk-2.0 to private /etc Creating empty /run/firejail/mnt/etc/gtk-2.0 directory sbox run: /run/firejail/lib/fcopy /etc/gtk-2.0 /run/firejail/mnt/etc/gtk-2.0 copying /etc/gtk-3.0 to private /etc Creating empty /run/firejail/mnt/etc/gtk-3.0 directory sbox run: /run/firejail/lib/fcopy /etc/gtk-3.0 /run/firejail/mnt/etc/gtk-3.0 copying /etc/host.conf to private /etc sbox run: /run/firWarning: file /etc/nvidia not found. Warning: skipping nvidia for private /etc Warning: file /etc/pki not found. Warning: skipping pki for private /etc Private /etc installed in 52.32 ms ejail/lib/fcopy /etc/host.conf /run/firejail/mnt/etc copying /etc/hostname to private /etc sbox run: /run/firejail/lib/fcopy /etc/hostname /run/firejail/mnt/etc copying /etc/hosts to private /etc sbox run: /run/firejail/lib/fcopy /etc/hosts /run/firejail/mnt/etc copying /etc/ld.so.cache to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.cache /run/firejail/mnt/etc copying /etc/ld.so.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf /run/firejail/mnt/etc copying /etc/ld.so.conf.d to private /etc Creating empty /run/firejail/mnt/etc/ld.so.conf.d directory sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf.d /run/firejail/mnt/etc/ld.so.conf.d copying /etc/ld.so.preload to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.preload /run/firejail/mnt/etc copying /etc/localtime to private /etc sbox run: /run/firejail/lib/fcopy /etc/localtime /run/firejail/mnt/etc copying /etc/lsb-release to private /etc sbox run: /run/firejail/lib/fcopy /etc/lsb-release /run/firejail/mnt/etc copying /etc/machine-id to private /etc sbox run: /run/firejail/lib/fcopy /etc/machine-id /run/firejail/mnt/etc copying /etc/mime.types to private /etc sbox run: /run/firejail/lib/fcopy /etc/mime.types /run/firejail/mnt/etc copying /etc/os-release to private /etc sbox run: /run/firejail/lib/fcopy /etc/os-release /run/firejail/mnt/etc copying /etc/passwd to private /etc sbox run: /run/firejail/lib/fcopy /etc/passwd /run/firejail/mnt/etc copying /etc/pulse to private /etc Creating empty /run/firejail/mnt/etc/pulse directory sbox run: /run/firejail/lib/fcopy /etc/pulse /run/firejail/mnt/etc/pulse copying /etc/resolv.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/resolv.conf /run/firejail/mnt/etc copying /etc/services to private /etc sbox run: /run/firejail/lib/fcopy /etc/services /run/firejail/mnt/etc copying /etc/ssl to private /etc Creating empty /run/firejail/mnt/etc/ssl directory sbox run: /run/firejail/lib/fcopy /etc/ssl /run/firejail/mnt/etc/ssl Mount-bind /run/firejail/mnt/etc on top of /etc Debug 456: new_name #/home/oneric/.config/unity3d#, whitelist Debug 571: fname #/home/oneric/.config/unity3d#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.killingfloor#, whitelist Debug 571: fname #/home/oneric/.killingfloor#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/3909/PapersPlease#, whitelist Debug 571: fname #/home/oneric/.local/share/3909/PapersPlease#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/aspyr-media#, whitelist Debug 571: fname #/home/oneric/.local/share/aspyr-media#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/cdprojektred#, whitelist Debug 571: fname #/home/oneric/.local/share/cdprojektred#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/FasterThanLight#, whitelist Debug 571: fname #/home/oneric/.local/share/FasterThanLight#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/feral-interactive#, whitelist Debug 571: fname #/home/oneric/.local/share/feral-interactive#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/IntoTheBreach#, whitelist Debug 571: fname #/home/oneric/.local/share/IntoTheBreach#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/Paradox Interactive#, whitelist Debug 571: fname #/home/oneric/.local/share/Paradox Interactive#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/Steam#, whitelist Debug 571: fname #/usr/games/Games-SSD/Steam-Runtime/local-share-Steam#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/SuperHexagon#, whitelist Debug 571: fname #/home/oneric/.local/share/SuperHexagon#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/Terraria#, whitelist Debug 571: fname #/home/oneric/.local/share/Terraria#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/vpltd#, whitelist Debug 571: fname #/home/oneric/.local/share/vpltd#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/vulkan#, whitelist Debug 571: fname #/home/oneric/.local/share/vulkan#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.mbwarband#, whitelist Debug 571: fname #/home/oneric/.mbwarband#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.paradoxinteractive#, whitelist Debug 571: fname #/home/oneric/.paradoxinteractive#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.steam#, whitelist Debug 571: fname #/usr/games/Games-SSD/Steam-Runtime/.steam#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.steampath#, whitelist Cannot find /usr/etc Replaced whitelist path: whitelist /home/oneric/.config/unity3d Replaced whitelist path: whitelist /home/oneric/.killingfloor Replaced whitelist path: whitelist /home/oneric/.local/share/3909/PapersPlease Replaced whitelist path: whitelist /home/oneric/.local/share/aspyr-media Replaced whitelist path: whitelist /home/oneric/.local/share/cdprojektred Replaced whitelist path: whitelist /home/oneric/.local/share/FasterThanLight Replaced whitelist path: whitelist /home/oneric/.local/share/feral-interactive Replaced whitelist path: whitelist /home/oneric/.local/share/IntoTheBreach Replaced whitelist path: whitelist /home/oneric/.local/share/Paradox Interactive Replaced whitelist path: whitelist /usr/games/Games-SSD/Steam-Runtime/local-share-Steam Replaced whitelist path: whitelist /home/oneric/.local/share/SuperHexagon Replaced whitelist path: whitelist /home/oneric/.local/share/Terraria Replaced whitelist path: whitelist /home/oneric/.local/share/vpltd Replaced whitelist path: whitelist /home/oneric/.local/share/vulkan Replaced whitelist path: whitelist /home/oneric/.mbwarband Replaced whitelist path: whitelist /home/oneric/.paradoxinteractive Replaced whitelist path: whitelist /usr/games/Games-SSD/Steam-Runtime/.steam Removed whitelist/nowhitelist path: whitelist ${HOME}/.steampath expanded: /home/oneric/.steampath real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.steampid#, whitelist Debug 571: fname #/usr/games/Games-SSD/Steam-Runtime/.steam/steam.pid#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.XCompose#, whitelist Replaced whitelist path: whitelist /usr/games/Games-SSD/Steam-Runtime/.steam/steam.pid Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose expanded: /home/oneric/.XCompose real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.asoundrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc expanded: /home/oneric/.asoundrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/ibus#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ibus expanded: /home/oneric/.config/ibus real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/mimeapps.list#, whitelist Debug 571: fname #/home/oneric/.config/mimeapps.list#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.config/pkcs11#, whitelist Replaced whitelist path: whitelist /home/oneric/.config/mimeapps.list Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11 expanded: /home/oneric/.config/pkcs11 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/user-dirs.dirs#, whitelist Debug 571: fname #/home/oneric/.config/user-dirs.dirs#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.config/user-dirs.locale#, whitelist Debug 571: fname #/home/oneric/.config/user-dirs.locale#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.drirc#, whitelist Replaced whitelist path: whitelist /home/oneric/.config/user-dirs.dirs Replaced whitelist path: whitelist /home/oneric/.config/user-dirs.locale Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc expanded: /home/oneric/.drirc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons expanded: /home/oneric/.icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.local/share/applications#, whitelist Debug 571: fname #/home/oneric/.local/share/applications#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/icons#, whitelist Debug 571: fname #/home/oneric/.local/share/icons#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.local/share/mime#, whitelist Debug 571: fname #/home/oneric/.local/share/mime#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.mime.types#, whitelist Replaced whitelist path: whitelist /home/oneric/.local/share/applications Replaced whitelist path: whitelist /home/oneric/.local/share/icons Replaced whitelist path: whitelist /home/oneric/.local/share/mime Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types expanded: /home/oneric/.mime.types real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.uim.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d expanded: /home/oneric/.uim.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/dconf#, whitelist Debug 571: fname #/home/oneric/.config/dconf#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.cache/fontconfig#, whitelist Debug 571: fname #/home/oneric/.cache/fontconfig#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.config/fontconfig#, whitelist Replaced whitelist path: whitelist /home/oneric/.config/dconf Replaced whitelist path: whitelist /home/oneric/.cache/fontconfig Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/fontconfig expanded: /home/oneric/.config/fontconfig real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.fontconfig#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig expanded: /home/oneric/.fontconfig real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.fonts#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts expanded: /home/oneric/.fonts real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.fonts.conf#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf expanded: /home/oneric/.fonts.conf real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.fonts.conf.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d expanded: /home/oneric/.fonts.conf.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.fonts.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d expanded: /home/oneric/.fonts.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.local/share/fonts#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/fonts expanded: /home/oneric/.local/share/fonts real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.pangorc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc expanded: /home/oneric/.pangorc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/gtk-2.0#, whitelist Debug 571: fname #/home/oneric/.config/gtk-2.0#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.config/gtk-3.0#, whitelist Debug 571: fname #/home/oneric/.config/gtk-3.0#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.config/gtk-4.0#, whitelist Replaced whitelist path: whitelist /home/oneric/.config/gtk-2.0 Replaced whitelist path: whitelist /home/oneric/.config/gtk-3.0 Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0 expanded: /home/oneric/.config/gtk-4.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc expanded: /home/oneric/.config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc-2.0 expanded: /home/oneric/.config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.gnome2#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2 expanded: /home/oneric/.gnome2 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.gnome2-private#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private expanded: /home/oneric/.gnome2-private real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.gtk-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0 expanded: /home/oneric/.gtk-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc expanded: /home/oneric/.gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc-2.0 expanded: /home/oneric/.gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc expanded: /home/oneric/.kde/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0 expanded: /home/oneric/.kde/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde4/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc expanded: /home/oneric/.kde4/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde4/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0 expanded: /home/oneric/.kde4/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.local/share/themes#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes expanded: /home/oneric/.local/share/themes real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.themes#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes expanded: /home/oneric/.themes real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.cache/kioexec/krun#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun expanded: /home/oneric/.cache/kioexec/krun real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/Kvantum#, whitelist Debug 571: fname #/home/oneric/.config/Kvantum#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.config/Trolltech.conf#, whitelist Replaced whitelist path: whitelist /home/oneric/.config/Kvantum Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Trolltech.conf expanded: /home/oneric/.config/Trolltech.conf real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kdeglobals expanded: /home/oneric/.config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kio_httprc expanded: /home/oneric/.config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc expanded: /home/oneric/.config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist expanded: /home/oneric/.config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.config/qt5ct#, whitelist Debug 571: fname #/home/oneric/.config/qt5ct#, cfg.homedir #/home/oneric# Debug 456: new_name #/home/oneric/.kde/share/config/kdeglobals#, whitelist Replaced whitelist path: whitelist /home/oneric/.config/qt5ct Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals expanded: /home/oneric/.kde/share/config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc expanded: /home/oneric/.kde/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc expanded: /home/oneric/.kde/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist expanded: /home/oneric/.kde/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc expanded: /home/oneric/.kde/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons expanded: /home/oneric/.kde/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde4/share/config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals expanded: /home/oneric/.kde4/share/config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde4/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc expanded: /home/oneric/.kde4/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde4/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc expanded: /home/oneric/.kde4/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde4/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist expanded: /home/oneric/.kde4/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde4/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc expanded: /home/oneric/.kde4/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.kde4/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons expanded: /home/oneric/.kde4/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/oneric/.local/share/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct expanded: /home/oneric/.local/share/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/ca-certificates#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates expanded: /var/lib/ca-certificates real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/dbus#, whitelist Debug 456: new_name #/var/lib/menu-xdg#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg expanded: /var/lib/menu-xdg real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/uim#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/uim expanded: /var/lib/uim real path: (null) realpath: No such file or directory Debug 456: new_name #/var/cache/fontconfig#, whitelist Debug 456: new_name #/var/tmp#, whitelist Debug 456: new_name #/var/run#, whitelist Debug 456: new_name #/var/lock#, whitelist Debug 456: new_name #/tmp/.X11-unix#, whitelist Replaced whitelist path: whitelist /run Replaced whitelist path: whitelist /run/lock Mounting tmpfs on /tmp directory Mounting tmpfs on /var directory Mounting a new /root directory Mounting a new /home directory Create a new user directory Whitelisting /home/oneric/.config/unity3d 589 588 259:3 /home/oneric/.config/unity3d /home/oneric/.config/unity3d rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=589 fsname=/home/oneric/.config/unity3d dir=/home/oneric/.config/unity3d fstype=ext4 Whitelisting /home/oneric/.killingfloor 590 588 259:3 /home/oneric/.killingfloor /home/oneric/.killingfloor rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=590 fsname=/home/oneric/.killingfloor dir=/home/oneric/.killingfloor fstype=ext4 Whitelisting /home/oneric/.local/share/3909/PapersPlease 591 588 259:3 /home/oneric/.local/share/3909/PapersPlease /home/oneric/.local/share/3909/PapersPlease rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=591 fsname=/home/oneric/.local/share/3909/PapersPlease dir=/home/oneric/.local/share/3909/PapersPlease fstype=ext4 Whitelisting /home/oneric/.local/share/aspyr-media 592 588 259:3 /home/oneric/.local/share/aspyr-media /home/oneric/.local/share/aspyr-media rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=592 fsname=/home/oneric/.local/share/aspyr-media dir=/home/oneric/.local/share/aspyr-media fstype=ext4 Whitelisting /home/oneric/.local/share/cdprojektred 593 588 259:3 /home/oneric/.local/share/cdprojektred /home/oneric/.local/share/cdprojektred rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=593 fsname=/home/oneric/.local/share/cdprojektred dir=/home/oneric/.local/share/cdprojektred fstype=ext4 Whitelisting /home/oneric/.local/share/FasterThanLight 594 588 259:3 /home/oneric/.local/share/FasterThanLight /home/oneric/.local/share/FasterThanLight rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=594 fsname=/home/oneric/.local/share/FasterThanLight dir=/home/oneric/.local/share/FasterThanLight fstype=ext4 Whitelisting /home/oneric/.local/share/feral-interactive 595 588 259:3 /home/oneric/.local/share/feral-interactive /home/oneric/.local/share/feral-interactive rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=595 fsname=/home/oneric/.local/share/feral-interactive dir=/home/oneric/.local/share/feral-interactive fstype=ext4 Whitelisting /home/oneric/.local/share/IntoTheBreach 596 588 259:3 /home/oneric/.local/share/IntoTheBreach /home/oneric/.local/share/IntoTheBreach rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=596 fsname=/home/oneric/.local/share/IntoTheBreach dir=/home/oneric/.local/share/IntoTheBreach fstype=ext4 Whitelisting /home/oneric/.local/share/Paradox Interactive 597 588 259:3 /home/oneric/.local/share/Paradox\040Interactive /home/oneric/.local/share/Paradox\040Interactive rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=597 fsname=/home/oneric/.local/share/Paradox Interactive dir=/home/oneric/.local/share/Paradox Interactive fstype=ext4 Created symbolic link /home/oneric/.local/share/Steam -> /usr/games/Games-SSD/Steam-Runtime/local-share-Steam Whitelisting /home/oneric/.local/share/SuperHexagon 601 588 259:3 /home/oneric/.local/share/SuperHexagon /home/oneric/.local/share/SuperHexagon rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=601 fsname=/home/oneric/.local/share/SuperHexagon dir=/home/oneric/.local/share/SuperHexagon fstype=ext4 Whitelisting /home/oneric/.local/share/Terraria 602 588 259:3 /home/oneric/.local/share/Terraria /home/oneric/.local/share/Terraria rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=602 fsname=/home/oneric/.local/share/Terraria dir=/home/oneric/.local/share/Terraria fstype=ext4 Whitelisting /home/oneric/.local/share/vpltd 614 588 259:3 /home/oneric/.local/share/vpltd /home/oneric/.local/share/vpltd rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=614 fsname=/home/oneric/.local/share/vpltd dir=/home/oneric/.local/share/vpltd fstype=ext4 Whitelisting /home/oneric/.local/share/vulkan 615 588 259:3 /home/oneric/.local/share/vulkan /home/oneric/.local/share/vulkan rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=615 fsname=/home/oneric/.local/share/vulkan dir=/home/oneric/.local/share/vulkan fstype=ext4 Whitelisting /home/oneric/.mbwarband 635 588 259:3 /home/oneric/.mbwarband /home/oneric/.mbwarband rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=635 fsname=/home/oneric/.mbwarband dir=/home/oneric/.mbwarband fstype=ext4 Whitelisting /home/oneric/.paradoxinteractive 636 588 259:3 /home/oneric/.paradoxinteractive /home/oneric/.paradoxinteractive rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=636 fsname=/home/oneric/.paradoxinteractive dir=/home/oneric/.paradoxinteractive fstype=ext4 Created symbolic link /home/oneric/.steam -> /usr/games/Games-SSD/Steam-Runtime/.steam Created symbolic link /home/oneric/.steampid -> /usr/games/Games-SSD/Steam-Runtime/.steam/steam.pid Whitelisting /home/oneric/.config/mimeapps.list 673 588 259:3 /home/oneric/.config/mimeapps.list /home/oneric/.config/mimeapps.list rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=673 fsname=/home/oneric/.config/mimeapps.list dir=/home/oneric/.config/mimeapps.list fstype=ext4 Whitelisting /home/oneric/.config/user-dirs.dirs 674 588 259:3 /home/oneric/.config/user-dirs.dirs /home/oneric/.config/user-dirs.dirs rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=674 fsname=/home/oneric/.config/user-dirs.dirs dir=/home/oneric/.config/user-dirs.dirs fstype=ext4 Whitelisting /home/oneric/.config/user-dirs.locale 714 588 259:3 /home/oneric/.config/user-dirs.locale /home/oneric/.config/user-dirs.locale rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=714 fsname=/home/oneric/.config/user-dirs.locale dir=/home/oneric/.config/user-dirs.locale fstype=ext4 Whitelisting /home/oneric/.local/share/applications 715 588 259:3 /home/oneric/.local/share/applications /home/oneric/.local/share/applications rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=715 fsname=/home/oneric/.local/share/applications dir=/home/oneric/.local/share/applications fstype=ext4 Whitelisting /home/oneric/.local/share/icons 758 588 259:3 /home/oneric/.local/share/icons /home/oneric/.local/share/icons rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=758 fsname=/home/oneric/.local/share/icons dir=/home/oneric/.local/share/icons fstype=ext4 Whitelisting /home/oneric/.local/share/mime 759 588 259:3 /home/oneric/.local/share/mime /home/oneric/.local/share/mime rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=759 fsname=/home/oneric/.local/share/mime dir=/home/oneric/.local/share/mime fstype=ext4 Whitelisting /home/oneric/.config/dconf 810 588 259:3 /home/oneric/.config/dconf /home/oneric/.config/dconf rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=810 fsname=/home/oneric/.config/dconf dir=/home/oneric/.config/dconf fstype=ext4 Whitelisting /home/oneric/.cache/fontconfig 811 588 259:3 /home/oneric/.cache/fontconfig /home/oneric/.cache/fontconfig rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=811 fsname=/home/oneric/.cache/fontconfig dir=/home/oneric/.cache/fontconfig fstype=ext4 Whitelisting /home/oneric/.config/gtk-2.0 812 588 259:3 /home/oneric/.config/gtk-2.0 /home/oneric/.config/gtk-2.0 rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=812 fsname=/home/oneric/.config/gtk-2.0 dir=/home/oneric/.config/gtk-2.0 fstype=ext4 Whitelisting /home/oneric/.config/gtk-3.0 813 588 259:3 /home/oneric/.config/gtk-3.0 /home/oneric/.config/gtk-3.0 rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=813 fsname=/home/oneric/.config/gtk-3.0 dir=/home/oneric/.config/gtk-3.0 fstype=ext4 Whitelisting /home/oneric/.config/Kvantum 814 588 259:3 /home/oneric/.config/Kvantum /home/oneric/.config/Kvantum rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=814 fsname=/home/oneric/.config/Kvantum dir=/home/oneric/.config/Kvantum fstype=ext4 Whitelisting /home/oneric/.config/qt5ct 815 588 259:3 /home/oneric/.config/qt5ct /home/oneric/.config/qt5ct rw,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=815 fsname=/home/oneric/.config/qt5ct dir=/home/oneric/.config/qt5ct fstype=ext4 Whitelisting /var/lib/dbus 816 585 259:3 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=816 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4 Whitelisting /var/cache/fontconfig 817 585 259:3 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=817 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4 Whitelisting /var/tmp 818 585 0:55 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64 mountid=818 fsname=/ dir=/var/tmp fstype=tmpfs Created symbolic link /var/run -> /run Created symbolic link /var/lock -> /run/lock Whitelisting /tmp/.X11-unix 819 581 8:6 /.X11-unix /tmp/.X11-unix rw,noatime master:120 - ext4 /dev/sda6 rw mountid=819 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=ext4 Mounting read-only /home/oneric/.Xauthority 823 588 0:67 /oneric/.Xauthority /home/oneric/.Xauthority ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=823 fsname=/oneric/.Xauthority dir=/home/oneric/.Xauthority fstype=tmpfs Mounting read-only /home/oneric/.config/dconf 824 810 259:3 /home/oneric/.config/dconf /home/oneric/.config/dconf ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=824 fsname=/home/oneric/.config/dconf dir=/home/oneric/.config/dconf fstype=ext4 Disable /usr/bin/systemd-run Disable /usr/bin/systemd-run (requested /bin/systemd-run) Disable /run/user/1001/systemd Mounting read-only /home/oneric/.local/share/applications 828 715 259:3 /home/oneric/.local/share/applications /home/oneric/.local/share/applications ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=828 fsname=/home/oneric/.local/share/applications dir=/home/oneric/.local/share/applications fstype=ext4 Mounting read-only /home/oneric/.config/mimeapps.list 829 673 259:3 /home/oneric/.config/mimeapps.list /home/oneric/.config/mimeapps.list ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=829 fsname=/home/oneric/.config/mimeapps.list dir=/home/oneric/.config/mimeapps.list fstype=ext4 Mounting read-only /home/oneric/.config/user-dirs.dirs 830 674 259:3 /home/oneric/.config/user-dirs.dirs /home/oneric/.config/user-dirs.dirs ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=830 fsname=/home/oneric/.config/user-dirs.dirs dir=/home/oneric/.config/user-dirs.dirs fstype=ext4 Mounting read-only /home/oneric/.config/user-dirs.locale 831 714 259:3 /home/oneric/.config/user-dirs.locale /home/oneric/.config/user-dirs.locale ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=831 fsname=/home/oneric/.config/user-dirs.locale dir=/home/oneric/.config/user-dirs.locale fstype=ext4 Mounting read-only /home/oneric/.local/share/mime 832 759 259:3 /home/oneric/.local/share/mime /home/oneric/.local/share/mime ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=832 fsname=/home/oneric/.local/share/mime dir=/home/oneric/.local/share/mime fstype=ext4 Not blacklist /sbin Disable /usr/local/sbin Not blacklist /usr/sbin Disable /usr/bin/chage Disable /usr/bin/chage (requested /bin/chage) Disable /usr/bin/chfn Disable /usr/bin/chfn (requested /bin/chfn) Disable /usr/bin/chsh Disable /usr/bin/chsh (requested /bin/chsh) Disable /usr/bin/crontab Disable /usr/bin/crontab (requested /bin/crontab) Disable /usr/bin/evtest Disable /usr/bin/evtest (requested /bin/evtest) Disable /usr/bin/expiry Disable /usr/bin/expiry (requested /bin/expiry) Disable /usr/bin/fusermount Disable /usr/bin/fusermount (requested /bin/fusermount) Disable /usr/bin/gksu-polkit (requested /usr/bin/gksu) Disable /usr/bin/gksu-polkit (requested /bin/gksu) Disable /usr/bin/gpasswd Disable /usr/bin/gpasswd (requested /bin/gpasswd) Disable /usr/bin/ksu Disable /usr/bin/ksu (requested /bin/ksu) Disable /usr/bin/mount Disable /usr/bin/mount (requested /bin/mount) Disable /usr/bin/mount.ecryptfs_private Disable /usr/bin/mount.ecryptfs_private (requested /bin/mount.ecryptfs_private) Disable /usr/bin/nc Disable /usr/bin/nc (requested /bin/nc) Disable /usr/bin/newgidmap Disable /usr/bin/newgidmap (requested /bin/newgidmap) Disable /usr/bin/newgrp Disable /usr/bin/newgrp (requested /bin/newgrp) Disable /usr/bin/newuidmap Disable /usr/bin/newuidmap (requested /bin/newuidmap) Disable /usr/bin/ntfs-3g Disable /usr/bin/ntfs-3g (requested /bin/ntfs-3g) Disable /usr/bin/pkexec Disable /usr/bin/pkexec (requested /bin/pkexec) Disable /usr/bin/sg Disable /usr/bin/sg (requested /bin/sg) Disable /usr/bin/su Disable /usr/bin/su (requested /bin/su) Disable /usr/bin/sudo Disable /usr/bin/sudo (requested /bin/sudo) Disable /usr/bin/umount Disable /usr/bin/umount (requested /bin/umount) Disable /usr/bin/unix_chkpwd Disable /usr/bin/unix_chkpwd (requested /bin/unix_chkpwd) Disable /usr/bin/xev Disable /usr/bin/xev (requested /bin/xev) Disable /usr/lib/virtualbox Disable /usr/lib/virtualbox (requested /usr/lib64/virtualbox) Disable /usr/bin/xfce4-terminal Disable /usr/bin/xfce4-terminal (requested /bin/xfce4-terminal) Disable /usr/bin/bwrap Disable /usr/bin/bwrap (requested /bin/bwrap) Disable /proc/config.gz Disable /usr/bin/resolvectl Disable /usr/bin/resolvectl (requested /bin/resolvectl) Disable /usr/bin/as Disable /usr/bin/as (requested /bin/as) Disable /usr/bin/gcc (requested /usr/bin/cc) Disable /usr/bin/gcc (requested /bin/cc) Disable /usr/bin/c++ Disable /usr/bin/c++filt Disable /usr/bin/c++ (requested /bin/c++) Disable /usr/bin/c++filt (requested /bin/c++filt) Disable /usr/bin/c89 Disable /usr/bin/c89 (requested /bin/c89) Disable /usr/bin/c99 Disable /usr/bin/c99 (requested /bin/c99) Disable /usr/bin/cpp Disable /usr/bin/cpp (requested /bin/cpp) Disable /usr/bin/g++ Disable /usr/bin/g++ (requested /bin/g++) Disable /usr/bin/gcc-ranlib Disable /usr/bin/gcc-nm Disable /usr/bin/gcc Disable /usr/bin/gcc-ar Disable /usr/bin/gcc-ranlib (requested /bin/gcc-ranlib) Disable /usr/bin/gcc-nm (requested /bin/gcc-nm) Disable /usr/bin/gcc (requested /bin/gcc) Disable /usr/bin/gcc-ar (requested /bin/gcc-ar) Disable /usr/bin/ld Disable /usr/bin/ld (requested /bin/ld) Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 (requested /bin/x86_64-pc-linux-gnu-gcc-10.2.0) Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib (requested /bin/x86_64-pc-linux-gnu-gcc-ranlib) Disable /usr/bin/x86_64-pc-linux-gnu-gcc (requested /bin/x86_64-pc-linux-gnu-gcc) Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm (requested /bin/x86_64-pc-linux-gnu-gcc-nm) Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar (requested /bin/x86_64-pc-linux-gnu-gcc-ar) Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/bin/x86_64-pc-linux-gnu-g++ (requested /bin/x86_64-pc-linux-gnu-g++) Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 (requested /bin/x86_64-pc-linux-gnu-gcc-10.2.0) Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib (requested /bin/x86_64-pc-linux-gnu-gcc-ranlib) Disable /usr/bin/x86_64-pc-linux-gnu-gcc (requested /bin/x86_64-pc-linux-gnu-gcc) Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm (requested /bin/x86_64-pc-linux-gnu-gcc-nm) Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar (requested /bin/x86_64-pc-linux-gnu-gcc-ar) Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/bin/x86_64-pc-linux-gnu-g++ (requested /bin/x86_64-pc-linux-gnu-g++) Disable /usr/lib/go/bin/go (requested /usr/bin/go) Disable /usr/lib/go/bin/go (requested /bin/go) Disable /usr/lib/go/bin/gofmt (requested /usr/bin/gofmt) Disable /usr/lib/go/bin/gofmt (requested /bin/gofmt) Not blacklist /home/oneric/bin/java Not blacklist /home/oneric/.local/bin/java Not blacklist /usr/local/bin/java Not blacklist /usr/bin/java Not blacklist /bin/java Not blacklist /usr/local/sbin/java Not blacklist /usr/bin/site_perl/java Not blacklist /usr/bin/vendor_perl/java Not blacklist /usr/bin/core_perl/java Not blacklist /etc/java Not blacklist /usr/lib/java Not blacklist /usr/share/java Disable /usr/bin/openssl Disable /usr/bin/openssl (requested /bin/openssl) Disable /usr/bin/openssl-1.0 Disable /usr/bin/openssl-1.0 (requested /bin/openssl-1.0) Disable /usr/bin/rust-gdb Disable /usr/bin/rust-gdb (requested /bin/rust-gdb) Disable /usr/bin/rust-lldb Disable /usr/bin/rust-lldb (requested /bin/rust-lldb) Disable /usr/bin/rustc Disable /usr/bin/rustc (requested /bin/rustc) Disable /usr/src Disable /usr/local/src Disable /usr/include Disable /usr/local/include Disable /usr/bin/luac Disable /usr/bin/luac5.2 Disable /usr/bin/lua Disable /usr/bin/lua (requested /usr/bin/lua5.4) Disable /usr/bin/luajit-2.0.5 Disable /usr/bin/lua5.2 Disable /usr/bin/luajit-2.0.5 (requested /usr/bin/luajit) Disable /usr/bin/luac (requested /usr/bin/luac5.4) Disable /usr/bin/luac (requested /bin/luac) Disable /usr/bin/luac5.2 (requested /bin/luac5.2) Disable /usr/bin/lua (requested /bin/lua) Disable /usr/bin/lua (requested /bin/lua5.4) Disable /usr/bin/luajit-2.0.5 (requested /bin/luajit-2.0.5) Disable /usr/bin/lua5.2 (requested /bin/lua5.2) Disable /usr/bin/luajit-2.0.5 (requested /bin/luajit) Disable /usr/bin/luac (requested /bin/luac5.4) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2) Disable /usr/lib/liblua.so.5.4.1 Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2) Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua5.4.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so.2) Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so) Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so.5.4) Disable /usr/lib/liblua5.2.so.5.2.4 Disable /usr/lib/libluajit-5.1.so.2.0.5 Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so) Disable /usr/lib/lua Disable /usr/share/lua Disable /usr/share/luajit-2.0.5 Disable /usr/lib/libmozjs-68.so (requested /usr/lib64/libmozjs-68.so) Disable /usr/lib/libmozjs-60.so (requested /usr/lib64/libmozjs-60.so) Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so) Disable /usr/bin/node Disable /usr/bin/node (requested /bin/node) Disable /usr/bin/core_perl/cpan Disable /usr/bin/core_perl Disable /usr/bin/core_perl (requested /bin/core_perl) Disable /usr/bin/perl Disable /usr/bin/perl (requested /bin/perl) Disable /usr/bin/site_perl Disable /usr/bin/site_perl (requested /bin/site_perl) Disable /usr/bin/vendor_perl Disable /usr/bin/vendor_perl (requested /bin/vendor_perl) Disable /usr/lib/perl5 Disable /usr/share/perl5 Disable /usr/bin/ruby Disable /usr/bin/ruby (requested /bin/ruby) Disable /usr/lib/ruby Not blacklist /home/oneric/bin/python2* Not blacklist /home/oneric/.local/bin/python2* Not blacklist /usr/local/bin/python2* Not blacklist /usr/bin/python2.7 Not blacklist /usr/bin/python2 Not blacklist /usr/bin/python2.7-config Not blacklist /usr/bin/python2-config Not blacklist /bin/python2.7 Not blacklist /bin/python2 Not blacklist /bin/python2.7-config Not blacklist /bin/python2-config Not blacklist /usr/local/sbin/python2* Not blacklist /usr/bin/site_perl/python2* Not blacklist /usr/bin/vendor_perl/python2* Not blacklist /usr/bin/core_perl/python2* Not blacklist /usr/include/python2* Not blacklist /usr/lib/python2.7 Not blacklist /usr/local/lib/python2* Not blacklist /usr/share/python2* Not blacklist /home/oneric/bin/python3* Not blacklist /home/oneric/.local/bin/python3* Not blacklist /usr/local/bin/python3* Not blacklist /usr/bin/python3.8-config Not blacklist /usr/bin/python3.8 Not blacklist /usr/bin/python3 Not blacklist /usr/bin/python3-config Not blacklist /bin/python3.8-config Not blacklist /bin/python3.8 Not blacklist /bin/python3 Not blacklist /bin/python3-config Not blacklist /usr/local/sbin/python3* Not blacklist /usr/bin/site_perl/python3* Not blacklist /usr/bin/vendor_perl/python3* Not blacklist /usr/bin/core_perl/python3* Not blacklist /usr/include/python3* Not blacklist /usr/lib/python3.8 Not blacklist /usr/lib64/python3.8 Not blacklist /usr/local/lib/python3* Not blacklist /usr/share/python3* Not blacklist /home/oneric/.java DISPLAY=:0.0 parsed as 0 line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 04 00 c000003e jeq ARCH_64 0006 (false 0002) 0002: 20 00 00 00000000 ld data.syscall-number 0003: 15 01 00 00000167 jeq unknown 0005 (false 0004) 0004: 06 00 00 7fff0000 ret ALLOW 0005: 05 00 00 00000006 jmp 000c 0006: 20 00 00 00000004 ld data.architecture 0007: 15 01 00 c000003e jeq ARCH_64 0009 (false 0008) 0008: 06 00 00 7fff0000 ret ALLOW 0009: 20 00 00 00000000 ld data.syscall-number 000a: 15 01 00 00000029 jeq socket 000c (false 000b) 000b: 06 00 00 7fff0000 ret ALLOW 000c: 20 00 00 00000010 ld data.args[0] 000d: 15 00 01 00000001 jeq 1 000e (false 000f) 000e: 06 00 00 7fff0000 ret ALLOW 000f: 15 00 01 00000002 jeq 2 0010 (false 0011) 0010: 06 00 00 7fff0000 ret ALLOW 0011: 15 00 01 0000000a jeq a 0012 (false 0013) 0012: 06 00 00 7fff0000 ret ALLOW 0013: 15 00 01 00000010 jeq 10 0014 (false 0015) 0014: 06 00 00 7fff0000 ret ALLOW 0015: 06 00 00 0005005f ret ERRNO(95) line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 40000003 jeq ARCH_32 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 15 00 01 00000015 jeq 15 0005 (false 0006) 0005: 06 00 00 00000001 ret KILL 0006: 15 00 01 00000034 jeq 34 0007 (false 0008) 0007: 06 00 00 00000001 ret KILL 0008: 15 00 01 0000001a jeq 1a 0009 (false 000a) 0009: 06 00 00 00000001 ret KILL 000a: 15 00 01 0000011b jeq 11b 000b (false 000c) 000b: 06 00 00 00000001 ret KILL 000c: 15 00 01 00000155 jeq 155 000d (false 000e) 000d: 06 00 00 00000001 ret KILL 000e: 15 00 01 00000156 jeq 156 000f (false 0010) 000f: 06 00 00 00000001 ret KILL 0010: 15 00 01 0000007f jeq 7f 0011 (false 0012) 0011: 06 00 00 00000001 ret KILL 0012: 15 00 01 00000080 jeq 80 0013 (false 0014) 0013: 06 00 00 00000001 ret KILL 0014: 15 00 01 0000015e jeq 15e 0015 (false 0016) 0015: 06 00 00 00000001 ret KILL 0016: 15 00 01 00000081 jeq 81 0017 (false 0018) 0017: 06 00 00 00000001 ret KILL 0018: 15 00 01 0000006e jeq 6e 0019 (false 001a) 0019: 06 00 00 00000001 ret KILL 001a: 15 00 01 00000065 jeq 65 001b (false 001c) 001b: 06 00 00 00000001 ret KILL 001c: 15 00 01 00000121 jeq 121 001d (false 001e) 001d: 06 00 00 00000001 ret KILL 001e: 15 00 01 00000057 jeq 57 001f (false 0020) 001f: 06 00 00 00000001 ret KILL 0020: 15 00 01 00000073 jeq 73 0021 (false 0022) 0021: 06 00 00 00000001 ret KILL 0022: 15 00 01 00000067 jeq 67 0023 (false 0024) 0023: 06 00 00 00000001 ret KILL 0024: 15 00 01 0000015b jeq 15b 0025 (false 0026) 0025: 06 00 00 00000001 ret KILL 0026: 15 00 01 0000015c jeq 15c 0027 (false 0028) 0027: 06 00 00 00000001 ret KILL 0028: 15 00 01 00000087 jeq 87 0029 (false 002a) 0029: 06 00 00 00000001 ret KILL 002a: 15 00 01 00000095 jeq 95 002b (false 002c) 002b: 06 00 00 00000001 ret KILL 002c: 15 00 01 0000007c jeq 7c 002d (false 002e) 002d: 06 00 00 00000001 ret KILL 002e: 15 00 01 00000157 jeq 157 002f (false 0030) 002f: 06 00 00 00000001 ret KILL 0030: 15 00 01 000000fd jeq fd 0031 (false 0032) 0031: 06 00 00 00000001 ret KILL 0032: 15 00 01 00000150 jeq 150 0033 (false 0034) 0033: 06 00 00 00000001 ret KILL 0034: 15 00 01 00000152 jeq 152 0035 (false 0036) 0035: 06 00 00 00000001 ret KILL 0036: 15 00 01 0000015d jeq 15d 0037 (false 0038) 0037: 06 00 00 00000001 ret KILL 0038: 15 00 01 0000011e jeq 11e 0039 (false 003a) 0039: 06 00 00 00000001 ret KILL 003a: 15 00 01 0000011f jeq 11f 003b (false 003c) 003b: 06 00 00 00000001 ret KILL 003c: 15 00 01 00000120 jeq 120 003d (false 003e) 003d: 06 00 00 00000001 ret KILL 003e: 15 00 01 00000056 jeq 56 003f (false 0040) 003f: 06 00 00 00000001 ret KILL 0040: 15 00 01 00000033 jeq 33 0041 (false 0042) 0041: 06 00 00 00000001 ret KILL 0042: 15 00 01 0000007b jeq 7b 0043 (false 0044) 0043: 06 00 00 00000001 ret KILL 0044: 15 00 01 000000d9 jeq d9 0045 (false 0046) 0045: 06 00 00 00000001 ret KILL 0046: 15 00 01 000000f5 jeq f5 0047 (false 0048) 0047: 06 00 00 00000001 ret KILL 0048: 15 00 01 000000f6 jeq f6 0049 (false 004a) 0049: 06 00 00 00000001 ret KILL 004a: 15 00 01 000000f7 jeq f7 004b (false 004c) 004b: 06 00 00 00000001 ret KILL 004c: 15 00 01 000000f8 jeq f8 004d (false 004e) 004d: 06 00 00 00000001 ret KILL 004e: 15 00 01 000000f9 jeq f9 004f (false 0050) 004f: 06 00 00 00000001 ret KILL 0050: 15 00 01 00000101 jeq 101 0051 (false 0052) 0051: 06 00 00 00000001 ret KILL 0052: 15 00 01 00000112 jeq 112 0053 (false 0054) 0053: 06 00 00 00000001 ret KILL 0054: 15 00 01 00000114 jeq 114 0055 (false 0056) 0055: 06 00 00 00000001 ret KILL 0056: 15 00 01 00000126 jeq 126 0057 (false 0058) 0057: 06 00 00 00000001 ret KILL 0058: 15 00 01 0000013d jeq 13d 0059 (false 005a) 0059: 06 00 00 00000001 ret KILL 005a: 15 00 01 0000013c jeq 13c 005b (false 005c) 005b: 06 00 00 00000001 ret KILL 005c: 15 00 01 0000003d jeq 3d 005d (false 005e) 005d: 06 00 00 00000001 ret KILL 005e: 15 00 01 00000058 jeq 58 005f (false 0060) 005f: 06 00 00 00000001 ret KILL 0060: 15 00 01 000000a9 jeq a9 0061 (false 0062) 0061: 06 00 00 00000001 ret KILL 0062: 15 00 01 00000082 jeq 82 0063 (false 0064) 0063: 06 00 00 00000001 ret KILL 0064: 06 00 00 7fff0000 ret ALLOW Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown, line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 c000003e jeq ARCH_64 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 35 01 00 40000000 jge X32_ABI 0006 (false 0005) 0005: 35 01 00 00000000 jge read 0007 (false 0006) 0006: 06 00 00 00050001 ret ERRNO(1) 0007: 15 00 01 00000065 jeq ptrace 0008 (false 0009) 0008: 06 00 00 7fff0000 ret ALLOW 0009: 15 00 01 0000009f jeq adjtimex 000a (false 000b) 000a: 06 00 00 00050001 ret ERRNO(1) 000b: 15 00 01 00000131 jeq clock_adjtime 000c (false 000d) 000c: 06 00 00 00050001 ret ERRNO(1) 000d: 15 00 01 000000e3 jeq clock_settime 000e (false 000f) 000e: 06 00 00 00050001 ret ERRNO(1) 000f: 15 00 01 000000a4 jeq settimeofday 0010 (false 0011) 0010: 06 00 00 00050001 ret ERRNO(1) 0011: 15 00 01 0000009a jeq modify_ldt 0012 (false 0013) 0012: 06 00 00 00050001 ret ERRNO(1) 0013: 15 00 01 000000d4 jeq lookup_dcookie 0014 (false 0015) 0014: 06 00 00 00050001 ret ERRNO(1) 0015: 15 00 01 0000012a jeq perf_event_open 0016 (false 0017) 0016: 06 00 00 00050001 ret ERRNO(1) 0017: 15 00 01 00000137 jeq process_vm_writev 0018 (false 0019) 0018: 06 00 00 00050001 ret ERRNO(1) 0019: 15 00 01 000000b0 jeq delete_module 001a (false 001b) 001a: 06 00 00 00050001 ret ERRNO(1) 001b: 15 00 01 00000139 jeq finit_module 001c (false 001d) 001c: 06 00 00 00050001 ret ERRNO(1) 001d: 15 00 01 000000af jeq init_module 001e (false 001f) 001e: 06 00 00 00050001 ret ERRNO(1) 001f: 15 00 01 000000a1 jeq chroot 0020 (false 0021) 0020: 06 00 00 00050001 ret ERRNO(1) 0021: 15 00 01 000000a5 jeq mount 0022 (false 0023) 0022: 06 00 00 00050001 ret ERRNO(1) 0023: 15 00 01 0000009b jeq pivot_root 0024 (false 0025) 0024: 06 00 00 00050001 ret ERRNO(1) 0025: 15 00 01 000000a6 jeq umount2 0026 (false 0027) 0026: 06 00 00 00050001 ret ERRNO(1) 0027: 15 00 01 0000009c jeq _sysctl 0028 (false 0029) 0028: 06 00 00 00050001 ret ERRNO(1) 0029: 15 00 01 000000b7 jeq afs_syscall 002a (false 002b) 002a: 06 00 00 00050001 ret ERRNO(1) 002b: 15 00 01 000000ae jeq create_module 002c (false 002d) 002c: 06 00 00 00050001 ret ERRNO(1) 002d: 15 00 01 000000b1 jeq get_kernel_syms 002e (false 002f) 002e: 06 00 00 00050001 ret ERRNO(1) 002f: 15 00 01 000000b5 jeq getpmsg 0030 (false 0031) 0030: 06 00 00 00050001 ret ERRNO(1) 0031: 15 00 01 000000b6 jeq putpmsg 0032 (false 0033) 0032: 06 00 00 00050001 ret ERRNO(1) 0033: 15 00 01 000000b2 jeq query_module 0034 (false 0035) 0034: 06 00 00 00050001 ret ERRNO(1) 0035: 15 00 01 000000b9 jeq security 0036 (false 0037) 0036: 06 00 00 00050001 ret ERRNO(1) 0037: 15 00 01 0000008b jeq sysfs 0038 (false 0039) 0038: 06 00 00 00050001 ret ERRNO(1) 0039: 15 00 01 000000b8 jeq tuxcall 003a (false 003b) 003a: 06 00 00 00050001 ret ERRNO(1) 003b: 15 00 01 00000086 jeq uselib 003c (false 003d) 003c: 06 00 00 00050001 ret ERRNO(1) 003d: 15 00 01 00000088 jeq ustat 003e (false 003f) 003e: 06 00 00 00050001 ret ERRNO(1) 003f: 15 00 01 000000ec jeq vserver 0040 (false 0041) 0040: 06 00 00 00050001 ret ERRNO(1) 0041: 15 00 01 000000ad jeq ioperm 0042 (false 0043) 0042: 06 00 00 00050001 ret ERRNO(1) 0043: 15 00 01 000000ac jeq iopl 0044 (false 0045) 0044: 06 00 00 00050001 ret ERRNO(1) 0045: 15 00 01 000000f6 jeq kexec_load 0046 (false 0047) 0046: 06 00 00 00050001 ret ERRNO(1) 0047: 15 00 01 00000140 jeq kexec_file_load 0048 (false 0049) 0048: 06 00 00 00050001 ret ERRNO(1) 0049: 15 00 01 000000a9 jeq reboot 004a (false 004b) 004a: 06 00 00 00050001 ret ERRNO(1) 004b: 15 00 01 000000a7 jeq swapon 004c (false 004d) 004c: 06 00 00 00050001 ret ERRNO(1) 004d: 15 00 01 000000a8 jeq swapoff 004e (false 004f) 004e: 06 00 00 00050001 ret ERRNO(1) 004f: 15 00 01 00000130 jeq open_by_handle_at 0050 (false 0051) 0050: 06 00 00 00050001 ret ERRNO(1) 0051: 15 00 01 0000012f jeq name_to_handle_at 0052 (false 0053) 0052: 06 00 00 00050001 ret ERRNO(1) 0053: 15 00 01 000000fb jeq ioprio_set 0054 (false 0055) 0054: 06 00 00 00050001 ret ERRNO(1) 0055: 15 00 01 00000067 jeq syslog 0056 (false 0057) 0056: 06 00 00 00050001 ret ERRNO(1) 0057: 15 00 01 0000012c jeq fanotify_init 0058 (false 0059) 0058: 06 00 00 00050001 ret ERRNO(1) 0059: 15 00 01 00000138 jeq kcmp 005a (false 005b) 005a: 06 00 00 00050001 ret ERRNO(1) 005b: 15 00 01 000000f8 jeq add_key 005c (false 005d) 005c: 06 00 00 00050001 ret ERRNO(1) 005d: 15 00 01 000000f9 jeq request_key 005e (false 005f) 005e: 06 00 00 00050001 ret ERRNO(1) 005f: 15 00 01 000000ed jeq mbind 0060 (false 0061) 0060: 06 00 00 00050001 ret ERRNO(1) 0061: 15 00 01 00000100 jeq migrate_pages 0062 (false 0063) 0062: 06 00 00 00050001 ret ERRNO(1) 0063: 15 00 01 00000117 jeq move_pages 0064 (false 0065) 0064: 06 00 00 00050001 ret ERRNO(1) 0065: 15 00 01 000000fa jeq keyctl 0066 (false 0067) 0066: 06 00 00 00050001 ret ERRNO(1) 0067: 15 00 01 000000ce jeq io_setup 0068 (false 0069) 0068: 06 00 00 00050001 ret ERRNO(1) 0069: 15 00 01 000000cf jeq io_destroy 006a (false 006b) 006a: 06 00 00 00050001 ret ERRNO(1) 006b: 15 00 01 000000d0 jeq io_getevents 006c (false 006d) 006c: 06 00 00 00050001 ret ERRNO(1) 006d: 15 00 01 000000d1 jeq io_submit 006e (false 006f) 006e: 06 00 00 00050001 ret ERRNO(1) 006f: 15 00 01 000000d2 jeq io_cancel 0070 (false 0071) 0070: 06 00 00 00050001 ret ERRNO(1) 0071: 15 00 01 000000d8 jeq remap_file_pages 0072 (false 0073) 0072: 06 00 00 00050001 ret ERRNO(1) 0073: 15 00 01 00000143 jeq userfaultfd 0074 (false 0075) 0074: 06 00 00 00050001 ret ERRNO(1) 0075: 15 00 01 000000a3 jeq acct 0076 (false 0077) 0076: 06 00 00 00050001 ret ERRNO(1) 0077: 15 00 01 00000141 jeq bpf 0078 (false 0079) 0078: 06 00 00 00050001 ret ERRNO(1) 0079: 15 00 01 000000b4 jeq nfsservctl 007a (false 007b) 007a: 06 00 00 00050001 ret ERRNO(1) 007b: 15 00 01 000000ab jeq setdomainname 007c (false 007d) 007c: 06 00 00 00050001 ret ERRNO(1) 007d: 15 00 01 000000aa jeq sethostname 007e (false 007f) 007e: 06 00 00 00050001 ret ERRNO(1) 007f: 15 00 01 00000099 jeq vhangup 0080 (false 0081) 0080: 06 00 00 00050001 ret ERRNO(1) 0081: 15 00 01 00000065 jeq ptrace 0082 (false 0083) 0082: 06 00 00 00050001 ret ERRNO(1) 0083: 15 00 01 00000087 jeq personality 0084 (false 0085) 0084: 06 00 00 00050001 ret ERRNO(1) 0085: 15 00 01 00000136 jeq process_vm_readv 0086 (false 0087) 0086: 06 00 00 00050001 ret ERRNO(1) 0087: 06 00 00 7fff0000 ret ALLOW Not blacklist /home/oneric/.killingfloor Not blacklist /home/oneric/.local/share/3909/PapersPlease Not blacklist /home/oneric/.local/share/Steam Not blacklist /home/oneric/.local/share/SuperHexagon Not blacklist /home/oneric/.local/share/Terraria Not blacklist /home/oneric/.local/share/aspyr-media Not blacklist /home/oneric/.local/share/cdprojektred Not blacklist /home/oneric/.local/share/FasterThanLight Not blacklist /home/oneric/.local/share/feral-interactive Not blacklist /home/oneric/.local/share/IntoTheBreach Not blacklist /home/oneric/.local/share/Paradox Interactive Not blacklist /home/oneric/.local/share/vpltd Not blacklist /home/oneric/.local/share/vulkan Not blacklist /home/oneric/.mbwarband Not blacklist /home/oneric/.paradoxinteractive Not blacklist /home/oneric/.steam Not blacklist /home/oneric/.steampath Not blacklist /home/oneric/.steampid Mounting read-only /tmp/.X11-unix 1020 819 8:6 /.X11-unix /tmp/.X11-unix ro,noatime master:120 - ext4 /dev/sda6 rw mountid=1020 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=ext4 Disable /sys/fs Disable /sys/module Mounting noexec /run/firejail/mnt/pulse 1023 448 0:49 /pulse /run/firejail/mnt/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=1023 fsname=/pulse dir=/run/firejail/mnt/pulse fstype=tmpfs Creating empty /home/oneric/.config/pulse directory Mounting /run/firejail/mnt/pulse on /home/oneric/.config/pulse 1024 588 0:49 /pulse /home/oneric/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=1024 fsname=/pulse dir=/home/oneric/.config/pulse fstype=tmpfs Current directory: /home/oneric Install protocol filter: unix,inet,inet6,netlink configuring 22 seccomp entries in /run/firejail/mnt/seccomp/seccomp.protocol sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.protocol configuring 101 seccomp entries in /run/firejail/mnt/seccomp/seccomp.32 sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.32 Dual 32/64 bit seccomp filter configured Build default+drop seccomp filter sbox run: /run/firejail/lib/fseccomp default drop /run/firejail/mnt/seccomp/seccomp /run/firejail/mnt/seccomp/seccomp.postexec !ptrace sbox run: /run/firejail/lib/fsec-optimize /run/firejail/mnt/seccomp/seccomp configuring 136 seccomp entries in /run/firejail/mnt/seccomp/seccomp sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp seccomp filter configured Mounting read-only /run/firejail/mnt/seccomp 1026 448 0:49 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755,inode64 mountid=1026 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs Seccomp directory: ls /run/firejail/mnt/seccomp drwxr-xr-x root root 160 . drwxr-xr-x root root 380 .. -rw-r--r-- oneric games 1088 seccomp -rw-r--r-- oneric games 808 seccomp.32 -rw-r--r-- oneric games 114 seccomp.list -rw-r--r-- oneric games 0 seccomp.postexec -rw-r--r-- oneric games 0 seccomp.postexec32 -rw-r--r-- oneric games 176 seccomp.protocol Active seccomp files: cat /run/firejail/mnt/seccomp/seccomp.list /run/firejail/mnt/seccomp/seccomp.protocol /run/firejail/mnt/seccomp/seccomp.32 /run/firejail/mnt/seccomp/seccomp Dropping all capabilities noroot user namespace installed Dropping all capabilities NO_NEW_PRIVS set Drop privileges: pid 1, uid 1001, gid 60, nogroups 1 No supplementary groups Child process initialized in 191.11 ms starting application LD_PRELOAD=(null) execvp argument 0: steam Manjaro steam native configuration found! cp: reguläre Datei '/usr/games/Games-SSD/Steam-Runtime/local-share-Steam/bootstrap.tar.xz' kann nicht angelegt werden: Das Dateisystem ist nur lesbar Parent is shutting down, bye... ``` With this in /etc/firejail/steam.local : ``` # Remove our custom folders from blacklists noblacklist /usr/games/Games-HDD/SteamLibrary noblacklist /usr/games/Games-HDD/SAVEFILES noblacklist /usr/games/Games-HDD/LutrisLibrary noblacklist /usr/games/Games-HDD/Origin Games noblacklist /usr/games/Games-SSD/SteamLibrary noblacklist /usr/games/Games-SSD/Steam-Runtime noblacklist /usr/games/Games-SSD/GOG Galaxy # And also whitelist them whitelist /usr/games/Games-HDD/SteamLibrary whitelist /usr/games/Games-HDD/SAVEFILES whitelist /usr/games/Games-HDD/LutrisLibrary whitelist /usr/games/Games-HDD/Origin Games whitelist /usr/games/Games-SSD/SteamLibrary whitelist /usr/games/Games-SSD/Steam-Runtime whitelist /usr/games/Games-SSD/GOG Galaxy ``` `firejail --debug steam` outputs: ``` Reading profile /etc/firejail/steam.profile Autoselecting /bin/bash as shell Building quoted command line: 'steam' Command name #steam# Found steam.profile profile in /etc/firejail directory Reading profile /etc/firejail/steam.local Found steam.local profile in /etc/firejail directory Reading profile /etc/firejail/allow-java.inc Found allow-java.inc profile in /etc/firejail directory Reading profile /etc/firejail/allow-python2.inc Found allow-python2.inc profile in /etc/firejail directory Reading profile /etc/firejail/allow-python3.inc Found allow-python3.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-common.inc Found disable-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-devel.inc Found disable-devel.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-interpreters.inc Found disable-interpreters.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-passwdmgr.inc Found disable-passwdmgr.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-programs.inc Found disable-programs.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-common.inc Found whitelist-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-var-common.inc Found whitelist-var-common.inc profile in /etc/firejail directory DISPLAY=:0.0 parsed as 0 Parent pid 8975, child pid 8977 Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown, Using the local network stack Warning: file /etc/alternatives not found. Warning: skipping alternatives for private /etc Warning: file /etc/asound.conf not found. Warning: skipping asound.conf for private /etc Warning: file /etc/bumblebee not found. Warning: skipping bumblebee for private /etc Warning: file /etc/crypto-policies not found. Warning: skipping crypto-policies for private /etc Warning: file /etc/drirc not found. Warning: skipping drirc for private /etc Seccomp list in: !ptrace, check list: @default-keep, prelist: unknown, Using the local network stack Initializing child process PID namespace installed Mounting tmpfs on /run/firejail/mnt directory Creating empty /run/firejail/mnt/seccomp directory Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file Build protocol filter: unix,inet,inet6,netlink sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol Mounting /proc filesystem representing the PID namespace Basic read-only filesystem: Mounting read-only /etc 451 408 259:3 /etc /etc ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=451 fsname=/etc dir=/etc fstype=ext4 Mounting noexec /etc 452 451 259:3 /etc /etc ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=452 fsname=/etc dir=/etc fstype=ext4 Mounting read-only /var 453 408 259:3 /var /var ro,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=453 fsname=/var dir=/var fstype=ext4 Mounting noexec /var 454 453 259:3 /var /var ro,nosuid,nodev,noexec,noatime master:1 - ext4 /dev/nvme0n1p3 rw mountid=454 fsname=/var dir=/var fstype=ext4 Mounting read-only /usr 457 455 8:1 / /usr/games/Games-HDD rw,relatime master:116 - ext4 /dev/sda1 rw mountid=457 fsname=/ dir=/usr/games/Games-HDD fstype=ext4 Mounting read-only /usr/games/Games-SSD 458 456 259:4 / /usr/games/Games-SSD ro,noatime master:108 - ext4 /dev/nvme0n1p4 rw mountid=458 fsname=/ dir=/usr/games/Games-SSD fstype=ext4 Mounting read-only /usr/games/Games-HDD 459 457 8:1 / /usr/games/Games-HDD ro,relatime master:116 - ext4 /dev/sda1 rw mountid=459 fsname=/ dir=/usr/games/Games-HDD fstype=ext4 Mounting tmpfs on /var/lock Mounting tmpfs on /var/tmp Mounting tmpfs on /var/log Create the new utmp file Mount the new utmp file Cleaning /home directory Cleaning /run/user directory Sanitizing /etc/passwd, UID_MIN 1000 Sanitizing /etc/group, GID_MIN 1000 Disable /run/firejail/network Disable /run/firejail/bandwidth Disable /run/firejail/name Disable /run/firejail/profile Disable /run/firejail/x11 Mounting tmpfs on /dev mounting /run/firejail/mnt/dev/snd directory mounting /run/firejail/mnt/dev/dri directory Process /dev/shm directory Generate private-tmp whitelist commands blacklist /run/firejail/dbus Mounting read-only /proc/sys Remounting /sys directory Disable /sys/firmware Disable /sys/hypervisor Disable /sys/power Disable /sys/kernel/debug Disable /sys/kernel/vmcoreinfo Disable /proc/sys/fs/binfmt_misc Disable /proc/sys/kernel/core_pattern Disable /proc/sys/kernel/modprobe Disable /proc/sysrq-trigger Disable /proc/sys/vm/panic_on_oom Disable /proc/irq Disable /proc/bus Disable /proc/sched_debug Disable /proc/timer_list Disable /proc/kcore Disable /proc/kallsyms Disable /usr/lib/modules (requested /lib/modules) Disable /boot Disable /run/user/1001/gnupg Disable /run/user/1001/systemd Disable /proc/kmsg Copying files in the new /etc directory: copying /etc/ca-certificates to private /etc Creating empty /run/firejail/mnt/etc/ca-certificates directory sbox run: /run/firejail/lib/fcopy /etc/ca-certificates /run/firejail/mnt/etc/ca-certificates copying /etc/dbus-1 to private /etc Creating empty /run/firejail/mnt/etc/dbus-1 directory sbox run: /run/firejail/lib/fcopy /etc/dbus-1 /run/firejail/mnt/etc/dbus-1 copying /etc/fonts to private /etc Creating empty /run/firejail/mnt/etc/fonts directory sbox run: /run/firejail/lib/fcopy /etc/fonts /run/firejail/mnt/etc/fonts copying /etc/group to private /etc sbox run: /run/firejail/lib/fcopy /etc/group /run/firejail/mnt/etc copying /etc/gtk-2.0 to private /etc Creating empty /run/firejail/mnt/etc/gtk-2.0 directory sbox run: /run/firejail/lib/fcopy /etc/gtk-2.0 /run/firejail/mnt/etc/gtk-2.0 copying /etc/gtk-3.0 to private /etc Creating empty /run/firejail/mnt/etc/gtk-3.0 directory sbox run: /run/firejail/lib/fcopy /etc/gtk-3.0 /run/firejail/mnt/etc/gtk-3.0 copying /etc/host.conf to private /etc sbox run: /run/firWarning: file /etc/nvidia not found. Warning: skipping nvidia for private /etc Warning: file /etc/pki not found. Warning: skipping pki for private /etc Private /etc installed in 41.72 ms ejail/lib/fcopy /etc/host.conf /run/firejail/mnt/etc copying /etc/hostname to private /etc sbox run: /run/firejail/lib/fcopy /etc/hostname /run/firejail/mnt/etc copying /etc/hosts to private /etc sbox run: /run/firejail/lib/fcopy /etc/hosts /run/firejail/mnt/etc copying /etc/ld.so.cache to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.cache /run/firejail/mnt/etc copying /etc/ld.so.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf /run/firejail/mnt/etc copying /etc/ld.so.conf.d to private /etc Creating empty /run/firejail/mnt/etc/ld.so.conf.d directory sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf.d /run/firejail/mnt/etc/ld.so.conf.d copying /etc/ld.so.preload to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.preload /run/firejail/mnt/etc copying /etc/localtime to private /etc sbox run: /run/firejail/lib/fcopy /etc/localtime /run/firejail/mnt/etc copying /etc/lsb-release to private /etc sbox run: /run/firejail/lib/fcopy /etc/lsb-release /run/firejail/mnt/etc copying /etc/machine-id to private /etc sbox run: /run/firejail/lib/fcopy /etc/machine-id /run/firejail/mnt/etc copying /etc/mime.types to private /etc sbox run: /run/firejail/lib/fcopy /etc/mime.types /run/firejail/mnt/etc copying /etc/os-release to private /etc sbox run: /run/firejail/lib/fcopy /etc/os-release /run/firejail/mnt/etc copying /etc/passwd to private /etc sbox run: /run/firejail/lib/fcopy /etc/passwd /run/firejail/mnt/etc copying /etc/pulse to private /etc Creating empty /run/firejail/mnt/etc/pulse directory sbox run: /run/firejail/lib/fcopy /etc/pulse /run/firejail/mnt/etc/pulse copying /etc/resolv.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/resolv.conf /run/firejail/mnt/etc copying /etc/services to private /etc sbox run: /run/firejail/lib/fcopy /etc/services /run/firejail/mnt/etc copying /etc/ssl to private /etc Creating empty /run/firejail/mnt/etc/ssl directory sbox run: /run/firejail/lib/fcopy /etc/ssl /run/firejail/mnt/etc/ssl Mount-bind /run/firejail/mnt/etc on top of /etc Debug 456: new_name #/usr/games/Games-HDD/SteamLibrary#, whitelist Error: invalid whitelist path /usr/games/Games-HDD/SteamLibrary Cannot find /usr/etc Error: proc 8975 cannot sync with peer: unexpected EOF Peer 8977 unexpectedly exited with status 1 ``` </details>

gitea-mirror 2026-05-05 09:02:34 -06:00

• closed this issue
• added the
  information_old
  label

gitea-mirror commented 2026-05-05 09:02:36 -06:00

Author

Owner

Copy link

@ghost commented on GitHub (Nov 11, 2020):

cp: cannot create regular file '/usr/games/Games-SSD/Steam-Runtime/local-share-Steam/bootstrap.tar.xz': Read-only file system

Have you tried making that path read-write yet? Something like read-write /usr/games might do...

<!-- gh-comment-id:725690099 --> @ghost commented on GitHub (Nov 11, 2020): > cp: cannot create regular file '/usr/games/Games-SSD/Steam-Runtime/local-share-Steam/bootstrap.tar.xz': Read-only file system Have you tried making that path read-write yet? Something like `read-write /usr/games` might do...

gitea-mirror commented 2026-05-05 09:02:37 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Nov 12, 2020):

/usr/games must be owned by $USER do to this.

<!-- gh-comment-id:726001716 --> @rusty-snake commented on GitHub (Nov 12, 2020): `/usr/games` **must** be owned by $USER do to this.

gitea-mirror commented 2026-05-05 09:02:38 -06:00

Author

Owner

Copy link

@TheOneric commented on GitHub (Nov 12, 2020):

Thanks for your replies.

usr/games is not owned by $USER, but usr/games/Games-{HDD,SSD} are. After adding

read-write /usr/games/Games-HDD
read-write /usr/games/Games-SSD

to steam.local it now seems to work at first glance.

If you don't mind me asking, what's the difference between whitelisting and read-write? I was under the impression noblackist+whitelist would be the correct and sufficient approach to make locations fully accessible to an app. Are there any side-effect with read-write only, like the app can write to this location but changes will be erased after restart? The manpages mentioned only changes to whitelisted paths being permanent…
And what makes /usr/games/Games-HDD/xyz an invalid whitelist-path even though both usr/games/Games-HDD and xyz are owned by $USER, while eg ~/.config/xyz is a valid whitelist-path?

<!-- gh-comment-id:726247948 --> @TheOneric commented on GitHub (Nov 12, 2020): Thanks for your replies. `usr/games` is **not** owned by $USER, but `usr/games/Games-{HDD,SSD}` are. After adding ``` read-write /usr/games/Games-HDD read-write /usr/games/Games-SSD ``` to steam.local it now seems to work at first glance. If you don't mind me asking, what's the difference between whitelisting and read-write? I was under the impression noblackist+whitelist would be the correct and sufficient approach to make locations fully accessible to an app. Are there any side-effect with `read-write` only, like the app can write to this location but changes will be erased after restart? The manpages mentioned only changes to whitelisted paths being permanent… And what makes `/usr/games/Games-HDD/xyz` an invalid whitelist-path even though both `usr/games/Games-HDD` and `xyz` are owned by $USER, while eg `~/.config/xyz` is a valid whitelist-path?

gitea-mirror commented 2026-05-05 09:02:39 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Nov 12, 2020):

If you don't mind me asking, what's the difference between whitelisting and read-write?

whitelist: whitelist ${HOME}/foo enables whitelisting in $HOME and makes ~/foo appear in the sandbox
read-only/read-write: control ro/rw of a file/dir

I was under the impression noblackist+whitelist would be the correct and sufficient approach to make locations fully accessible to an app.

noblacklist: ignore any later blacklist for that path. This means it is only necessary if there such a blacklist
whitelist: is only necessary if whitelisting for that location is enabled

The issues here is that only $HOME and /tmp are rw inside the sandbox by default.

Are there any side-effect with read-write only, like the app can write to this location but changes will be erased after restart?

Changes are not permanent if

• overlay-tmpfs is used
• tmpfs is used
• private-home is used
• private is used (private ~/foobar is another thing)
• ...
• whitelisting is enabled any the file is not whitelisted

The manpages mentioned only changes to whitelisted paths being permanent…

... if whitelisting is used for that location

And what makes /usr/games/Games-HDD/xyz an invalid whitelist-path even though both usr/games/Games-HDD and xyz are owned by $USER, while eg ~/.config/xyz is a valid whitelist-path?

whitelisting is only supported in $HOME, /run/user/$UID, /etc, /var, /usr/share, and a few more see the manpage.

<!-- gh-comment-id:726327333 --> @rusty-snake commented on GitHub (Nov 12, 2020): > If you don't mind me asking, what's the difference between whitelisting and read-write? `whitelist`: `whitelist ${HOME}/foo` enables whitelisting in $HOME and makes ~/foo appear in the sandbox `read-only`/`read-write`: control ro/rw of a file/dir > I was under the impression noblackist+whitelist would be the correct and sufficient approach to make locations fully accessible to an app. `noblacklist`: ignore any later `blacklist` for that path. This means it is only necessary if there such a blacklist `whitelist`: is only necessary if whitelisting for that location is enabled The issues here is that only $HOME and /tmp are rw inside the sandbox by default. > Are there any side-effect with read-write only, like the app can write to this location but changes will be erased after restart? Changes are not permanent if - `overlay-tmpfs` is used - `tmpfs` is used - `private-home` is used - `private` is used (`private ~/foobar` is another thing) - ... - whitelisting is enabled any the file is not whitelisted > The manpages mentioned only changes to whitelisted paths being permanent… ... if whitelisting is used for that location > And what makes /usr/games/Games-HDD/xyz an invalid whitelist-path even though both usr/games/Games-HDD and xyz are owned by $USER, while eg ~/.config/xyz is a valid whitelist-path? whitelisting is only supported in $HOME, /run/user/$UID, /etc, /var, /usr/share, and a few more see the manpage.

gitea-mirror commented 2026-05-05 09:02:40 -06:00

Author

Owner

Copy link

@TheOneric commented on GitHub (Nov 12, 2020):

Thank you very much for this explanation!

<!-- gh-comment-id:726379454 --> @TheOneric commented on GitHub (Nov 12, 2020): Thank you very much for this explanation!

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

serialize_remounts_v2

landlock_v4

landlock

release-0.9.64

release-0.9.62

gitlab_ci

LTSbase

fred_ctests

docs

0.9.80

0.9.80-rc1

0.9.78

0.9.76

0.9.76-rc4

0.9.76-rc3

0.9.76-rc2

0.9.76-rc1

0.9.74

landlock-split

0.9.72

0.9.72rc1

0.9.70

0.9.68

0.9.68rc1

0.9.66

0.9.66rc1

0.9.64.4

0.9.64.2

0.9.64

0.9.64rc1

0.9.62.4

0.9.62.2

0.9.62

0.9.56.2-LTS

0.9.60

0.9.60-rc1

0.9.58.2

0.9.58

0.9.58-rc1

0.9.56-LTS-release

0.9.56-LTS

0.9.56

0.9.56-rc1

0.9.54

0.9.54-rc2

0.9.54-rc1

0.9.52

0.9.38.12

0.9.50

0.9.50-rc1

0.9.48

0.9.46

0.9.46-rc1

0.9.44.10

0.9.44.8

0.9.44.6

0.9.38.10

0.9.44.4

0.9.38.8

0.9.44.2

0.9.44

0.9.44-rc1

0.9.38.4

0.9.42

0.9.42-rc2

0.9.38.2

0.9.42-rc1

disable-globalcfg

0.9.40

0.9.40-rc1

0.9.38

0.9.38-rc1

0.9.36

0.9.36-rc1

0.9.34

0.9.34-rc1

0.9.32

0.9.32-rc1

0.9.30

0.9.30-rc1

Labels

Clear labels   

LTS merge

  

LTS merge

  

bug

  

bug

  

converted-to-discussion

  

doc-todo

  

documentation

  

duplicate

  

enhancement

  

file-transfer

  

firecfg

  

firejail-in-firejail

  

firetools

  

graphics

  

help wanted

  

information_old

  

installation

  

invalid

  

modif

  

moved

  

needinfo

  

networking

  

notabug

  

notourbug

  

old-version

  

overlayfs

  

packaging

  

profile-request

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question_old

  

removal

  

runtime-permissions

  

sandbox-ipc

  

security

  

stale

  

wiki

  

wiki

  

wontfix

  

wordpress

  

workaround

No labels

LTS merge

LTS merge

bug

bug

converted-to-discussion

doc-todo

documentation

duplicate

enhancement

file-transfer

firecfg

firejail-in-firejail

firetools

graphics

help wanted

information_old

installation

invalid

modif

moved

needinfo

networking

notabug

notourbug

old-version

overlayfs

packaging

profile-request

pull-request

question

question_old

removal

runtime-permissions

sandbox-ipc

security

stale

wiki

wiki

wontfix

wordpress

workaround

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2361

No description provided.