github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #3800] "firejail playonlinux" starts GUI but not installed programme #2402

New issue

Closed

opened 2026-05-05 09:04:54 -06:00 by gitea-mirror · 4 comments

gitea-mirror commented

2026-05-05 09:04:54 -06:00

Owner

Originally created by @Rosika2 on GitHub (Dec 9, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3800

Environment

Linux distribution and version: Lubuntu 18.04.5 KTS, 64 bit
Firejail version 0.9.64

Hi altogether,

I installed the programme "notepad++" in wine using playonlinux.
The installation went well. Issuing the command "firejail playonlinux" produced the playonlinux GUI alright and I could see the entry "Notepad++" with its icon.
Yet trying to execute the programme failed.
I looked up the error-logs which I post here: https://gist.github.com/Rosika2/bfcd72ad53485d44fdb18b85d9b7d27c

(they´re probably a bit too long for posting them here):

Running "firejail --noprofile playonlinux" works alright but won´t give me much of a protection, I guess.

What might be done about it?

Thanks a lot in advance.

Many greetings.
Rosika

Originally created by @Rosika2 on GitHub (Dec 9, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3800 **Environment** - Linux distribution and version: Lubuntu 18.04.5 KTS, 64 bit - Firejail version 0.9.64 Hi altogether, I installed the programme "notepad++" in _wine_ using **playonlinux**. The installation went well. Issuing the command "firejail playonlinux" produced the playonlinux GUI alright and I could see the entry "Notepad++" with its icon. Yet trying to execute the programme failed. I looked up the **error-logs** which I post here: https://gist.github.com/Rosika2/bfcd72ad53485d44fdb18b85d9b7d27c (they´re probably a bit too long for posting them here): Running "firejail --noprofile playonlinux" works alright but won´t give me much of a protection, I guess. What might be done about it? Thanks a lot in advance. Many greetings. Rosika

gitea-mirror closed this issue

2026-05-05 09:04:55 -06:00

gitea-mirror commented

2026-05-05 09:04:57 -06:00

Author

Owner

@rusty-snake commented on GitHub (Dec 9, 2020):

...
wine: chdir to /tmp/.wine-1000/server-812-1a0037 : Permission denied
...
wine: chdir to /tmp/.wine-1000/server-812-1a0037 : Permission denied
...

$ fjp diff playonlinux.profile wine.profile
The following commands are unique to playonlinux.profile:
include playonlinux.local
noblacklist ${HOME}/.PlayOnLinux
noblacklist ${PATH}/nc
include allow-python2.inc
include allow-python3.inc
include allow-perl.inc

The following commands are unique to wine.profile:
include wine.local
noblacklist ${HOME}/.cache/winetricks
noblacklist ${HOME}/.wine
noblacklist /tmp/.wine-*                  <-------------------------
include disable-passwdmgr.inc
include whitelist-var-common.inc
allow-debuggers
private-dev

So try firejail '--noblacklist=/tmp/.wine-*' playonlinux.

@rusty-snake commented on GitHub (Dec 9, 2020): ``` ... wine: chdir to /tmp/.wine-1000/server-812-1a0037 : Permission denied ... wine: chdir to /tmp/.wine-1000/server-812-1a0037 : Permission denied ... ``` ``` $ fjp diff playonlinux.profile wine.profile The following commands are unique to playonlinux.profile: include playonlinux.local noblacklist ${HOME}/.PlayOnLinux noblacklist ${PATH}/nc include allow-python2.inc include allow-python3.inc include allow-perl.inc The following commands are unique to wine.profile: include wine.local noblacklist ${HOME}/.cache/winetricks noblacklist ${HOME}/.wine noblacklist /tmp/.wine-* <------------------------- include disable-passwdmgr.inc include whitelist-var-common.inc allow-debuggers private-dev ``` So try `firejail '--noblacklist=/tmp/.wine-*' playonlinux`.

gitea-mirror commented

2026-05-05 09:04:58 -06:00

Author

Owner

@Rosika2 commented on GitHub (Dec 10, 2020):

Hello @rusty-snake,

thank you so much for your help.
Indeed firejail '--noblacklist=/tmp/.wine-*' playonlinux works as desired. Thhe installed programme (notepad++) can be accessed now. Great!

One additional question, if I may ask just another one.

You helped with the issue of "running wine in firejail (--private option)" (https://github.com/netblue30/firejail/issues/3793 ) a few days ago. Thanks again for that.

Now I´d like to accomplish the same with playonlinux. So basically what I want to achieve is running playonlinux within firejail using the "--private=DEFINED_WORK_DIRECTORY" option.

The path for playonlinux is:
/home/rosika/.PlayOnLinux/
I´m not quite sure whether the procedure you instructed me to follow for wine would be applicable to the playonlinux scenario as well. I´m bit at a loss here.

Thanks again for your help.

Many greetings.
Rosika

@Rosika2 commented on GitHub (Dec 10, 2020): Hello @rusty-snake, thank you so much for your help. Indeed `firejail '--noblacklist=/tmp/.wine-*' playonlinux` works as desired. Thhe installed programme (notepad++) can be accessed now. Great! One additional question, if I may ask just another one. You helped with the issue of **"running wine in firejail (--private option)"** (https://github.com/netblue30/firejail/issues/3793 ) a few days ago. Thanks again for that. Now I´d like to accomplish the same with playonlinux. So basically what I want to achieve is running playonlinux within firejail using the "--private=DEFINED_WORK_DIRECTORY" option. The path for playonlinux is: `/home/rosika/.PlayOnLinux/ ` I´m not quite sure whether the procedure you instructed me to follow for wine would be applicable to the playonlinux scenario as well. I´m bit at a loss here. Thanks again for your help. Many greetings. Rosika

gitea-mirror commented

2026-05-05 09:04:59 -06:00

Author

Owner

@rusty-snake commented on GitHub (Dec 10, 2020):

Now I´d like to accomplish the same with playonlinux. So basically what I want to achieve is running playonlinux within firejail using the "--private=DEFINED_WORK_DIRECTORY" option.

The path for playonlinux is:
/home/rosika/.PlayOnLinux/
I´m not quite sure whether the procedure you instructed me to follow for wine would be applicable to the playonlinux scenario as well. I´m bit at a loss here.

Just try it 😉 if it does not work, you can revert it. It should work for the most programs if you move the files/dirs with a noblacklist command in the profile. There are a few exceptions like (1) if you don't use steam you don't need to move it or (2) if there's a nobacklist ${HOME}/.gnupg moving it will break other programs.

Indeed firejail '--noblacklist=/tmp/.wine-*' playonlinux works as desired.

I'll add it to playonlinux. General question to all: There are more differences between wine.profile and playonlinx.profile (se my post above). Since playonlinux is just a GUI wrapper for wine, wouldn't it makes sense to make it a redirect profile to wine and only add POLs own paths/command?

@rusty-snake commented on GitHub (Dec 10, 2020): > Now I´d like to accomplish the same with playonlinux. So basically what I want to achieve is running playonlinux within firejail using the "--private=DEFINED_WORK_DIRECTORY" option. > > The path for playonlinux is: /home/rosika/.PlayOnLinux/ I´m not quite sure whether the procedure you instructed me to follow for wine would be applicable to the playonlinux scenario as well. I´m bit at a loss here. Just try it :wink: if it does not work, you can revert it. It should work for the most programs if you move the files/dirs with a `noblacklist` command in the profile. There are a few exceptions like (1) if you don't use steam you don't need to move it or (2) if there's a `nobacklist ${HOME}/.gnupg` moving it will break other programs. > Indeed firejail '--noblacklist=/tmp/.wine-*' playonlinux works as desired. I'll add it to playonlinux. General question to all: There are more differences between wine.profile and playonlinx.profile (se my post above). Since playonlinux is just a GUI wrapper for wine, wouldn't it makes sense to make it a redirect profile to wine and only add POLs own paths/command?

gitea-mirror commented

2026-05-05 09:05:00 -06:00

Author

Owner

@Rosika2 commented on GitHub (Dec 11, 2020):

@rusty-snake:

Hello again and thank you so much for your help.

Just try it if it does not work, you can revert it

O.K. My system consists if 3 partitions: root-, home- and a data-partition. Until now I´ve just done a few experiments with wine and playonlinux all of which were performed within the home-partition.

As of now I want to use my data-partition for playonlinux. So I did the following:

cd /media/rosika/f14a27c2-0b49-4607-94ea-2e56bbf76fe1/DATEN-PARTITION/
mkdir PLAYONLINUX
firejail '--noblacklist=/tmp/.wine-*' --private=media/rosika/f14a27c2-0b49-4607-94ea-2e56bbf76fe1/DATEN-PARTITION/PLAYONLINUX playonlinux

That worked well.
Playonlinux created everything it needed anew. I installed a certain wine-version there. Upon creating "drive_c" the programme also downloaded and installed "Mono" and "Gecko".
Afterwards I could install "Notepad++". So I can run it the sandboxed way I like. Wonderful.

Since playonlinux is just a GUI wrapper for wine, wouldn't it makes sense to make it a redirect profile to wine and only add POLs own paths/command?

In my modest opinion I think that´s a good suggestion.

Thanks a lot again for your help.

Stay safe and many greetings.
Rosika

@Rosika2 commented on GitHub (Dec 11, 2020): @rusty-snake: Hello again and thank you so much for your help. > Just try it if it does not work, you can revert it O.K. My system consists if 3 partitions: root-, home- and a data-partition. Until now I´ve just done a few experiments with wine and playonlinux all of which were performed within the home-partition. As of now I want to use my data-partition for playonlinux. So I did the following: ``` cd /media/rosika/f14a27c2-0b49-4607-94ea-2e56bbf76fe1/DATEN-PARTITION/ mkdir PLAYONLINUX firejail '--noblacklist=/tmp/.wine-*' --private=media/rosika/f14a27c2-0b49-4607-94ea-2e56bbf76fe1/DATEN-PARTITION/PLAYONLINUX playonlinux ``` That worked well. **Playonlinux** created everything it needed anew. I installed a certain _wine-version_ there. Upon creating "drive_c" the programme also downloaded and installed _"Mono"_ and _"Gecko"_. Afterwards I could install "Notepad++". So I can run it the sandboxed way I like. Wonderful. > Since playonlinux is just a GUI wrapper for wine, wouldn't it makes sense to make it a redirect profile to wine and only add POLs own paths/command? In my modest opinion I think that´s a good suggestion. Thanks a lot again for your help. Stay safe and many greetings. Rosika

gitea-mirror referenced this issue

2026-05-05 10:17:19 -06:00

[PR #2402] [MERGED] Snap #4291

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2402

No description provided.

Rows
Columns