[GH-ISSUE #3940] brave: u2f does not work #2462

New issue

Closed

opened 2026-05-05 09:08:42 -06:00 by gitea-mirror · 6 comments

gitea-mirror commented 2026-05-05 09:08:42 -06:00

Owner

Copy link

Originally created by @NightProwler-dc on GitHub (Feb 1, 2021).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3940

U2F device doesn't work when using firejail to start brave-browser

U2f device is plugged in before starting the browser, having "BROWSER_DISABLE_U2F no" in brave-browser.local. but services can't detect my plugged in u2f device. If I don't use firejail to start brave-browser then u2f can work.

It seems I missed something but I can't find how am I supposed to enable u2f devices. I also saw something like
?BROWSER_DISABLE_U2F: nou2f in chromium-common.profile but ain't it supposed to be 'no' instead of 'nou2f'?

Thanks for any help.

Originally created by @NightProwler-dc on GitHub (Feb 1, 2021). Original GitHub issue: https://github.com/netblue30/firejail/issues/3940 U2F device doesn't work when using firejail to start brave-browser U2f device is plugged in before starting the browser, having "BROWSER_DISABLE_U2F no" in brave-browser.local. but services can't detect my plugged in u2f device. If I don't use firejail to start brave-browser then u2f can work. It seems I missed something but I can't find how am I supposed to enable u2f devices. I also saw something like `?BROWSER_DISABLE_U2F: nou2f `in chromium-common.profile but ain't it supposed to be 'no' instead of 'nou2f'? Thanks for any help.

gitea-mirror closed this issue 2026-05-05 09:08:43 -06:00

gitea-mirror commented 2026-05-05 09:08:46 -06:00

Author

Owner

Copy link

@SkewedZeppelin commented on GitHub (Feb 1, 2021):

https://github.com/netblue30/firejail/issues/3939#issuecomment-770764222

<!-- gh-comment-id:770765435 --> @SkewedZeppelin commented on GitHub (Feb 1, 2021): https://github.com/netblue30/firejail/issues/3939#issuecomment-770764222

gitea-mirror commented 2026-05-05 09:08:46 -06:00

Author

Owner

Copy link

@NightProwler-dc commented on GitHub (Feb 1, 2021):

#3939 (comment)

It looks like this in firejail.config now:

# Disable U2F in browsers, default enabled.
# browser-disable-u2f yes

Should I change it to
browser-disable-u2f no
?

What if I only want to enable U2F for a certain program like brave-browser?

<!-- gh-comment-id:770769103 --> @NightProwler-dc commented on GitHub (Feb 1, 2021): > [#3939 (comment)](https://github.com/netblue30/firejail/issues/3939#issuecomment-770764222) It looks like this in firejail.config now: ``` # Disable U2F in browsers, default enabled. # browser-disable-u2f yes ``` Should I change it to `browser-disable-u2f no` ? What if I only want to enable U2F for a certain program like brave-browser?

gitea-mirror commented 2026-05-05 09:08:47 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Feb 1, 2021):

Should I change it to
browser-disable-u2f no
?

yes

What if I only want to enable U2F for a certain program like brave-browser?

brave-browser.local:

ignore nou2f
ignore private-dev

<!-- gh-comment-id:770771983 --> @rusty-snake commented on GitHub (Feb 1, 2021): > Should I change it to browser-disable-u2f no ? yes > What if I only want to enable U2F for a certain program like brave-browser? `brave-browser.local`: ``` ignore nou2f ignore private-dev ```

gitea-mirror commented 2026-05-05 09:08:48 -06:00

Author

Owner

Copy link

@NightProwler-dc commented on GitHub (Feb 1, 2021):

Many thanks. I hope this question be added in FAQ maybe.

<!-- gh-comment-id:770775468 --> @NightProwler-dc commented on GitHub (Feb 1, 2021): Many thanks. I hope this question be added in FAQ maybe.

gitea-mirror commented 2026-05-05 09:08:49 -06:00

Author

Owner

Copy link

@NightProwler-dc commented on GitHub (Feb 1, 2021):

Should I change it to
browser-disable-u2f no
?

yes

What if I only want to enable U2F for a certain program like brave-browser?

brave-browser.local:

ignore nou2f
ignore private-dev

This actually doesn't work.

What I tested:
Keep the default firejail.config (comment on #browser-disable-u2f no)
add in brave-browser.local

ignore nou2f
ignore private-dev

connect u2f device and then start the browser

u2f device does not work

<!-- gh-comment-id:770884345 --> @NightProwler-dc commented on GitHub (Feb 1, 2021): > > Should I change it to > > browser-disable-u2f no > > ? > > yes > > > What if I only want to enable U2F for a certain program like brave-browser? > > `brave-browser.local`: > > ``` > ignore nou2f > ignore private-dev > ``` This actually doesn't work. What I tested: Keep the default firejail.config (comment on #browser-disable-u2f no) add in brave-browser.local ``` ignore nou2f ignore private-dev ``` connect u2f device and then start the browser u2f device does not work

gitea-mirror commented 2026-05-05 09:08:50 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Feb 1, 2021):

Gotcha! We need brave.local my mistake.

<!-- gh-comment-id:770971054 --> @rusty-snake commented on GitHub (Feb 1, 2021): Gotcha! We need `brave.local` my mistake.

gitea-mirror referenced this issue 2026-05-05 10:18:04 -06:00

[PR #2462] [MERGED] Harden gnome-maps.profile #4331

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

serialize_remounts_v2

landlock_v4

landlock

release-0.9.64

release-0.9.62

gitlab_ci

LTSbase

fred_ctests

docs

0.9.80

0.9.80-rc1

0.9.78

0.9.76

0.9.76-rc4

0.9.76-rc3

0.9.76-rc2

0.9.76-rc1

0.9.74

landlock-split

0.9.72

0.9.72rc1

0.9.70

0.9.68

0.9.68rc1

0.9.66

0.9.66rc1

0.9.64.4

0.9.64.2

0.9.64

0.9.64rc1

0.9.62.4

0.9.62.2

0.9.62

0.9.56.2-LTS

0.9.60

0.9.60-rc1

0.9.58.2

0.9.58

0.9.58-rc1

0.9.56-LTS-release

0.9.56-LTS

0.9.56

0.9.56-rc1

0.9.54

0.9.54-rc2

0.9.54-rc1

0.9.52

0.9.38.12

0.9.50

0.9.50-rc1

0.9.48

0.9.46

0.9.46-rc1

0.9.44.10

0.9.44.8

0.9.44.6

0.9.38.10

0.9.44.4

0.9.38.8

0.9.44.2

0.9.44

0.9.44-rc1

0.9.38.4

0.9.42

0.9.42-rc2

0.9.38.2

0.9.42-rc1

disable-globalcfg

0.9.40

0.9.40-rc1

0.9.38

0.9.38-rc1

0.9.36

0.9.36-rc1

0.9.34

0.9.34-rc1

0.9.32

0.9.32-rc1

0.9.30

0.9.30-rc1

Labels

Clear labels   

LTS merge

  

LTS merge

  

bug

  

bug

  

converted-to-discussion

  

doc-todo

  

documentation

  

duplicate

  

enhancement

  

file-transfer

  

firecfg

  

firejail-in-firejail

  

firetools

  

graphics

  

help wanted

  

information_old

  

installation

  

invalid

  

modif

  

moved

  

needinfo

  

networking

  

notabug

  

notourbug

  

old-version

  

overlayfs

  

packaging

  

profile-request

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question_old

  

removal

  

runtime-permissions

  

sandbox-ipc

  

security

  

stale

  

wiki

  

wiki

  

wontfix

  

wordpress

  

workaround

No labels

LTS merge

LTS merge

bug

bug

converted-to-discussion

doc-todo

documentation

duplicate

enhancement

file-transfer

firecfg

firejail-in-firejail

firetools

graphics

help wanted

information_old

installation

invalid

modif

moved

needinfo

networking

notabug

notourbug

old-version

overlayfs

packaging

profile-request

pull-request

question

question_old

removal

runtime-permissions

sandbox-ipc

security

stale

wiki

wiki

wontfix

wordpress

workaround

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2462

No description provided.