[GH-ISSUE #4115] nheko: program does not work properly #2540

New issue

Closed

opened 2026-05-05 09:12:49 -06:00 by gitea-mirror · 21 comments

gitea-mirror commented 2026-05-05 09:12:49 -06:00

Owner

Copy link

Originally created by @qazip on GitHub (Mar 19, 2021).
Original GitHub issue: https://github.com/netblue30/firejail/issues/4115

Hello,

Running nheko with firejail is not working properly. There is more discussion on nheko's repo, namely: https://github.com/Nheko-Reborn/nheko/issues/249?_pjax=%23js-repo-pjax-container

I found that, for some reason, nheko is not writing to ~/.cache/nheko/nheko when firejailed. The profile used is:

# Firejail profile for nheko
# Description: Desktop IM client for the Matrix protocol
# This file is overwritten after every install/update
# Persistent local customizations
include nheko.local
# Persistent global definitions
include globals.local

noblacklist ${HOME}/.config/nheko
noblacklist ${HOME}/.cache/nheko

include disable-common.inc
include disable-devel.inc
include disable-exec.inc
include disable-interpreters.inc
include disable-passwdmgr.inc
include disable-programs.inc
include disable-shell.inc
include disable-xdg.inc

mkdir ${HOME}/.config/nheko
mkdir ${HOME}/.cache/nheko/nheko
whitelist ${HOME}/.config/nheko
whitelist ${HOME}/.cache/nheko
whitelist ${DOWNLOADS}
include whitelist-common.inc
include whitelist-runuser-common.inc
include whitelist-usr-share-common.inc
include whitelist-var-common.inc

apparmor
caps.drop all
netfilter
nodvd
nogroups
nonewprivs
noroot
notv
protocol unix,inet,inet6
seccomp
shell none
tracelog

disable-mnt
private-bin nheko
private-cache
private-dev
private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
private-tmp

dbus-user none
# Comment the above line and uncomment below lines for notification popups
# dbus-user filter
# dbus-user.talk org.freedesktop.Notifications
# dbus-user.talk org.kde.StatusNotifierWatcher
dbus-system none

Any idea what's happening?

Originally created by @qazip on GitHub (Mar 19, 2021). Original GitHub issue: https://github.com/netblue30/firejail/issues/4115 Hello, Running nheko with firejail is not working properly. There is more discussion on nheko's repo, namely: https://github.com/Nheko-Reborn/nheko/issues/249?_pjax=%23js-repo-pjax-container I found that, for some reason, nheko is not writing to ` ~/.cache/nheko/nheko` when firejailed. The profile used is: ``` # Firejail profile for nheko # Description: Desktop IM client for the Matrix protocol # This file is overwritten after every install/update # Persistent local customizations include nheko.local # Persistent global definitions include globals.local noblacklist ${HOME}/.config/nheko noblacklist ${HOME}/.cache/nheko include disable-common.inc include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/nheko mkdir ${HOME}/.cache/nheko/nheko whitelist ${HOME}/.config/nheko whitelist ${HOME}/.cache/nheko whitelist ${DOWNLOADS} include whitelist-common.inc include whitelist-runuser-common.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc apparmor caps.drop all netfilter nodvd nogroups nonewprivs noroot notv protocol unix,inet,inet6 seccomp shell none tracelog disable-mnt private-bin nheko private-cache private-dev private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11,xdg private-tmp dbus-user none # Comment the above line and uncomment below lines for notification popups # dbus-user filter # dbus-user.talk org.freedesktop.Notifications # dbus-user.talk org.kde.StatusNotifierWatcher dbus-system none ``` Any idea what's happening?

gitea-mirror closed this issue 2026-05-05 09:12:49 -06:00

gitea-mirror commented 2026-05-05 09:12:51 -06:00

Author

Owner

Copy link

@CodeArtisan00 commented on GitHub (Mar 19, 2021):

for some reason, nheko is not writing to ~/.cache/nheko/nheko when firejailed

comment out private-cache

Running nheko with firejail is not working properly

run with firejail --debug --profile=yourprofile /path/nheko

you may also run firejail --build /path/nheko to get a rough idea. for hardening you have to manually curate the profile

<!-- gh-comment-id:802767267 --> @CodeArtisan00 commented on GitHub (Mar 19, 2021): > for some reason, nheko is not writing to ` ~/.cache/nheko/nheko` when firejailed comment out `private-cache` > Running nheko with firejail is not working properly run with `firejail --debug --profile=yourprofile /path/nheko` you may also run `firejail --build /path/nheko` to get a rough idea. for hardening you have to manually curate the profile

gitea-mirror commented 2026-05-05 09:12:52 -06:00

Author

Owner

Copy link

@ghost commented on GitHub (Mar 19, 2021):

nheko is not writing to ~/.cache/nheko/nheko when firejailed

I saw the thread you mentioned (https://github.com/Nheko-Reborn/nheko/issues/249) and someone stated that disabling private-cache didn't help. Looking at the profile I see this:

mkdir ${HOME}/.config/nheko
mkdir ${HOME}/.cache/nheko/nheko
whitelist ${HOME}/.config/nheko
whitelist ${HOME}/.cache/nheko

Is ${HOME}/.cache/nheko/nheko a file instead of a dir? In that case you'd need mkfile instead of mkdir. Have you tried that yet?

<!-- gh-comment-id:802790366 --> @ghost commented on GitHub (Mar 19, 2021): > nheko is not writing to ~/.cache/nheko/nheko when firejailed I saw the thread you mentioned (https://github.com/Nheko-Reborn/nheko/issues/249) and someone stated that disabling private-cache didn't help. Looking at the profile I see this: ``` mkdir ${HOME}/.config/nheko mkdir ${HOME}/.cache/nheko/nheko whitelist ${HOME}/.config/nheko whitelist ${HOME}/.cache/nheko ``` Is ${HOME}/.cache/nheko/nheko a `file` instead of a `dir`? In that case you'd need `mkfile` instead of `mkdir`. Have you tried that yet?

gitea-mirror commented 2026-05-05 09:12:53 -06:00

Author

Owner

Copy link

@qazip commented on GitHub (Mar 19, 2021):

@Neo00001, I already commented private-cache and it didn't help.

Runnihg with --debug:

[2021-03-19 12:27:57.039] [crypto] [critical] failed to upload one time keys: One time key signed_curve25519:AAAAAQ already exists. Old key: {"key":"DTVo5pP/nFasdf213f/FnB5q52rf6O4FakZt542faX7BoLUw1+jFWS4","signatures":{"@blabla:matrix.org":{"ed25519:YSTfdaDAPFEDMVD":"781tb8/6/D2RdoGz/+QP8pagAifCfgagloN+r1fIaCNZHgWaNHDK7fdaSqcRIfwwTzBjeRiAp2psRQ2eP78tw34Q5vejrMBw"}}}; new key: {'key': 'iSt+q08f/FolnRCiNaQHnffMfzdWaa2C0aPMKIKsdYofgT4Xqoyc', 'signatures': {'@blabla:matrix.org': {'ed25519:YSTPFEXMAV': 'Y1ctg/xj/ubBgDR3loWHMgTO2Aj8lPeELs0Mr+k6qztRwfFbFp4MqQSS/z30E4H1hJQNaDyHdE2Nw9YzlfE2Ag'}}} 400
[2021-03-19 12:27:57.042] [ui] [info] dropping to the login page: Failed to setup encryption keys. Server response: One time key signed_curve25519:AAAAAQ already exists. Old key: {"key":"DTVo5pP/nQikGf/FnB5qrf6OkZt5aX7BoLUw1+jFWS4","signatures":{"@blabla:matrix.org":{"ed25519:YSTPFEXMAV":"781tb8/6/D2RdoGz/+QP8pgAifCggloN+r1ICNZHWNasda2fdaHDK7SqcRIfwwTzBjeRiAp2psRQ2eP78tw34Q5vejrMBw"}}}; new key: {'key': 'iSt+q08/FolnRCiNQHnMzdW2C0PMKIKfasdYogT4Xqoyc', 'signatures': {'@blabla:matrix.org': {'ed25519:YSTPFEXMAV': 'Y1ctg/xj/ubBgDfdsaR3loWHMgTO2Aj8lPeELs0Mr+k6qztRwfFbFp4MqQSS/z30E4H1hJQNaDyHdE2Nw9YzlfE2Ag'}}} 400. Please try again later.
shutdown: shutdown while in init
[2021-03-19 12:27:57.043] [qml] [warning] qrc:/qml/MessageInput.qml:254: TypeError: Cannot read property 'input' of null (qrc:/qml/MessageInput.qml:254, )
shutdown: shutdown while in init
[2021-03-19 12:27:57.043] [db] [info] deleted cache files from disk

<!-- gh-comment-id:802799981 --> @qazip commented on GitHub (Mar 19, 2021): @Neo00001, I already commented private-cache and it didn't help. Runnihg with --debug: ``` [2021-03-19 12:27:57.039] [crypto] [critical] failed to upload one time keys: One time key signed_curve25519:AAAAAQ already exists. Old key: {"key":"DTVo5pP/nFasdf213f/FnB5q52rf6O4FakZt542faX7BoLUw1+jFWS4","signatures":{"@blabla:matrix.org":{"ed25519:YSTfdaDAPFEDMVD":"781tb8/6/D2RdoGz/+QP8pagAifCfgagloN+r1fIaCNZHgWaNHDK7fdaSqcRIfwwTzBjeRiAp2psRQ2eP78tw34Q5vejrMBw"}}}; new key: {'key': 'iSt+q08f/FolnRCiNaQHnffMfzdWaa2C0aPMKIKsdYofgT4Xqoyc', 'signatures': {'@blabla:matrix.org': {'ed25519:YSTPFEXMAV': 'Y1ctg/xj/ubBgDR3loWHMgTO2Aj8lPeELs0Mr+k6qztRwfFbFp4MqQSS/z30E4H1hJQNaDyHdE2Nw9YzlfE2Ag'}}} 400 [2021-03-19 12:27:57.042] [ui] [info] dropping to the login page: Failed to setup encryption keys. Server response: One time key signed_curve25519:AAAAAQ already exists. Old key: {"key":"DTVo5pP/nQikGf/FnB5qrf6OkZt5aX7BoLUw1+jFWS4","signatures":{"@blabla:matrix.org":{"ed25519:YSTPFEXMAV":"781tb8/6/D2RdoGz/+QP8pgAifCggloN+r1ICNZHWNasda2fdaHDK7SqcRIfwwTzBjeRiAp2psRQ2eP78tw34Q5vejrMBw"}}}; new key: {'key': 'iSt+q08/FolnRCiNQHnMzdW2C0PMKIKfasdYogT4Xqoyc', 'signatures': {'@blabla:matrix.org': {'ed25519:YSTPFEXMAV': 'Y1ctg/xj/ubBgDfdsaR3loWHMgTO2Aj8lPeELs0Mr+k6qztRwfFbFp4MqQSS/z30E4H1hJQNaDyHdE2Nw9YzlfE2Ag'}}} 400. Please try again later. shutdown: shutdown while in init [2021-03-19 12:27:57.043] [qml] [warning] qrc:/qml/MessageInput.qml:254: TypeError: Cannot read property 'input' of null (qrc:/qml/MessageInput.qml:254, ) shutdown: shutdown while in init [2021-03-19 12:27:57.043] [db] [info] deleted cache files from disk ```

gitea-mirror commented 2026-05-05 09:12:55 -06:00

Author

Owner

Copy link

@qazip commented on GitHub (Mar 19, 2021):

@glitsj16, it is a folder, not a file, so it is fine.

<!-- gh-comment-id:802800321 --> @qazip commented on GitHub (Mar 19, 2021): @glitsj16, it is a folder, not a file, so it is fine.

gitea-mirror commented 2026-05-05 09:12:56 -06:00

Author

Owner

Copy link

@ghost commented on GitHub (Mar 19, 2021):

it is a folder, not a file, so it is fine.

disable-programs.inc --> blacklist ${HOME}/.cache/nheko
nheko.profile

• noblacklist ${HOME}/.cache/nheko
• mkdir ${HOME}/.cache/nheko/nheko
• whitelist ${HOME}/.cache/nheko

This doesn't feel right to me, we should whitelist ${HOME}/.cache/nheko/nheko no?

<!-- gh-comment-id:802811475 --> @ghost commented on GitHub (Mar 19, 2021): > it is a folder, not a file, so it is fine. disable-programs.inc --> blacklist ${HOME}/.cache/nheko nheko.profile - noblacklist ${HOME}/.cache/nheko - mkdir ${HOME}/.cache/nheko/nheko - whitelist ${HOME}/.cache/nheko This doesn't feel right to me, we should whitelist ${HOME}/.cache/nheko/nheko no?

gitea-mirror commented 2026-05-05 09:12:57 -06:00

Author

Owner

Copy link

@qazip commented on GitHub (Mar 19, 2021):

I commented out "include disable-programs.inc". Still having the error.

I changed whitelist ${HOME}/.cache/nheko to ${HOME}/.cache/nheko/nheko. Still having the same error.

EDIT: I am starting to wonder if it is me who is doing something wrong. I am editing /etc/firejail/nheko.profile directly (with sudo). It is that file that is ran when I call "firejail nheko", right?

<!-- gh-comment-id:802822296 --> @qazip commented on GitHub (Mar 19, 2021): I commented out "include disable-programs.inc". Still having the error. I changed whitelist ${HOME}/.cache/nheko to `${HOME}/.cache/nheko/nheko`. Still having the same error. EDIT: I am starting to wonder if it is me who is doing something wrong. I am editing /etc/firejail/nheko.profile directly (with sudo). It is that file that is ran when I call "firejail nheko", right?

gitea-mirror commented 2026-05-05 09:12:59 -06:00

Author

Owner

Copy link

@ghost commented on GitHub (Mar 19, 2021):

Looks like a complex issue indeed. Alas, for the moment I'm unable to test nheko properly and cannot add anything actually useful here.

EDIT: I am starting to wonder if it is me who is doing something wrong. I am editing /etc/firejail/nheko.profile directly (with sudo). It is that file that is ran when I call "firejail nheko", right?

That is correct. The only downside of doing it in /etc/firejail/nheko.profile is your changes will be overwritten by a future firejail upgrade. Firejail supports .local overrides too. You can use ${HOME}/.config/firejail for per-user overrides. Anything in there will get picked-up before parsing /etc/profile.

<!-- gh-comment-id:802843856 --> @ghost commented on GitHub (Mar 19, 2021): Looks like a complex issue indeed. Alas, for the moment I'm unable to test nheko properly and cannot add anything actually useful here. > EDIT: I am starting to wonder if it is me who is doing something wrong. I am editing /etc/firejail/nheko.profile directly (with sudo). It is that file that is ran when I call "firejail nheko", right? That is correct. The only downside of doing it in /etc/firejail/nheko.profile is your changes will be overwritten by a future firejail upgrade. Firejail supports .local overrides too. You can use ${HOME}/.config/firejail for per-user overrides. Anything in there will get picked-up before parsing /etc/profile.

gitea-mirror commented 2026-05-05 09:13:00 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Mar 19, 2021):

@qazip what happens if you whitelist ${HOME}/.cache?

<!-- gh-comment-id:802846691 --> @rusty-snake commented on GitHub (Mar 19, 2021): @qazip what happens if you `whitelist ${HOME}/.cache`?

gitea-mirror commented 2026-05-05 09:13:01 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Mar 19, 2021):

Does this still happen if your profile only contains

mkdir ${HOME}/.config/nheko
mkdir ${HOME}/.cache/nheko
whitelist ${HOME}/.config/nheko
whitelist ${HOME}/.cache/nheko
whitelist ${DOWNLOADS}
include whitelist-common.inc

<!-- gh-comment-id:802847837 --> @rusty-snake commented on GitHub (Mar 19, 2021): Does this still happen if your profile only contains ``` mkdir ${HOME}/.config/nheko mkdir ${HOME}/.cache/nheko whitelist ${HOME}/.config/nheko whitelist ${HOME}/.cache/nheko whitelist ${DOWNLOADS} include whitelist-common.inc ```

gitea-mirror commented 2026-05-05 09:13:02 -06:00

Author

Owner

Copy link

@qazip commented on GitHub (Mar 19, 2021):

@qazip what happens if you whitelist ${HOME}/.cache?

Added that line. Still same error.

<!-- gh-comment-id:802848581 --> @qazip commented on GitHub (Mar 19, 2021): > @qazip what happens if you `whitelist ${HOME}/.cache`? Added that line. Still same error.

gitea-mirror commented 2026-05-05 09:13:02 -06:00

Author

Owner

Copy link

@qazip commented on GitHub (Mar 19, 2021):

Does this still happen if your profile only contains

mkdir ${HOME}/.config/nheko
mkdir ${HOME}/.cache/nheko
whitelist ${HOME}/.config/nheko
whitelist ${HOME}/.cache/nheko
whitelist ${DOWNLOADS}
include whitelist-common.inc

Same error still.

<!-- gh-comment-id:802850594 --> @qazip commented on GitHub (Mar 19, 2021): > Does this still happen if your profile only contains > > ``` > mkdir ${HOME}/.config/nheko > mkdir ${HOME}/.cache/nheko > whitelist ${HOME}/.config/nheko > whitelist ${HOME}/.cache/nheko > whitelist ${DOWNLOADS} > include whitelist-common.inc > ``` Same error still.

gitea-mirror commented 2026-05-05 09:13:03 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Mar 19, 2021):

Ok, it is the whitelist, if you run with mkdir -p nhekohome && firejail --noprofile --private=~/nhekohome nheko. Which directories are created?

<!-- gh-comment-id:802855391 --> @rusty-snake commented on GitHub (Mar 19, 2021): Ok, it is the whitelist, if you run with `mkdir -p nhekohome && firejail --noprofile --private=~/nhekohome nheko`. Which directories are created?

gitea-mirror commented 2026-05-05 09:13:04 -06:00

Author

Owner

Copy link

@qazip commented on GitHub (Mar 19, 2021):

Inside nhekohome, it creates the following: .cache .config .local .Xauthority .zshrc

<!-- gh-comment-id:802870020 --> @qazip commented on GitHub (Mar 19, 2021): Inside nhekohome, it creates the following: .cache .config .local .Xauthority .zshrc

gitea-mirror commented 2026-05-05 09:13:04 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Mar 19, 2021):

And in .cache .config .local/share (ignore .config/pulse)?

<!-- gh-comment-id:802872703 --> @rusty-snake commented on GitHub (Mar 19, 2021): And in .cache .config .local/share (ignore .config/pulse)?

gitea-mirror commented 2026-05-05 09:13:05 -06:00

Author

Owner

Copy link

@qazip commented on GitHub (Mar 19, 2021):

~/nhekohome 
❯ exa -a --tree
.
├── .cache
│  ├── gstreamer-1.0
│  │  └── registry.x86_64.bin
│  ├── mesa_shader_cache
│  │  ├── 1b
│  │  │  └── 39bd6cda70113abfd854630a307f76e4327de1
│  │  ├── 2e
│  │  │  └── c38a8d4fe00166c07d679f3048a4b9186c899b
│  │  ├── 3b
│  │  │  └── cb2506d7831c4c01e31bfc64aa20943f23511e
│  │  ├── 11
│  │  │  └── 6ff5c632f3178401ae51f32efbcb4a496d613a
│  │  ├── 15
│  │  │  └── 9d91147c361785d9184339213845dbe97c4821
│  │  ├── 22
│  │  │  └── e3fdf8e64af614081fcebdbcedb495114713ce
│  │  ├── 32
│  │  │  └── 69c6423ebd3e5884a3776db232cc9cd111c3d4
│  │  ├── 55
│  │  │  └── e8ed15662930dd564780ee011a8c9c95365334
│  │  ├── 64
│  │  │  ├── 8e71aadaddc8d52d27ac00ead2795df43df824
│  │  │  └── 1444861a73fd21fd2c3e20a908c89ca279439e
│  │  ├── 67
│  │  │  └── 2c19518f66a83c3189dd9c90241b29c8802b2e
│  │  ├── 77
│  │  │  └── 2ce43e3ce46ee96244961813618e157e841a60
│  │  ├── a1
│  │  │  └── 94e0ccdd94d96a34ec19b4aa1a00ea61477c67
│  │  ├── ac
│  │  │  └── bfde472bdaaeffb1c46c19ae1cdfbe1ee41759
│  │  ├── c2
│  │  │  └── 529a1be68b067ec399fd6a40f81dbd644e59b3
│  │  ├── c3
│  │  │  └── 081f3ac94407ca5672f76579316ffd08a1aa7a
│  │  ├── d2
│  │  │  └── cee1ac9a89af5721880dda60492dc632d66439
│  │  ├── d5
│  │  │  └── 6230f38070b8572c972345533bfc308c1b120c
│  │  ├── dd
│  │  │  └── 7ed87c847db186b053754106752453c3e9ee41
│  │  ├── eb
│  │  │  ├── 10501ecf0ec571e1ad229dbb19e37e27f37bb9
│  │  │  └── aa694377ee540b3526d375d9f14928ded51787
│  │  ├── ec
│  │  │  └── b89702b8438bb9c6865e7861b632161c01b8f1
│  │  ├── f5
│  │  │  └── cec05f56261155f09a67fc190085d44e94233e
│  │  ├── f8
│  │  │  └── 394ab0545b514857f1218fe53baf1b6cd8ab19
│  │  └── index
│  ├── nheko
│  │  └── nheko
│  │     └── nheko.log
│  └── qtshadercache-x86_64-little_endian-lp64
│     ├── 07aac9bdf60e1e078a2e04bad73cb456220c61b4
│     ├── 3c597a80b51a24c02510e986e8c27bdb62e99ba6
│     ├── 5cc098bc5354d98253495e89cc26ca4ba78a3a15
│     ├── 7d5f9fc417d36376dbfbebf864483aca3a25ac1a
│     ├── b9ec05f41810b130c38c3dc281312718d7eede5a
│     ├── cba8d1ceb9482bf7ad559bc702b71beca94f54a3
│     ├── d524b60ebe14b3342c6956c081215082a7ec73c0
│     └── e24592d8d235339875cae31851ad680a190a7cc6
├── .config
│  ├── nheko
│  │  └── nheko.conf
│  └── pulse
├── .local
│  └── share
│     └── nheko
│        └── nheko
│           └── 406d6d663a6d61747269782e6f7267
│              ├── data.mdb
│              └── lock.mdb
├── .Xauthority
└── .zshrc

<!-- gh-comment-id:802873849 --> @qazip commented on GitHub (Mar 19, 2021): ``` ~/nhekohome ❯ exa -a --tree . ├── .cache │ ├── gstreamer-1.0 │ │ └── registry.x86_64.bin │ ├── mesa_shader_cache │ │ ├── 1b │ │ │ └── 39bd6cda70113abfd854630a307f76e4327de1 │ │ ├── 2e │ │ │ └── c38a8d4fe00166c07d679f3048a4b9186c899b │ │ ├── 3b │ │ │ └── cb2506d7831c4c01e31bfc64aa20943f23511e │ │ ├── 11 │ │ │ └── 6ff5c632f3178401ae51f32efbcb4a496d613a │ │ ├── 15 │ │ │ └── 9d91147c361785d9184339213845dbe97c4821 │ │ ├── 22 │ │ │ └── e3fdf8e64af614081fcebdbcedb495114713ce │ │ ├── 32 │ │ │ └── 69c6423ebd3e5884a3776db232cc9cd111c3d4 │ │ ├── 55 │ │ │ └── e8ed15662930dd564780ee011a8c9c95365334 │ │ ├── 64 │ │ │ ├── 8e71aadaddc8d52d27ac00ead2795df43df824 │ │ │ └── 1444861a73fd21fd2c3e20a908c89ca279439e │ │ ├── 67 │ │ │ └── 2c19518f66a83c3189dd9c90241b29c8802b2e │ │ ├── 77 │ │ │ └── 2ce43e3ce46ee96244961813618e157e841a60 │ │ ├── a1 │ │ │ └── 94e0ccdd94d96a34ec19b4aa1a00ea61477c67 │ │ ├── ac │ │ │ └── bfde472bdaaeffb1c46c19ae1cdfbe1ee41759 │ │ ├── c2 │ │ │ └── 529a1be68b067ec399fd6a40f81dbd644e59b3 │ │ ├── c3 │ │ │ └── 081f3ac94407ca5672f76579316ffd08a1aa7a │ │ ├── d2 │ │ │ └── cee1ac9a89af5721880dda60492dc632d66439 │ │ ├── d5 │ │ │ └── 6230f38070b8572c972345533bfc308c1b120c │ │ ├── dd │ │ │ └── 7ed87c847db186b053754106752453c3e9ee41 │ │ ├── eb │ │ │ ├── 10501ecf0ec571e1ad229dbb19e37e27f37bb9 │ │ │ └── aa694377ee540b3526d375d9f14928ded51787 │ │ ├── ec │ │ │ └── b89702b8438bb9c6865e7861b632161c01b8f1 │ │ ├── f5 │ │ │ └── cec05f56261155f09a67fc190085d44e94233e │ │ ├── f8 │ │ │ └── 394ab0545b514857f1218fe53baf1b6cd8ab19 │ │ └── index │ ├── nheko │ │ └── nheko │ │ └── nheko.log │ └── qtshadercache-x86_64-little_endian-lp64 │ ├── 07aac9bdf60e1e078a2e04bad73cb456220c61b4 │ ├── 3c597a80b51a24c02510e986e8c27bdb62e99ba6 │ ├── 5cc098bc5354d98253495e89cc26ca4ba78a3a15 │ ├── 7d5f9fc417d36376dbfbebf864483aca3a25ac1a │ ├── b9ec05f41810b130c38c3dc281312718d7eede5a │ ├── cba8d1ceb9482bf7ad559bc702b71beca94f54a3 │ ├── d524b60ebe14b3342c6956c081215082a7ec73c0 │ └── e24592d8d235339875cae31851ad680a190a7cc6 ├── .config │ ├── nheko │ │ └── nheko.conf │ └── pulse ├── .local │ └── share │ └── nheko │ └── nheko │ └── 406d6d663a6d61747269782e6f7267 │ ├── data.mdb │ └── lock.mdb ├── .Xauthority └── .zshrc ```

gitea-mirror commented 2026-05-05 09:13:06 -06:00

Author

Owner

Copy link

@CodeArtisan00 commented on GitHub (Mar 19, 2021):

@qazip I tried with your profile with private-cache disabled on Arch.& with firejail there is ~/.cache/nheko/nheko/nheko.log but without firejail ~/.cache/nheko/nheko has qmlcache along with that .log file. btw do you have anything in your globals.local?

<!-- gh-comment-id:802878427 --> @CodeArtisan00 commented on GitHub (Mar 19, 2021): @qazip I tried with your profile with `private-cache` disabled on Arch.& with firejail there is `~/.cache/nheko/nheko/nheko.log` but without firejail `~/.cache/nheko/nheko` has `qmlcache` along with that `.log` file. btw do you have anything in your `globals.local`?

gitea-mirror commented 2026-05-05 09:13:07 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Mar 19, 2021):

├── .local
│ └── share
│ └── nheko
│ └── nheko
│ └── 406d6d663a6d61747269782e6f7267
│ ├── data.mdb
│ └── lock.mdb

There are databases but no whitelist for them, so they are dropped when you close nheko => server state and client state differ.

<!-- gh-comment-id:802880441 --> @rusty-snake commented on GitHub (Mar 19, 2021): > ├── .local │ └── share │ └── nheko │ └── nheko │ └── 406d6d663a6d61747269782e6f7267 │ ├── data.mdb │ └── lock.mdb There are databases but no whitelist for them, so they are dropped when you close nheko => server state and client state differ.

gitea-mirror commented 2026-05-05 09:13:07 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Mar 19, 2021):

fix:

noblacklist ${HOME}/.local/share/nheko
blacklist ${HOME}/.local/share/nheko
mkdir ${HOME}/.local/share/nheko
whitelist ${HOME}/.local/share/nheko

<!-- gh-comment-id:802881043 --> @rusty-snake commented on GitHub (Mar 19, 2021): fix: ``` noblacklist ${HOME}/.local/share/nheko blacklist ${HOME}/.local/share/nheko mkdir ${HOME}/.local/share/nheko whitelist ${HOME}/.local/share/nheko ```

gitea-mirror commented 2026-05-05 09:13:08 -06:00

Author

Owner

Copy link

@qazip commented on GitHub (Mar 19, 2021):

fix:

noblacklist ${HOME}/.local/share/nheko
blacklist ${HOME}/.local/share/nheko
mkdir ${HOME}/.local/share/nheko
whitelist ${HOME}/.local/share/nheko

I added those lines (other than the one that says to blacklist something that you noblacklisted above? I suppose that was a typo) and it works! Thank you very much!

<!-- gh-comment-id:802886137 --> @qazip commented on GitHub (Mar 19, 2021): > fix: > > ``` > noblacklist ${HOME}/.local/share/nheko > blacklist ${HOME}/.local/share/nheko > mkdir ${HOME}/.local/share/nheko > whitelist ${HOME}/.local/share/nheko > ``` I added those lines (other than the one that says to blacklist something that you noblacklisted above? I suppose that was a typo) and it works! Thank you very much!

gitea-mirror commented 2026-05-05 09:13:08 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Mar 19, 2021):

I suppose that was a typo

That are the lines we need to add, in the order they are read. Of course will this blacklist go to dp.

<!-- gh-comment-id:802887853 --> @rusty-snake commented on GitHub (Mar 19, 2021): > I suppose that was a typo That are the lines we need to add, in the order they are read. Of course will this blacklist go to dp.

gitea-mirror commented 2026-05-05 09:13:09 -06:00

Author

Owner

Copy link

@qazip commented on GitHub (Mar 19, 2021):

If I add all the 4 lines, it doesn't fix the error. However, if I only add the following 3, it does fix the error:

noblacklist ${HOME}/.local/share/nheko
mkdir ${HOME}/.local/share/nheko
whitelist ${HOME}/.local/share/nheko

However, I added all those 3 (4 before) to the mid of the nheko.profile. Not sure if I should add it elsewhere.

<!-- gh-comment-id:802890439 --> @qazip commented on GitHub (Mar 19, 2021): If I add all the 4 lines, it doesn't fix the error. However, if I only add the following 3, it does fix the error: ``` noblacklist ${HOME}/.local/share/nheko mkdir ${HOME}/.local/share/nheko whitelist ${HOME}/.local/share/nheko ``` However, I added all those 3 (4 before) to the mid of the nheko.profile. Not sure if I should add it elsewhere.

gitea-mirror referenced this issue 2026-05-05 10:19:11 -06:00

[PR #2540] [MERGED] Add code-oss config directory #4391

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

serialize_remounts_v2

landlock_v4

landlock

release-0.9.64

release-0.9.62

gitlab_ci

LTSbase

fred_ctests

docs

0.9.80

0.9.80-rc1

0.9.78

0.9.76

0.9.76-rc4

0.9.76-rc3

0.9.76-rc2

0.9.76-rc1

0.9.74

landlock-split

0.9.72

0.9.72rc1

0.9.70

0.9.68

0.9.68rc1

0.9.66

0.9.66rc1

0.9.64.4

0.9.64.2

0.9.64

0.9.64rc1

0.9.62.4

0.9.62.2

0.9.62

0.9.56.2-LTS

0.9.60

0.9.60-rc1

0.9.58.2

0.9.58

0.9.58-rc1

0.9.56-LTS-release

0.9.56-LTS

0.9.56

0.9.56-rc1

0.9.54

0.9.54-rc2

0.9.54-rc1

0.9.52

0.9.38.12

0.9.50

0.9.50-rc1

0.9.48

0.9.46

0.9.46-rc1

0.9.44.10

0.9.44.8

0.9.44.6

0.9.38.10

0.9.44.4

0.9.38.8

0.9.44.2

0.9.44

0.9.44-rc1

0.9.38.4

0.9.42

0.9.42-rc2

0.9.38.2

0.9.42-rc1

disable-globalcfg

0.9.40

0.9.40-rc1

0.9.38

0.9.38-rc1

0.9.36

0.9.36-rc1

0.9.34

0.9.34-rc1

0.9.32

0.9.32-rc1

0.9.30

0.9.30-rc1

Labels

Clear labels   

LTS merge

  

LTS merge

  

bug

  

bug

  

converted-to-discussion

  

doc-todo

  

documentation

  

duplicate

  

enhancement

  

file-transfer

  

firecfg

  

firejail-in-firejail

  

firetools

  

graphics

  

help wanted

  

information_old

  

installation

  

invalid

  

modif

  

moved

  

needinfo

  

networking

  

notabug

  

notourbug

  

old-version

  

overlayfs

  

packaging

  

profile-request

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question_old

  

removal

  

runtime-permissions

  

sandbox-ipc

  

security

  

stale

  

wiki

  

wiki

  

wontfix

  

wordpress

  

workaround

No labels

LTS merge

LTS merge

bug

bug

converted-to-discussion

doc-todo

documentation

duplicate

enhancement

file-transfer

firecfg

firejail-in-firejail

firetools

graphics

help wanted

information_old

installation

invalid

modif

moved

needinfo

networking

notabug

notourbug

old-version

overlayfs

packaging

profile-request

pull-request

question

question_old

removal

runtime-permissions

sandbox-ipc

security

stale

wiki

wiki

wontfix

wordpress

workaround

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2540

No description provided.