github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #4158] Dunst notifications with Signal-Desktop not working #2557

New issue
Closed
opened 2026-05-05 09:13:55 -06:00 by gitea-mirror · 6 comments
gitea-mirror commented 2026-05-05 09:13:55 -06:00
Owner
Copy link

Originally created by @vwheezy on GitHub (Apr 2, 2021).
Original GitHub issue: https://github.com/netblue30/firejail/issues/4158

Bug and expected behavior

  • After running sudo firecfg to create profiles for my applications and running signal-desktop, notifications through dunst no longer work.
  • Expected a notification to pop up.

No profile and disabling firejail

  • Running signal-desktop under --noprofile and through /usr/bin/signal-desktop exhibits the correct behavior.

Reproduce
Steps to reproduce the behavior:

  1. Run in bash firejail signal-desktop
  2. Receive a notification through Signal
  3. Observe lack of notification by dunst

Environment

  • 5.11.11-arch1-1
  • 0.9.64.4

Additional context
Tried overriding the profile with some dbus options knowing that dunst uses it (I think).

ignore private-tmp
ignore nodbus
dbus-system.talk org.freedesktop.Notifications
include /etc/firejail/signal-desktop.profile

I have a feeling I just don't know enough about DBus or firejail itself to resolve this myself. Sorry if this belongs in questions and thank you!

debug output 
Reading profile /home/vwheezy/.config/firejail/signal-desktop.profile
Autoselecting /bin/bash as shell
Building quoted command line: 'signal-desktop'
Command name #signal-desktop#
Found signal-desktop.profile profile in /home/vwheezy/.config/firejail directory
Reading profile /etc/firejail/signal-desktop.profile
Reading profile /etc/firejail/electron.profile
Found electron.profile profile in /etc/firejail directory
Reading profile /etc/firejail/disable-common.inc
Found disable-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-devel.inc
Found disable-devel.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-exec.inc
Found disable-exec.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-interpreters.inc
Found disable-interpreters.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-passwdmgr.inc
Found disable-passwdmgr.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-programs.inc
Found disable-programs.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-xdg.inc
Found disable-xdg.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-common.inc
Found whitelist-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-var-common.inc
Found whitelist-var-common.inc profile in /etc/firejail directory
DISPLAY=:0 parsed as 0
Ignoring "dbus-system.talk org.freedesktop.Notifications".
Parent pid 19812, child pid 19813
Using the local network stack
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: file /etc/alternatives not found.
Warning: skipping alternatives for private /etc
Warning: file /etc/crypto-policies not found.
Warning: skipping crypto-policies for private /etc
Warning: file /etc/pki not found.
Warning: skipping pki for private /etc
Using the local network stack
Initializing child process
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp directory
Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file
Mounting /proc filesystem representing the PID namespace
Basic read-only filesystem:
Mounting read-only /etc
1832 415 8:2 /etc /etc ro,relatime master:1 - ext4 /dev/sda2 rw
mountid=1832 fsname=/etc dir=/etc fstype=ext4
Mounting noexec /etc
1833 1832 8:2 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw
mountid=1833 fsname=/etc dir=/etc fstype=ext4
Mounting read-only /var
1834 415 8:2 /var /var ro,relatime master:1 - ext4 /dev/sda2 rw
mountid=1834 fsname=/var dir=/var fstype=ext4
Mounting noexec /var
1835 1834 8:2 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw
mountid=1835 fsname=/var dir=/var fstype=ext4
Mounting read-only /usr
1836 415 8:2 /usr /usr ro,relatime master:1 - ext4 /dev/sda2 rw
mountid=1836 fsname=/usr dir=/usr fstype=ext4
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Create the new utmp file
Mount the new utmp file
Cleaning /home directory
Cleaning /run/user directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /home/vwheezy/.config/firejail
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/profile
Disable /run/firejail/x11
Disable /run/firejail/appimage
Mounting tmpfs on /dev
mounting /run/firejail/mnt/dev/snd directory
mounting /run/firejail/mnt/dev/dri directory
Process /dev/shm directory
Creating empty /run/firejail/mnt/dbus directory
Creating empty /run/firejail/mnt/dbus/user file
blacklist /run/user/1000/bus
Creating empty /run/firejail/mnt/dbus/system file
blacklist /run/dbus/system_bus_socket
blacklist /run/firejail/dbus
Mounting read-only /proc/sys
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/power
Disable /sys/kernel/debug
Disable /sys/kernel/vmcoreinfo
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kcore
Disable /proc/kallsyms
Disable /usr/lib/modules/5.11.11-arch1-1/build (requested /usr/src/linux)
Disable /usr/lib/modules (requested /lib/modules)
Disable /boot
Disable /run/user/1000/gnupg
Disable /run/user/1000/systemd
Disable /proc/kmsg
Copying files in the new /etc directory:
copying /etc/ca-certificates to private /etc
Creating empty /run/firejail/mnt/etc/ca-certificates directory
sbox run: /run/firejail/lib/fcopy /etc/ca-certificates /run/firejail/mnt/etc/ca-certificates
copying /etc/fonts to private /etc
Creating empty /run/firejail/mnt/etc/fonts directory
sbox run: /run/firejail/lib/fcopy /etc/fonts /run/firejail/mnt/etc/fonts
copying /etc/ld.so.cache to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.cache /run/firejail/mnt/etc
copying /etc/ld.so.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf /run/firejail/mnt/etc
copying /etc/ld.so.conf.d to private /etc
Creating empty /run/firejail/mnt/etc/ld.so.conf.d directory
sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf.d /run/firejail/mnt/etc/ld.so.conf.d
copying /etc/ld.so.preload to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.preload /run/firejail/mnt/etc
copying /etc/machine-id to private /etc
sbox run: /run/firejail/lib/fcopy /etc/machine-id /run/firejail/mnt/etc
copying /etc/nsswitch.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/nsswitch.conf /run/firejail/mnt/etc
copying /etc/resolv.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/resolv.conf /run/firejail/mnt/etc
copying /etc/ssl to private /etc
Creating empty /run/firejail/mnt/etc/ssl directory
sbox run: /runPrivate /etc installed in 44.21 ms
/firejail/lib/fcopy /etc/ssl /run/firejail/mnt/etc/ssl
Mount-bind /run/firejail/mnt/etc on top of /etc
Debug 456: new_name #/home/vwheezy/.mozilla/firefox/profiles.ini#, whitelist
Debug 571: fname #/home/vwheezy/.mozilla/firefox/profiles.ini#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.config/Signal#, whitelist
Debug 571: fname #/home/vwheezy/.config/Signal#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/dl#, whitelist
Debug 571: fname #/home/vwheezy/dl#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.XCompose#, whitelist
Cannot find /usr/etc
Replaced whitelist path: whitelist /home/vwheezy/.mozilla/firefox/profiles.ini
Replaced whitelist path: whitelist /home/vwheezy/.config/Signal
Directory ${DOWNLOADS} resolved as dl
Replaced whitelist path: whitelist /home/vwheezy/dl
Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose
	expanded: /home/vwheezy/.XCompose
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.alsaequal.bin#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.alsaequal.bin
	expanded: /home/vwheezy/.alsaequal.bin
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.asoundrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc
	expanded: /home/vwheezy/.asoundrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/ibus#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ibus
	expanded: /home/vwheezy/.config/ibus
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/mimeapps.list#, whitelist
Debug 571: fname #/home/vwheezy/.config/mimeapps.list#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.config/pkcs11#, whitelist
Replaced whitelist path: whitelist /home/vwheezy/.config/mimeapps.list
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11
	expanded: /home/vwheezy/.config/pkcs11
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/user-dirs.dirs#, whitelist
Debug 571: fname #/home/vwheezy/.config/user-dirs.dirs#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.config/user-dirs.locale#, whitelist
Debug 571: fname #/home/vwheezy/.config/user-dirs.locale#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.drirc#, whitelist
Replaced whitelist path: whitelist /home/vwheezy/.config/user-dirs.dirs
Replaced whitelist path: whitelist /home/vwheezy/.config/user-dirs.locale
Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc
	expanded: /home/vwheezy/.drirc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons
	expanded: /home/vwheezy/.icons
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.local/share/applications#, whitelist
Debug 571: fname #/home/vwheezy/.local/share/applications#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.local/share/icons#, whitelist
Replaced whitelist path: whitelist /home/vwheezy/.local/share/applications
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/icons
	expanded: /home/vwheezy/.local/share/icons
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.local/share/mime#, whitelist
Debug 571: fname #/home/vwheezy/.local/share/mime#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.mime.types#, whitelist
Replaced whitelist path: whitelist /home/vwheezy/.local/share/mime
Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types
	expanded: /home/vwheezy/.mime.types
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.uim.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d
	expanded: /home/vwheezy/.uim.d
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/dconf#, whitelist
Debug 571: fname #/home/vwheezy/.config/dconf#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.cache/fontconfig#, whitelist
Debug 571: fname #/home/vwheezy/.cache/fontconfig#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.config/fontconfig#, whitelist
Replaced whitelist path: whitelist /home/vwheezy/.config/dconf
Replaced whitelist path: whitelist /home/vwheezy/.cache/fontconfig
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/fontconfig
	expanded: /home/vwheezy/.config/fontconfig
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig
	expanded: /home/vwheezy/.fontconfig
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts
	expanded: /home/vwheezy/.fonts
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.fonts.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf
	expanded: /home/vwheezy/.fonts.conf
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.fonts.conf.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d
	expanded: /home/vwheezy/.fonts.conf.d
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.fonts.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d
	expanded: /home/vwheezy/.fonts.d
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.local/share/fonts#, whitelist
Debug 571: fname #/home/vwheezy/.local/share/fonts#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.pangorc#, whitelist
Replaced whitelist path: whitelist /home/vwheezy/.local/share/fonts
Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc
	expanded: /home/vwheezy/.pangorc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/gtk-2.0#, whitelist
Debug 571: fname #/home/vwheezy/.config/gtk-2.0#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.config/gtk-3.0#, whitelist
Debug 571: fname #/home/vwheezy/.config/gtk-3.0#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.config/gtk-4.0#, whitelist
Replaced whitelist path: whitelist /home/vwheezy/.config/gtk-2.0
Replaced whitelist path: whitelist /home/vwheezy/.config/gtk-3.0
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0
	expanded: /home/vwheezy/.config/gtk-4.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc
	expanded: /home/vwheezy/.config/gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc-2.0
	expanded: /home/vwheezy/.config/gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.gnome2#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2
	expanded: /home/vwheezy/.gnome2
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.gnome2-private#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private
	expanded: /home/vwheezy/.gnome2-private
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.gtk-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0
	expanded: /home/vwheezy/.gtk-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc
	expanded: /home/vwheezy/.gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc-2.0
	expanded: /home/vwheezy/.gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc
	expanded: /home/vwheezy/.kde/share/config/gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0
	expanded: /home/vwheezy/.kde/share/config/gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde4/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc
	expanded: /home/vwheezy/.kde4/share/config/gtkrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde4/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0
	expanded: /home/vwheezy/.kde4/share/config/gtkrc-2.0
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.local/share/themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes
	expanded: /home/vwheezy/.local/share/themes
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes
	expanded: /home/vwheezy/.themes
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.cache/kioexec/krun#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun
	expanded: /home/vwheezy/.cache/kioexec/krun
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/Kvantum#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Kvantum
	expanded: /home/vwheezy/.config/Kvantum
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/Trolltech.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Trolltech.conf
	expanded: /home/vwheezy/.config/Trolltech.conf
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/QtProject.conf#, whitelist
Debug 571: fname #/home/vwheezy/.config/QtProject.conf#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.config/kdeglobals#, whitelist
Debug 571: fname #/home/vwheezy/.config/kdeglobals#, cfg.homedir #/home/vwheezy#
Debug 456: new_name #/home/vwheezy/.config/kio_httprc#, whitelist
Replaced whitelist path: whitelist /home/vwheezy/.config/QtProject.conf
Replaced whitelist path: whitelist /home/vwheezy/.config/kdeglobals
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kio_httprc
	expanded: /home/vwheezy/.config/kio_httprc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc
	expanded: /home/vwheezy/.config/kioslaverc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist
	expanded: /home/vwheezy/.config/ksslcablacklist
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qt5ct
	expanded: /home/vwheezy/.config/qt5ct
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.config/qtcurve#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qtcurve
	expanded: /home/vwheezy/.config/qtcurve
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals
	expanded: /home/vwheezy/.kde/share/config/kdeglobals
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc
	expanded: /home/vwheezy/.kde/share/config/kio_httprc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc
	expanded: /home/vwheezy/.kde/share/config/kioslaverc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist
	expanded: /home/vwheezy/.kde/share/config/ksslcablacklist
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc
	expanded: /home/vwheezy/.kde/share/config/oxygenrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons
	expanded: /home/vwheezy/.kde/share/icons
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde4/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals
	expanded: /home/vwheezy/.kde4/share/config/kdeglobals
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde4/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc
	expanded: /home/vwheezy/.kde4/share/config/kio_httprc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde4/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc
	expanded: /home/vwheezy/.kde4/share/config/kioslaverc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde4/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist
	expanded: /home/vwheezy/.kde4/share/config/ksslcablacklist
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde4/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc
	expanded: /home/vwheezy/.kde4/share/config/oxygenrc
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.kde4/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons
	expanded: /home/vwheezy/.kde4/share/icons
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/home/vwheezy/.local/share/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct
	expanded: /home/vwheezy/.local/share/qt5ct
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/lib/ca-certificates#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates
	expanded: /var/lib/ca-certificates
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/lib/dbus#, whitelist
Debug 456: new_name #/var/lib/menu-xdg#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg
	expanded: /var/lib/menu-xdg
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/lib/uim#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/uim
	expanded: /var/lib/uim
	real path: (null)
	realpath: No such file or directory
Debug 456: new_name #/var/cache/fontconfig#, whitelist
Debug 456: new_name #/var/tmp#, whitelist
Debug 456: new_name #/var/run#, whitelist
Debug 456: new_name #/var/lock#, whitelist
Replaced whitelist path: whitelist /run
Replaced whitelist path: whitelist /run/lock
Mounting tmpfs on /var directory
Mounting a new /root directory
Mounting a new /home directory
Create a new user directory
Whitelisting /home/vwheezy/.mozilla/firefox/profiles.ini
1898 1897 8:3 /vwheezy/.mozilla/firefox/profiles.ini /home/vwheezy/.mozilla/firefox/profiles.ini rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1898 fsname=/vwheezy/.mozilla/firefox/profiles.ini dir=/home/vwheezy/.mozilla/firefox/profiles.ini fstype=ext4
Whitelisting /home/vwheezy/.config/Signal
1899 1897 8:3 /vwheezy/.config/Signal /home/vwheezy/.config/Signal rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1899 fsname=/vwheezy/.config/Signal dir=/home/vwheezy/.config/Signal fstype=ext4
Whitelisting /home/vwheezy/dl
1900 1897 8:3 /vwheezy/dl /home/vwheezy/dl rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1900 fsname=/vwheezy/dl dir=/home/vwheezy/dl fstype=ext4
Whitelisting /home/vwheezy/.config/mimeapps.list
1901 1897 8:3 /vwheezy/.config/mimeapps.list /home/vwheezy/.config/mimeapps.list rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1901 fsname=/vwheezy/.config/mimeapps.list dir=/home/vwheezy/.config/mimeapps.list fstype=ext4
Whitelisting /home/vwheezy/.config/user-dirs.dirs
1902 1897 8:3 /vwheezy/.config/user-dirs.dirs /home/vwheezy/.config/user-dirs.dirs rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1902 fsname=/vwheezy/.config/user-dirs.dirs dir=/home/vwheezy/.config/user-dirs.dirs fstype=ext4
Whitelisting /home/vwheezy/.config/user-dirs.locale
1903 1897 8:3 /vwheezy/.config/user-dirs.locale /home/vwheezy/.config/user-dirs.locale rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1903 fsname=/vwheezy/.config/user-dirs.locale dir=/home/vwheezy/.config/user-dirs.locale fstype=ext4
Whitelisting /home/vwheezy/.local/share/applications
1904 1897 8:3 /vwheezy/.local/share/applications /home/vwheezy/.local/share/applications rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1904 fsname=/vwheezy/.local/share/applications dir=/home/vwheezy/.local/share/applications fstype=ext4
Whitelisting /home/vwheezy/.local/share/mime
1905 1897 8:3 /vwheezy/.local/share/mime /home/vwheezy/.local/share/mime rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1905 fsname=/vwheezy/.local/share/mime dir=/home/vwheezy/.local/share/mime fstype=ext4
Whitelisting /home/vwheezy/.config/dconf
1906 1897 8:3 /vwheezy/.config/dconf /home/vwheezy/.config/dconf rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1906 fsname=/vwheezy/.config/dconf dir=/home/vwheezy/.config/dconf fstype=ext4
Whitelisting /home/vwheezy/.cache/fontconfig
1907 1897 8:3 /vwheezy/.cache/fontconfig /home/vwheezy/.cache/fontconfig rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1907 fsname=/vwheezy/.cache/fontconfig dir=/home/vwheezy/.cache/fontconfig fstype=ext4
Whitelisting /home/vwheezy/.local/share/fonts
1908 1897 8:3 /vwheezy/.local/share/fonts /home/vwheezy/.local/share/fonts rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1908 fsname=/vwheezy/.local/share/fonts dir=/home/vwheezy/.local/share/fonts fstype=ext4
Whitelisting /home/vwheezy/.config/gtk-2.0
1909 1897 8:3 /vwheezy/.config/gtk-2.0 /home/vwheezy/.config/gtk-2.0 rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1909 fsname=/vwheezy/.config/gtk-2.0 dir=/home/vwheezy/.config/gtk-2.0 fstype=ext4
Whitelisting /home/vwheezy/.config/gtk-3.0
1910 1897 8:3 /vwheezy/.config/gtk-3.0 /home/vwheezy/.config/gtk-3.0 rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1910 fsname=/vwheezy/.config/gtk-3.0 dir=/home/vwheezy/.config/gtk-3.0 fstype=ext4
Whitelisting /home/vwheezy/.config/QtProject.conf
1911 1897 8:3 /vwheezy/.config/QtProject.conf /home/vwheezy/.config/QtProject.conf rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1911 fsname=/vwheezy/.config/QtProject.conf dir=/home/vwheezy/.config/QtProject.conf fstype=ext4
Whitelisting /home/yungwheezWarning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted
y/.config/kdeglobals
1912 1897 8:3 /vwheezy/.config/kdeglobals /home/vwheezy/.config/kdeglobals rw,relatime master:43 - ext4 /dev/sda3 rw
mountid=1912 fsname=/vwheezy/.config/kdeglobals dir=/home/vwheezy/.config/kdeglobals fstype=ext4
Whitelisting /var/lib/dbus
1913 1893 8:2 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw
mountid=1913 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4
Whitelisting /var/cache/fontconfig
1914 1893 8:2 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw
mountid=1914 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4
Whitelisting /var/tmp
1915 1893 0:126 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64
mountid=1915 fsname=/ dir=/var/tmp fstype=tmpfs
Created symbolic link /var/run -> /run
Created symbolic link /var/lock -> /run/lock
Mounting read-only /home/vwheezy/.mozilla/firefox/profiles.ini
1918 1898 8:3 /vwheezy/.mozilla/firefox/profiles.ini /home/vwheezy/.mozilla/firefox/profiles.ini ro,relatime master:43 - ext4 /dev/sda3 rw
mountid=1918 fsname=/vwheezy/.mozilla/firefox/profiles.ini dir=/home/vwheezy/.mozilla/firefox/profiles.ini fstype=ext4
Mounting read-only /home/vwheezy/.config/kdeglobals
1919 1912 8:3 /vwheezy/.config/kdeglobals /home/vwheezy/.config/kdeglobals ro,relatime master:43 - ext4 /dev/sda3 rw
mountid=1919 fsname=/vwheezy/.config/kdeglobals dir=/home/vwheezy/.config/kdeglobals fstype=ext4
Mounting read-only /home/vwheezy/.config/dconf
1920 1906 8:3 /vwheezy/.config/dconf /home/vwheezy/.config/dconf ro,relatime master:43 - ext4 /dev/sda3 rw
mountid=1920 fsname=/vwheezy/.config/dconf dir=/home/vwheezy/.config/dconf fstype=ext4
Disable /usr/bin/systemd-run
Disable /run/user/1000/systemd
Mounting read-only /home/vwheezy/.local/share/applications
1923 1904 8:3 /vwheezy/.local/share/applications /home/vwheezy/.local/share/applications ro,relatime master:43 - ext4 /dev/sda3 rw
mountid=1923 fsname=/vwheezy/.local/share/applications dir=/home/vwheezy/.local/share/applications fstype=ext4
Mounting read-only /home/vwheezy/.config/mimeapps.list
1924 1901 8:3 /vwheezy/.config/mimeapps.list /home/vwheezy/.config/mimeapps.list ro,relatime master:43 - ext4 /dev/sda3 rw
mountid=1924 fsname=/vwheezy/.config/mimeapps.list dir=/home/vwheezy/.config/mimeapps.list fstype=ext4
Mounting read-only /home/vwheezy/.config/user-dirs.dirs
1925 1902 8:3 /vwheezy/.config/user-dirs.dirs /home/vwheezy/.config/user-dirs.dirs ro,relatime master:43 - ext4 /dev/sda3 rw
mountid=1925 fsname=/vwheezy/.config/user-dirs.dirs dir=/home/vwheezy/.config/user-dirs.dirs fstype=ext4
Mounting read-only /home/vwheezy/.config/user-dirs.locale
1926 1903 8:3 /vwheezy/.config/user-dirs.locale /home/vwheezy/.config/user-dirs.locale ro,relatime master:43 - ext4 /dev/sda3 rw
mountid=1926 fsname=/vwheezy/.config/user-dirs.locale dir=/home/vwheezy/.config/user-dirs.locale fstype=ext4
Mounting read-only /home/vwheezy/.local/share/mime
1927 1905 8:3 /vwheezy/.local/share/mime /home/vwheezy/.local/share/mime ro,relatime master:43 - ext4 /dev/sda3 rw
mountid=1927 fsname=/vwheezy/.local/share/mime dir=/home/vwheezy/.local/share/mime fstype=ext4
Disable /usr/local/sbin
Disable /usr/bin/chage
Disable /usr/bin/chfn
Disable /usr/bin/chsh
Disable /usr/bin/expiry
Disable /usr/bin/fusermount
Disable /usr/bin/gpasswd
Disable /usr/bin/ksu
Disable /usr/bin/mount
Disable /usr/bin/nc
Disable /usr/bin/newgidmap
Disable /usr/bin/newgrp
Disable /usr/bin/newuidmap
Disable /usr/bin/pkexec
Disable /usr/bin/sg
Disable /usr/bin/strace
Disable /usr/bin/su
Disable /usr/bin/sudo
Disable /usr/bin/umount
Disable /usr/bin/unix_chkpwd
Disable /usr/bin/xev
Disable /tmp/tmux-1000
Disable /proc/config.gz
Disable /usr/bin/drill
Disable /usr/bin/ldns-test-edns
Disable /usr/bin/ldns-keygen
Disable /usr/bin/ldns-walk
Disable /usr/bin/ldns-gen-zone
Disable /usr/bin/ldns-signzone
Disable /usr/bin/ldns-read-zone
Disable /usr/bin/ldns-verify-zone
Disable /usr/bin/ldns-version
Disable /usr/bin/ldns-revoke
Disable /usr/bin/ldns-zsplit
Disable /usr/bin/ldns-notify
Disable /usr/bin/ldns-dane
Disable /usr/bin/ldns-resolver
Disable /usr/bin/ldns-nsec3-hash
Disable /usr/bin/ldns-rrsig
Disable /usr/bin/ldns-compare-zones
Disable /usr/bin/ldns-config
Disable /usr/bin/ldns-chaos
Disable /usr/bin/ldns-update
Disable /usr/bin/ldns-keyfetcher
Disable /usr/bin/ldns-key2ds
Disable /usr/bin/ldns-dpa
Disable /usr/bin/ldns-zcat
Disable /usr/bin/ldns-testns
Disable /usr/bin/ldns-mx
Disable /usr/bin/ldnsd
Disable /usr/bin/resolvectl
Disable /usr/bin/clang-check
Disable /usr/bin/clang-include-fixer
Disable /usr/bin/clang-11 (requested /usr/bin/clang)
Disable /usr/bin/clang-query
Disable /usr/bin/clang-scan-deps
Disable /usr/bin/clang-rename
Disable /usr/bin/clang-tidy
Disable /usr/bin/clang-change-namespace
Disable /usr/bin/clang-doc
Disable /usr/bin/clang-11
Disable /usr/bin/clang-11 (requested /usr/bin/clang++)
Disable /usr/bin/clang-11 (requested /usr/bin/clang-cl)
Disable /usr/bin/clang-offload-wrapper
Disable /usr/bin/clangd
Disable /usr/bin/clang-11 (requested /usr/bin/clang-cpp)
Disable /usr/bin/clang-refactor
Disable /usr/bin/clang-reorder-fields
Disable /usr/bin/clang-format
Disable /usr/bin/clang-extdef-mapping
Disable /usr/bin/clang-move
Disable /usr/bin/clang-offload-bundler
Disable /usr/bin/clang-apply-replacements
Disable /usr/bin/llvm-lto2
Disable /usr/bin/llvm-cov
Disable /usr/bin/llvm-exegesis
Disable /usr/bin/llvm-lto
Disable /usr/bin/llvm-nm
Disable /usr/bin/llvm-lipo
Disable /usr/bin/llvm-ml
Disable /usr/bin/llvm-mt
Disable /usr/bin/llvm-cfi-verify
Disable /usr/bin/llvm-as
Disable /usr/bin/llvm-undname
Disable /usr/bin/llvm-readobj (requested /usr/bin/llvm-readelf)
Disable /usr/bin/llvm-bcanalyzer
Disable /usr/bin/llvm-objcopy (requested /usr/bin/llvm-install-name-tool)
Disable /usr/bin/llvm-gsymutil
Disable /usr/bin/llvm-dwarfdump
Disable /usr/bin/llvm-ar (requested /usr/bin/llvm-lib)
Disable /usr/bin/llvm-link
Disable /usr/bin/llvm-rc
Disable /usr/bin/llvm-xray
Disable /usr/bin/llvm-PerfectShuffle
Disable /usr/bin/llvm-ar (requested /usr/bin/llvm-ranlib)
Disable /usr/bin/llvm-c-test
Disable /usr/bin/llvm-symbolizer (requested /usr/bin/llvm-addr2line)
Disable /usr/bin/llvm-jitlink
Disable /usr/bin/llvm-ar
Disable /usr/bin/llvm-mc
Disable /usr/bin/llvm-objcopy
Disable /usr/bin/llvm-cxxdump
Disable /usr/bin/llvm-cxxmap
Disable /usr/bin/llvm-opt-report
Disable /usr/bin/llvm-config
Disable /usr/bin/llvm-ar (requested /usr/bin/llvm-dlltool)
Disable /usr/bin/llvm-diff
Disable /usr/bin/llvm-mca
Disable /usr/bin/llvm-pdbutil
Disable /usr/bin/llvm-cat
Disable /usr/bin/llvm-reduce
Disable /usr/bin/llvm-strings
Disable /usr/bin/llvm-rtdyld
Disable /usr/bin/llvm-extract
Disable /usr/bin/llvm-stress
Disable /usr/bin/llvm-tblgen
Disable /usr/bin/llvm-dis
Disable /usr/bin/llvm-symbolizer
Disable /usr/bin/llvm-objdump
Disable /usr/bin/llvm-objcopy (requested /usr/bin/llvm-strip)
Disable /usr/bin/llvm-profdata
Disable /usr/bin/llvm-readobj
Disable /usr/bin/llvm-ifs
Disable /usr/bin/llvm-size
Disable /usr/bin/llvm-elfabi
Disable /usr/bin/llvm-dwp
Disable /usr/bin/llvm-cvtres
Disable /usr/bin/llvm-modextract
Disable /usr/bin/llvm-cxxfilt
Disable /usr/bin/llvm-split
Disable /usr/bin/as
Disable /usr/bin/gcc (requested /usr/bin/cc)
Disable /usr/bin/c++
Disable /usr/bin/c++filt
Disable /usr/bin/c89
Disable /usr/bin/c99
Disable /usr/bin/cpp
Disable /usr/bin/cpp2html
Disable /usr/bin/g++
Disable /usr/bin/gcc-nm
Disable /usr/bin/gcc-ranlib
Disable /usr/bin/gcc-ar
Disable /usr/bin/gcc
Disable /usr/bin/gdb
Disable /usr/bin/ld
Disable /usr/bin/riscv64-linux-gnu-gcc-ranlib
Disable /usr/bin/riscv64-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/riscv64-linux-gnu-gcc
Disable /usr/bin/riscv64-linux-gnu-gcc-nm
Disable /usr/bin/riscv64-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/riscv64-linux-gnu-g++
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/bin/riscv64-linux-gnu-gcc-ranlib
Disable /usr/bin/riscv64-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/riscv64-linux-gnu-gcc
Disable /usr/bin/riscv64-linux-gnu-gcc-nm
Disable /usr/bin/riscv64-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/riscv64-linux-gnu-g++
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/lib/jvm/java-15-openjdk/bin/java (requested /usr/bin/java)
Disable /usr/lib/jvm/java-15-openjdk/bin/javac (requested /usr/bin/javac)
Disable /usr/share/java
Disable /usr/bin/openssl
Disable /usr/bin/rustup (requested /usr/bin/rust-gdb)
Disable /usr/bin/rustup (requested /usr/bin/rust-lldb)
Disable /usr/bin/rustup (requested /usr/bin/rustc)
Disable /usr/bin/valgrind-listener
Disable /usr/bin/valgrind-di-server
Disable /usr/bin/valgrind
Disable /usr/lib/valgrind
Disable /usr/src
Disable /usr/local/src
Disable /usr/include
Disable /usr/local/include
Mounting noexec /home/vwheezy/.mozilla/firefox/profiles.ini
2112 1918 8:3 /vwheezy/.mozilla/firefox/profiles.ini /home/vwheezy/.mozilla/firefox/profiles.ini ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2112 fsname=/vwheezy/.mozilla/firefox/profiles.ini dir=/home/vwheezy/.mozilla/firefox/profiles.ini fstype=ext4
Mounting noexec /home/vwheezy/.config/Signal
2113 1899 8:3 /vwheezy/.config/Signal /home/vwheezy/.config/Signal rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2113 fsname=/vwheezy/.config/Signal dir=/home/vwheezy/.config/Signal fstype=ext4
Mounting noexec /home/vwheezy/dl
2114 1900 8:3 /vwheezy/dl /home/vwheezy/dl rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2114 fsname=/vwheezy/dl dir=/home/vwheezy/dl fstype=ext4
Mounting noexec /home/vwheezy/.config/mimeapps.list
2115 1924 8:3 /vwheezy/.config/mimeapps.list /home/vwheezy/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2115 fsname=/vwheezy/.config/mimeapps.list dir=/home/vwheezy/.config/mimeapps.list fstype=ext4
Mounting noexec /home/vwheezy/.config/user-dirs.dirs
2116 1925 8:3 /vwheezy/.config/user-dirs.dirs /home/vwheezy/.config/user-dirs.dirs ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2116 fsname=/vwheezy/.config/user-dirs.dirs dir=/home/vwheezy/.config/user-dirs.dirs fstype=ext4
Mounting noexec /home/vwheezy/.config/user-dirs.locale
2117 1926 8:3 /vwheezy/.config/user-dirs.locale /home/vwheezy/.config/user-dirs.locale ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2117 fsname=/vwheezy/.config/user-dirs.locale dir=/home/vwheezy/.config/user-dirs.locale fstype=ext4
Mounting noexec /home/vwheezy/.local/share/applications
2118 1923 8:3 /vwheezy/.local/share/applications /home/vwheezy/.local/share/applications ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2118 fsname=/vwheezy/.local/share/applications dir=/home/vwheezy/.local/share/applications fstype=ext4
Mounting noexec /home/vwheezy/.local/share/mime
2119 1927 8:3 /vwheezy/.local/share/mime /home/vwheezy/.local/share/mime ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2119 fsname=/vwheezy/.local/share/mime dir=/home/vwheezy/.local/share/mime fstype=ext4
Mounting noexec /home/vwheezy/.config/dconf
2120 1920 8:3 /vwheezy/.config/dconf /home/vwheezy/.config/dconf ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2120 fsname=/vwheezy/.config/dconf dir=/home/vwheezy/.config/dconf fstype=ext4
Mounting noexec /home/vwheezy/.cache/fontconfig
2121 1907 8:3 /vwheezy/.cache/fontconfig /home/vwheezy/.cache/fontconfig rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2121 fsname=/vwheezy/.cache/fontconfig dir=/home/vwheezy/.cache/fontconfig fstype=ext4
Mounting noexec /home/vwheezy/.local/share/fonts
2122 1908 8:3 /vwheezy/.local/share/fonts /home/vwheezy/.local/share/fonts rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2122 fsname=/vwheezy/.local/share/fonts dir=/home/vwheezy/.local/share/fonts fstype=ext4
Mounting noexec /home/vwheezy/.config/gtk-2.0
2123 1909 8:3 /vwheezy/.config/gtk-2.0 /home/vwheezy/.config/gtk-2.0 rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2123 fsname=/vwheezy/.config/gtk-2.0 dir=/home/vwheezy/.config/gtk-2.0 fstype=ext4
Mounting noexec /home/vwheezy/.config/gtk-3.0
2124 1910 8:3 /vwheezy/.config/gtk-3.0 /home/vwheezy/.config/gtk-3.0 rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2124 fsname=/vwheezy/.config/gtk-3.0 dir=/home/vwheezy/.config/gtk-3.0 fstype=ext4
Mounting noexec /home/vwheezy/.config/QtProject.conf
2125 1911 8:3 /vwheezy/.config/QtProject.conf /home/vwheezy/.config/QtProject.conf rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2125 fsname=/vwheezy/.config/QtProject.conf dir=/home/vwheezy/.config/QtProject.conf fstype=ext4
Mounting noexec /home/vwheezy/.config/kdeglobals
2126 1919 8:3 /vwheezy/.config/kdeglobals /home/vwheezy/.config/kdeglobals ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw
mountid=2126 fsname=/vwheezy/.config/kdeglobals dir=/home/vwheezy/.config/kdeglobals fstype=ext4
Mounting noexec /run/user/1000
2131 2130 0:23 /firejail/firejail.ro.dir /run/user/1000/systemd rw,nosuid,nodev,relatime master:12 - tmpfs run rw,mode=755,inode64
mountid=2131 fsname=/firejail/firejail.ro.dir dir=/run/user/1000/systemd fstype=tmpfs
Mounting noexec /dev/shm
2132 1864 0:132 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64
mountid=2132 fsname=/shm dir=/dev/shm fstype=tmpfs
Mounting noexec /var
2136 2133 0:126 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64
mountid=2136 fsname=/ dir=/var/tmp fstype=tmpfs
Disable /usr/bin/luajit-2.0.5
Disable /usr/bin/luahbtex
Disable /usr/bin/luajit-2.0.5 (requested /usr/bin/luajit)
Disable /usr/share/texmf-dist/scripts/luaotfload/luaotfload-tool.lua (requested /usr/bin/luaotfload-tool)
Disable /usr/bin/luajittex
Disable /usr/bin/lua5.3
Disable /usr/bin/lua (requested /usr/bin/lua5.4)
Disable /usr/bin/luac (requested /usr/bin/luac5.4)
Disable /usr/bin/lua
Disable /usr/bin/luac
Disable /usr/bin/luahbtex (requested /usr/bin/lualatex)
Disable /usr/bin/lua5.2
Disable /usr/bin/luatex
Disable /usr/bin/luac5.2
Disable /usr/bin/luac5.3
Disable /usr/bin/luajithbtex
Disable /usr/share/texmf-dist/scripts/context/stubs/unix/luatools (requested /usr/bin/luatools)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4)
Disable /usr/lib/liblua.so.5.4.2
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2)
Disable /usr/lib/liblua5.3.so.5.3.6
Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib/liblua.so)
Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua5.3.so.5.3)
Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib/liblua.so.5.4)
Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua.so.5.3.6)
Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua5.3.so)
Disable /usr/lib/libluajit-5.1.so.2.0.5
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so.2)
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so)
Disable /usr/lib/liblua5.2.so.5.2.4
Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib/liblua5.4.so)
Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua.so.5.3)
Disable /usr/lib/lua
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so.5.2)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua.so.5.2.4)
Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/libluDISPLAY=:0 parsed as 0
Warning: Cannot confine the application using AppArmor.
Maybe firejail-default AppArmor profile is not loaded into the kernel.
As root, run "aa-enforce firejail-default" to load it.
a.so.5.4.2)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua.so.5.2)
Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua5.3.so.5.3.6)
Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/liblua.so)
Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua5.3.so.5.3)
Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/liblua.so.5.4)
Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua.so.5.3.6)
Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua5.3.so)
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib64/libluajit-5.1.so.2.0.5)
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib64/libluajit-5.1.so.2)
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib64/libluajit-5.1.so)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so.5.2.4)
Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/liblua5.4.so)
Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua.so.5.3)
Disable /usr/lib/lua (requested /usr/lib64/lua)
Disable /usr/share/luajit-2.0.5
Disable /usr/share/lua
Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so)
Disable /usr/bin/node
Disable /usr/bin/core_perl
Disable /usr/bin/perl
Disable /usr/bin/site_perl
Disable /usr/bin/vendor_perl
Disable /usr/lib/perl5
Disable /usr/lib/perl5 (requested /usr/lib64/perl5)
Disable /usr/share/perl5
Disable /usr/lib/ruby
Disable /usr/bin/python2.7-config (requested /usr/bin/python2-config)
Disable /usr/bin/python2.7
Disable /usr/bin/python2.7 (requested /usr/bin/python2)
Disable /usr/bin/python2.7-config
Disable /usr/lib/python2.7
Disable /usr/bin/python3.9 (requested /usr/bin/python3)
Disable /usr/bin/python3.9
Disable /usr/bin/python3.9-config (requested /usr/bin/python3-config)
Disable /usr/bin/python3.9-config
Disable /usr/lib/python3.9
Disable /usr/lib/python3.8
Disable /usr/lib/python3.9 (requested /usr/lib64/python3.9)
Disable /usr/lib/python3.8 (requested /usr/lib64/python3.8)
Not blacklist /home/vwheezy/.config/Signal
Not blacklist /home/vwheezy/.mozilla
Disable /sys/fs
Disable /sys/module
Disable /mnt
Disable /run/mount
Disable /run/media
/etc/pulse/client.conf not found
Current directory: /home/vwheezy
Mounting read-only /run/firejail/mnt/seccomp
2220 1829 0:123 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755,inode64
mountid=2220 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs
Seccomp directory:
ls /run/firejail/mnt/seccomp
drwxr-xr-x root     root             120 .
drwxr-xr-x root     root             320 ..
-rw-r--r-- 1000     998             1072 seccomp
-rw-r--r-- 1000     998              808 seccomp.32
-rw-r--r-- 1000     998                0 seccomp.postexec
-rw-r--r-- 1000     998                0 seccomp.postexec32
No active seccomp files
Set caps filter 240000
Drop privileges: pid 1, uid 1000, gid 998, nogroups 1
No supplementary groups
Child process initialized in 156.93 ms
Starting application
LD_PRELOAD=(null)
execvp argument 0: signal-desktop
Error getpwuid: main.c:236 init_cfg: Success

Parent is shutting down, bye...
Originally created by @vwheezy on GitHub (Apr 2, 2021). Original GitHub issue: https://github.com/netblue30/firejail/issues/4158 **Bug and expected behavior** - After running `sudo firecfg` to create profiles for my applications and running signal-desktop, notifications through dunst no longer work. - Expected a notification to pop up. **No profile and disabling firejail** - Running signal-desktop under `--noprofile` and through `/usr/bin/signal-desktop` exhibits the correct behavior. **Reproduce** Steps to reproduce the behavior: 1. Run in bash `firejail signal-desktop` 2. Receive a notification through Signal 3. Observe lack of notification by dunst **Environment** - 5.11.11-arch1-1 - 0.9.64.4 **Additional context** Tried overriding the profile with some dbus options knowing that dunst uses it (I think). ``` ignore private-tmp ignore nodbus dbus-system.talk org.freedesktop.Notifications include /etc/firejail/signal-desktop.profile ``` I have a feeling I just don't know enough about DBus or firejail itself to resolve this myself. Sorry if this belongs in questions and thank you! <details><summary> debug output </summary> ``` Reading profile /home/vwheezy/.config/firejail/signal-desktop.profile Autoselecting /bin/bash as shell Building quoted command line: 'signal-desktop' Command name #signal-desktop# Found signal-desktop.profile profile in /home/vwheezy/.config/firejail directory Reading profile /etc/firejail/signal-desktop.profile Reading profile /etc/firejail/electron.profile Found electron.profile profile in /etc/firejail directory Reading profile /etc/firejail/disable-common.inc Found disable-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-devel.inc Found disable-devel.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-exec.inc Found disable-exec.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-interpreters.inc Found disable-interpreters.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-passwdmgr.inc Found disable-passwdmgr.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-programs.inc Found disable-programs.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-xdg.inc Found disable-xdg.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-common.inc Found whitelist-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-var-common.inc Found whitelist-var-common.inc profile in /etc/firejail directory DISPLAY=:0 parsed as 0 Ignoring "dbus-system.talk org.freedesktop.Notifications". Parent pid 19812, child pid 19813 Using the local network stack Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: file /etc/alternatives not found. Warning: skipping alternatives for private /etc Warning: file /etc/crypto-policies not found. Warning: skipping crypto-policies for private /etc Warning: file /etc/pki not found. Warning: skipping pki for private /etc Using the local network stack Initializing child process PID namespace installed Mounting tmpfs on /run/firejail/mnt directory Creating empty /run/firejail/mnt/seccomp directory Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file Mounting /proc filesystem representing the PID namespace Basic read-only filesystem: Mounting read-only /etc 1832 415 8:2 /etc /etc ro,relatime master:1 - ext4 /dev/sda2 rw mountid=1832 fsname=/etc dir=/etc fstype=ext4 Mounting noexec /etc 1833 1832 8:2 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw mountid=1833 fsname=/etc dir=/etc fstype=ext4 Mounting read-only /var 1834 415 8:2 /var /var ro,relatime master:1 - ext4 /dev/sda2 rw mountid=1834 fsname=/var dir=/var fstype=ext4 Mounting noexec /var 1835 1834 8:2 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw mountid=1835 fsname=/var dir=/var fstype=ext4 Mounting read-only /usr 1836 415 8:2 /usr /usr ro,relatime master:1 - ext4 /dev/sda2 rw mountid=1836 fsname=/usr dir=/usr fstype=ext4 Mounting tmpfs on /var/lock Mounting tmpfs on /var/tmp Mounting tmpfs on /var/log Create the new utmp file Mount the new utmp file Cleaning /home directory Cleaning /run/user directory Sanitizing /etc/passwd, UID_MIN 1000 Sanitizing /etc/group, GID_MIN 1000 Disable /home/vwheezy/.config/firejail Disable /run/firejail/network Disable /run/firejail/bandwidth Disable /run/firejail/name Disable /run/firejail/profile Disable /run/firejail/x11 Disable /run/firejail/appimage Mounting tmpfs on /dev mounting /run/firejail/mnt/dev/snd directory mounting /run/firejail/mnt/dev/dri directory Process /dev/shm directory Creating empty /run/firejail/mnt/dbus directory Creating empty /run/firejail/mnt/dbus/user file blacklist /run/user/1000/bus Creating empty /run/firejail/mnt/dbus/system file blacklist /run/dbus/system_bus_socket blacklist /run/firejail/dbus Mounting read-only /proc/sys Remounting /sys directory Disable /sys/firmware Disable /sys/hypervisor Disable /sys/power Disable /sys/kernel/debug Disable /sys/kernel/vmcoreinfo Disable /proc/sys/fs/binfmt_misc Disable /proc/sys/kernel/core_pattern Disable /proc/sys/kernel/modprobe Disable /proc/sysrq-trigger Disable /proc/sys/vm/panic_on_oom Disable /proc/irq Disable /proc/bus Disable /proc/sched_debug Disable /proc/timer_list Disable /proc/kcore Disable /proc/kallsyms Disable /usr/lib/modules/5.11.11-arch1-1/build (requested /usr/src/linux) Disable /usr/lib/modules (requested /lib/modules) Disable /boot Disable /run/user/1000/gnupg Disable /run/user/1000/systemd Disable /proc/kmsg Copying files in the new /etc directory: copying /etc/ca-certificates to private /etc Creating empty /run/firejail/mnt/etc/ca-certificates directory sbox run: /run/firejail/lib/fcopy /etc/ca-certificates /run/firejail/mnt/etc/ca-certificates copying /etc/fonts to private /etc Creating empty /run/firejail/mnt/etc/fonts directory sbox run: /run/firejail/lib/fcopy /etc/fonts /run/firejail/mnt/etc/fonts copying /etc/ld.so.cache to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.cache /run/firejail/mnt/etc copying /etc/ld.so.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf /run/firejail/mnt/etc copying /etc/ld.so.conf.d to private /etc Creating empty /run/firejail/mnt/etc/ld.so.conf.d directory sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf.d /run/firejail/mnt/etc/ld.so.conf.d copying /etc/ld.so.preload to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.preload /run/firejail/mnt/etc copying /etc/machine-id to private /etc sbox run: /run/firejail/lib/fcopy /etc/machine-id /run/firejail/mnt/etc copying /etc/nsswitch.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/nsswitch.conf /run/firejail/mnt/etc copying /etc/resolv.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/resolv.conf /run/firejail/mnt/etc copying /etc/ssl to private /etc Creating empty /run/firejail/mnt/etc/ssl directory sbox run: /runPrivate /etc installed in 44.21 ms /firejail/lib/fcopy /etc/ssl /run/firejail/mnt/etc/ssl Mount-bind /run/firejail/mnt/etc on top of /etc Debug 456: new_name #/home/vwheezy/.mozilla/firefox/profiles.ini#, whitelist Debug 571: fname #/home/vwheezy/.mozilla/firefox/profiles.ini#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/Signal#, whitelist Debug 571: fname #/home/vwheezy/.config/Signal#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/dl#, whitelist Debug 571: fname #/home/vwheezy/dl#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.XCompose#, whitelist Cannot find /usr/etc Replaced whitelist path: whitelist /home/vwheezy/.mozilla/firefox/profiles.ini Replaced whitelist path: whitelist /home/vwheezy/.config/Signal Directory ${DOWNLOADS} resolved as dl Replaced whitelist path: whitelist /home/vwheezy/dl Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose expanded: /home/vwheezy/.XCompose real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.alsaequal.bin#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.alsaequal.bin expanded: /home/vwheezy/.alsaequal.bin real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.asoundrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc expanded: /home/vwheezy/.asoundrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/ibus#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ibus expanded: /home/vwheezy/.config/ibus real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/mimeapps.list#, whitelist Debug 571: fname #/home/vwheezy/.config/mimeapps.list#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/pkcs11#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/mimeapps.list Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11 expanded: /home/vwheezy/.config/pkcs11 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/user-dirs.dirs#, whitelist Debug 571: fname #/home/vwheezy/.config/user-dirs.dirs#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/user-dirs.locale#, whitelist Debug 571: fname #/home/vwheezy/.config/user-dirs.locale#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.drirc#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/user-dirs.dirs Replaced whitelist path: whitelist /home/vwheezy/.config/user-dirs.locale Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc expanded: /home/vwheezy/.drirc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons expanded: /home/vwheezy/.icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/applications#, whitelist Debug 571: fname #/home/vwheezy/.local/share/applications#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.local/share/icons#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.local/share/applications Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/icons expanded: /home/vwheezy/.local/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/mime#, whitelist Debug 571: fname #/home/vwheezy/.local/share/mime#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.mime.types#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.local/share/mime Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types expanded: /home/vwheezy/.mime.types real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.uim.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d expanded: /home/vwheezy/.uim.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/dconf#, whitelist Debug 571: fname #/home/vwheezy/.config/dconf#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.cache/fontconfig#, whitelist Debug 571: fname #/home/vwheezy/.cache/fontconfig#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/fontconfig#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/dconf Replaced whitelist path: whitelist /home/vwheezy/.cache/fontconfig Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/fontconfig expanded: /home/vwheezy/.config/fontconfig real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fontconfig#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig expanded: /home/vwheezy/.fontconfig real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fonts#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts expanded: /home/vwheezy/.fonts real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fonts.conf#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf expanded: /home/vwheezy/.fonts.conf real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fonts.conf.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d expanded: /home/vwheezy/.fonts.conf.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fonts.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d expanded: /home/vwheezy/.fonts.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/fonts#, whitelist Debug 571: fname #/home/vwheezy/.local/share/fonts#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.pangorc#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.local/share/fonts Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc expanded: /home/vwheezy/.pangorc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/gtk-2.0#, whitelist Debug 571: fname #/home/vwheezy/.config/gtk-2.0#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/gtk-3.0#, whitelist Debug 571: fname #/home/vwheezy/.config/gtk-3.0#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/gtk-4.0#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/gtk-2.0 Replaced whitelist path: whitelist /home/vwheezy/.config/gtk-3.0 Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0 expanded: /home/vwheezy/.config/gtk-4.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc expanded: /home/vwheezy/.config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc-2.0 expanded: /home/vwheezy/.config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gnome2#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2 expanded: /home/vwheezy/.gnome2 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gnome2-private#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private expanded: /home/vwheezy/.gnome2-private real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gtk-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0 expanded: /home/vwheezy/.gtk-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc expanded: /home/vwheezy/.gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc-2.0 expanded: /home/vwheezy/.gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc expanded: /home/vwheezy/.kde/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0 expanded: /home/vwheezy/.kde/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc expanded: /home/vwheezy/.kde4/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0 expanded: /home/vwheezy/.kde4/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/themes#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes expanded: /home/vwheezy/.local/share/themes real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.themes#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes expanded: /home/vwheezy/.themes real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.cache/kioexec/krun#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun expanded: /home/vwheezy/.cache/kioexec/krun real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/Kvantum#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Kvantum expanded: /home/vwheezy/.config/Kvantum real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/Trolltech.conf#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Trolltech.conf expanded: /home/vwheezy/.config/Trolltech.conf real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/QtProject.conf#, whitelist Debug 571: fname #/home/vwheezy/.config/QtProject.conf#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/kdeglobals#, whitelist Debug 571: fname #/home/vwheezy/.config/kdeglobals#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/kio_httprc#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/QtProject.conf Replaced whitelist path: whitelist /home/vwheezy/.config/kdeglobals Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kio_httprc expanded: /home/vwheezy/.config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc expanded: /home/vwheezy/.config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist expanded: /home/vwheezy/.config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qt5ct expanded: /home/vwheezy/.config/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/qtcurve#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qtcurve expanded: /home/vwheezy/.config/qtcurve real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals expanded: /home/vwheezy/.kde/share/config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc expanded: /home/vwheezy/.kde/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc expanded: /home/vwheezy/.kde/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist expanded: /home/vwheezy/.kde/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc expanded: /home/vwheezy/.kde/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons expanded: /home/vwheezy/.kde/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals expanded: /home/vwheezy/.kde4/share/config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc expanded: /home/vwheezy/.kde4/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc expanded: /home/vwheezy/.kde4/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist expanded: /home/vwheezy/.kde4/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc expanded: /home/vwheezy/.kde4/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons expanded: /home/vwheezy/.kde4/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct expanded: /home/vwheezy/.local/share/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/ca-certificates#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates expanded: /var/lib/ca-certificates real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/dbus#, whitelist Debug 456: new_name #/var/lib/menu-xdg#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg expanded: /var/lib/menu-xdg real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/uim#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/uim expanded: /var/lib/uim real path: (null) realpath: No such file or directory Debug 456: new_name #/var/cache/fontconfig#, whitelist Debug 456: new_name #/var/tmp#, whitelist Debug 456: new_name #/var/run#, whitelist Debug 456: new_name #/var/lock#, whitelist Replaced whitelist path: whitelist /run Replaced whitelist path: whitelist /run/lock Mounting tmpfs on /var directory Mounting a new /root directory Mounting a new /home directory Create a new user directory Whitelisting /home/vwheezy/.mozilla/firefox/profiles.ini 1898 1897 8:3 /vwheezy/.mozilla/firefox/profiles.ini /home/vwheezy/.mozilla/firefox/profiles.ini rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1898 fsname=/vwheezy/.mozilla/firefox/profiles.ini dir=/home/vwheezy/.mozilla/firefox/profiles.ini fstype=ext4 Whitelisting /home/vwheezy/.config/Signal 1899 1897 8:3 /vwheezy/.config/Signal /home/vwheezy/.config/Signal rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1899 fsname=/vwheezy/.config/Signal dir=/home/vwheezy/.config/Signal fstype=ext4 Whitelisting /home/vwheezy/dl 1900 1897 8:3 /vwheezy/dl /home/vwheezy/dl rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1900 fsname=/vwheezy/dl dir=/home/vwheezy/dl fstype=ext4 Whitelisting /home/vwheezy/.config/mimeapps.list 1901 1897 8:3 /vwheezy/.config/mimeapps.list /home/vwheezy/.config/mimeapps.list rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1901 fsname=/vwheezy/.config/mimeapps.list dir=/home/vwheezy/.config/mimeapps.list fstype=ext4 Whitelisting /home/vwheezy/.config/user-dirs.dirs 1902 1897 8:3 /vwheezy/.config/user-dirs.dirs /home/vwheezy/.config/user-dirs.dirs rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1902 fsname=/vwheezy/.config/user-dirs.dirs dir=/home/vwheezy/.config/user-dirs.dirs fstype=ext4 Whitelisting /home/vwheezy/.config/user-dirs.locale 1903 1897 8:3 /vwheezy/.config/user-dirs.locale /home/vwheezy/.config/user-dirs.locale rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1903 fsname=/vwheezy/.config/user-dirs.locale dir=/home/vwheezy/.config/user-dirs.locale fstype=ext4 Whitelisting /home/vwheezy/.local/share/applications 1904 1897 8:3 /vwheezy/.local/share/applications /home/vwheezy/.local/share/applications rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1904 fsname=/vwheezy/.local/share/applications dir=/home/vwheezy/.local/share/applications fstype=ext4 Whitelisting /home/vwheezy/.local/share/mime 1905 1897 8:3 /vwheezy/.local/share/mime /home/vwheezy/.local/share/mime rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1905 fsname=/vwheezy/.local/share/mime dir=/home/vwheezy/.local/share/mime fstype=ext4 Whitelisting /home/vwheezy/.config/dconf 1906 1897 8:3 /vwheezy/.config/dconf /home/vwheezy/.config/dconf rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1906 fsname=/vwheezy/.config/dconf dir=/home/vwheezy/.config/dconf fstype=ext4 Whitelisting /home/vwheezy/.cache/fontconfig 1907 1897 8:3 /vwheezy/.cache/fontconfig /home/vwheezy/.cache/fontconfig rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1907 fsname=/vwheezy/.cache/fontconfig dir=/home/vwheezy/.cache/fontconfig fstype=ext4 Whitelisting /home/vwheezy/.local/share/fonts 1908 1897 8:3 /vwheezy/.local/share/fonts /home/vwheezy/.local/share/fonts rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1908 fsname=/vwheezy/.local/share/fonts dir=/home/vwheezy/.local/share/fonts fstype=ext4 Whitelisting /home/vwheezy/.config/gtk-2.0 1909 1897 8:3 /vwheezy/.config/gtk-2.0 /home/vwheezy/.config/gtk-2.0 rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1909 fsname=/vwheezy/.config/gtk-2.0 dir=/home/vwheezy/.config/gtk-2.0 fstype=ext4 Whitelisting /home/vwheezy/.config/gtk-3.0 1910 1897 8:3 /vwheezy/.config/gtk-3.0 /home/vwheezy/.config/gtk-3.0 rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1910 fsname=/vwheezy/.config/gtk-3.0 dir=/home/vwheezy/.config/gtk-3.0 fstype=ext4 Whitelisting /home/vwheezy/.config/QtProject.conf 1911 1897 8:3 /vwheezy/.config/QtProject.conf /home/vwheezy/.config/QtProject.conf rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1911 fsname=/vwheezy/.config/QtProject.conf dir=/home/vwheezy/.config/QtProject.conf fstype=ext4 Whitelisting /home/yungwheezWarning: /sbin directory link was not blacklisted Warning: /usr/sbin directory link was not blacklisted y/.config/kdeglobals 1912 1897 8:3 /vwheezy/.config/kdeglobals /home/vwheezy/.config/kdeglobals rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1912 fsname=/vwheezy/.config/kdeglobals dir=/home/vwheezy/.config/kdeglobals fstype=ext4 Whitelisting /var/lib/dbus 1913 1893 8:2 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw mountid=1913 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4 Whitelisting /var/cache/fontconfig 1914 1893 8:2 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw mountid=1914 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4 Whitelisting /var/tmp 1915 1893 0:126 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64 mountid=1915 fsname=/ dir=/var/tmp fstype=tmpfs Created symbolic link /var/run -> /run Created symbolic link /var/lock -> /run/lock Mounting read-only /home/vwheezy/.mozilla/firefox/profiles.ini 1918 1898 8:3 /vwheezy/.mozilla/firefox/profiles.ini /home/vwheezy/.mozilla/firefox/profiles.ini ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1918 fsname=/vwheezy/.mozilla/firefox/profiles.ini dir=/home/vwheezy/.mozilla/firefox/profiles.ini fstype=ext4 Mounting read-only /home/vwheezy/.config/kdeglobals 1919 1912 8:3 /vwheezy/.config/kdeglobals /home/vwheezy/.config/kdeglobals ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1919 fsname=/vwheezy/.config/kdeglobals dir=/home/vwheezy/.config/kdeglobals fstype=ext4 Mounting read-only /home/vwheezy/.config/dconf 1920 1906 8:3 /vwheezy/.config/dconf /home/vwheezy/.config/dconf ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1920 fsname=/vwheezy/.config/dconf dir=/home/vwheezy/.config/dconf fstype=ext4 Disable /usr/bin/systemd-run Disable /run/user/1000/systemd Mounting read-only /home/vwheezy/.local/share/applications 1923 1904 8:3 /vwheezy/.local/share/applications /home/vwheezy/.local/share/applications ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1923 fsname=/vwheezy/.local/share/applications dir=/home/vwheezy/.local/share/applications fstype=ext4 Mounting read-only /home/vwheezy/.config/mimeapps.list 1924 1901 8:3 /vwheezy/.config/mimeapps.list /home/vwheezy/.config/mimeapps.list ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1924 fsname=/vwheezy/.config/mimeapps.list dir=/home/vwheezy/.config/mimeapps.list fstype=ext4 Mounting read-only /home/vwheezy/.config/user-dirs.dirs 1925 1902 8:3 /vwheezy/.config/user-dirs.dirs /home/vwheezy/.config/user-dirs.dirs ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1925 fsname=/vwheezy/.config/user-dirs.dirs dir=/home/vwheezy/.config/user-dirs.dirs fstype=ext4 Mounting read-only /home/vwheezy/.config/user-dirs.locale 1926 1903 8:3 /vwheezy/.config/user-dirs.locale /home/vwheezy/.config/user-dirs.locale ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1926 fsname=/vwheezy/.config/user-dirs.locale dir=/home/vwheezy/.config/user-dirs.locale fstype=ext4 Mounting read-only /home/vwheezy/.local/share/mime 1927 1905 8:3 /vwheezy/.local/share/mime /home/vwheezy/.local/share/mime ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1927 fsname=/vwheezy/.local/share/mime dir=/home/vwheezy/.local/share/mime fstype=ext4 Disable /usr/local/sbin Disable /usr/bin/chage Disable /usr/bin/chfn Disable /usr/bin/chsh Disable /usr/bin/expiry Disable /usr/bin/fusermount Disable /usr/bin/gpasswd Disable /usr/bin/ksu Disable /usr/bin/mount Disable /usr/bin/nc Disable /usr/bin/newgidmap Disable /usr/bin/newgrp Disable /usr/bin/newuidmap Disable /usr/bin/pkexec Disable /usr/bin/sg Disable /usr/bin/strace Disable /usr/bin/su Disable /usr/bin/sudo Disable /usr/bin/umount Disable /usr/bin/unix_chkpwd Disable /usr/bin/xev Disable /tmp/tmux-1000 Disable /proc/config.gz Disable /usr/bin/drill Disable /usr/bin/ldns-test-edns Disable /usr/bin/ldns-keygen Disable /usr/bin/ldns-walk Disable /usr/bin/ldns-gen-zone Disable /usr/bin/ldns-signzone Disable /usr/bin/ldns-read-zone Disable /usr/bin/ldns-verify-zone Disable /usr/bin/ldns-version Disable /usr/bin/ldns-revoke Disable /usr/bin/ldns-zsplit Disable /usr/bin/ldns-notify Disable /usr/bin/ldns-dane Disable /usr/bin/ldns-resolver Disable /usr/bin/ldns-nsec3-hash Disable /usr/bin/ldns-rrsig Disable /usr/bin/ldns-compare-zones Disable /usr/bin/ldns-config Disable /usr/bin/ldns-chaos Disable /usr/bin/ldns-update Disable /usr/bin/ldns-keyfetcher Disable /usr/bin/ldns-key2ds Disable /usr/bin/ldns-dpa Disable /usr/bin/ldns-zcat Disable /usr/bin/ldns-testns Disable /usr/bin/ldns-mx Disable /usr/bin/ldnsd Disable /usr/bin/resolvectl Disable /usr/bin/clang-check Disable /usr/bin/clang-include-fixer Disable /usr/bin/clang-11 (requested /usr/bin/clang) Disable /usr/bin/clang-query Disable /usr/bin/clang-scan-deps Disable /usr/bin/clang-rename Disable /usr/bin/clang-tidy Disable /usr/bin/clang-change-namespace Disable /usr/bin/clang-doc Disable /usr/bin/clang-11 Disable /usr/bin/clang-11 (requested /usr/bin/clang++) Disable /usr/bin/clang-11 (requested /usr/bin/clang-cl) Disable /usr/bin/clang-offload-wrapper Disable /usr/bin/clangd Disable /usr/bin/clang-11 (requested /usr/bin/clang-cpp) Disable /usr/bin/clang-refactor Disable /usr/bin/clang-reorder-fields Disable /usr/bin/clang-format Disable /usr/bin/clang-extdef-mapping Disable /usr/bin/clang-move Disable /usr/bin/clang-offload-bundler Disable /usr/bin/clang-apply-replacements Disable /usr/bin/llvm-lto2 Disable /usr/bin/llvm-cov Disable /usr/bin/llvm-exegesis Disable /usr/bin/llvm-lto Disable /usr/bin/llvm-nm Disable /usr/bin/llvm-lipo Disable /usr/bin/llvm-ml Disable /usr/bin/llvm-mt Disable /usr/bin/llvm-cfi-verify Disable /usr/bin/llvm-as Disable /usr/bin/llvm-undname Disable /usr/bin/llvm-readobj (requested /usr/bin/llvm-readelf) Disable /usr/bin/llvm-bcanalyzer Disable /usr/bin/llvm-objcopy (requested /usr/bin/llvm-install-name-tool) Disable /usr/bin/llvm-gsymutil Disable /usr/bin/llvm-dwarfdump Disable /usr/bin/llvm-ar (requested /usr/bin/llvm-lib) Disable /usr/bin/llvm-link Disable /usr/bin/llvm-rc Disable /usr/bin/llvm-xray Disable /usr/bin/llvm-PerfectShuffle Disable /usr/bin/llvm-ar (requested /usr/bin/llvm-ranlib) Disable /usr/bin/llvm-c-test Disable /usr/bin/llvm-symbolizer (requested /usr/bin/llvm-addr2line) Disable /usr/bin/llvm-jitlink Disable /usr/bin/llvm-ar Disable /usr/bin/llvm-mc Disable /usr/bin/llvm-objcopy Disable /usr/bin/llvm-cxxdump Disable /usr/bin/llvm-cxxmap Disable /usr/bin/llvm-opt-report Disable /usr/bin/llvm-config Disable /usr/bin/llvm-ar (requested /usr/bin/llvm-dlltool) Disable /usr/bin/llvm-diff Disable /usr/bin/llvm-mca Disable /usr/bin/llvm-pdbutil Disable /usr/bin/llvm-cat Disable /usr/bin/llvm-reduce Disable /usr/bin/llvm-strings Disable /usr/bin/llvm-rtdyld Disable /usr/bin/llvm-extract Disable /usr/bin/llvm-stress Disable /usr/bin/llvm-tblgen Disable /usr/bin/llvm-dis Disable /usr/bin/llvm-symbolizer Disable /usr/bin/llvm-objdump Disable /usr/bin/llvm-objcopy (requested /usr/bin/llvm-strip) Disable /usr/bin/llvm-profdata Disable /usr/bin/llvm-readobj Disable /usr/bin/llvm-ifs Disable /usr/bin/llvm-size Disable /usr/bin/llvm-elfabi Disable /usr/bin/llvm-dwp Disable /usr/bin/llvm-cvtres Disable /usr/bin/llvm-modextract Disable /usr/bin/llvm-cxxfilt Disable /usr/bin/llvm-split Disable /usr/bin/as Disable /usr/bin/gcc (requested /usr/bin/cc) Disable /usr/bin/c++ Disable /usr/bin/c++filt Disable /usr/bin/c89 Disable /usr/bin/c99 Disable /usr/bin/cpp Disable /usr/bin/cpp2html Disable /usr/bin/g++ Disable /usr/bin/gcc-nm Disable /usr/bin/gcc-ranlib Disable /usr/bin/gcc-ar Disable /usr/bin/gcc Disable /usr/bin/gdb Disable /usr/bin/ld Disable /usr/bin/riscv64-linux-gnu-gcc-ranlib Disable /usr/bin/riscv64-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/riscv64-linux-gnu-gcc Disable /usr/bin/riscv64-linux-gnu-gcc-nm Disable /usr/bin/riscv64-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/riscv64-linux-gnu-g++ Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/bin/riscv64-linux-gnu-gcc-ranlib Disable /usr/bin/riscv64-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/riscv64-linux-gnu-gcc Disable /usr/bin/riscv64-linux-gnu-gcc-nm Disable /usr/bin/riscv64-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/riscv64-linux-gnu-g++ Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/lib/jvm/java-15-openjdk/bin/java (requested /usr/bin/java) Disable /usr/lib/jvm/java-15-openjdk/bin/javac (requested /usr/bin/javac) Disable /usr/share/java Disable /usr/bin/openssl Disable /usr/bin/rustup (requested /usr/bin/rust-gdb) Disable /usr/bin/rustup (requested /usr/bin/rust-lldb) Disable /usr/bin/rustup (requested /usr/bin/rustc) Disable /usr/bin/valgrind-listener Disable /usr/bin/valgrind-di-server Disable /usr/bin/valgrind Disable /usr/lib/valgrind Disable /usr/src Disable /usr/local/src Disable /usr/include Disable /usr/local/include Mounting noexec /home/vwheezy/.mozilla/firefox/profiles.ini 2112 1918 8:3 /vwheezy/.mozilla/firefox/profiles.ini /home/vwheezy/.mozilla/firefox/profiles.ini ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2112 fsname=/vwheezy/.mozilla/firefox/profiles.ini dir=/home/vwheezy/.mozilla/firefox/profiles.ini fstype=ext4 Mounting noexec /home/vwheezy/.config/Signal 2113 1899 8:3 /vwheezy/.config/Signal /home/vwheezy/.config/Signal rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2113 fsname=/vwheezy/.config/Signal dir=/home/vwheezy/.config/Signal fstype=ext4 Mounting noexec /home/vwheezy/dl 2114 1900 8:3 /vwheezy/dl /home/vwheezy/dl rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2114 fsname=/vwheezy/dl dir=/home/vwheezy/dl fstype=ext4 Mounting noexec /home/vwheezy/.config/mimeapps.list 2115 1924 8:3 /vwheezy/.config/mimeapps.list /home/vwheezy/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2115 fsname=/vwheezy/.config/mimeapps.list dir=/home/vwheezy/.config/mimeapps.list fstype=ext4 Mounting noexec /home/vwheezy/.config/user-dirs.dirs 2116 1925 8:3 /vwheezy/.config/user-dirs.dirs /home/vwheezy/.config/user-dirs.dirs ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2116 fsname=/vwheezy/.config/user-dirs.dirs dir=/home/vwheezy/.config/user-dirs.dirs fstype=ext4 Mounting noexec /home/vwheezy/.config/user-dirs.locale 2117 1926 8:3 /vwheezy/.config/user-dirs.locale /home/vwheezy/.config/user-dirs.locale ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2117 fsname=/vwheezy/.config/user-dirs.locale dir=/home/vwheezy/.config/user-dirs.locale fstype=ext4 Mounting noexec /home/vwheezy/.local/share/applications 2118 1923 8:3 /vwheezy/.local/share/applications /home/vwheezy/.local/share/applications ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2118 fsname=/vwheezy/.local/share/applications dir=/home/vwheezy/.local/share/applications fstype=ext4 Mounting noexec /home/vwheezy/.local/share/mime 2119 1927 8:3 /vwheezy/.local/share/mime /home/vwheezy/.local/share/mime ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2119 fsname=/vwheezy/.local/share/mime dir=/home/vwheezy/.local/share/mime fstype=ext4 Mounting noexec /home/vwheezy/.config/dconf 2120 1920 8:3 /vwheezy/.config/dconf /home/vwheezy/.config/dconf ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2120 fsname=/vwheezy/.config/dconf dir=/home/vwheezy/.config/dconf fstype=ext4 Mounting noexec /home/vwheezy/.cache/fontconfig 2121 1907 8:3 /vwheezy/.cache/fontconfig /home/vwheezy/.cache/fontconfig rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2121 fsname=/vwheezy/.cache/fontconfig dir=/home/vwheezy/.cache/fontconfig fstype=ext4 Mounting noexec /home/vwheezy/.local/share/fonts 2122 1908 8:3 /vwheezy/.local/share/fonts /home/vwheezy/.local/share/fonts rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2122 fsname=/vwheezy/.local/share/fonts dir=/home/vwheezy/.local/share/fonts fstype=ext4 Mounting noexec /home/vwheezy/.config/gtk-2.0 2123 1909 8:3 /vwheezy/.config/gtk-2.0 /home/vwheezy/.config/gtk-2.0 rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2123 fsname=/vwheezy/.config/gtk-2.0 dir=/home/vwheezy/.config/gtk-2.0 fstype=ext4 Mounting noexec /home/vwheezy/.config/gtk-3.0 2124 1910 8:3 /vwheezy/.config/gtk-3.0 /home/vwheezy/.config/gtk-3.0 rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2124 fsname=/vwheezy/.config/gtk-3.0 dir=/home/vwheezy/.config/gtk-3.0 fstype=ext4 Mounting noexec /home/vwheezy/.config/QtProject.conf 2125 1911 8:3 /vwheezy/.config/QtProject.conf /home/vwheezy/.config/QtProject.conf rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2125 fsname=/vwheezy/.config/QtProject.conf dir=/home/vwheezy/.config/QtProject.conf fstype=ext4 Mounting noexec /home/vwheezy/.config/kdeglobals 2126 1919 8:3 /vwheezy/.config/kdeglobals /home/vwheezy/.config/kdeglobals ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2126 fsname=/vwheezy/.config/kdeglobals dir=/home/vwheezy/.config/kdeglobals fstype=ext4 Mounting noexec /run/user/1000 2131 2130 0:23 /firejail/firejail.ro.dir /run/user/1000/systemd rw,nosuid,nodev,relatime master:12 - tmpfs run rw,mode=755,inode64 mountid=2131 fsname=/firejail/firejail.ro.dir dir=/run/user/1000/systemd fstype=tmpfs Mounting noexec /dev/shm 2132 1864 0:132 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=2132 fsname=/shm dir=/dev/shm fstype=tmpfs Mounting noexec /var 2136 2133 0:126 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64 mountid=2136 fsname=/ dir=/var/tmp fstype=tmpfs Disable /usr/bin/luajit-2.0.5 Disable /usr/bin/luahbtex Disable /usr/bin/luajit-2.0.5 (requested /usr/bin/luajit) Disable /usr/share/texmf-dist/scripts/luaotfload/luaotfload-tool.lua (requested /usr/bin/luaotfload-tool) Disable /usr/bin/luajittex Disable /usr/bin/lua5.3 Disable /usr/bin/lua (requested /usr/bin/lua5.4) Disable /usr/bin/luac (requested /usr/bin/luac5.4) Disable /usr/bin/lua Disable /usr/bin/luac Disable /usr/bin/luahbtex (requested /usr/bin/lualatex) Disable /usr/bin/lua5.2 Disable /usr/bin/luatex Disable /usr/bin/luac5.2 Disable /usr/bin/luac5.3 Disable /usr/bin/luajithbtex Disable /usr/share/texmf-dist/scripts/context/stubs/unix/luatools (requested /usr/bin/luatools) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4) Disable /usr/lib/liblua.so.5.4.2 Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2) Disable /usr/lib/liblua5.3.so.5.3.6 Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib/liblua.so) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua5.3.so.5.3) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib/liblua.so.5.4) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua.so.5.3.6) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua5.3.so) Disable /usr/lib/libluajit-5.1.so.2.0.5 Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so.2) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so) Disable /usr/lib/liblua5.2.so.5.2.4 Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib/liblua5.4.so) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua.so.5.3) Disable /usr/lib/lua Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so.5.2) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua.so.5.2.4) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/libluDISPLAY=:0 parsed as 0 Warning: Cannot confine the application using AppArmor. Maybe firejail-default AppArmor profile is not loaded into the kernel. As root, run "aa-enforce firejail-default" to load it. a.so.5.4.2) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua.so.5.2) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua5.3.so.5.3.6) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/liblua.so) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua5.3.so.5.3) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/liblua.so.5.4) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua.so.5.3.6) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua5.3.so) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib64/libluajit-5.1.so.2.0.5) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib64/libluajit-5.1.so.2) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib64/libluajit-5.1.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so.5.2.4) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/liblua5.4.so) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua.so.5.3) Disable /usr/lib/lua (requested /usr/lib64/lua) Disable /usr/share/luajit-2.0.5 Disable /usr/share/lua Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so) Disable /usr/bin/node Disable /usr/bin/core_perl Disable /usr/bin/perl Disable /usr/bin/site_perl Disable /usr/bin/vendor_perl Disable /usr/lib/perl5 Disable /usr/lib/perl5 (requested /usr/lib64/perl5) Disable /usr/share/perl5 Disable /usr/lib/ruby Disable /usr/bin/python2.7-config (requested /usr/bin/python2-config) Disable /usr/bin/python2.7 Disable /usr/bin/python2.7 (requested /usr/bin/python2) Disable /usr/bin/python2.7-config Disable /usr/lib/python2.7 Disable /usr/bin/python3.9 (requested /usr/bin/python3) Disable /usr/bin/python3.9 Disable /usr/bin/python3.9-config (requested /usr/bin/python3-config) Disable /usr/bin/python3.9-config Disable /usr/lib/python3.9 Disable /usr/lib/python3.8 Disable /usr/lib/python3.9 (requested /usr/lib64/python3.9) Disable /usr/lib/python3.8 (requested /usr/lib64/python3.8) Not blacklist /home/vwheezy/.config/Signal Not blacklist /home/vwheezy/.mozilla Disable /sys/fs Disable /sys/module Disable /mnt Disable /run/mount Disable /run/media /etc/pulse/client.conf not found Current directory: /home/vwheezy Mounting read-only /run/firejail/mnt/seccomp 2220 1829 0:123 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755,inode64 mountid=2220 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs Seccomp directory: ls /run/firejail/mnt/seccomp drwxr-xr-x root root 120 . drwxr-xr-x root root 320 .. -rw-r--r-- 1000 998 1072 seccomp -rw-r--r-- 1000 998 808 seccomp.32 -rw-r--r-- 1000 998 0 seccomp.postexec -rw-r--r-- 1000 998 0 seccomp.postexec32 No active seccomp files Set caps filter 240000 Drop privileges: pid 1, uid 1000, gid 998, nogroups 1 No supplementary groups Child process initialized in 156.93 ms Starting application LD_PRELOAD=(null) execvp argument 0: signal-desktop Error getpwuid: main.c:236 init_cfg: Success Parent is shutting down, bye... ``` </details>
gitea-mirror 2026-05-05 09:13:55 -06:00
gitea-mirror commented 2026-05-05 09:13:58 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Apr 3, 2021):

From your debug output:

Ignoring "dbus-system.talk org.freedesktop.Notifications".

  • (ignore) nodbus is deprecated, you'll need to allow filtering instead;
  • access freedesktop's notification over the session bus instead of the system bus

[...]
Error getpwuid: main.c:236 init_cfg: Success
Try adding group and passwd to private-etc.

Proposed file for testing: use a .local file for overrides (you can drop including the default signal-desktop.profile this way) e.g. /home/vwheezy/.config/firejail/signal-desktop.local

private-etc group,passwd
ignore private-tmp

# override D-Bus options included from electron.profile
dbus-user filter
dbus-user.talk org.freedesktop.Notifications
ignore dbus-user none

What happens when you use the above signal-desktop.local?

<!-- gh-comment-id:812811747 --> @ghost commented on GitHub (Apr 3, 2021): From your debug output: `Ignoring "dbus-system.talk org.freedesktop.Notifications".` - (ignore) nodbus is deprecated, you'll need to allow `filtering` instead; - access freedesktop's notification over the `session` bus instead of the system bus [...] `Error getpwuid: main.c:236 init_cfg: Success` Try adding group and passwd to private-etc. Proposed file for testing: use a .local file for overrides (you can drop including the default signal-desktop.profile this way) e.g. /home/vwheezy/.config/firejail/signal-desktop.local ``` private-etc group,passwd ignore private-tmp # override D-Bus options included from electron.profile dbus-user filter dbus-user.talk org.freedesktop.Notifications ignore dbus-user none ``` What happens when you use the above signal-desktop.local?
gitea-mirror commented 2026-05-05 09:13:58 -06:00
Author
Owner
Copy link

@vwheezy commented on GitHub (Apr 4, 2021):

Sorry for the late response but it worked perfectly! Thank you so much.

Before I close this though, could you clarify and/or point to where I can get this clarification?

  1. Is using .local files the preferred way of writing user configurations?
  2. As far as I can understand, the reason why my profile didn't work was because I used the ignore nodbus option which basically contradicts dbus-system.talk org.freedesktop.Notifications. Is this correct?
  3. Why am I using dbus-user instead of dbus-system? I can imagine that it's safer to only allow the user dbus instead of the system-wide one.

As I said before, my knowledge on this stuff is definitely lacking. I'll look up a dbus article, but thanks so much again for your help!

<!-- gh-comment-id:813004435 --> @vwheezy commented on GitHub (Apr 4, 2021): Sorry for the late response but it worked perfectly! Thank you so much. Before I close this though, could you clarify and/or point to where I can get this clarification? 1. Is using .local files the preferred way of writing user configurations? 2. As far as I can understand, the reason why my profile didn't work was because I used the `ignore nodbus` option which basically contradicts `dbus-system.talk org.freedesktop.Notifications`. Is this correct? 3. Why am I using `dbus-user` instead of `dbus-system`? I can imagine that it's safer to only allow the user dbus instead of the system-wide one. As I said before, my knowledge on this stuff is definitely lacking. I'll look up a dbus article, but thanks so much again for your help!
gitea-mirror commented 2026-05-05 09:13:59 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 4, 2021):

  1. For additions of existing profiles, yes.
  2. No
    1. nodbus is deprecated and no longer used in any upstream profile. Therefore a ignore nodbus has no effect as there is no nodbus. You need to use ignore dbus-user none instead.
    2. dbus-user.talk org.freedesktop.Notifications (not -system) has only a effect if dbus-user filter is set. If there is no dbus-user XXX at all, everything is allowed and if dbus-user none is used (as in signal-desktop) everything is forbidden (by blacklisting the socket).
  3. Sorry, don't understand.
<!-- gh-comment-id:813006266 --> @rusty-snake commented on GitHub (Apr 4, 2021): 1. For additions of existing profiles, yes. 2. No 1. `nodbus` is deprecated and no longer used in any upstream profile. Therefore a `ignore nodbus` has no effect as there is no `nodbus`. You need to use `ignore dbus-user none` instead. 2. `dbus-user.talk org.freedesktop.Notifications` (not `-system`) has only a effect if `dbus-user filter` is set. If there is no `dbus-user XXX` at all, everything is allowed and if `dbus-user none` is used (as in signal-desktop) everything is forbidden (by `blacklist`ing the socket). 3. Sorry, don't understand.
gitea-mirror commented 2026-05-05 09:14:00 -06:00
Author
Owner
Copy link

@vwheezy commented on GitHub (Apr 4, 2021):

Thanks again!

I was just trying to understand the difference between dbus-user and dbus-system. As I mentioned before, this is probably outside the scope of this issue. I'll look up an article.

<!-- gh-comment-id:813007008 --> @vwheezy commented on GitHub (Apr 4, 2021): Thanks again! I was just trying to understand the difference between `dbus-user` and `dbus-system`. As I mentioned before, this is probably outside the scope of this issue. I'll look up an article.
gitea-mirror commented 2026-05-05 09:14:01 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Apr 4, 2021):

There are two primary use-cases for which D-Bus is designed:

  • As a "system bus" for communicating between system applications and user sessions
  • As a "session bus" for exhanging data between applications in a desktop environments

src: https://pythonhosted.org/txdbus/dbus_overview.html

<!-- gh-comment-id:813008802 --> @rusty-snake commented on GitHub (Apr 4, 2021): > There are two primary use-cases for which D-Bus is designed: > - As a "system bus" for communicating between system applications and user sessions > - As a "session bus" for exhanging data between applications in a desktop environments <sub>src: https://pythonhosted.org/txdbus/dbus_overview.html</sub>
gitea-mirror commented 2026-05-05 09:14:03 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Apr 4, 2021):

@rusty-snake Should we bring in these changes to allow D-Bus notifications? I took the liberty to prepare a PR to do so.

@vwheezy22 If we decide to integrate the changes into the default signal-desktop.profile you can drop them from your signal-desktop.local when upgrading your firejail in the future, just a FYI

<!-- gh-comment-id:813057967 --> @ghost commented on GitHub (Apr 4, 2021): @rusty-snake Should we bring in these changes to allow D-Bus notifications? I took the liberty to prepare a PR to do so. @vwheezy22 If we decide to integrate the changes into the default signal-desktop.profile you can drop them from your signal-desktop.local when upgrading your firejail in the future, just a FYI
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2557
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?