github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #4769] Can session D-BUS and --net both available #2774

New issue

Closed

opened 2026-05-05 09:26:13 -06:00 by gitea-mirror · 2 comments

gitea-mirror commented

2026-05-05 09:26:13 -06:00

Owner

Originally created by @lkunxyz on GitHub (Dec 10, 2021).
Original GitHub issue: https://github.com/netblue30/firejail/issues/4769

i using this cmd:
firejail --noprofile --net=eth0 --dbus-system=filter firefox

but when connect to dbus system,i got an error:
_Connection Error Failed to connect to socket /tmp/dbus-6HyK661YVi: Connection refused_

i have some request need dbus and --net work both of them at the same time

can anybody help me ?
thanks a lot!

Originally created by @lkunxyz on GitHub (Dec 10, 2021). Original GitHub issue: https://github.com/netblue30/firejail/issues/4769 i using this cmd: firejail --noprofile --net=eth0 --dbus-system=filter firefox but when connect to dbus system,i got an error: **`_Connection Error Failed to connect to socket /tmp/dbus-6HyK661YVi: Connection refused_`** i have some request need dbus and --net work both of them at the same time can anybody help me ? thanks a lot!

gitea-mirror

2026-05-05 09:26:13 -06:00

closed this issue
added the
stale
label

gitea-mirror commented

2026-05-05 09:26:17 -06:00

Author

Owner

@ghost commented on GitHub (Dec 22, 2021):

Why are you using --noprofile? That option is for debugging purposes and shouldn't be used for anything else. Our firefox.profile already has D-Bus user filtering for some adressess:

[...]
dbus-user filter
dbus-user.own org.mozilla.Firefox.*
dbus-user.own org.mozilla.firefox.*
dbus-user.own org.mpris.MediaPlayer2.firefox.*
ignore dbus-user none
[...]

If you need dbus-system filtering, use a similar syntax in a firefox.local file. You will have to create that if you don't use one yet. Besides enabling filtering you also need to supply the actual D-Bus addressess you want to own or talk to. In any case, having --net can be used together with D-Bus filtering yes.

What are you trying to achieve exactly?

@ghost commented on GitHub (Dec 22, 2021): Why are you using `--noprofile`? That option is for debugging purposes and shouldn't be used for anything else. Our [firefox.profile](https://github.com/netblue30/firejail/blob/master/etc/profile-a-l/firefox.profile#L49) already has D-Bus user filtering for some adressess: ``` [...] dbus-user filter dbus-user.own org.mozilla.Firefox.* dbus-user.own org.mozilla.firefox.* dbus-user.own org.mpris.MediaPlayer2.firefox.* ignore dbus-user none [...] ``` If you need dbus-system filtering, use a similar syntax in a `firefox.local` file. You will have to create that if you don't use one yet. Besides **enabling** filtering you also need to supply the actual D-Bus **addressess** you want to **own** or **talk** to. In any case, having --net can be used together with D-Bus filtering yes. What are you trying to achieve exactly?

gitea-mirror commented

2026-05-05 09:26:18 -06:00

Author

Owner

@rusty-snake commented on GitHub (Oct 30, 2022):

It's not possible to use --net when D-Bus is configured to use an abstract socket.

I'm closing here due to inactivity, please fell free to request to reopen if you have more questions.

@rusty-snake commented on GitHub (Oct 30, 2022): It's not possible to use `--net` when D-Bus is configured to use an abstract socket. I'm closing here due to inactivity, please fell free to request to reopen if you have more questions.

gitea-mirror referenced this issue

2026-05-05 10:21:42 -06:00

[PR #2774] [MERGED] chromium: disable nodbus #4522

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2774

No description provided.

Rows
Columns