github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #4953] cannot create an empty sandbox any more #2834

New issue

Closed

opened 2026-05-05 09:29:23 -06:00 by gitea-mirror · 4 comments

gitea-mirror commented

2026-05-05 09:29:23 -06:00

Owner

Originally created by @Rosika2 on GitHub (Feb 17, 2022).
Original GitHub issue: https://github.com/netblue30/firejail/issues/4953

Hi all,

I just updated my BodhiLinux (BL 5, 18.04, 32 bit, running in a VM) installation per
sudo apt update && sudo apt upgrade
and thus the latest firejail version was installed. I´m now on "firejail version 0.9.68".

The thing is: When I try to create an empty sandbox by invoking just the "firejail" command I get this message:

firejail
Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-programs.inc
Warning: networking feature is disabled in Firejail configuration file

** Note: you can use --noprofile to disable default.profile **

Parent pid 890, child pid 891
Error: cannot write to /proc/891/gid_map: Invalid argument
Error: proc 1 cannot sync with peer: unexpected EOF

Hmm, that was´t the case before the update.

So I tried using the "--noprofile option", which worked:

firejail --noprofile
Parent pid 934, child pid 935
Child process initialized in 14.20 ms
Willkommen zu fish, der freundlichen interaktiven Shell
Type `help` for instructions on how to use fish

What might be the matter here? Any suggestions are certainly welcome.

Many thanks in advance.
Rosika

Originally created by @Rosika2 on GitHub (Feb 17, 2022). Original GitHub issue: https://github.com/netblue30/firejail/issues/4953 Hi all, I just updated my **BodhiLinux** (BL 5, 18.04, 32 bit, running in a VM) installation per `sudo apt update && sudo apt upgrade` and thus the latest **firejail** version was installed. I´m now on "firejail version 0.9.68". The thing is: When I try to create an empty sandbox by invoking just the "firejail" command I get this message: ``` firejail Reading profile /etc/firejail/default.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-programs.inc Warning: networking feature is disabled in Firejail configuration file ** Note: you can use --noprofile to disable default.profile ** Parent pid 890, child pid 891 Error: cannot write to /proc/891/gid_map: Invalid argument Error: proc 1 cannot sync with peer: unexpected EOF ``` Hmm, that was´t the case before the update. So I tried using the "--noprofile option", which worked: ``` firejail --noprofile Parent pid 934, child pid 935 Child process initialized in 14.20 ms Willkommen zu fish, der freundlichen interaktiven Shell Type `help` for instructions on how to use fish ``` What might be the matter here? Any suggestions are certainly welcome. Many thanks in advance. Rosika

gitea-mirror

2026-05-05 09:29:23 -06:00

closed this issue
added the
workaround
label

gitea-mirror commented

2026-05-05 09:29:26 -06:00

Author

Owner

@rusty-snake commented on GitHub (Feb 17, 2022):

As a workaround firejail --ignore=noroot.

@rusty-snake commented on GitHub (Feb 17, 2022): As a workaround `firejail --ignore=noroot`.

gitea-mirror commented

2026-05-05 09:29:26 -06:00

Author

Owner

@Rosika2 commented on GitHub (Feb 17, 2022):

@rusty-snake:

Thanks so much for your very quick answer.

Indeed firejail --ignore=noroot works as desired. That´s great.

Just for some additional info (because I´m curious about it): Was there a major change of some sort as far as firejail is concerned?
I mean: why has the workaround become necessary?

Tnx a lot.
Greetings from Rosika

@Rosika2 commented on GitHub (Feb 17, 2022): @rusty-snake: Thanks so much for your very quick answer. Indeed `firejail --ignore=noroot` works as desired. That´s great. Just for some additional info (because I´m curious about it): Was there a major change of some sort as far as firejail is concerned? I mean: why has the workaround become necessary? Tnx a lot. Greetings from Rosika

gitea-mirror commented

2026-05-05 09:29:27 -06:00

Author

Owner

@rusty-snake commented on GitHub (Feb 17, 2022):

That's the thing nothing has change on firejail end AFAICTY.

It's more likely that a kernel update or something else changed.

@rusty-snake commented on GitHub (Feb 17, 2022): That's the thing nothing has change on firejail end AFAICTY. It's more likely that a kernel update or something else changed.

gitea-mirror commented

2026-05-05 09:29:28 -06:00

Author

Owner

@Rosika2 commented on GitHub (Feb 17, 2022):

@rusty-snake:

I see. Thanks for the feedback.
Well, the main thing is the workaround you provided works perfectly.

Thank you very much again for your kind help.

Many greetings
Rosika

@Rosika2 commented on GitHub (Feb 17, 2022): @rusty-snake: I see. Thanks for the feedback. Well, the main thing is the workaround you provided works perfectly. Thank you very much again for your kind help. Many greetings Rosika

gitea-mirror referenced this issue

2026-05-05 10:22:12 -06:00

[PR #2835] [MERGED] Fix #2834 #4550

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2834

No description provided.

Rows
Columns