github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #4960] Brave crashes on multiple browser profiles with PWAs under Wayland #2837

New issue
Closed
opened 2026-05-05 09:29:31 -06:00 by gitea-mirror · 8 comments
gitea-mirror commented 2026-05-05 09:29:31 -06:00
Owner
Copy link

Originally created by @samsapti on GitHub (Feb 18, 2022).
Original GitHub issue: https://github.com/netblue30/firejail/issues/4960

Description

When starting Spotify (installed as a PWA under its own Brave profile), then starting another PWA (say Discord, also installed under its own Brave profile), and then clicking play in Spotify, Brave crashes (all windows). This only happens under Wayland and when running with Firejail. Running without Firejail (either with --noprofileor just without Firejail at all) and/or under XWayland works fine.

Steps to Reproduce

  1. Run in terminal LC_ALL=C firejail brave --profile-directory="Profile 1" --app-id=pjibgclleladliembfgfagdaldikeohf to open Spotify
  2. Run in terminal LC_ALL=C firejail brave --profile-directory="Profile 3" --app-id=magkoliahgffibhgfkmoealggombgknl to open Discord
  3. Click play in Spotify
  4. All Brave windows crash with error message in Spotify output: ERROR:wayland_event_watcher.cc(292)] Fatal Wayland protocol error 3 on interface xdg_surface (object 37). Shutting down..

Expected behavior

Brave doesn't crash

Actual behavior

Brave crashes

Behavior without a profile

Brave works as expected

Additional context

brave-flags.conf 

--enable-features=WebRTCPipeWireCapturer
--enable-features=UseOzonePlatform
--ozone-platform=wayland

brave.local (in combination with official Brave Firejail profile) 

# Enable KeePassXC-Browser support.
whitelist ${RUNUSER}/org.keepassxc.KeePassXC.BrowserServer

chromium-common.local 

# Enable PipeWire screensharing under Wayland
whitelist ${RUNUSER}/pipewire-0
whitelist /usr/share/pipewire/client.conf

# Disable graphics acceleration
no3d

firejail.config 

# This is Firejail system-wide configuration file. The file contains
# keyword-argument pairs, one per line. Most features are enabled by default.
# Use 'yes' or 'no' as configuration values.

# Allow programs to display a tray icon
allow-tray no

# Enable AppArmor functionality, default enabled.
apparmor yes

# Number of ARP probes sent when assigning an IP address for --net option,
# default 2. This is a partial implementation of RFC 5227. A 0.5 seconds
# timeout is implemented for each probe. Increase this number to 4 if your
# local layer 2 network uses RSTP (IEEE 802.1w). Permitted values are
# between 1 and 30.
# arp-probes 2

# Enable or disable bind support, default enabled.
# bind yes

# Allow (DRM) execution in browsers, default disabled.
browser-allow-drm yes

# Disable U2F in browsers, default enabled.
browser-disable-u2f no

# Enable or disable cgroup support, default enabled.
cgroup yes

# Enable or disable chroot support, default enabled.
chroot yes

# Enable or disable dbus handling, default enabled.
dbus yes

# Disable /mnt, /media, /run/mount and /run/media access. By default access
# to these directories is enabled. Unlike --disable-mnt profile option this
# cannot be overridden by --noblacklist or --ignore.
# disable-mnt no

# Enable or disable file transfer support, default enabled.
# file-transfer yes

# Enable Firejail green prompt in terminal, default disabled
firejail-prompt yes

# Force use of nonewprivs.  This mitigates the possibility of
# a user abusing firejail's features to trick a privileged (suid
# or file capabilities) process into loading code or configuration
# that is partially under their control.  Default disabled.
force-nonewprivs no

# Allow sandbox joining as a regular user, default enabled.
# root user can always join sandboxes.
join yes

# Timeout when joining a sandbox, default five seconds. It is not
# possible to join a sandbox while it is still starting up. Wait up
# to the specified period of time to allow sandbox setup to finish.
join-timeout 5

# Enable or disable sandbox name change, default enabled.
name-change yes

# Change default netfilter configuration. When using --netfilter option without
# a file argument, the default filter is hardcoded (see man 1 firejail). This
# configuration entry allows the user to change the default by specifying
# a file containing the filter configuration. The filter file format is the
# format of iptables-save and iptables-restore commands. Example:
# netfilter-default /etc/iptables.iptables.rules

# Enable or disable networking features, default enabled.
network yes

# Enable or disable overlayfs features, default enabled.
overlayfs yes

# Set the limit for file copy in several --private-* options. The size is set
# in megabytes. By default we allow up to 500MB.
# Note: the files are copied in RAM.
# file-copy-limit 500

# Enable or disable private-bin feature, default enabled.
private-bin yes

# Remove /usr/local directories from private-bin list, default disabled.
# private-bin-no-local no

# Enable or disable private-cache feature, default enabled
private-cache yes

# Enable or disable private-etc feature, default enabled.
private-etc yes

# Enable or disable private-home feature, default enabled
private-home yes

# Enable or disable private-lib feature, default enabled
private-lib yes

# Enable or disable private-opt feature, default enabled.
private-opt yes

# Enable or disable private-srv feature, default enabled.
private-srv yes

# Enable --quiet as default every time the sandbox is started. Default disabled.
# quiet-by-default no

# Enable or disable restricted network support, default disabled. If enabled,
# networking features should also be enabled (network yes).
# Restricted networking grants access to --interface, --net=ethXXX and
# --netfilter only to root user. Regular users are only allowed --net=none.
# restricted-network no

# Enable or disable seccomp support, default enabled.
seccomp yes

# Add rules to the default seccomp filter. Same syntax as for --seccomp=
# None by default; this is an example.
# seccomp-filter-add !chroot,kcmp,mincore

# Seccomp error action, kill, log or errno (EPERM, ENOSYS etc)
# seccomp-error-action EPERM

# Enable or disable user namespace support, default enabled.
userns yes

# Disable whitelist top level directories, in addition to those
# that are disabled out of the box. None by default; this is an example.
# whitelist-disable-topdir /etc,/usr/etc

# Enable or disable X11 sandboxing support, default enabled.
x11 yes

# Xephyr command extra parameters. None by default; these are examples.
# xephyr-extra-params -keybd ephyr,,,xkbmodel=evdev
# xephyr-extra-params -grayscale

# Screen size for --x11=xephyr, default 800x600. Run /usr/bin/xrandr for
# a full list of resolutions available on your specific setup.
# xephyr-screen 640x480
# xephyr-screen 800x600
# xephyr-screen 1024x768
# xephyr-screen 1280x1024

# Firejail window title in Xephyr, default enabled.
# xephyr-window-title yes

# Enable this option if you have a version of Xpra that supports --attach switch
# for start command, default disabled.
# xpra-attach no

# Xpra server command extra parameters. None by default; this is an example.
# xpra-extra-params --dpi 96

# Screen size for --x11=xvfb, default 800x600x24.  The third dimension is
# color depth; use 24 unless you know exactly what you're doing.
# xvfb-screen 640x480x24
# xvfb-screen 800x600x24
# xvfb-screen 1024x768x24
# xvfb-screen 1280x1024x24

# Xvfb command extra parameters.  None by default; this is an example.
# xvfb-extra-params -pixdepths 8 24 32

Environment

  • Linux distribution and version: Artix Linux (with s6 init system)
  • Firejail version: 0.9.68 (firejail 0.9.68-1 from Artix galaxy repo)
  • Brave version: 1.35.103 (brave-bin 1:1.35.103-1 from AUR)

Checklist

  • The issues is caused by firejail (i.e. running the program by path (e.g. /usr/bin/vlc) "fixes" it).
  • I can reproduce the issue without custom modifications (e.g. globals.local).
  • The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
  • The profile (and redirect profile if exists) hasn't already been fixed upstream.
  • I have performed a short search for similar issues (to avoid opening a duplicate).
    • I'm aware of browser-allow-drm yes/browser-disable-u2f no in firejail.config to allow DRM/U2F in browsers.
  • I used --profile=PROFILENAME to set the right profile. (Only relevant for AppImages)

Log

Output of LC_ALL=C firejail brave --profile-directory="Profile 1" --app-id=pjibgclleladliembfgfagdaldikeohf (relevant events commented in log)

brave-spotify.log

Output of LC_ALL=C firejail brave --profile-directory="Profile 3" --app-id=magkoliahgffibhgfkmoealggombgknl

brave-discord.log

Output of LC_ALL=C firejail --debug brave --profile-directory="Profile 1" --app-id=pjibgclleladliembfgfagdaldikeohf (relevant events commented in log)

brave-spotify-debug.log

Output of LC_ALL=C firejail --debug brave --profile-directory="Profile 3" --app-id=magkoliahgffibhgfkmoealggombgknl

brave-discord-debug.log

Originally created by @samsapti on GitHub (Feb 18, 2022). Original GitHub issue: https://github.com/netblue30/firejail/issues/4960 <!-- See the following links for help with formatting: https://guides.github.com/features/mastering-markdown/ https://docs.github.com/en/github/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax --> ### Description When starting Spotify (installed as a PWA under its own Brave profile), then starting another PWA (say Discord, also installed under its own Brave profile), and then clicking play in Spotify, Brave crashes (all windows). This only happens under Wayland and when running with Firejail. Running without Firejail (either with `--noprofile`or just without Firejail at all) and/or under XWayland works fine. ### Steps to Reproduce 1. Run in terminal `LC_ALL=C firejail brave --profile-directory="Profile 1" --app-id=pjibgclleladliembfgfagdaldikeohf` to open Spotify 2. Run in terminal `LC_ALL=C firejail brave --profile-directory="Profile 3" --app-id=magkoliahgffibhgfkmoealggombgknl` to open Discord 3. Click play in Spotify 4. All Brave windows crash with error message in Spotify output: `ERROR:wayland_event_watcher.cc(292)] Fatal Wayland protocol error 3 on interface xdg_surface (object 37). Shutting down..` ### Expected behavior Brave doesn't crash ### Actual behavior Brave crashes ### Behavior without a profile Brave works as expected ### Additional context <details> <summary><code>brave-flags.conf</code></summary> <p> ``` --enable-features=WebRTCPipeWireCapturer --enable-features=UseOzonePlatform --ozone-platform=wayland ``` </p> </details> <details> <summary><code>brave.local</code> (in combination with official Brave Firejail profile)</summary> <p> ``` # Enable KeePassXC-Browser support. whitelist ${RUNUSER}/org.keepassxc.KeePassXC.BrowserServer ``` </p> </details> <details> <summary><code>chromium-common.local</code></summary> <p> ``` # Enable PipeWire screensharing under Wayland whitelist ${RUNUSER}/pipewire-0 whitelist /usr/share/pipewire/client.conf # Disable graphics acceleration no3d ``` </p> </details> <details> <summary><code>firejail.config</code></summary> <p> ``` # This is Firejail system-wide configuration file. The file contains # keyword-argument pairs, one per line. Most features are enabled by default. # Use 'yes' or 'no' as configuration values. # Allow programs to display a tray icon allow-tray no # Enable AppArmor functionality, default enabled. apparmor yes # Number of ARP probes sent when assigning an IP address for --net option, # default 2. This is a partial implementation of RFC 5227. A 0.5 seconds # timeout is implemented for each probe. Increase this number to 4 if your # local layer 2 network uses RSTP (IEEE 802.1w). Permitted values are # between 1 and 30. # arp-probes 2 # Enable or disable bind support, default enabled. # bind yes # Allow (DRM) execution in browsers, default disabled. browser-allow-drm yes # Disable U2F in browsers, default enabled. browser-disable-u2f no # Enable or disable cgroup support, default enabled. cgroup yes # Enable or disable chroot support, default enabled. chroot yes # Enable or disable dbus handling, default enabled. dbus yes # Disable /mnt, /media, /run/mount and /run/media access. By default access # to these directories is enabled. Unlike --disable-mnt profile option this # cannot be overridden by --noblacklist or --ignore. # disable-mnt no # Enable or disable file transfer support, default enabled. # file-transfer yes # Enable Firejail green prompt in terminal, default disabled firejail-prompt yes # Force use of nonewprivs. This mitigates the possibility of # a user abusing firejail's features to trick a privileged (suid # or file capabilities) process into loading code or configuration # that is partially under their control. Default disabled. force-nonewprivs no # Allow sandbox joining as a regular user, default enabled. # root user can always join sandboxes. join yes # Timeout when joining a sandbox, default five seconds. It is not # possible to join a sandbox while it is still starting up. Wait up # to the specified period of time to allow sandbox setup to finish. join-timeout 5 # Enable or disable sandbox name change, default enabled. name-change yes # Change default netfilter configuration. When using --netfilter option without # a file argument, the default filter is hardcoded (see man 1 firejail). This # configuration entry allows the user to change the default by specifying # a file containing the filter configuration. The filter file format is the # format of iptables-save and iptables-restore commands. Example: # netfilter-default /etc/iptables.iptables.rules # Enable or disable networking features, default enabled. network yes # Enable or disable overlayfs features, default enabled. overlayfs yes # Set the limit for file copy in several --private-* options. The size is set # in megabytes. By default we allow up to 500MB. # Note: the files are copied in RAM. # file-copy-limit 500 # Enable or disable private-bin feature, default enabled. private-bin yes # Remove /usr/local directories from private-bin list, default disabled. # private-bin-no-local no # Enable or disable private-cache feature, default enabled private-cache yes # Enable or disable private-etc feature, default enabled. private-etc yes # Enable or disable private-home feature, default enabled private-home yes # Enable or disable private-lib feature, default enabled private-lib yes # Enable or disable private-opt feature, default enabled. private-opt yes # Enable or disable private-srv feature, default enabled. private-srv yes # Enable --quiet as default every time the sandbox is started. Default disabled. # quiet-by-default no # Enable or disable restricted network support, default disabled. If enabled, # networking features should also be enabled (network yes). # Restricted networking grants access to --interface, --net=ethXXX and # --netfilter only to root user. Regular users are only allowed --net=none. # restricted-network no # Enable or disable seccomp support, default enabled. seccomp yes # Add rules to the default seccomp filter. Same syntax as for --seccomp= # None by default; this is an example. # seccomp-filter-add !chroot,kcmp,mincore # Seccomp error action, kill, log or errno (EPERM, ENOSYS etc) # seccomp-error-action EPERM # Enable or disable user namespace support, default enabled. userns yes # Disable whitelist top level directories, in addition to those # that are disabled out of the box. None by default; this is an example. # whitelist-disable-topdir /etc,/usr/etc # Enable or disable X11 sandboxing support, default enabled. x11 yes # Xephyr command extra parameters. None by default; these are examples. # xephyr-extra-params -keybd ephyr,,,xkbmodel=evdev # xephyr-extra-params -grayscale # Screen size for --x11=xephyr, default 800x600. Run /usr/bin/xrandr for # a full list of resolutions available on your specific setup. # xephyr-screen 640x480 # xephyr-screen 800x600 # xephyr-screen 1024x768 # xephyr-screen 1280x1024 # Firejail window title in Xephyr, default enabled. # xephyr-window-title yes # Enable this option if you have a version of Xpra that supports --attach switch # for start command, default disabled. # xpra-attach no # Xpra server command extra parameters. None by default; this is an example. # xpra-extra-params --dpi 96 # Screen size for --x11=xvfb, default 800x600x24. The third dimension is # color depth; use 24 unless you know exactly what you're doing. # xvfb-screen 640x480x24 # xvfb-screen 800x600x24 # xvfb-screen 1024x768x24 # xvfb-screen 1280x1024x24 # Xvfb command extra parameters. None by default; this is an example. # xvfb-extra-params -pixdepths 8 24 32 ``` </p> </details> ### Environment - Linux distribution and version: Artix Linux (with `s6` init system) - Firejail version: 0.9.68 (`firejail 0.9.68-1` from Artix `galaxy` repo) - Brave version: 1.35.103 (`brave-bin 1:1.35.103-1` from AUR) ### Checklist <!-- Note: Items are checked with an "x", like so: - [x] This is a checked item. --> - [x] The issues is caused by firejail (i.e. running the program by path (e.g. `/usr/bin/vlc`) "fixes" it). - [x] I can reproduce the issue without custom modifications (e.g. globals.local). - [x] The program has a profile. (If not, request one in `https://github.com/netblue30/firejail/issues/1139`) - [x] The profile (and redirect profile if exists) hasn't already been fixed [upstream](https://github.com/netblue30/firejail/tree/master/etc). - [x] I have performed a short search for similar issues (to avoid opening a duplicate). - [x] I'm aware of `browser-allow-drm yes`/`browser-disable-u2f no` in `firejail.config` to allow DRM/U2F in browsers. - [ ] I used `--profile=PROFILENAME` to set the right profile. (Only relevant for AppImages) ### Log <details> <summary>Output of <code>LC_ALL=C firejail brave --profile-directory="Profile 1" --app-id=pjibgclleladliembfgfagdaldikeohf</code> (relevant events commented in log)</summary> <p> [brave-spotify.log](https://github.com/netblue30/firejail/files/8099556/brave-spotify.log) </p> </details> <details> <summary>Output of <code>LC_ALL=C firejail brave --profile-directory="Profile 3" --app-id=magkoliahgffibhgfkmoealggombgknl</code></summary> <p> [brave-discord.log](https://github.com/netblue30/firejail/files/8099558/brave-discord.log) </p> </details> <details> <summary>Output of <code>LC_ALL=C firejail --debug brave --profile-directory="Profile 1" --app-id=pjibgclleladliembfgfagdaldikeohf</code> (relevant events commented in log)</summary> <p> [brave-spotify-debug.log](https://github.com/netblue30/firejail/files/8099555/brave-spotify-debug.log) </p> </details> <details> <summary>Output of <code>LC_ALL=C firejail --debug brave --profile-directory="Profile 3" --app-id=magkoliahgffibhgfkmoealggombgknl</code></summary> <p> [brave-discord-debug.log](https://github.com/netblue30/firejail/files/8099557/brave-discord-debug.log) </p> </details>
gitea-mirror commented 2026-05-05 09:29:33 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Feb 18, 2022):

Does it work if you add join-or-restart brave join-or-start brave to brave.local?

Exemplary bug report, thanks.

whitelist /usr/share/pipewire/client.conf

FYI, this should no longer be needed with firejail 0.9.68.

<!-- gh-comment-id:1044990691 --> @rusty-snake commented on GitHub (Feb 18, 2022): Does it work if you add ~`join-or-restart brave`~ `join-or-start brave` to `brave.local`? --- Exemplary bug report, thanks. > whitelist /usr/share/pipewire/client.conf FYI, this should no longer be needed with firejail 0.9.68.
gitea-mirror commented 2026-05-05 09:29:34 -06:00
Author
Owner
Copy link

@samsapti commented on GitHub (Feb 18, 2022):

Does it work if you add join-or-restart brave to brave.local?

It says: Error: line 4 in /home/user/.config/firejail/brave.local is invalid after adding that.

<!-- gh-comment-id:1044994901 --> @samsapti commented on GitHub (Feb 18, 2022): > Does it work if you add `join-or-restart brave` to `brave.local`? It says: `Error: line 4 in /home/user/.config/firejail/brave.local is invalid` after adding that.
gitea-mirror commented 2026-05-05 09:29:35 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Feb 18, 2022):

Gotch join-or-start, no restart.

But this doesn't make real sense either.

<!-- gh-comment-id:1044995879 --> @rusty-snake commented on GitHub (Feb 18, 2022): Gotch `join-or-start`, no `restart`. But this doesn't make real sense either.
gitea-mirror commented 2026-05-05 09:29:36 -06:00
Author
Owner
Copy link

@samsapti commented on GitHub (Feb 18, 2022):

Gotch join-or-start, no restart.

But this doesn't make real sense either.

Nope, it causes the following error when trying to launch Discord:

Reading profile /etc/firejail/brave.profile
Reading profile /home/user/.config/firejail/brave.local
Switching to pid 15784, the first child process inside the sandbox
Error: invalid option --app-id=magkoliahgffibhgfkmoealggombgknl after --join

Even if I start it without the --app-id flag, manually navigate to Discord, and then click open in Discord, it still crashes when clicking play in Spotify.

<!-- gh-comment-id:1045003764 --> @samsapti commented on GitHub (Feb 18, 2022): > Gotch `join-or-start`, no `restart`. > > But this doesn't make real sense either. Nope, it causes the following error when trying to launch Discord: ``` Reading profile /etc/firejail/brave.profile Reading profile /home/user/.config/firejail/brave.local Switching to pid 15784, the first child process inside the sandbox Error: invalid option --app-id=magkoliahgffibhgfkmoealggombgknl after --join ``` Even if I start it without the `--app-id` flag, manually navigate to Discord, and then click `open in Discord`, it still crashes when clicking play in Spotify.
gitea-mirror commented 2026-05-05 09:29:37 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Feb 18, 2022):

I've no real idea what could be the cause, try commenting stuff until it work to find the problematic line.

<!-- gh-comment-id:1045049775 --> @rusty-snake commented on GitHub (Feb 18, 2022): I've no real idea what could be the cause, try commenting stuff until it work to find the problematic line.
gitea-mirror commented 2026-05-05 09:29:38 -06:00
Author
Owner
Copy link

@reinerh commented on GitHub (Feb 18, 2022):

Error: invalid option --app-id=magkoliahgffibhgfkmoealggombgknl after --join

This sounds like firejail thinks it's a firejail option.
Can you try to end the firejail options list with --?
E.g.: firejail -- brave --appid=...

<!-- gh-comment-id:1045164264 --> @reinerh commented on GitHub (Feb 18, 2022): `Error: invalid option --app-id=magkoliahgffibhgfkmoealggombgknl after --join` This sounds like firejail thinks it's a firejail option. Can you try to end the firejail options list with `--`? E.g.: `firejail -- brave --appid=...`
gitea-mirror commented 2026-05-05 09:29:38 -06:00
Author
Owner
Copy link

@samsapti commented on GitHub (Feb 18, 2022):

Error: invalid option --app-id=magkoliahgffibhgfkmoealggombgknl after --join

This sounds like firejail thinks it's a firejail option. Can you try to end the firejail options list with --? E.g.: firejail -- brave --appid=...

That does fix the second Brave window (Discord) not launching, but Brave still crashes when clicking play in Spotify.

<!-- gh-comment-id:1045217904 --> @samsapti commented on GitHub (Feb 18, 2022): > `Error: invalid option --app-id=magkoliahgffibhgfkmoealggombgknl after --join` > > This sounds like firejail thinks it's a firejail option. Can you try to end the firejail options list with `--`? E.g.: `firejail -- brave --appid=...` That does fix the second Brave window (Discord) not launching, but Brave still crashes when clicking play in Spotify.
gitea-mirror commented 2026-05-05 09:29:39 -06:00
Author
Owner
Copy link

@samsapti commented on GitHub (Feb 18, 2022):

Okay, I think this is a Brave issue. I've found that removing no3d option fixes the bug, but only when 3D acceleration is turned on in Brave settings. Turning 3D acceleration off in Brave settings results in the faulty behavior regardless of it running in Firejail or not. I'm closing this issue and opening one in Brave's repo.

<!-- gh-comment-id:1045245017 --> @samsapti commented on GitHub (Feb 18, 2022): Okay, I think this is a Brave issue. I've found that removing `no3d` option fixes the bug, but only when 3D acceleration is turned on in Brave settings. Turning 3D acceleration off in Brave settings results in the faulty behavior regardless of it running in Firejail or not. I'm closing this issue and opening one in Brave's repo.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2837
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?