github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #5326] librewolf: Error: Can't find profile directory #2957

New issue
Closed
opened 2026-05-05 09:37:12 -06:00 by gitea-mirror · 10 comments
gitea-mirror commented 2026-05-05 09:37:12 -06:00
Owner
Copy link

Originally created by @ghost on GitHub (Aug 20, 2022).
Original GitHub issue: https://github.com/netblue30/firejail/issues/5326

[Firejail not working with Librewolf]

So I installed Librewolf prior to installing Firejail.

Librewolf was installed via the Debian Repo:

https://librewolf.net/installation/debian/

Also I enabled firejail with system by doing sudo firecfg. Aswell as editing some of the profiles in /etc/firejail like Firefox as well as adding firejail at the begining of the execution path in /etc/share/applications/firefox.desktop and confirmed worked. Did the same for Libewolf (librewolfs desktop name is defferent explained later) and wouldn't work so I changed it back to normal.

Librewolf works when fine launching without firejail. However When I do firejail librewolf it says something along the lines

Warning: networking feature is disabled in Firejail configuration file

When looking at librewolf profile I never blacklisted Network acess I just did blacklist /sys/* to block directorys from being read just like firefox and firefox works and also blocks access.

Furthermore I looked at /etc/share/applications and librewolfs desktop file is named start-librewolf.desktop there is no librewolf.desktop.

This made me think I needed to make a profile in /etc/firejail named start-librewolf.profile

So thats what I did and pasted the same info/rules from the librewolf.profile into it.

This did not fix firejail in regards to Librewolf.

What is the work around or what am I doing wrong?

Edit: This is likely a duplicate of:

Originally created by @ghost on GitHub (Aug 20, 2022). Original GitHub issue: https://github.com/netblue30/firejail/issues/5326 ## [Firejail not working with Librewolf] So I installed Librewolf prior to installing Firejail. Librewolf was installed via the Debian Repo: > https://librewolf.net/installation/debian/ Also I enabled firejail with system by doing `sudo firecfg`. Aswell as editing some of the profiles in `/etc/firejail` like *Firefox* as well as adding firejail at the begining of the execution path in `/etc/share/applications/firefox.desktop` and confirmed worked. Did the same for Libewolf (librewolfs desktop name is defferent explained later) and wouldn't work so I changed it back to normal. Librewolf works when fine launching without firejail. However When I do `firejail librewolf` it says something along the lines > Warning: networking feature is disabled in Firejail configuration file When looking at librewolf profile I never blacklisted Network acess I just did `blacklist /sys/*` to block directorys from being read just like firefox and firefox works and also blocks access. Furthermore I looked at `/etc/share/applications` and librewolfs desktop file is named `start-librewolf.desktop` there is no `librewolf.desktop`. This made me think I needed to make a profile in `/etc/firejail` named `start-librewolf.profile` So thats what I did and pasted the same info/rules from the librewolf.profile into it. This did not fix firejail in regards to *Librewolf*. **What is the work around or what am I doing wrong?** Edit: This is likely a duplicate of: * #5460
gitea-mirror 2026-05-05 09:37:12 -06:00
gitea-mirror commented 2026-05-05 09:37:15 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Aug 20, 2022):

Furthermore I looked at /etc/share/applications and librewolfs desktop file is named start-librewolf.desktop there is no librewolf.desktop.
This made me think I needed to make a profile in /etc/firejail named start-librewolf.profile

Firejail uses the name of the executable to pick the correct security profile. So, take a look inside your start-librewolf.desktop and tell us what it refers to on the Exec=... line. I'm assuming 'librewolf' to be the binary, so it would be helpful if you can post output of running the below command:

$ firejail --ignore=quiet /usr/bin/librewolf
<!-- gh-comment-id:1221400089 --> @ghost commented on GitHub (Aug 20, 2022): > Furthermore I looked at /etc/share/applications and librewolfs desktop file is named start-librewolf.desktop there is no librewolf.desktop. This made me think I needed to make a profile in /etc/firejail named start-librewolf.profile Firejail uses the name of the executable to pick the correct security profile. So, take a look inside your start-librewolf.desktop and tell us what it refers to on the Exec=... line. I'm assuming 'librewolf' to be the binary, so it would be helpful if you can post output of running the below command: ``` $ firejail --ignore=quiet /usr/bin/librewolf ```
gitea-mirror commented 2026-05-05 09:37:16 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Aug 21, 2022):

@glitsj16

When looking at start-librewolf.desktop the Exec I have:

Exec=/usr/share/librewolf/librewolf%u

Between the time I posted and now, I tried creating start-librewolf.profile again and copying librewolf.profile contents to it. Then deleted (rm) the librewolf.profile and tried firejail librewolf.

This time I didn't get the network error but Librewolf, but gets stuck at selecting a firefox profile even though I never set profiles flag -p in the Exec path for librewolf.

Just saw your reply and running firejail --ignore=quiet /usr/bin/librewolf does the same thing it brings me to the profile selector screen. I have no Librewolf profiles set.

<!-- gh-comment-id:1221450689 --> @ghost commented on GitHub (Aug 21, 2022): @glitsj16 When looking at `start-librewolf.desktop` the Exec I have: `Exec=/usr/share/librewolf/librewolf%u` Between the time I posted and now, I tried creating `start-librewolf.profile` again and copying `librewolf.profile` contents to it. Then deleted (`rm`) the `librewolf.profile` and tried `firejail librewolf`. This time I didn't get the network error but *Librewolf*, but gets stuck at selecting a firefox profile even though I never set profiles flag `-p` in the Exec path for librewolf. Just saw your reply and running `firejail --ignore=quiet /usr/bin/librewolf` does the same thing it brings me to the profile selector screen. I have no Librewolf profiles set.
gitea-mirror commented 2026-05-05 09:37:17 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Aug 21, 2022):

@glitsj16

I don't have my ethernet plugged in right now (did earlier replying on differnet machine), but tried your command again this is what it says in terminal in background:

Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Warning: networking feature is disbaled in Firejail configuration file

** Note: you can use --noprofile to disable default.profile **

parent pid 6730, child pid 67371
Warning: cannot create a new user namespace, going forward without it...
child process initialized in 138.28 ms
Crash Annotation GraphicsCriticalError: | [0] [GFX1-]: glxtest: VA-API test failed: failed to intitialize VAAPI connection. (t=0.576573) [GFX1-]: glxtest: VA-API test failed: failed to intitialize VAAPI connection.
JavaScript error: resource://gre/modules/XULStore.jsm, line 68: Error: Can't find profile directory.
JavaScript error: resource://gre/modules/XULStore.jsm, line 68: Error: Can't find profile directory.
JavaScript error: resource://gre/modules/XULStore.jsm, line 68: Error: Can't find profile directory.
JavaScript error: resource://gre/modules/XULStore.jsm, line 68: Error: Can't find profile directory.

<!-- gh-comment-id:1221453181 --> @ghost commented on GitHub (Aug 21, 2022): @glitsj16 I don't have my ethernet plugged in right now (did earlier replying on differnet machine), but tried your command again this is what it says in terminal in background: Reading profile /etc/firejail/default.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Warning: networking feature is disbaled in Firejail configuration file ** Note: you can use --noprofile to disable default.profile ** parent pid 6730, child pid 67371 Warning: cannot create a new user namespace, going forward without it... child process initialized in 138.28 ms Crash Annotation GraphicsCriticalError: | [0] [GFX1-]: glxtest: VA-API test failed: failed to intitialize VAAPI connection. (t=0.576573) [GFX1-]: glxtest: VA-API test failed: failed to intitialize VAAPI connection. JavaScript error: resource://gre/modules/XULStore.jsm, line 68: Error: Can't find profile directory. JavaScript error: resource://gre/modules/XULStore.jsm, line 68: Error: Can't find profile directory. JavaScript error: resource://gre/modules/XULStore.jsm, line 68: Error: Can't find profile directory. JavaScript error: resource://gre/modules/XULStore.jsm, line 68: Error: Can't find profile directory.
gitea-mirror commented 2026-05-05 09:37:18 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Aug 21, 2022):

Let's double-check if firecfg created the needed symlinks for Librewolf correctly. Is /usr/bin/librewolf a symlink to /usr/share/librewolf/librewolf? Do you have a /usr/local/bin/librewolf pointing to /usr/bin/firejail?

$ stat /usr/bin/librewolf
$ stat /usr/local/bin/librewolf

Reading profile /etc/firejail/default.profile
[...]

Based on your posted output firejail is using the wrong profile (default.profile). Try adding the librewolf one explicitly:

$ firejail --ignore=quiet --profile=librewolf /usr/share/librewolf/librewolf
<!-- gh-comment-id:1221471861 --> @ghost commented on GitHub (Aug 21, 2022): Let's double-check if firecfg created the needed symlinks for Librewolf correctly. Is /usr/bin/librewolf a symlink to /usr/share/librewolf/librewolf? Do you have a /usr/local/bin/librewolf pointing to /usr/bin/firejail? ``` $ stat /usr/bin/librewolf $ stat /usr/local/bin/librewolf ``` > Reading profile /etc/firejail/default.profile [...] Based on your posted output firejail is using the wrong profile (default.profile). Try adding the librewolf one explicitly: ``` $ firejail --ignore=quiet --profile=librewolf /usr/share/librewolf/librewolf ```
gitea-mirror commented 2026-05-05 09:37:19 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Aug 28, 2022):

First, use the bug report template if you have a bug. Second, mention your firejail version.

We have fixes for librewolf.profile which might no be in Debian stable, so can you try to install firejail from backports.

<!-- gh-comment-id:1229541751 --> @rusty-snake commented on GitHub (Aug 28, 2022): First, use the bug report template if you have a bug. Second, mention your firejail version. We have fixes for librewolf.profile which might no be in Debian stable, so can you try to install firejail from backports.
gitea-mirror commented 2026-05-05 09:37:20 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Aug 28, 2022):

Also see #4899.

<!-- gh-comment-id:1229541993 --> @rusty-snake commented on GitHub (Aug 28, 2022): Also see #4899.
gitea-mirror commented 2026-05-05 09:37:21 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Sep 21, 2022):

@rusty-snake

So I uninstalled and then reinstalled firejail. Still wouldn't work so I looked for the latest librewolf.profile and compared the profile obviously not the same. I have Backports repo enabled in apt sources not sure why it didn't pull/install from there?

Anyway I just copied the .profile into mine with nano. Now Firejail is working with librewolf when launcing via commandline and by editing the exec= path in of the librewolf.desktop in applications.

<!-- gh-comment-id:1253169955 --> @ghost commented on GitHub (Sep 21, 2022): @rusty-snake So I uninstalled and then reinstalled firejail. Still wouldn't work so I looked for the latest [`librewolf.profile`](https://github.com/netblue30/firejail/blob/master/etc/profile-a-l/librewolf.profile) and compared the profile obviously not the same. I have *Backports* repo enabled in apt sources not sure why it didn't pull/install from there? Anyway I just copied the [`.profile`](https://github.com/netblue30/firejail/blob/master/etc/profile-a-l/librewolf.profile) into mine with nano. Now Firejail is working with librewolf when launcing via commandline and by editing the `exec=` path in of the `librewolf.desktop` in applications.
gitea-mirror commented 2026-05-05 09:37:22 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Sep 21, 2022):

I have Backports repo enabled in apt sources not sure why it didn't pull/install from there?

Because that's not how backports work. You need to explicitly tell it to use backports.

<!-- gh-comment-id:1253853752 --> @rusty-snake commented on GitHub (Sep 21, 2022): > I have Backports repo enabled in apt sources not sure why it didn't pull/install from there? Because that's not how backports work. You need to explicitly tell it to use backports.
gitea-mirror commented 2026-05-05 09:37:22 -06:00
Author
Owner
Copy link

@mYnDstrEAm commented on GitHub (Oct 18, 2022):

These are the kind of problems why I suggested bundling Librewolf with firejail so if you install it, firejail is installed as well and the launcher already has firejail set, the profile is up-to-date, its well-supported and any problems are already or quickly solved.

One may need to wait for things to go from backports into the main repo before that can happen and there may be some other difficulties. If it gets implemented, Librewolf could add "sandboxed" to one of its key features.

Issue here: https://gitlab.com/librewolf-community/browser/linux/-/issues/282

<!-- gh-comment-id:1282158579 --> @mYnDstrEAm commented on GitHub (Oct 18, 2022): These are the kind of problems why I suggested bundling Librewolf with firejail so if you install it, firejail is installed as well and the launcher already has firejail set, the profile is up-to-date, its well-supported and any problems are already or quickly solved. One may need to wait for things to go from backports into the main repo before that can happen and there may be some other difficulties. If it gets implemented, Librewolf could add "sandboxed" to one of its key features. Issue here: https://gitlab.com/librewolf-community/browser/linux/-/issues/282
gitea-mirror commented 2026-05-05 09:37:23 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Oct 30, 2022):

I'm closing here due to inactivity, please fell free to request to reopen if you still have this issue.

<!-- gh-comment-id:1296294166 --> @rusty-snake commented on GitHub (Oct 30, 2022): I'm closing here due to inactivity, please fell free to request to reopen if you still have this issue.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#2957
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?