github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #5716] claws-mail: ClamAV plugin fails with "Permission denied" #3074

New issue
Closed
opened 2026-05-05 09:42:53 -06:00 by gitea-mirror · 7 comments
gitea-mirror commented 2026-05-05 09:42:53 -06:00
Owner
Copy link

Originally created by @marek22k on GitHub (Mar 7, 2023).
Original GitHub issue: https://github.com/netblue30/firejail/issues/5716

Description

Clamav needs access to the virus database in /var/lib/clamav. Accordingly, the ClamAv plugin for Claws-Mail also needs access to it.

Steps to Reproduce

Steps to reproduce the behavior

  1. Install firejail
  2. Install clamav
  3. Run $firejail --profile=/etc/firejail/claws-mail.profile ls /var/lib/clamav

Expected behavior

A list of files in the /var/lib/clamav directory.

Actual behavior

A Permission denied message.

Behavior without a profile

$firejail --noprofile ls /var/lib/clamav
Parent pid 10153, child pid 10154
Child process initialized in 12.61 ms
bytecode.cld  daily.cld  freshclam.dat	main.cvd  tmp.404bb56530  tmp.62cb688442

Parent is shutting down, bye...

Additional context

Adding whitelist /var/lib/clamav/ to /etc/firejail/claws-mail.local didn't help.

Environment

  • Linux distribution and version (e.g. "Ubuntu 20.04" or "Arch Linux")
$lsb_release -a
No LSB modules are available.
Distributor ID:	Parrot
Description:	Parrot OS 5.2 (Electro Ara)
Release:	5.2
Codename:	ara
  • Firejail version (firejail --version).
$firejail --version
firejail version 0.9.72

Compile time support:
	- always force nonewprivs support is disabled
	- AppArmor support is enabled
	- AppImage support is enabled
	- chroot support is enabled
	- D-BUS proxy support is enabled
	- file transfer support is enabled
	- firetunnel support is disabled
	- IDS support is enabled
	- networking support is enabled
	- output logging is enabled
	- overlayfs support is disabled
	- private-home support is enabled
	- private-cache and tmpfs as user enabled
	- SELinux support is enabled
	- user namespace support is enabled
	- X11 sandboxing support is enabled

Checklist

  • The issues is caused by firejail (i.e. running the program by path (e.g. /usr/bin/vlc) "fixes" it).
  • I can reproduce the issue without custom modifications (e.g. globals.local).
  • The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
  • I have performed a short search for similar issues (to avoid opening a duplicate).
  • I used --profile=PROFILENAME to set the right profile. (Only relevant for AppImages)

Log

Output of LC_ALL=C firejail /path/to/program 

$LC_ALL=C firejail --profile=/etc/firejail/claws-mail.profile ls /var/lib/clamav
Reading profile /etc/firejail/claws-mail.profile
Reading profile /etc/firejail/claws-mail.local
Reading profile /etc/firejail/allow-ruby.inc
Reading profile /etc/firejail/email-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Ignoring "dbus-user.talk ca.desrt.dconf" and 5 other dbus-user filter rules.
Parent pid 10704, child pid 10705
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: skipping crypto-policies for private /etc
Warning: skipping gcrypt for private /etc
Warning: skipping gnupg for private /etc
Warning: skipping groups for private /etc
Warning: skipping hosts.conf for private /etc
Warning: skipping pki for private /etc
Private /etc installed in 45.77 ms
Private /usr/etc installed in 0.00 ms
Child process initialized in 227.72 ms
ls: cannot open directory '/var/lib/clamav': Permission denied

Parent is shutting down, bye...

Output of LC_ALL=C firejail --debug /path/to/program

https://gist.github.com/marek22k/874cb73f823ddb046be72b7023d8563f

Originally created by @marek22k on GitHub (Mar 7, 2023). Original GitHub issue: https://github.com/netblue30/firejail/issues/5716 <!-- See the following links for help with formatting: https://guides.github.com/features/mastering-markdown/ https://docs.github.com/en/github/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax --> ### Description Clamav needs access to the virus database in `/var/lib/clamav`. Accordingly, the ClamAv plugin for Claws-Mail also needs access to it. ### Steps to Reproduce _Steps to reproduce the behavior_ 1. Install firejail 2. Install clamav 3. Run `$firejail --profile=/etc/firejail/claws-mail.profile ls /var/lib/clamav` ### Expected behavior A list of files in the `/var/lib/clamav` directory. ### Actual behavior A `Permission denied` message. ### Behavior without a profile ``` $firejail --noprofile ls /var/lib/clamav Parent pid 10153, child pid 10154 Child process initialized in 12.61 ms bytecode.cld daily.cld freshclam.dat main.cvd tmp.404bb56530 tmp.62cb688442 Parent is shutting down, bye... ``` ### Additional context Adding `whitelist /var/lib/clamav/` to `/etc/firejail/claws-mail.local` didn't help. ### Environment - Linux distribution and version (e.g. "Ubuntu 20.04" or "Arch Linux") ``` $lsb_release -a No LSB modules are available. Distributor ID: Parrot Description: Parrot OS 5.2 (Electro Ara) Release: 5.2 Codename: ara ``` - Firejail version (`firejail --version`). ``` $firejail --version firejail version 0.9.72 Compile time support: - always force nonewprivs support is disabled - AppArmor support is enabled - AppImage support is enabled - chroot support is enabled - D-BUS proxy support is enabled - file transfer support is enabled - firetunnel support is disabled - IDS support is enabled - networking support is enabled - output logging is enabled - overlayfs support is disabled - private-home support is enabled - private-cache and tmpfs as user enabled - SELinux support is enabled - user namespace support is enabled - X11 sandboxing support is enabled ``` ### Checklist <!-- Note: Items are checked with an "x", like so: - [x] This is a checked item. --> - [X] The issues is caused by firejail (i.e. running the program by path (e.g. `/usr/bin/vlc`) "fixes" it). - [X] I can reproduce the issue without custom modifications (e.g. globals.local). - [X] The program has a profile. (If not, request one in `https://github.com/netblue30/firejail/issues/1139`) - [X] I have performed a short search for similar issues (to avoid opening a duplicate). - [X] I used `--profile=PROFILENAME` to set the right profile. (Only relevant for AppImages) ### Log <details> <summary>Output of <code>LC_ALL=C firejail /path/to/program</code></summary> <p> ``` $LC_ALL=C firejail --profile=/etc/firejail/claws-mail.profile ls /var/lib/clamav Reading profile /etc/firejail/claws-mail.profile Reading profile /etc/firejail/claws-mail.local Reading profile /etc/firejail/allow-ruby.inc Reading profile /etc/firejail/email-common.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-runuser-common.inc Reading profile /etc/firejail/whitelist-usr-share-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: networking feature is disabled in Firejail configuration file Ignoring "dbus-user.talk ca.desrt.dconf" and 5 other dbus-user filter rules. Parent pid 10704, child pid 10705 Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: skipping crypto-policies for private /etc Warning: skipping gcrypt for private /etc Warning: skipping gnupg for private /etc Warning: skipping groups for private /etc Warning: skipping hosts.conf for private /etc Warning: skipping pki for private /etc Private /etc installed in 45.77 ms Private /usr/etc installed in 0.00 ms Child process initialized in 227.72 ms ls: cannot open directory '/var/lib/clamav': Permission denied Parent is shutting down, bye... ``` </p> </details> <details> <summary>Output of <code>LC_ALL=C firejail --debug /path/to/program</code></summary> <p> https://gist.github.com/marek22k/874cb73f823ddb046be72b7023d8563f </p> </details>
gitea-mirror commented 2026-05-05 09:42:56 -06:00
Author
Owner
Copy link

@marek22k commented on GitHub (Mar 7, 2023):

Does anyone know a workaround? The profile clamav.profile seems to work for example.

<!-- gh-comment-id:1457727873 --> @marek22k commented on GitHub (Mar 7, 2023): Does anyone know a workaround? The profile `clamav.profile` seems to work for example.
gitea-mirror commented 2026-05-05 09:42:56 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Mar 7, 2023):

Adding whitelist /var/lib/clamav/ to /etc/firejail/claws-mail.local didn't help.

In cases like this it helps to do a search for 'clamav' under /etc/firejail. That would reveal disable-common.inc blacklists /var/lib/clamav:

1f5f84f959/etc/inc/disable-common.inc (L234)

TL;DR you need to override that via noblacklist /var/lib/clamav.

<!-- gh-comment-id:1457853086 --> @ghost commented on GitHub (Mar 7, 2023): > Adding whitelist /var/lib/clamav/ to /etc/firejail/claws-mail.local didn't help. In cases like this it helps to do a search for 'clamav' under /etc/firejail. That would reveal disable-common.inc blacklists /var/lib/clamav: https://github.com/netblue30/firejail/blob/1f5f84f9596ba7d26c2f2e35dad7728e12afaec9/etc/inc/disable-common.inc#L234 TL;DR you need to override that via `noblacklist /var/lib/clamav`.
gitea-mirror commented 2026-05-05 09:42:57 -06:00
Author
Owner
Copy link

@marek22k commented on GitHub (Mar 7, 2023):

That also does not work:

$firejail --profile=/etc/firejail/claws-mail.profile ls /var/lib/clamav
Reading profile /etc/firejail/claws-mail.profile
Reading profile /etc/firejail/claws-mail.local
Reading profile /etc/firejail/allow-ruby.inc
Reading profile /etc/firejail/email-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Ignoring "dbus-user.talk ca.desrt.dconf" and 5 other dbus-user filter rules.
Parent pid 20899, child pid 20900
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: skipping crypto-policies for private /etc
Warning: skipping gcrypt for private /etc
Warning: skipping gnupg for private /etc
Warning: skipping groups for private /etc
Warning: skipping hosts.conf for private /etc
Warning: skipping pki for private /etc
Private /etc installed in 182.09 ms
Private /usr/etc installed in 0.00 ms
Child process initialized in 447.87 ms
ls: cannot access '/var/lib/clamav': No such file or directory

Parent is shutting down, bye...
<!-- gh-comment-id:1457858970 --> @marek22k commented on GitHub (Mar 7, 2023): That also does not work: ``` $firejail --profile=/etc/firejail/claws-mail.profile ls /var/lib/clamav Reading profile /etc/firejail/claws-mail.profile Reading profile /etc/firejail/claws-mail.local Reading profile /etc/firejail/allow-ruby.inc Reading profile /etc/firejail/email-common.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-runuser-common.inc Reading profile /etc/firejail/whitelist-usr-share-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: networking feature is disabled in Firejail configuration file Ignoring "dbus-user.talk ca.desrt.dconf" and 5 other dbus-user filter rules. Parent pid 20899, child pid 20900 Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: skipping crypto-policies for private /etc Warning: skipping gcrypt for private /etc Warning: skipping gnupg for private /etc Warning: skipping groups for private /etc Warning: skipping hosts.conf for private /etc Warning: skipping pki for private /etc Private /etc installed in 182.09 ms Private /usr/etc installed in 0.00 ms Child process initialized in 447.87 ms ls: cannot access '/var/lib/clamav': No such file or directory Parent is shutting down, bye... ```
gitea-mirror commented 2026-05-05 09:42:59 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Mar 7, 2023):

That also does not work:
$ firejail --profile=/etc/firejail/claws-mail.profile ls /var/lib/clamav
[...]

$ ls /var/lib/clamav
foo

$ firejail --quiet --noblacklist=/var/lib/clamav --whitelist=/var/lib/clamav --profile=claws-mail ls /var/lib/clamav
foo

WFM (with a test file /var/lib/clamav/foo). You need both, like what's done for /var/mail in email-common.profile.

<!-- gh-comment-id:1457875466 --> @ghost commented on GitHub (Mar 7, 2023): > That also does not work: $ firejail --profile=/etc/firejail/claws-mail.profile ls /var/lib/clamav [...] ```console $ ls /var/lib/clamav foo ``` ```console $ firejail --quiet --noblacklist=/var/lib/clamav --whitelist=/var/lib/clamav --profile=claws-mail ls /var/lib/clamav foo ``` WFM (with a test file /var/lib/clamav/foo). You need both, like what's done for /var/mail in email-common.profile.
gitea-mirror commented 2026-05-05 09:43:00 -06:00
Author
Owner
Copy link

@marek22k commented on GitHub (Mar 7, 2023):

$ ls /var/lib/clamav
bytecode.cld  freshclam.dat  tmp.404bb56530
daily.cld     main.cvd       tmp.62cb688442
$ firejail --quiet --noblacklist=/var/lib/clamav --whitelist=/var/lib/clamav --profile=claws-mail ls /var/lib/clamav
bytecode.cld  freshclam.dat  tmp.404bb56530
daily.cld     main.cvd	     tmp.62cb688442

Mhh, that works.

<!-- gh-comment-id:1457890370 --> @marek22k commented on GitHub (Mar 7, 2023): ``` $ ls /var/lib/clamav bytecode.cld freshclam.dat tmp.404bb56530 daily.cld main.cvd tmp.62cb688442 $ firejail --quiet --noblacklist=/var/lib/clamav --whitelist=/var/lib/clamav --profile=claws-mail ls /var/lib/clamav bytecode.cld freshclam.dat tmp.404bb56530 daily.cld main.cvd tmp.62cb688442 ``` Mhh, that works.
gitea-mirror commented 2026-05-05 09:43:01 -06:00
Author
Owner
Copy link

@marek22k commented on GitHub (Mar 7, 2023):

Claws Mail also needs access to the Clamd Socket:

$firejail --profile=claws-mail file /var/run/clamav/clamd.ctl
Reading profile /etc/firejail/claws-mail.profile
Reading profile /etc/firejail/claws-mail.local
Reading profile /etc/firejail/allow-ruby.inc
Reading profile /etc/firejail/email-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Ignoring "dbus-user.talk ca.desrt.dconf" and 5 other dbus-user filter rules.
Parent pid 31479, child pid 31480
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: skipping crypto-policies for private /etc
Warning: skipping gcrypt for private /etc
Warning: skipping gnupg for private /etc
Warning: skipping groups for private /etc
Warning: skipping hosts.conf for private /etc
Warning: skipping pki for private /etc
Private /etc installed in 247.68 ms
Private /usr/etc installed in 0.00 ms
Child process initialized in 974.33 ms
/var/run/clamav/clamd.ctl: cannot open `/var/run/clamav/clamd.ctl' (No such file or directory)

Parent is shutting down, bye...

$firejail --noprofile file /var/run/clamav/clamd.ctl
Parent pid 31594, child pid 31595
Child process initialized in 5.35 ms
/var/run/clamav/clamd.ctl: socket

Parent is shutting down, bye...

Works with --whitelist=/var/run/clamav/clamd.ctl.

<!-- gh-comment-id:1457922166 --> @marek22k commented on GitHub (Mar 7, 2023): Claws Mail also needs access to the Clamd Socket: ``` $firejail --profile=claws-mail file /var/run/clamav/clamd.ctl Reading profile /etc/firejail/claws-mail.profile Reading profile /etc/firejail/claws-mail.local Reading profile /etc/firejail/allow-ruby.inc Reading profile /etc/firejail/email-common.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-runuser-common.inc Reading profile /etc/firejail/whitelist-usr-share-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: networking feature is disabled in Firejail configuration file Ignoring "dbus-user.talk ca.desrt.dconf" and 5 other dbus-user filter rules. Parent pid 31479, child pid 31480 Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: skipping crypto-policies for private /etc Warning: skipping gcrypt for private /etc Warning: skipping gnupg for private /etc Warning: skipping groups for private /etc Warning: skipping hosts.conf for private /etc Warning: skipping pki for private /etc Private /etc installed in 247.68 ms Private /usr/etc installed in 0.00 ms Child process initialized in 974.33 ms /var/run/clamav/clamd.ctl: cannot open `/var/run/clamav/clamd.ctl' (No such file or directory) Parent is shutting down, bye... ``` ``` $firejail --noprofile file /var/run/clamav/clamd.ctl Parent pid 31594, child pid 31595 Child process initialized in 5.35 ms /var/run/clamav/clamd.ctl: socket Parent is shutting down, bye... ``` Works with `--whitelist=/var/run/clamav/clamd.ctl`.
gitea-mirror commented 2026-05-05 09:43:02 -06:00
Author
Owner
Copy link

@marek22k commented on GitHub (Mar 7, 2023):

ClamAv also needs access to its configuration file: /etc/clamav/clamd.conf
This results in a warning in claws mail:

/etc/clamav/clamd.conf: Unable to open
clamd will be disabled

$firejail --noblacklist=/etc/clamav/clamd.conf --whitelist=/etc/clamav/clamd.conf --profile=claws-mail file /etc/clamav/clamd.conf
Reading profile /etc/firejail/claws-mail.profile
Reading profile /etc/firejail/claws-mail.local
Reading profile /etc/firejail/allow-ruby.inc
Reading profile /etc/firejail/email-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Ignoring "dbus-user.talk ca.desrt.dconf" and 5 other dbus-user filter rules.
Parent pid 36631, child pid 36632
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: skipping crypto-policies for private /etc
Warning: skipping gcrypt for private /etc
Warning: skipping gnupg for private /etc
Warning: skipping groups for private /etc
Warning: skipping hosts.conf for private /etc
Warning: skipping pki for private /etc
Private /etc installed in 71.88 ms
Private /usr/etc installed in 0.00 ms
Child process initialized in 304.69 ms
/etc/clamav/clamd.conf: cannot open `/etc/clamav/clamd.conf' (No such file or directory)

Parent is shutting down, bye...
<!-- gh-comment-id:1457932602 --> @marek22k commented on GitHub (Mar 7, 2023): ClamAv also needs access to its configuration file: `/etc/clamav/clamd.conf` This results in a warning in claws mail: ``` /etc/clamav/clamd.conf: Unable to open clamd will be disabled ``` ``` $firejail --noblacklist=/etc/clamav/clamd.conf --whitelist=/etc/clamav/clamd.conf --profile=claws-mail file /etc/clamav/clamd.conf Reading profile /etc/firejail/claws-mail.profile Reading profile /etc/firejail/claws-mail.local Reading profile /etc/firejail/allow-ruby.inc Reading profile /etc/firejail/email-common.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-runuser-common.inc Reading profile /etc/firejail/whitelist-usr-share-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: networking feature is disabled in Firejail configuration file Ignoring "dbus-user.talk ca.desrt.dconf" and 5 other dbus-user filter rules. Parent pid 36631, child pid 36632 Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: skipping crypto-policies for private /etc Warning: skipping gcrypt for private /etc Warning: skipping gnupg for private /etc Warning: skipping groups for private /etc Warning: skipping hosts.conf for private /etc Warning: skipping pki for private /etc Private /etc installed in 71.88 ms Private /usr/etc installed in 0.00 ms Child process initialized in 304.69 ms /etc/clamav/clamd.conf: cannot open `/etc/clamav/clamd.conf' (No such file or directory) Parent is shutting down, bye... ```
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#3074
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?