[GH-ISSUE #6461] vscodium: missing profile redirect for codium #3284

New issue

Closed

opened 2026-05-05 09:53:22 -06:00 by gitea-mirror · 11 comments

gitea-mirror commented 2026-05-05 09:53:22 -06:00

Owner

Copy link

Originally created by @MiltiadisKoutsokeras on GitHub (Sep 3, 2024).
Original GitHub issue: https://github.com/netblue30/firejail/issues/6461

Is your feature request related to a problem? Please describe.

Firejail does not contain a profile to support the latest VSCodium in the apt package of Debian 11.

Describe the solution you'd like

I would like the Firejail installation to contain a profile that supports the latest VSCodium, as it does with past versions in files:

• /etc/firejail/code-oss.profile
• /etc/firejail/vscodium.profile

Describe alternatives you've considered

It would be possible to create a local custom file for latest VSCodium version but the program details have changed from the previous versions (whitelisted direcotries, privileges, etc.).

Originally created by @MiltiadisKoutsokeras on GitHub (Sep 3, 2024). Original GitHub issue: https://github.com/netblue30/firejail/issues/6461 ### Is your feature request related to a problem? Please describe. Firejail does not contain a profile to support the latest [VSCodium](https://vscodium.com/) in the apt package of Debian 11. ### Describe the solution you'd like I would like the Firejail installation to contain a profile that supports the latest VSCodium, as it does with past versions in files: - /etc/firejail/code-oss.profile - /etc/firejail/vscodium.profile ### Describe alternatives you've considered It would be possible to create a local custom file for latest VSCodium version but the program details have changed from the previous versions (whitelisted direcotries, privileges, etc.).

gitea-mirror 2026-05-05 09:53:22 -06:00

• closed this issue
• added the
  duplicate
  old-version
  labels

gitea-mirror commented 2026-05-05 09:53:24 -06:00

Author

Owner

Copy link

@kmk3 commented on GitHub (Sep 3, 2024):

Basic debugging information is missing; please follow the bug report template:

• https://github.com/netblue30/firejail/issues/new?template=bug_report.md

<!-- gh-comment-id:2327158601 --> @kmk3 commented on GitHub (Sep 3, 2024): Basic debugging information is missing; please follow the bug report template: * <https://github.com/netblue30/firejail/issues/new?template=bug_report.md>

gitea-mirror commented 2026-05-05 09:53:25 -06:00

Author

Owner

Copy link

@MiltiadisKoutsokeras commented on GitHub (Sep 4, 2024):

I would happily do that, but it is not a BUG. It is a feature request to provide a profile for the latest version of a program.

<!-- gh-comment-id:2328009556 --> @MiltiadisKoutsokeras commented on GitHub (Sep 4, 2024): I would happily do that, but it is not a BUG. It is a feature request to provide a profile for the latest version of a program.

gitea-mirror commented 2026-05-05 09:53:26 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Sep 4, 2024):

Moved

<!-- gh-comment-id:2328080455 --> @rusty-snake commented on GitHub (Sep 4, 2024): Moved

gitea-mirror commented 2026-05-05 09:53:27 -06:00

Author

Owner

Copy link

@MiltiadisKoutsokeras commented on GitHub (Sep 4, 2024):

Thanks, you can close this.

<!-- gh-comment-id:2328153727 --> @MiltiadisKoutsokeras commented on GitHub (Sep 4, 2024): Thanks, you can close this.

gitea-mirror commented 2026-05-05 09:53:27 -06:00

Author

Owner

Copy link

@kmk3 commented on GitHub (Sep 4, 2024):

I would happily do that, but it is not a BUG. It is a feature request to
provide a profile for the latest version of a program.

Profiles are generally not separated by program versions (with limited
exceptions for new major versions of certain programs), they are created based
on the name of the executable.

Is there a new executable name for vscodium?

If not, there already exists a profile for vscodium and it either works
properly or it doesn't.

If it doesn't work, it's a bug.

the program details have changed from the previous versions (whitelisted
direcotries, privileges, etc.).

Which directories and privileges?

In what version of vscodium did they change?

<!-- gh-comment-id:2328824473 --> @kmk3 commented on GitHub (Sep 4, 2024): > I would happily do that, but it is not a BUG. It is a feature request to > provide a profile for the latest version of a program. Profiles are generally not separated by program versions (with limited exceptions for new major versions of certain programs), they are created based on the name of the executable. Is there a new executable name for vscodium? If not, there already exists a profile for vscodium and it either works properly or it doesn't. If it doesn't work, it's a bug. > the program details have changed from the previous versions (whitelisted > direcotries, privileges, etc.). Which directories and privileges? In what version of vscodium did they change?

gitea-mirror commented 2026-05-05 09:53:28 -06:00

Author

Owner

Copy link

@MiltiadisKoutsokeras commented on GitHub (Sep 4, 2024):

Profiles are generally not separated by program versions (with limited exceptions for new major versions of certain programs), they are created based on the name of the executable.

Is there a new executable name for vscodium?

The executable is renamed to codium so none of the provided profiles match (even if they did, the contents would not apply).

If it doesn't work, it's a bug.

Well then it is a BUG.

Which directories and privileges?

If I had a complete list for those, I would happily create and share the profile. You have to communicate with the developers for that.

In what version of vscodium did they change?

Unfortunately I do not know this, I realized that firejail did not apply a profile recently while researching another issue.

<!-- gh-comment-id:2328904021 --> @MiltiadisKoutsokeras commented on GitHub (Sep 4, 2024): > Profiles are generally not separated by program versions (with limited exceptions for new major versions of certain programs), they are created based on the name of the executable. > > Is there a new executable name for vscodium? The executable is renamed to `codium` so none of the provided profiles match (even if they did, the contents would not apply). > If it doesn't work, it's a bug. Well then it is a BUG. > Which directories and privileges? If I had a complete list for those, I would happily create and share the profile. You have to communicate with the developers for that. > In what version of vscodium did they change? Unfortunately I do not know this, I realized that firejail did not apply a profile recently while researching another issue.

gitea-mirror commented 2026-05-05 09:53:28 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Sep 4, 2024):

The executable is renamed to codium so none of the provided profiles match

https://github.com/netblue30/firejail/blob/master/etc/profile-a-l/codium.profile added 3 years ago. Also in 897f12dd88/src/firecfg/firecfg.config (L174)

So yes basic debugging information like your firejail version are missing.

<!-- gh-comment-id:2328918937 --> @rusty-snake commented on GitHub (Sep 4, 2024): > The executable is renamed to codium so none of the provided profiles match https://github.com/netblue30/firejail/blob/master/etc/profile-a-l/codium.profile added 3 years ago. Also in https://github.com/netblue30/firejail/blob/897f12dd88c1add667ecb211b61b6126a49c7065/src/firecfg/firecfg.config#L174 So yes basic debugging information like your firejail version are missing.

gitea-mirror commented 2026-05-05 09:53:28 -06:00

Author

Owner

Copy link

@MiltiadisKoutsokeras commented on GitHub (Sep 4, 2024):

Here are my versions:

• Linux distribution and version: Debian 11
• Firejail version (firejail --version): 0.9.64.4

It seems that the package is old enough and includes outdated profiles. I will try to copy the upstream ones. The only profile installed is /etc/firejail/vscodium.profile with contents:

# Firejail profile alias for Visual Studio Code
# This file is overwritten after every install/update

# Persistent local customizations
include vscodium.local

noblacklist ${HOME}/.VSCodium

# Redirect
include code.profile

This is probably something the Debian maintainer should do, so please close the report.

<!-- gh-comment-id:2329016898 --> @MiltiadisKoutsokeras commented on GitHub (Sep 4, 2024): Here are my versions: - Linux distribution and version: Debian 11 - Firejail version (`firejail --version`): 0.9.64.4 It seems that the package is old enough and includes outdated profiles. I will try to copy the upstream ones. The only profile installed is `/etc/firejail/vscodium.profile` with contents: ``` # Firejail profile alias for Visual Studio Code # This file is overwritten after every install/update # Persistent local customizations include vscodium.local noblacklist ${HOME}/.VSCodium # Redirect include code.profile ``` This is probably something the Debian maintainer should do, so please close the report.

gitea-mirror commented 2026-05-05 09:53:29 -06:00

Author

Owner

Copy link

@kmk3 commented on GitHub (Sep 4, 2024):

@MiltiadisKoutsokeras on Sep 4:

• Firejail version (firejail --version): 0.9.64.4

Note that we do not maintain that version of firejail:

• https://github.com/netblue30/firejail/blob/master/SECURITY.md

Versions other than the latest usually have outdated profiles and may contain
bugs and security vulnerabilities that were fixed in later versions.

This is probably something the Debian maintainer should do, so please close
the report.

I think it's unlikely to be upgraded on a stable Debian release.

See also the recommended way to install firejail on Debian:

• https://github.com/netblue30/firejail#installing

<!-- gh-comment-id:2329120234 --> @kmk3 commented on GitHub (Sep 4, 2024): @MiltiadisKoutsokeras [on Sep 4](https://github.com/netblue30/firejail/issues/6461#issuecomment-2329016898): > * Firejail version (`firejail --version`): 0.9.64.4 Note that we do not maintain that version of firejail: * <https://github.com/netblue30/firejail/blob/master/SECURITY.md> Versions other than the latest usually have outdated profiles and may contain bugs and security vulnerabilities that were fixed in later versions. > This is probably something the Debian maintainer should do, so please close > the report. I think it's unlikely to be upgraded on a stable Debian release. See also the recommended way to install firejail on Debian: * <https://github.com/netblue30/firejail#installing>

gitea-mirror commented 2026-05-05 09:53:29 -06:00

Author

Owner

Copy link

@kmk3 commented on GitHub (Sep 4, 2024):

Duplicate of #3871

<!-- gh-comment-id:2329122319 --> @kmk3 commented on GitHub (Sep 4, 2024): Duplicate of #3871

gitea-mirror commented 2026-05-05 09:53:30 -06:00

Author

Owner

Copy link

@rusty-snake commented on GitHub (Sep 4, 2024):

I will try to copy the upstream ones.

Does not necessarily work, the profile may use commands unknown by your firejail version or include other profiles you don't have or with wrong content.

<!-- gh-comment-id:2329305145 --> @rusty-snake commented on GitHub (Sep 4, 2024): > I will try to copy the upstream ones. Does not necessarily work, the profile may use commands unknown by your firejail version or include other profiles you don't have or with wrong content.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

serialize_remounts_v2

landlock_v4

landlock

release-0.9.64

release-0.9.62

gitlab_ci

LTSbase

fred_ctests

docs

0.9.80

0.9.80-rc1

0.9.78

0.9.76

0.9.76-rc4

0.9.76-rc3

0.9.76-rc2

0.9.76-rc1

0.9.74

landlock-split

0.9.72

0.9.72rc1

0.9.70

0.9.68

0.9.68rc1

0.9.66

0.9.66rc1

0.9.64.4

0.9.64.2

0.9.64

0.9.64rc1

0.9.62.4

0.9.62.2

0.9.62

0.9.56.2-LTS

0.9.60

0.9.60-rc1

0.9.58.2

0.9.58

0.9.58-rc1

0.9.56-LTS-release

0.9.56-LTS

0.9.56

0.9.56-rc1

0.9.54

0.9.54-rc2

0.9.54-rc1

0.9.52

0.9.38.12

0.9.50

0.9.50-rc1

0.9.48

0.9.46

0.9.46-rc1

0.9.44.10

0.9.44.8

0.9.44.6

0.9.38.10

0.9.44.4

0.9.38.8

0.9.44.2

0.9.44

0.9.44-rc1

0.9.38.4

0.9.42

0.9.42-rc2

0.9.38.2

0.9.42-rc1

disable-globalcfg

0.9.40

0.9.40-rc1

0.9.38

0.9.38-rc1

0.9.36

0.9.36-rc1

0.9.34

0.9.34-rc1

0.9.32

0.9.32-rc1

0.9.30

0.9.30-rc1

Labels

Clear labels   

LTS merge

  

LTS merge

  

bug

  

bug

  

converted-to-discussion

  

doc-todo

  

documentation

  

duplicate

  

enhancement

  

file-transfer

  

firecfg

  

firejail-in-firejail

  

firetools

  

graphics

  

help wanted

  

information_old

  

installation

  

invalid

  

modif

  

moved

  

needinfo

  

networking

  

notabug

  

notourbug

  

old-version

  

overlayfs

  

packaging

  

profile-request

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question_old

  

removal

  

runtime-permissions

  

sandbox-ipc

  

security

  

stale

  

wiki

  

wiki

  

wontfix

  

wordpress

  

workaround

No labels

LTS merge

LTS merge

bug

bug

converted-to-discussion

doc-todo

documentation

duplicate

enhancement

file-transfer

firecfg

firejail-in-firejail

firetools

graphics

help wanted

information_old

installation

invalid

modif

moved

needinfo

networking

notabug

notourbug

old-version

overlayfs

packaging

profile-request

pull-request

question

question_old

removal

runtime-permissions

sandbox-ipc

security

stale

wiki

wiki

wontfix

wordpress

workaround

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#3284

No description provided.