github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #6800] librewolf: cannot open flatpak Zoom via gio #3378

New issue

Open

opened 2026-05-05 09:57:04 -06:00 by gitea-mirror · 4 comments

gitea-mirror commented

2026-05-05 09:57:04 -06:00

Owner

Originally created by @kmk3 on GitHub (Jul 6, 2025).
Original GitHub issue: https://github.com/netblue30/firejail/issues/6800

Discussed in https://github.com/netblue30/firejail/discussions/6799

^{Originally posted by algor512 July 6, 2025}
I run LibreWolf in Firejail using the following command: firejail --whitelist=$XDG_RUNTIME_DIR --appimage librewolf.AppImage with this profile:

dbus-user filter
ignore dbus-user none
dbus-user.own io.gitlab.librewolf.*

However, I cannot open links like zoommtg://; Zoom fails to start, probably because it is being blocked by Firejail:

$ firejail --whitelist=$XDG_RUNTIME_DIR --profile=librewolf sh
$ gio open "zoommtg://zoom.us/join?confno=1234567890&pwd=YourPasswordHere"
F: X11 socket /tmp/.X11-unix/X0 does not exist in filesystem, trying to use abstract socket instead.
F: Can't get document portal mount path
bwrap: Can't mount proc on /newroot/proc: Operation not permitted

(I use flatpak version of Zoom)

Is there any way to fix this?

Originally created by @kmk3 on GitHub (Jul 6, 2025). Original GitHub issue: https://github.com/netblue30/firejail/issues/6800 ### Discussed in https://github.com/netblue30/firejail/discussions/6799 <div type='discussions-op-text'> <sup>Originally posted by **algor512** July 6, 2025</sup> I run LibreWolf in Firejail using the following command: `firejail --whitelist=$XDG_RUNTIME_DIR --appimage librewolf.AppImage` with this profile: ``` dbus-user filter ignore dbus-user none dbus-user.own io.gitlab.librewolf.* ``` However, I cannot open links like zoommtg://; Zoom fails to start, probably because it is being blocked by Firejail: ``` $ firejail --whitelist=$XDG_RUNTIME_DIR --profile=librewolf sh $ gio open "zoommtg://zoom.us/join?confno=1234567890&pwd=YourPasswordHere" F: X11 socket /tmp/.X11-unix/X0 does not exist in filesystem, trying to use abstract socket instead. F: Can't get document portal mount path bwrap: Can't mount proc on /newroot/proc: Operation not permitted ``` (I use flatpak version of Zoom) Is there any way to fix this?</div>

gitea-mirror added the

needinfo

sandbox-ipc

labels 2026-05-05 09:57:04 -06:00

gitea-mirror commented

2026-05-05 09:57:06 -06:00

Author

Owner

@kmk3 commented on GitHub (Jul 6, 2025):

Basic debugging information is missing; please follow the bug report template:

https://github.com/netblue30/firejail/issues/new?template=bug_report.md

@kmk3 commented on GitHub (Jul 6, 2025): Basic debugging information is missing; please follow the bug report template: * <https://github.com/netblue30/firejail/issues/new?template=bug_report.md>

gitea-mirror commented

2026-05-05 09:57:07 -06:00

Author

Owner

@kmk3 commented on GitHub (Jul 6, 2025):

(I use flatpak version of Zoom)

Note that firejail does not support running flatpak programs.

I don't know how gio tries to execute zoom, but it may work if librewolf can
call zoom via dbus.

You can use something like busctl --user or d-feet to check if zoom has a
dbus command to open it then post it in here.

@kmk3 commented on GitHub (Jul 6, 2025): > (I use flatpak version of Zoom) Note that firejail does not support running flatpak programs. I don't know how `gio` tries to execute zoom, but it may work if librewolf can call zoom via dbus. You can use something like `busctl --user` or `d-feet` to check if zoom has a dbus command to open it then post it in here.

gitea-mirror commented

2026-05-05 09:57:08 -06:00

Author

Owner

@algor512 commented on GitHub (Jul 6, 2025):

I use Void Linux (Linux 6.12.35_1 x86_64, glibc), firejail:

firejail version 0.9.74

Compile time support:
        - always force nonewprivs support is disabled
        - AppArmor support is enabled
        - AppImage support is enabled
        - chroot support is enabled
        - D-BUS proxy support is enabled
        - file transfer support is enabled
        - IDS support is disabled
        - Landlock support is enabled
        - networking support is enabled
        - output logging is enabled
        - overlayfs support is disabled
        - private-home support is enabled
        - private-lib support is disabled
        - private-cache and tmpfs as user enabled
        - sandbox check is enabled
        - SELinux support is disabled
        - user namespace support is enabled
        - X11 sandboxing support is enabled

@algor512 commented on GitHub (Jul 6, 2025): I use Void Linux (Linux 6.12.35_1 x86_64, glibc), firejail: ``` firejail version 0.9.74 Compile time support: - always force nonewprivs support is disabled - AppArmor support is enabled - AppImage support is enabled - chroot support is enabled - D-BUS proxy support is enabled - file transfer support is enabled - IDS support is disabled - Landlock support is enabled - networking support is enabled - output logging is enabled - overlayfs support is disabled - private-home support is enabled - private-lib support is disabled - private-cache and tmpfs as user enabled - sandbox check is enabled - SELinux support is disabled - user namespace support is enabled - X11 sandboxing support is enabled ```

gitea-mirror commented

2026-05-05 09:57:09 -06:00

Author

Owner

@algor512 commented on GitHub (Jul 7, 2025):

You can use something like busctl --user or d-feet to check if zoom has a dbus command to open it then post it in here.

It seems that it doesn't have, unfortunately.
However, I think I got an answer to my question: I could create a wrapper that opens Zoom on command in dbus. Thank you!

@algor512 commented on GitHub (Jul 7, 2025): > You can use something like `busctl --user` or `d-feet` to check if zoom has a dbus command to open it then post it in here. It seems that it doesn't have, unfortunately. However, I think I got an answer to my question: I could create a wrapper that opens Zoom on command in dbus. Thank you!

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#3378

No description provided.

Rows
Columns