github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #718] thunderbird use "wrong" pdf viewer #488

New issue

Closed

opened 2026-05-05 05:57:26 -06:00 by gitea-mirror · 6 comments

gitea-mirror commented

2026-05-05 05:57:26 -06:00

Owner

Originally created by @frank-github on GitHub (Aug 15, 2016).
Original GitHub issue: https://github.com/netblue30/firejail/issues/718

after running thunderbird started by firejail version 0.9.40

Redirecting symlink to /usr/bin/thunderbird
Reading profile /etc/firejail/thunderbird.profile
Reading profile /etc/firejail/firefox.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/whitelist-common.inc
Parent pid 1900, child pid 1901
Blacklist violations are logged to syslog

I can't view attached pdf files by double click or "open", because thunderbird is not using my preferred pdf viewer anymore. It's starting the ubuntu default pdf viewer evince with the first part of pdf file name (white space in original name like "my test.pdf"

Found in syslog
Aug 16 01:16:24 ubuntu kernel: [228493.464107] audit: type=1400 audit(1471302984.440:780): apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/etc/ld.so.preload" pid=1512 comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Aug 16 01:16:24 ubuntu kernel: [228493.638309] audit: type=1400 audit(1471302984.616:781): apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/etc/xfce4/defaults.list" pid=1512 comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

anything to do with my problem? not sure, /etc/xfce4/default.list is empty

If I start thunderbird without firejail everything works fine.

any hints and tips are welcome how to config firejail, that thunderbird is using my preferred applications for attached files.

Originally created by @frank-github on GitHub (Aug 15, 2016). Original GitHub issue: https://github.com/netblue30/firejail/issues/718 after running thunderbird started by firejail version 0.9.40 > Redirecting symlink to /usr/bin/thunderbird > Reading profile /etc/firejail/thunderbird.profile > Reading profile /etc/firejail/firefox.profile > Reading profile /etc/firejail/disable-common.inc > Reading profile /etc/firejail/disable-programs.inc > Reading profile /etc/firejail/disable-devel.inc > Reading profile /etc/firejail/whitelist-common.inc > Parent pid 1900, child pid 1901 > Blacklist violations are logged to syslog I can't view attached pdf files by double click or "open", because thunderbird is not using my preferred pdf viewer anymore. It's starting the ubuntu default pdf viewer evince with the first part of pdf file name (white space in original name like "my test.pdf" Found in syslog Aug 16 01:16:24 ubuntu kernel: [228493.464107] audit: type=1400 audit(1471302984.440:780): apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/etc/ld.so.preload" pid=1512 comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Aug 16 01:16:24 ubuntu kernel: [228493.638309] audit: type=1400 audit(1471302984.616:781): apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/etc/xfce4/defaults.list" pid=1512 comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 anything to do with my problem? not sure, /etc/xfce4/default.list is empty If I start thunderbird without firejail everything works fine. any hints and tips are welcome how to config firejail, that thunderbird is using my preferred applications for attached files.

gitea-mirror

2026-05-05 05:57:26 -06:00

closed this issue
added the
information_old
label

gitea-mirror commented

2026-05-05 05:57:30 -06:00

Author

Owner

@frank-github commented on GitHub (Aug 16, 2016):

tried it with private-Option: private /home/myuser

now my favourite pdf viewer is started, but with wrong file-name, splitted at white space

@frank-github commented on GitHub (Aug 16, 2016): tried it with private-Option: private /home/myuser now my favourite pdf viewer is started, but with wrong file-name, splitted at white space

gitea-mirror commented

2026-05-05 05:57:33 -06:00

Author

Owner

@netblue30 commented on GitHub (Aug 17, 2016):

The two audit messages you printed above are from AppArmor, and I would say the messages are normal. I assume you are on a Ubuntu platform - they have all kind of bugs in AppArmor, but in the end, evince manages to start.

now my favourite pdf viewer is started, but with wrong file-name, splitted at white space

I think this is already fixed in the version here on github.

Thunderbird profile is a whitelisted profile, and allows access only to firefox and thunderbird configuration files. Evince will not find its own config files, and many things will go wrong. Do the following test - in a terminal start thunderbird as follows:

$ firejail --noprofile thunderbird

If this is working fine, we can go ahead and build a special profile.

@netblue30 commented on GitHub (Aug 17, 2016): The two audit messages you printed above are from AppArmor, and I would say the messages are normal. I assume you are on a Ubuntu platform - they have all kind of bugs in AppArmor, but in the end, evince manages to start. > now my favourite pdf viewer is started, but with wrong file-name, splitted at white space I think this is already fixed in the version here on github. Thunderbird profile is a whitelisted profile, and allows access only to firefox and thunderbird configuration files. Evince will not find its own config files, and many things will go wrong. Do the following test - in a terminal start thunderbird as follows: ``` $ firejail --noprofile thunderbird ``` If this is working fine, we can go ahead and build a special profile.

gitea-mirror commented

2026-05-05 05:57:36 -06:00

Author

Owner

@manevich commented on GitHub (Aug 17, 2016):

@netblue30

now my favourite pdf viewer is started, but with wrong file-name, splitted at white space

I think this is already fixed in the version here on github.

I suspect it is not, at least in cf70d33717, this is probably same as one of problems I working on now:
first: firejail firejail cat filename\ with\ spaces results in

cat: filename: No such file or directory
cat: with: No such file or directory
cat: spaces: No such file or directory

second: no --shell options honored firejail --shell=/bin/sh firejail --shell=/bin/sh will start bash.
Fix for first problem almost ready. If nothing nasty comes up, I will send pull request today.

@manevich commented on GitHub (Aug 17, 2016): @netblue30 > > now my favourite pdf viewer is started, but with wrong file-name, splitted at white space > > I think this is already fixed in the version here on github. I suspect it is not, at least in https://github.com/netblue30/firejail/commit/cf70d33717a94af25ae250f0cf5ebda1f38bd27c, this is probably same as one of problems I working on now: first: `firejail firejail cat filename\ with\ spaces` results in ``` cat: filename: No such file or directory cat: with: No such file or directory cat: spaces: No such file or directory ``` second: no `--shell` options honored `firejail --shell=/bin/sh firejail --shell=/bin/sh` will start bash. Fix for first problem almost ready. If nothing nasty comes up, I will send pull request today.

gitea-mirror commented

2026-05-05 05:57:38 -06:00

Author

Owner

@frank-github commented on GitHub (Aug 18, 2016):

@manevich
yes, this is exactly my space problem 👍

@netblue30
starting with --noprofile had the exact same result as

tried it with private-Option: private /home/myuser
now my favourite pdf viewer is started, but with wrong file-name, splitted at white space

@frank-github commented on GitHub (Aug 18, 2016): @manevich yes, this is exactly my space problem :+1: @netblue30 starting with --noprofile had the exact same result as > tried it with private-Option: private /home/myuser > now my favourite pdf viewer is started, but with wrong file-name, splitted at white space

gitea-mirror commented

2026-05-05 05:57:40 -06:00

Author

Owner

@frank-github commented on GitHub (Aug 19, 2016):

@netblue30
#729 is adressing "space problem"
in this issue we had two problems, "space" and "wrong application started"
is last one fixed too ?

@frank-github commented on GitHub (Aug 19, 2016): @netblue30 #729 is adressing "space problem" in this issue we had two problems, "space" and "wrong application started" is last one fixed too ?

gitea-mirror commented

2026-05-05 05:57:42 -06:00

Author

Owner

@netblue30 commented on GitHub (Aug 20, 2016):

I have no idea, give it a try. I think the "space problem" is fixed.

@netblue30 commented on GitHub (Aug 20, 2016): I have no idea, give it a try. I think the "space problem" is fixed.

gitea-mirror referenced this issue

2026-05-05 10:05:14 -06:00

[PR #488] [MERGED] Fixes for ls.exp and trace.exp #3642

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#488

No description provided.

Rows
Columns