github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #116] Unable to use ibus-daemon in firejail #75

New issue
Closed
opened 2026-05-05 04:57:27 -06:00 by gitea-mirror · 50 comments
gitea-mirror commented 2026-05-05 04:57:27 -06:00
Owner
Copy link

Originally created by @pyamsoft on GitHub (Nov 3, 2015).
Original GitHub issue: https://github.com/netblue30/firejail/issues/116

The ibus-daemon is used to change the languages on the system. For example, on my personal machine running Arch Linux 64bit using firejail 0.9.34-rc1, I use ibus to switch between English (US) input and Japanese inputs.

When not running in firejail, programs such as MousePad and rxvt-unicode for example will respect the current ibus language and type in either Japanese or English.

However, when running an application in firejail, because the ibus-daemon is not also running in the jail, and the jailed program has no way of talking to the rest of the processes running on the machine, programs such as Mousepad and Chromium do not properly switch inputs using the ibus-daemon.

Steps to reproduce:

  1. Install ibus-daemon, and in my case, ibus-anthy for Japanese input and noto-fonts-cjk for East Asian fonts.
  2. Start ibus daemon with ibus-daemon -drx
  3. Launch mousepad, switch the language in ibus from English to Japanese.
  4. Upon typing, Japanese characters will be displayed as expected.
  5. Launch a firejail instance of mousepad
  6. Switch language from English to Japanese
  7. Upon typing, English is still output, even though Japanese was requested.
Originally created by @pyamsoft on GitHub (Nov 3, 2015). Original GitHub issue: https://github.com/netblue30/firejail/issues/116 The ibus-daemon is used to change the languages on the system. For example, on my personal machine running Arch Linux 64bit using firejail 0.9.34-rc1, I use ibus to switch between English (US) input and Japanese inputs. When not running in firejail, programs such as MousePad and rxvt-unicode for example will respect the current ibus language and type in either Japanese or English. However, when running an application in firejail, because the ibus-daemon is not also running in the jail, and the jailed program has no way of talking to the rest of the processes running on the machine, programs such as Mousepad and Chromium do not properly switch inputs using the ibus-daemon. Steps to reproduce: 1. Install ibus-daemon, and in my case, ibus-anthy for Japanese input and noto-fonts-cjk for East Asian fonts. 2. Start ibus daemon with `ibus-daemon -drx` 3. Launch mousepad, switch the language in ibus from English to Japanese. 4. Upon typing, Japanese characters will be displayed as expected. 5. Launch a firejail instance of mousepad 6. Switch language from English to Japanese 7. Upon typing, English is still output, even though Japanese was requested.
gitea-mirror 2026-05-05 04:57:27 -06:00
gitea-mirror commented 2026-05-05 04:57:36 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Nov 3, 2015):

I'll look into it, thanks.

<!-- gh-comment-id:153343846 --> @netblue30 commented on GitHub (Nov 3, 2015): I'll look into it, thanks.
gitea-mirror commented 2026-05-05 04:57:39 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Nov 4, 2015):

Fixed!

<!-- gh-comment-id:153712132 --> @netblue30 commented on GitHub (Nov 4, 2015): Fixed!
gitea-mirror commented 2026-05-05 04:57:42 -06:00
Author
Owner
Copy link

@pyamsoft commented on GitHub (Nov 4, 2015):

This patch introduces a regression when using network namespaces with a bridge interface. Because of the new network ns, the iBus daemon will reject all forms on input.

This can be observed via the following:

  1. Create a new bridge network device br0
  2. Pass the bridge device to firejail using the --net=br0 option
  3. Launch any graphical program like chromium / mousepad (anything that can talk with ibus)
  4. Attempt to type

Excepted: Output of some kind
Result: iBus daemon rejects all input from the program, making it effectively impossible to run a network bridged namespace while using the ibus daemon.

A new issue can be opened in regards to this, or the current one can be reopened.

<!-- gh-comment-id:153784590 --> @pyamsoft commented on GitHub (Nov 4, 2015): This patch introduces a regression when using network namespaces with a bridge interface. Because of the new network ns, the iBus daemon will reject all forms on input. This can be observed via the following: 1. Create a new bridge network device `br0` 2. Pass the bridge device to firejail using the `--net=br0` option 3. Launch any graphical program like chromium / mousepad (anything that can talk with ibus) 4. Attempt to type Excepted: Output of some kind Result: iBus daemon rejects all input from the program, making it effectively impossible to run a network bridged namespace while using the ibus daemon. A new issue can be opened in regards to this, or the current one can be reopened.
gitea-mirror commented 2026-05-05 04:57:44 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Nov 5, 2015):

I've disabled the previous fix if a network ns is created by the sandbox.

<!-- gh-comment-id:154061588 --> @netblue30 commented on GitHub (Nov 5, 2015): I've disabled the previous fix if a network ns is created by the sandbox.
gitea-mirror commented 2026-05-05 04:57:46 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Nov 12, 2015):

beh, it doesn't work at all in Firefox.
You have to kill ibus to type anything.

"(firefox:1): IBUS-WARNING **: Events queue growing too big, will start to drop."

This seams to be a more general problem, with applications unable to communicate with the outside...

<!-- gh-comment-id:156225102 --> @ghost commented on GitHub (Nov 12, 2015): beh, it doesn't work at all in Firefox. You have to kill ibus to type anything. "(firefox:1): IBUS-WARNING **: Events queue growing too big, will start to drop." This seams to be a more general problem, with applications unable to communicate with the outside...
gitea-mirror commented 2026-05-05 04:57:48 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Nov 13, 2015):

Yes, I get the same thing if I have a network namespace configured. Without the net namespace it should work fine. I'll bring in a fix for network namespace.

The apps will not be able to communicate outside when a net namespace is configured. I'll have to proxy that traffic somehow.

<!-- gh-comment-id:156425682 --> @netblue30 commented on GitHub (Nov 13, 2015): Yes, I get the same thing if I have a network namespace configured. Without the net namespace it should work fine. I'll bring in a fix for network namespace. The apps will not be able to communicate outside when a net namespace is configured. I'll have to proxy that traffic somehow.
gitea-mirror commented 2026-05-05 04:57:50 -06:00
Author
Owner
Copy link

@ioparaskev commented on GitHub (Jan 17, 2016):

Same issue exists in fedora too..
After that ibus is probably misbehaving since amixer cannot see any devices after this and gives an "Mixer attach default error: Connection refused" error.. This makes firejail unusable in my case unfortunately

Version: Fedora 23

How to reproduce:

  1. firejail firefox
  2. open new tab and type url
  3. amixer shows error "Mixer attach default error: Connection refused"
<!-- gh-comment-id:172317885 --> @ioparaskev commented on GitHub (Jan 17, 2016): Same issue exists in fedora too.. After that ibus is probably misbehaving since amixer cannot see any devices after this and gives an "Mixer attach default error: Connection refused" error.. This makes firejail unusable in my case unfortunately Version: Fedora 23 How to reproduce: 1. `firejail firefox` 2. open new tab and type url 3. `amixer` shows error `"Mixer attach default error: Connection refused"`
gitea-mirror commented 2026-05-05 04:57:53 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Jan 18, 2016):

This looks more like a sound problem. Do you have PulseAudio installed, or only ALSA?

<!-- gh-comment-id:172589580 --> @netblue30 commented on GitHub (Jan 18, 2016): This looks more like a sound problem. Do you have PulseAudio installed, or only ALSA?
gitea-mirror commented 2026-05-05 04:57:55 -06:00
Author
Owner
Copy link

@ioparaskev commented on GitHub (Jan 21, 2016):

I have also pulseaudio and same happens with pulseaudio.. After the reproduce I'm losing control over the sound device.
sh -c "pactl set-sink-mute 0 false ; pactl set-sink-volume 1 -100%"

shm_open() failed: No such file or directory
Connection failure: Protocol error
shm_open() failed: No such file or directory
Connection failure: Protocol error

<!-- gh-comment-id:173652685 --> @ioparaskev commented on GitHub (Jan 21, 2016): I have also pulseaudio and same happens with pulseaudio.. After the reproduce I'm losing control over the sound device. `sh -c "pactl set-sink-mute 0 false ; pactl set-sink-volume 1 -100%"` > shm_open() failed: No such file or directory > Connection failure: Protocol error > shm_open() failed: No such file or directory > Connection failure: Protocol error
gitea-mirror commented 2026-05-05 04:57:57 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Jan 21, 2016):

So, it is a sound problem, it has nothing to do with ibus. PulseAudio has a problem when running in a PID namespace. There is a workaround until they fix the problem. Look at "Known Problems" section here:

https://firejail.wordpress.com/support/

<!-- gh-comment-id:173656125 --> @netblue30 commented on GitHub (Jan 21, 2016): So, it is a sound problem, it has nothing to do with ibus. PulseAudio has a problem when running in a PID namespace. There is a workaround until they fix the problem. Look at "Known Problems" section here: https://firejail.wordpress.com/support/
gitea-mirror commented 2026-05-05 04:58:01 -06:00
Author
Owner
Copy link

@ioparaskev commented on GitHub (Jan 21, 2016):

oh I see.. thanks and sorry for hijacking this

<!-- gh-comment-id:173662270 --> @ioparaskev commented on GitHub (Jan 21, 2016): oh I see.. thanks and sorry for hijacking this
gitea-mirror commented 2026-05-05 04:58:04 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Jan 23, 2016):

No problem!

<!-- gh-comment-id:174195601 --> @netblue30 commented on GitHub (Jan 23, 2016): No problem!
gitea-mirror commented 2026-05-05 04:58:05 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 9, 2016):

Same in Ubuntu 16.04

<!-- gh-comment-id:217940899 --> @ghost commented on GitHub (May 9, 2016): Same in Ubuntu 16.04
gitea-mirror commented 2026-05-05 04:58:08 -06:00
Author
Owner
Copy link

@dfaerch commented on GitHub (Jun 25, 2016):

I wanted to try out firejail (0.9.40 on ubuntu 14.04), but I seem to be having the same issue. I did

$ firejail google-chrome

but keyboard doesn't respond and i get errors in the console:

(google-chrome:2): IBUS-WARNING **: Unable to connect to ibus: Could not connect: Connection refused
(google-chrome:2): IBUS-WARNING **: Events queue growing too big, will start to drop.
(google-chrome:2): IBUS-WARNING **: Events queue growing too big, will start to drop.
<!-- gh-comment-id:228564011 --> @dfaerch commented on GitHub (Jun 25, 2016): I wanted to try out firejail (0.9.40 on ubuntu 14.04), but I seem to be having the same issue. I did ``` $ firejail google-chrome ``` but keyboard doesn't respond and i get errors in the console: ``` (google-chrome:2): IBUS-WARNING **: Unable to connect to ibus: Could not connect: Connection refused (google-chrome:2): IBUS-WARNING **: Events queue growing too big, will start to drop. (google-chrome:2): IBUS-WARNING **: Events queue growing too big, will start to drop. ```
gitea-mirror commented 2026-05-05 04:58:11 -06:00
Author
Owner
Copy link

@biergaizi commented on GitHub (Oct 9, 2016):

Still no possible solutions? It basically disables any keyboard inputs on a iBus-based desktop, since English is also managed by iBus, and effectively made the great Firejail useless...

<!-- gh-comment-id:252494181 --> @biergaizi commented on GitHub (Oct 9, 2016): Still no possible solutions? It basically disables any keyboard inputs on a iBus-based desktop, since English is also managed by iBus, and effectively made the great Firejail useless...
gitea-mirror commented 2026-05-05 04:58:13 -06:00
Author
Owner
Copy link

@folti commented on GitHub (Jan 10, 2017):

temporary workaround is to tell Gtk to use a different input module, by setting the GTK_IM_MODULE accordingly. For example:

firejail opera

don't have keyboard, while

GTK_IM_MODULE=xim firejail opera

does.

<!-- gh-comment-id:271516261 --> @folti commented on GitHub (Jan 10, 2017): temporary workaround is to tell Gtk to use a different input module, by setting the GTK_IM_MODULE accordingly. For example: firejail opera don't have keyboard, while GTK_IM_MODULE=xim firejail opera does.
gitea-mirror commented 2026-05-05 04:58:15 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Jan 12, 2017):

Thanks for the info, I'll document it on the web site.

<!-- gh-comment-id:272188399 --> @netblue30 commented on GitHub (Jan 12, 2017): Thanks for the info, I'll document it on the web site.
gitea-mirror commented 2026-05-05 04:58:17 -06:00
Author
Owner
Copy link

@anatoli26 commented on GitHub (Mar 25, 2017):

Hi, I just wanted to try Firejail on Ubuntu 16.04 stock with the latest Firefox 52.0.1 from xenial channel. The FJ version from the official channel (firejail/xenial 0.9.38.10-0ubuntu0.16.04.1 amd64) had a number of issues (especially with sound and broke it for other apps that were started before the FJ install), then I learned that this version is quite outdated and has a known issue with sound, so I purged it and installed a new one from this repo (0.9.45), but I get the same issue as other users here:

(firefox:7): IBUS-WARNING **: Unable to connect to ibus: Could not connect: Connection refused

Then, when trying to type anything, I get:

(firefox:7): IBUS-WARNING **: Events queue growing too big, will start to drop.

Is there any solution to this problem?

UPDATE: tried more apps (rhythmbox, wire messenger, etc.), they all seem to have the same problem under FJ: IBUS-WARNING and no keyboard.

<!-- gh-comment-id:289181585 --> @anatoli26 commented on GitHub (Mar 25, 2017): Hi, I just wanted to try Firejail on Ubuntu 16.04 stock with the latest Firefox 52.0.1 from xenial channel. The FJ version from the official channel (firejail/xenial 0.9.38.10-0ubuntu0.16.04.1 amd64) had a number of issues (especially with sound and broke it for other apps that were started before the FJ install), then I learned that this version is quite outdated and has a known issue with sound, so I purged it and installed a new one from this repo (0.9.45), but I get the same issue as other users here: `(firefox:7): IBUS-WARNING **: Unable to connect to ibus: Could not connect: Connection refused` Then, when trying to type anything, I get: `(firefox:7): IBUS-WARNING **: Events queue growing too big, will start to drop.` Is there any solution to this problem? _UPDATE_: tried more apps (rhythmbox, wire messenger, etc.), they all seem to have the same problem under FJ: IBUS-WARNING and no keyboard.
gitea-mirror commented 2026-05-05 04:58:19 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Mar 26, 2017):

I'll give it a try, thanks.

<!-- gh-comment-id:289292710 --> @netblue30 commented on GitHub (Mar 26, 2017): I'll give it a try, thanks.
gitea-mirror commented 2026-05-05 04:58:20 -06:00
Author
Owner
Copy link

@pdo-smith commented on GitHub (May 10, 2017):

I have the same problem in Ubuntu 17.04
The fix given by folti (GTK_IM_MODULE=xim firejail opera) works.

<!-- gh-comment-id:300543455 --> @pdo-smith commented on GitHub (May 10, 2017): I have the same problem in Ubuntu 17.04 The fix given by folti (GTK_IM_MODULE=xim firejail opera) works.
gitea-mirror commented 2026-05-05 04:58:23 -06:00
Author
Owner
Copy link

@cwmke commented on GitHub (Aug 17, 2017):

I've been using Fedora lately without this issue happening. Tonight I installed the nvidia drivers and the problem started again. I don't have the issue with intel video drivers. It only seems to happen when I'm using nvidia.

<!-- gh-comment-id:323184782 --> @cwmke commented on GitHub (Aug 17, 2017): I've been using Fedora lately without this issue happening. Tonight I installed the nvidia drivers and the problem started again. I don't have the issue with intel video drivers. It only seems to happen when I'm using nvidia.
gitea-mirror commented 2026-05-05 04:58:25 -06:00
Author
Owner
Copy link

@chiraag-nataraj commented on GitHub (Jun 7, 2018):

Is this still an issue and do the workarounds above not work?

<!-- gh-comment-id:395567048 --> @chiraag-nataraj commented on GitHub (Jun 7, 2018): Is this still an issue and do the workarounds above not work?
gitea-mirror commented 2026-05-05 04:58:27 -06:00
Author
Owner
Copy link

@dfaerch commented on GitHub (Jun 12, 2018):

@chiraag-nataraj my issue has resolved itself over time. works-for-me

<!-- gh-comment-id:396549660 --> @dfaerch commented on GitHub (Jun 12, 2018): @chiraag-nataraj my issue has resolved itself over time. *works-for-me*
gitea-mirror commented 2026-05-05 04:58:30 -06:00
Author
Owner
Copy link

@graywolf commented on GitHub (Jul 5, 2018):

I still have the issue, GTK_IM_MODULE=ibus firefox does not work. I don't think this should be closed.

<!-- gh-comment-id:402690431 --> @graywolf commented on GitHub (Jul 5, 2018): I still have the issue, `GTK_IM_MODULE=ibus firefox` does not work. I don't think this should be closed.
gitea-mirror commented 2026-05-05 04:58:31 -06:00
Author
Owner
Copy link

@chiraag-nataraj commented on GitHub (Jul 8, 2018):

@graywolf Hmm, okay. Reopening. Maybe someone who uses ibus can help you debug (I used to, but switched over to setxkbmap + emacs for esoteric keyboards).

<!-- gh-comment-id:403315426 --> @chiraag-nataraj commented on GitHub (Jul 8, 2018): @graywolf Hmm, okay. Reopening. Maybe someone who uses ibus can help you debug (I used to, but switched over to `setxkbmap` + `emacs` for esoteric keyboards).
gitea-mirror commented 2026-05-05 04:58:33 -06:00
Author
Owner
Copy link

@chiraag-nataraj commented on GitHub (Aug 6, 2018):

@graywolf, have you tried the workarounds on this thread?

<!-- gh-comment-id:410722171 --> @chiraag-nataraj commented on GitHub (Aug 6, 2018): @graywolf, have you tried the workarounds on this thread?
gitea-mirror commented 2026-05-05 04:58:37 -06:00
Author
Owner
Copy link

@graywolf commented on GitHub (Aug 14, 2018):

@chiraag-nataraj I've tried (and it seems to work), however guys over at ibus keep telling me that it's wrong thing to do https://github.com/ibus/ibus/issues/2020#issuecomment-409171856

<!-- gh-comment-id:412727321 --> @graywolf commented on GitHub (Aug 14, 2018): @chiraag-nataraj I've tried (and it seems to work), however guys over at ibus keep telling me that it's wrong thing to do https://github.com/ibus/ibus/issues/2020#issuecomment-409171856
gitea-mirror commented 2026-05-05 04:58:40 -06:00
Author
Owner
Copy link

@chiraag-nataraj commented on GitHub (Aug 14, 2018):

@graywolf The way I look at it is: If it works, don't worry about it 😂 Seriously, though...unless there are security implications, this is probably okay. If it stops working, we'll figure something out then 😂

<!-- gh-comment-id:412830053 --> @chiraag-nataraj commented on GitHub (Aug 14, 2018): @graywolf The way I look at it is: If it works, don't worry about it :joy: Seriously, though...unless there are security implications, this is probably okay. If it stops working, we'll figure something out then :joy:
gitea-mirror commented 2026-05-05 04:58:43 -06:00
Author
Owner
Copy link

@graywolf commented on GitHub (Aug 14, 2018):

I guess... 🍡

<!-- gh-comment-id:412982460 --> @graywolf commented on GitHub (Aug 14, 2018): I guess... :dango:
gitea-mirror commented 2026-05-05 04:58:45 -06:00
Author
Owner
Copy link

@chiraag-nataraj commented on GitHub (Aug 22, 2018):

So if the workarounds here are working (ibus developers' opinions notwithstanding), I'm going to go ahead and close the issue.

<!-- gh-comment-id:415118604 --> @chiraag-nataraj commented on GitHub (Aug 22, 2018): So if the workarounds here _are_ working (ibus developers' opinions notwithstanding), I'm going to go ahead and close the issue.
gitea-mirror commented 2026-05-05 04:58:47 -06:00
Author
Owner
Copy link

@chiraag-nataraj commented on GitHub (Aug 22, 2018):

On second thought, re-opening, since this is still an issue that should be debugged.

<!-- gh-comment-id:415119059 --> @chiraag-nataraj commented on GitHub (Aug 22, 2018): On second thought, re-opening, since this is still an issue that should be debugged.
gitea-mirror commented 2026-05-05 04:58:49 -06:00
Author
Owner
Copy link

@xelxebar commented on GitHub (Nov 4, 2018):

For whatever it's worth the proposed *_IM_MODULE workaround doesn't fix the issue for me, though I'm running qutebrowser instead of firefox.

$ firejail --version
firejail version 0.9.56

Compile time support:
        - AppArmor support is enabled
        - AppImage support is enabled
        - chroot support is enabled
        - file and directory whitelisting support is enabled
        - file transfer support is enabled
        - networking support is enabled
        - overlayfs support is enabled
        - private-home support is enabled
        - seccomp-bpf support is enabled
        - user namespace support is enabled
        - X11 sandboxing support is enabled

$ ibus version
1.5.1.19

$ qutebrowser --version
qutebrowser v1.5.2
Git commit:
Backend: QtWebEngine (Chromium 61.0.3163.140)

CPython: 3.6.7
Qt: 5.10.1
PyQt: 5.10.1

sip: 4.19.8
colorama: no
pypeg2: 2.15
jinja2: 2.10
pygments: 2.2.0
yaml: 3.13
cssutils: no
attr: 18.2.0
PyQt5.QtWebEngineWidgets: yes
PyQt5.QtWebKitWidgets: no
pdf.js: no
sqlite: 3.25.2
QtNetwork SSL: LibreSSL 2.7.4
...
<!-- gh-comment-id:435640298 --> @xelxebar commented on GitHub (Nov 4, 2018): For whatever it's worth the proposed `*_IM_MODULE` workaround doesn't fix the issue for me, though I'm running *qutebrowser* instead of *firefox*. ``` $ firejail --version firejail version 0.9.56 Compile time support: - AppArmor support is enabled - AppImage support is enabled - chroot support is enabled - file and directory whitelisting support is enabled - file transfer support is enabled - networking support is enabled - overlayfs support is enabled - private-home support is enabled - seccomp-bpf support is enabled - user namespace support is enabled - X11 sandboxing support is enabled $ ibus version 1.5.1.19 $ qutebrowser --version qutebrowser v1.5.2 Git commit: Backend: QtWebEngine (Chromium 61.0.3163.140) CPython: 3.6.7 Qt: 5.10.1 PyQt: 5.10.1 sip: 4.19.8 colorama: no pypeg2: 2.15 jinja2: 2.10 pygments: 2.2.0 yaml: 3.13 cssutils: no attr: 18.2.0 PyQt5.QtWebEngineWidgets: yes PyQt5.QtWebKitWidgets: no pdf.js: no sqlite: 3.25.2 QtNetwork SSL: LibreSSL 2.7.4 ... ```
gitea-mirror commented 2026-05-05 04:58:51 -06:00
Author
Owner
Copy link

@mhva commented on GitHub (Feb 4, 2019):

Disclaimer: I don't use firejail, but I'm almost positive that this issue is related to the fact that ibus-daemon uses an abstract unix socket for IPC by default. This socket is invisible to firejail sandbox if it resides in a separate network namespace.

It should be possible to circumvent this issue in the current master branch of ibus by requesting it to use named socket for IPC. This can be done by passing --address=unix:path=<somedir>/<somefile> to ibus-daemon and making sure that <somedir> and $HOME/.config/ibus are both visible in sandbox. The latter dir contains ibus-daemon socket address, which is needed for ibus clients to be able to find where they should connect.

<!-- gh-comment-id:460230581 --> @mhva commented on GitHub (Feb 4, 2019): Disclaimer: I don't use firejail, but I'm almost positive that this issue is related to the fact that ibus-daemon uses an abstract unix socket for IPC by default. This socket is invisible to firejail sandbox if it resides in a separate network namespace. It should be possible to circumvent this issue in the current master branch of ibus by requesting it to use named socket for IPC. This can be done by passing `--address=unix:path=<somedir>/<somefile>` to ibus-daemon and making sure that `<somedir>` and `$HOME/.config/ibus` are both visible in sandbox. The latter dir contains ibus-daemon socket address, which is needed for ibus clients to be able to find where they should connect.
gitea-mirror commented 2026-05-05 04:58:54 -06:00
Author
Owner
Copy link

@biergaizi commented on GitHub (Feb 4, 2019):

Awesome! Having the capability to use an alternative IPC socket should definitely solve the problem.

<!-- gh-comment-id:460436819 --> @biergaizi commented on GitHub (Feb 4, 2019): Awesome! Having the capability to use an alternative IPC socket should definitely solve the problem.
gitea-mirror commented 2026-05-05 04:58:55 -06:00
Author
Owner
Copy link

@chiraag-nataraj commented on GitHub (May 20, 2019):

Given the workaround @mhva suggested, do people still have this issue?

<!-- gh-comment-id:494028459 --> @chiraag-nataraj commented on GitHub (May 20, 2019): Given the workaround @mhva suggested, do people still have this issue?
gitea-mirror commented 2026-05-05 04:58:57 -06:00
Author
Owner
Copy link

@chiraag-nataraj commented on GitHub (May 21, 2019):

I'm going to go ahead and close this for now. If anyone affected is still running into this, please feel free to re-open!

<!-- gh-comment-id:494592172 --> @chiraag-nataraj commented on GitHub (May 21, 2019): I'm going to go ahead and close this for now. If anyone affected is still running into this, please feel free to re-open!
gitea-mirror commented 2026-05-05 04:58:59 -06:00
Author
Owner
Copy link

@SailReal commented on GitHub (May 21, 2020):

I just started using firejail, what an awesome piece of software, thank you all :)

Nearly everything works out of the box but I just stumbled over this issue using Ubuntu 20.04 and the Signal-Desktop client. On my device it can only be started with GTK_IM_MODULE=xim, otherwise you can't enter anything using my keyboard.

<!-- gh-comment-id:632394043 --> @SailReal commented on GitHub (May 21, 2020): I just started using firejail, what an awesome piece of software, thank you all :) Nearly everything works out of the box but I just stumbled over this issue using Ubuntu 20.04 and the Signal-Desktop client. On my device it can only be started with `GTK_IM_MODULE=xim`, otherwise you can't enter anything using my keyboard.
gitea-mirror commented 2026-05-05 04:59:02 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (May 22, 2020):

@SailReal Glad to hear you're enjoying firejail. As for the environment variable workaround, you can put that into a signal-desktop.local file. If you don't have one yet, you will have to create one manually. Either use /etc/firejail/signal-desktop.local (affects all users on your machine) or ${HOME}/.config/firejail/signal-desktop.local (affects your user only). Add the below to that file:

env GTK_IM_MODULE=xim
<!-- gh-comment-id:632536741 --> @ghost commented on GitHub (May 22, 2020): @SailReal Glad to hear you're enjoying firejail. As for the environment variable workaround, you can put that into a `signal-desktop.local` file. If you don't have one yet, you will have to create one manually. Either use /etc/firejail/signal-desktop.local (affects all users on your machine) or ${HOME}/.config/firejail/signal-desktop.local (affects your user only). Add the below to that file: ``` env GTK_IM_MODULE=xim ```
gitea-mirror commented 2026-05-05 04:59:03 -06:00
Author
Owner
Copy link

@overchu commented on GitHub (Dec 18, 2020):

Disclaimer: I don't use firejail, but I'm almost positive that this issue is related to the fact that ibus-daemon uses an abstract unix socket for IPC by default. This socket is invisible to firejail sandbox if it resides in a separate network namespace.

It should be possible to circumvent this issue in the current master branch of ibus by requesting it to use named socket for IPC. This can be done by passing --address=unix:path=<somedir>/<somefile> to ibus-daemon and making sure that <somedir> and $HOME/.config/ibus are both visible in sandbox. The latter dir contains ibus-daemon socket address, which is needed for ibus clients to be able to find where they should connect.

Where can you pass these argruments to ibus? I couldn't figure out who is starting ibus in the first place.

  1. systemd seems not to start it
  2. neither systemd --user
  3. it's also not started by gnome3

But anyway, if I stop ibus-daemon and start it manually with the given options, than I got an error that the address is already in use.

$ ps aux | grep ibus-
alex       33084  2.2  0.0 815460 13488 pts/4    Sl   13:44   0:00 ibus-daemon --replace --panel disable --xim
alex       33105  0.0  0.0 449324  7396 pts/4    Sl   13:44   0:00 /usr/libexec/ibus-dconf
alex       33106  4.0  0.1 483180 28636 pts/4    Sl   13:44   0:01 /usr/libexec/ibus-extension-gtk3
alex       33108  0.1  0.1 404168 22388 pts/4    Sl   13:44   0:00 /usr/libexec/ibus-x11 --kill-daemon
alex       33116  0.0  0.0 449092  7292 ?        Ssl  13:44   0:00 /usr/libexec/ibus-portal
alex       33128  0.5  0.0 375336  7148 pts/4    Sl   13:44   0:00 /usr/libexec/ibus-engine-simple
alex       33207  0.0  0.0 221588   852 pts/4    S+   13:45   0:00 grep --color=auto ibus-

$ kill 33084 # kill ibus-daemon

$ ibus-daemon --replace --panel disable --xim  --address=unix:path=/home/alex/.cache/alex-ibus/ibus-address/test --verbose
(ibus-daemon:35008): IBUS-ERROR **: 13:57:37.755: g_dbus_server_new_sync() is failed with address unix:path=/home/alex/.cache/alex-ibus/ibus-address/test and guid 30d04cbb95ff4a29d0b02d835fdc44d1: Error binding to address (GUnixSocketAddress): Address already in use

So it seems that even if I find out where ibus is started in will not work anyway.

I am running Fedora 33 with Gnome 3, X, and ibus 1.5.23

<!-- gh-comment-id:747887942 --> @overchu commented on GitHub (Dec 18, 2020): > Disclaimer: I don't use firejail, but I'm almost positive that this issue is related to the fact that ibus-daemon uses an abstract unix socket for IPC by default. This socket is invisible to firejail sandbox if it resides in a separate network namespace. > > It should be possible to circumvent this issue in the current master branch of ibus by requesting it to use named socket for IPC. This can be done by passing `--address=unix:path=<somedir>/<somefile>` to ibus-daemon and making sure that `<somedir>` and `$HOME/.config/ibus` are both visible in sandbox. The latter dir contains ibus-daemon socket address, which is needed for ibus clients to be able to find where they should connect. Where can you pass these argruments to ibus? I couldn't figure out who is starting ibus in the first place. 1. `systemd` seems not to start it 2. neither `systemd --user` 3. it's also not started by gnome3 But anyway, if I stop ibus-daemon and start it manually with the given options, than I got an error that the address is already in use. ``` bash $ ps aux | grep ibus- alex 33084 2.2 0.0 815460 13488 pts/4 Sl 13:44 0:00 ibus-daemon --replace --panel disable --xim alex 33105 0.0 0.0 449324 7396 pts/4 Sl 13:44 0:00 /usr/libexec/ibus-dconf alex 33106 4.0 0.1 483180 28636 pts/4 Sl 13:44 0:01 /usr/libexec/ibus-extension-gtk3 alex 33108 0.1 0.1 404168 22388 pts/4 Sl 13:44 0:00 /usr/libexec/ibus-x11 --kill-daemon alex 33116 0.0 0.0 449092 7292 ? Ssl 13:44 0:00 /usr/libexec/ibus-portal alex 33128 0.5 0.0 375336 7148 pts/4 Sl 13:44 0:00 /usr/libexec/ibus-engine-simple alex 33207 0.0 0.0 221588 852 pts/4 S+ 13:45 0:00 grep --color=auto ibus- ``` ``` bash $ kill 33084 # kill ibus-daemon ``` ``` bash $ ibus-daemon --replace --panel disable --xim --address=unix:path=/home/alex/.cache/alex-ibus/ibus-address/test --verbose (ibus-daemon:35008): IBUS-ERROR **: 13:57:37.755: g_dbus_server_new_sync() is failed with address unix:path=/home/alex/.cache/alex-ibus/ibus-address/test and guid 30d04cbb95ff4a29d0b02d835fdc44d1: Error binding to address (GUnixSocketAddress): Address already in use ``` So it seems that even if I find out where ibus is started in will not work anyway. I am running Fedora 33 with Gnome 3, X, and ibus 1.5.23
gitea-mirror commented 2026-05-05 04:59:05 -06:00
Author
Owner
Copy link

@ghost commented on GitHub (Dec 18, 2020):

Where can you pass these argruments to ibus? I couldn't figure out who is starting ibus in the first place.

On Arch Linux the ibus package installs /usr/share/dbus-1/services/org.freedesktop.IBus.service:

$ cat /usr/share/dbus-1/services/org.freedesktop.IBus.service
[D-BUS Service]
Name=org.freedesktop.IBus
Exec=/usr/bin/ibus-daemon --replace --panel disable --xim

If memory serves you can place an override in /etc/dbus-1/services/org.freedesktop.IBus.service with your desired Exec= command.

Note: As of Jul 2020, Firejail introduced DBus filtering. It is now possible to use the --dbus-user.own=org.freedesktop.IBus parameter to let Firefox access IBus.

<!-- gh-comment-id:748328923 --> @ghost commented on GitHub (Dec 18, 2020): > Where can you pass these argruments to ibus? I couldn't figure out who is starting ibus in the first place. On Arch Linux the ibus package installs `/usr/share/dbus-1/services/org.freedesktop.IBus.service`: ``` $ cat /usr/share/dbus-1/services/org.freedesktop.IBus.service [D-BUS Service] Name=org.freedesktop.IBus Exec=/usr/bin/ibus-daemon --replace --panel disable --xim ``` If memory serves you can place an override in /etc/dbus-1/services/org.freedesktop.IBus.service with your desired Exec= command. Note: As of Jul 2020, Firejail introduced DBus filtering. It is now possible to use the --dbus-user.own=org.freedesktop.IBus parameter to let Firefox access IBus.
gitea-mirror commented 2026-05-05 04:59:07 -06:00
Author
Owner
Copy link

@overchu commented on GitHub (Dec 19, 2020):

On Arch Linux the ibus package installs /usr/share/dbus-1/services/org.freedesktop.IBus.service:

Thank you for the idea of just checking what hte package installs. You are right.

$ rpm -ql ibus | grep -e '\.service'                                                                         │
/usr/share/dbus-1/services/org.freedesktop.IBus.service                                                                │
/usr/share/dbus-1/services/org.freedesktop.portal.IBus.service

But I don't see this .service-file linked anywhere, so I don't think this is what actually gets used:

$ sudo find -L /etc/systemd/ -samefile /usr/share/dbus-1/services/org.freedesktop.IBus.service 
$ find -L /home/$USER/.config/systemd/ -samefile /usr/share/dbus-1/services/org.freedesktop.IBus.service

Both yield empty results.

And no mentioning of ibus in /etc/dbus-1/ either, no results for:

$ tree /etc/dbus-1/ | grep Ibus
<!-- gh-comment-id:748423381 --> @overchu commented on GitHub (Dec 19, 2020): > On Arch Linux the ibus package installs /usr/share/dbus-1/services/org.freedesktop.IBus.service: Thank you for the idea of just checking what hte package installs. You are right. ``` bash $ rpm -ql ibus | grep -e '\.service' │ /usr/share/dbus-1/services/org.freedesktop.IBus.service │ /usr/share/dbus-1/services/org.freedesktop.portal.IBus.service ``` But I don't see this `.service`-file linked anywhere, so I don't think this is what actually gets used: ``` bash $ sudo find -L /etc/systemd/ -samefile /usr/share/dbus-1/services/org.freedesktop.IBus.service $ find -L /home/$USER/.config/systemd/ -samefile /usr/share/dbus-1/services/org.freedesktop.IBus.service ``` Both yield empty results. And no mentioning of ibus in /etc/dbus-1/ either, no results for: ``` bash $ tree /etc/dbus-1/ | grep Ibus ```
gitea-mirror commented 2026-05-05 04:59:09 -06:00
Author
Owner
Copy link

@overchu commented on GitHub (Dec 19, 2020):

Note: As of Jul 2020, Firejail introduced DBus filtering. It is now possible to use the --dbus-user.own=org.freedesktop.IBus parameter to let Firefox access IBus.

Sorry, I forgot to mention that I tried this solution unsuccessfully:

$ firejail --dbus-user.own=org.freedesktop.IBus firefox
Reading profile /etc/firejail/firefox.profile
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/firefox-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: Warning: NVIDIA card detected, nogroups command disabled
Parent pid 105219, child pid 105223
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: cleaning all supplementary groups
Warning: not remounting /run/user/1000/gvfs
Warning: cleaning all supplementary groups
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Warning: cleaning all supplementary groups
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Child process initialized in 216.69 ms

Parent is shutting down, bye...

I even consider a security bug because it spits out a working firefox (with ibus) that is not sandboxed which is not what you expect if you run firejail.
Above, this might be the most interesting line:

Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
<!-- gh-comment-id:748424354 --> @overchu commented on GitHub (Dec 19, 2020): > Note: As of Jul 2020, Firejail introduced DBus filtering. It is now possible to use the --dbus-user.own=org.freedesktop.IBus parameter to let Firefox access IBus. Sorry, I forgot to mention that I tried this solution unsuccessfully: ``` bash $ firejail --dbus-user.own=org.freedesktop.IBus firefox Reading profile /etc/firejail/firefox.profile Reading profile /etc/firejail/whitelist-usr-share-common.inc Reading profile /etc/firejail/firefox-common.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: Warning: NVIDIA card detected, nogroups command disabled Parent pid 105219, child pid 105223 Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: cleaning all supplementary groups Warning: not remounting /run/user/1000/gvfs Warning: cleaning all supplementary groups Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, Warning: cleaning all supplementary groups Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, Child process initialized in 216.69 ms Parent is shutting down, bye... ``` I even consider a security bug because it spits out a working firefox (with ibus) that is *not* sandboxed which is not what you expect if you run `firejail`. Above, this might be the most interesting line: ``` bash Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. ```
gitea-mirror commented 2026-05-05 04:59:10 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Dec 19, 2020):

But I don't see this .service-file linked anywhere, so I don't think this is what actually gets used:

$ sudo find -L /etc/systemd/ -samefile /usr/share/dbus-1/services/org.freedesktop.IBus.service 
$ find -L /home/$USER/.config/systemd/ -samefile /usr/share/dbus-1/services/org.freedesktop.IBus.service

Both yield empty results.

And no mentioning of ibus in /etc/dbus-1/ either, no results for:

$ tree /etc/dbus-1/ | grep Ibus

It's not a systemd unit. It's a D-Bus service (look at the [D-BUS Service] line in it).

D-Bus configuration is located at /usr/share/dbus-1 (distributions defaults) and /etc/dbus-1 (user/admin overrides).

--dbus-user.own=org.freedesktop.IBus

--dbus-user.talk=org.freedesktop.IBus should be enough.

<!-- gh-comment-id:748442982 --> @rusty-snake commented on GitHub (Dec 19, 2020): > But I don't see this .service-file linked anywhere, so I don't think this is what actually gets used: > > ``` > $ sudo find -L /etc/systemd/ -samefile /usr/share/dbus-1/services/org.freedesktop.IBus.service > $ find -L /home/$USER/.config/systemd/ -samefile /usr/share/dbus-1/services/org.freedesktop.IBus.service > ``` > Both yield empty results. > > And no mentioning of ibus in /etc/dbus-1/ either, no results for: > > ``` > $ tree /etc/dbus-1/ | grep Ibus > ``` It's **not** a systemd unit. It's a D-Bus service (look at the `[D-BUS Service]` line in it). D-Bus configuration is located at `/usr/share/dbus-1` (distributions defaults) and `/etc/dbus-1` (user/admin overrides). > --dbus-user.own=org.freedesktop.IBus `--dbus-user.talk=org.freedesktop.IBus` should be enough.
gitea-mirror commented 2026-05-05 04:59:12 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Dec 19, 2020):

FWIW: Fcitx works we allowing the portal, see #3732.

<!-- gh-comment-id:748447191 --> @rusty-snake commented on GitHub (Dec 19, 2020): FWIW: Fcitx works we allowing the portal, see #3732.
gitea-mirror commented 2026-05-05 04:59:13 -06:00
Author
Owner
Copy link

@graywolf commented on GitHub (Nov 1, 2021):

The xim workaround stopped working for me on firefox 93.0. Should this be re-opened?

<!-- gh-comment-id:955819623 --> @graywolf commented on GitHub (Nov 1, 2021): The `xim` workaround stopped working for me on firefox 93.0. Should this be re-opened?
gitea-mirror commented 2026-05-05 04:59:15 -06:00
Author
Owner
Copy link

@martinetd commented on GitHub (Dec 12, 2021):

I don't know about the xim workaround not working (I've never had input stuck because of ibus in default configuration), but the 'solution' that had been accepted years ago is nothing but a workaround that disables ibus, it's not a way of using ibus.

I've spent quite a bit of time on this, here's my take:

  • by default, ibus will try to open $HOME/.config/ibus/bus/<machineid>-<hostname>-<display> (ibus_get_socket_path()) to guess the ibus socket. While adding whitelist ${HOME}/.config/ibus to the profile lets ibus load this file, ibus tries to check if the socket is valid by sending a signal (kill(0) to the pid defined in that file, and that doesn't work with our PID namespace, so giving access to that file is useless unless we could share the pid namespace, which is not possible https://github.com/netblue30/firejail/issues/892
  • instead, one can set IBUS_ADDRESS directly in the environment (preload that file before starting firejail), which will skip the PID check.
    • The default IBUS_ADDRESS uses an abstract path, so unless firejail creates a different network namespace firefox will be able to connect to it
    • For cases with a separate namespace, it's possible to start ibus-daemon with --address=unix:dir=/path/to/somedir and whitelist that directory to allow firefox to connect to it. Note ibus allows unix:path=/path/to/sock, but that doesn't work right now, see https://github.com/ibus/ibus/issues/2363
    • Note that if IBUS_ADDRESS is set to something invalid, input will not work (like what others describe here, ibus-warning "Events queue growing too big, will start to drop.")
  • Allowing dbus-user.talk org.freedesktop.IBus is also needed as suggested. Ther'e's also a org.freedesktop.portal.IBus but I didn't find this to be required.

Ultimately my conf is as follow (using unix socket in ~/.cache/ibus)

$ cat ~/.config/firejail/firefox.local
dbus-user.talk org.freedesktop.IBus
whitelist ${HOME}/.cache/ibus
$ grep ibus ~/.xsession
ibus-daemon --xim -d --address=unix:dir=$HOME/.cache/ibus/dbus
$ cat ~/.bin/ff
#!/bin/sh

. "$HOME/.config/ibus/bus/$(cat /var/lib/dbus/machine-id)-unix-${WAYLAND_DISPLAY}"

export IBUS_ADDRESS

exec systemd-run --user --scope --unit=ff-$$.scope \
	-p MemoryMax=3G -p MemoryHigh=2G \
	firejail firefox "$@"
<!-- gh-comment-id:991823552 --> @martinetd commented on GitHub (Dec 12, 2021): I don't know about the xim workaround not working (I've never had input stuck because of ibus in default configuration), but the 'solution' that had been accepted years ago is nothing but a workaround that disables ibus, it's not a way of using ibus. I've spent quite a bit of time on this, here's my take: - by default, ibus will try to open `$HOME/.config/ibus/bus/<machineid>-<hostname>-<display>` (`ibus_get_socket_path()`) to guess the ibus socket. While adding `whitelist ${HOME}/.config/ibus` to the profile lets ibus load this file, ibus tries to check if the socket is valid by sending a signal (kill(0) to the pid defined in that file, and that doesn't work with our PID namespace, so giving access to that file is useless unless we could share the pid namespace, which is not possible https://github.com/netblue30/firejail/issues/892 - instead, one can set `IBUS_ADDRESS` directly in the environment (preload that file before starting firejail), which will skip the PID check. - The default IBUS_ADDRESS uses an abstract path, so unless firejail creates a different network namespace firefox will be able to connect to it - For cases with a separate namespace, it's possible to start ibus-daemon with `--address=unix:dir=/path/to/somedir` and whitelist that directory to allow firefox to connect to it. Note ibus allows unix:path=/path/to/sock, but that doesn't work right now, see https://github.com/ibus/ibus/issues/2363 - Note that if IBUS_ADDRESS is set to something invalid, input will not work (like what others describe here, ibus-warning "Events queue growing too big, will start to drop.") - Allowing `dbus-user.talk org.freedesktop.IBus` is also needed as suggested. Ther'e's also a `org.freedesktop.portal.IBus` but I didn't find this to be required. Ultimately my conf is as follow (using unix socket in ~/.cache/ibus) ``` $ cat ~/.config/firejail/firefox.local dbus-user.talk org.freedesktop.IBus whitelist ${HOME}/.cache/ibus $ grep ibus ~/.xsession ibus-daemon --xim -d --address=unix:dir=$HOME/.cache/ibus/dbus $ cat ~/.bin/ff #!/bin/sh . "$HOME/.config/ibus/bus/$(cat /var/lib/dbus/machine-id)-unix-${WAYLAND_DISPLAY}" export IBUS_ADDRESS exec systemd-run --user --scope --unit=ff-$$.scope \ -p MemoryMax=3G -p MemoryHigh=2G \ firejail firefox "$@" ```
gitea-mirror commented 2026-05-05 04:59:18 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Jan 8, 2022):

env GTK_IM_MODULE=ibus
env IBUS_USE_PORTAL=1
dbus-user.talk org.freedesktop.portal.IBus

seems to work too

<!-- gh-comment-id:1007921471 --> @rusty-snake commented on GitHub (Jan 8, 2022): ``` env GTK_IM_MODULE=ibus env IBUS_USE_PORTAL=1 dbus-user.talk org.freedesktop.portal.IBus ``` seems to work too
gitea-mirror commented 2026-05-05 04:59:21 -06:00
Author
Owner
Copy link

@scottslowe commented on GitHub (May 25, 2022):

Confirming that @rusty-snake's workaround from Jan 8 2022 works for me on a newly-upgraded Fedora 36 system (to fix keyboard input for Thunderbird).

<!-- gh-comment-id:1137837664 --> @scottslowe commented on GitHub (May 25, 2022): Confirming that @rusty-snake's workaround from Jan 8 2022 works for me on a newly-upgraded Fedora 36 system (to fix keyboard input for Thunderbird).
gitea-mirror commented 2026-05-05 04:59:24 -06:00
Author
Owner
Copy link

@martinetd commented on GitHub (Sep 8, 2022):

Follow up half a year later: turns out my system just doesn't start ibus-portal, running it manually and asking gtk to use it seems to be easier to handle than my old workaround so switched to that as well.

Thanks @rusty-snake !

<!-- gh-comment-id:1240666631 --> @martinetd commented on GitHub (Sep 8, 2022): Follow up half a year later: turns out my system just doesn't start ibus-portal, running it manually and asking gtk to use it seems to be easier to handle than my old workaround so switched to that as well. Thanks @rusty-snake !
gitea-mirror commented 2026-05-05 04:59:27 -06:00
Author
Owner
Copy link

@hmm5 commented on GitHub (Mar 31, 2023):

GTK_IM_MODULE=xim, doesn't seem to work anymore with the newest ibus version 1.5.28.

<!-- gh-comment-id:1491851545 --> @hmm5 commented on GitHub (Mar 31, 2023): GTK_IM_MODULE=xim, doesn't seem to work anymore with the newest ibus version 1.5.28.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#75
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?