mirror of
https://github.com/netblue30/firejail.git
synced 2026-05-15 14:16:14 -06:00
[GH-ISSUE #1111] Arch users, --dns= required for Firefox to connect to internet for wired interfaces? #761
Labels
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/firejail#761
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @rieje on GitHub (Feb 20, 2017).
Original GitHub issue: https://github.com/netblue30/firejail/issues/1111
On my Arch desktop system via ethernet interface, without using
--dns=, Firefox cannot connect to the internet. According to the docs, firejail should use the default dns addressed used by the system if you don't specify--dns=, so Firefox should be able to connect to the internet.On my Arch laptop system via wireless interface, Firefox can connect to the internet without
--dns=as expected.I was wondering if this is a bug on either Arch or firejail's end and if not, how can I get firejail to use the default dns to connect to the internet? It would be pain to specify
--dns=for all my applications that I wish to connect to the internet with, especially if I want to change the dns address for them in the future.@xenopeek commented on GitHub (Feb 21, 2017):
I don't have any such issues. This must be a problem on your end; not with the default Firejail profile for Firefox. Have you investigated from within the sandbox? E.g. start Firefox with
firejail --name=firefox firefoxand then on a second terminal join the sandbox withfirejail --join=firefox. Do your tests from there. Like compare DNS configuration innmclioutput. Testdig google.comand testdig @8.8.8.8 google.comand so on.@rieje commented on GitHub (Feb 23, 2017):
@xenopeek how did you enable wired network on Arch? All I did was:
@xenopeek commented on GitHub (Feb 24, 2017):
I didn't nothing of the kind. I just installed networkmanager and ran
systemctl enable NetworkManager.serviceand it does the rest. I think without networkmanager I had to enable dhcpd for the wired interface with something likesystemctl start dhcpcd@enp0s3.service(enp0s3 being the name of my wired interface, which you can find withip link).@rieje commented on GitHub (Feb 25, 2017):
Thanks for the info--that's what I used to do for wired internet but I think I used my 2 services because it was a more recent recommendation. I disabled those and enable/started the dhcpcd service instead and now the sandboxing works. Going to see what the differences between the services are, but in any case, this appears to be an Arch-related issue (or at least my misunderstanding of services on Arch).