[GH-ISSUE #1459] Mutt fails to read mail attachments (using lynx / gnu highlight)

gitea-mirror commented

2026-05-05 07:15:35 -06:00

Owner

Originally created by @Boruch-Baum on GitHub (Aug 11, 2017).
Original GitHub issue: https://github.com/netblue30/firejail/issues/1459

For firejail version 0.9.48 in debian, using mutt configured to edit with emacs client, with the command line invocation:

/usr/bin/mutt

Attempting to read any email with an inline attachment fails because of some restriction in the default firejail profile for mutt's default pager (lynx) or a custom plug-in (gnu highlight).

Here's some screen output from one email:

Cc: Subscribed <subscribed@noreply.github.com>
Subject: Re: [abo-abo/swiper] counsel-find-file-cd-bookmark-action not showing bookmarks (#1135)

[-- Autoview using lynx -restrictions=all -dump -force-html '/tmp/mutt-7506-572869149462463798' --]
Blacklist violations are logged to syslog
^[]0;firejail /usr/bin/lynx -restrictions=all -dump -force-html /tmp/mutt-7506-572869149462463798 ^GParent pid 8501, child pid 8502

Parent is shutting down, bye...
[-- Autoview stderr of lynx -restrictions=all -dump -force-html '/tmp/mutt-7506-572869149462463798' --]
Reading profile /etc/firejail/lynx.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-passwdmgr.inc

Can't Access `file://localhost/tmp/mutt-7506-572869149462463798'
Alert!: Unable to access document.

lynx: Can't access startfile

And here's how it reacts to an inline patch attachment:

[-- Attachment #2: w3m-window-system.patch --]
[-- Type: text/x-diff; charset=us-ascii, Encoding: 7bit, Size: 3.6K --]

[-- Autoview using highlight -Oansi  '/tmp/w3m-window-system.patch' --]
Blacklist violations are logged to syslog
^[]0;firejail /usr/bin/highlight -Oansi /tmp/w3m-window-system.patch ^GParent pid 9521, child pid 9522

Parent is shutting down, bye...
[-- Autoview stderr of highlight -Oansi  '/tmp/w3m-window-system.patch' --]
Reading profile /etc/firejail/highlight.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
highlight: Could not read input file:
/tmp/w3m-window-system.patch

Originally created by @Boruch-Baum on GitHub (Aug 11, 2017). Original GitHub issue: https://github.com/netblue30/firejail/issues/1459 For firejail version 0.9.48 in debian, using mutt configured to edit with emacs client, with the command line invocation: /usr/bin/mutt Attempting to read any email with an inline attachment fails because of some restriction in the default firejail profile for mutt's default pager (lynx) or a custom plug-in (gnu highlight). Here's some screen output from one email: ~~~~ Cc: Subscribed <subscribed@noreply.github.com> Subject: Re: [abo-abo/swiper] counsel-find-file-cd-bookmark-action not showing bookmarks (#1135) [-- Autoview using lynx -restrictions=all -dump -force-html '/tmp/mutt-7506-572869149462463798' --] Blacklist violations are logged to syslog ^[]0;firejail /usr/bin/lynx -restrictions=all -dump -force-html /tmp/mutt-7506-572869149462463798 ^GParent pid 8501, child pid 8502 Parent is shutting down, bye... [-- Autoview stderr of lynx -restrictions=all -dump -force-html '/tmp/mutt-7506-572869149462463798' --] Reading profile /etc/firejail/lynx.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-passwdmgr.inc Can't Access `file://localhost/tmp/mutt-7506-572869149462463798' Alert!: Unable to access document. lynx: Can't access startfile ~~~~ And here's how it reacts to an inline patch attachment: ~~~~ [-- Attachment #2: w3m-window-system.patch --] [-- Type: text/x-diff; charset=us-ascii, Encoding: 7bit, Size: 3.6K --] [-- Autoview using highlight -Oansi '/tmp/w3m-window-system.patch' --] Blacklist violations are logged to syslog ^[]0;firejail /usr/bin/highlight -Oansi /tmp/w3m-window-system.patch ^GParent pid 9521, child pid 9522 Parent is shutting down, bye... [-- Autoview stderr of highlight -Oansi '/tmp/w3m-window-system.patch' --] Reading profile /etc/firejail/highlight.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-passwdmgr.inc highlight: Could not read input file: /tmp/w3m-window-system.patch ~~~~

gitea-mirror closed this issue

2026-05-05 07:15:37 -06:00

gitea-mirror commented

2026-05-05 07:15:40 -06:00

Author

Owner

@Boruch-Baum commented on GitHub (Aug 11, 2017):

I tried creating empty dummy profiles for mutt, lynx and highlight in my ~/.config/firejail directory, which succeeded in making the attachments visible . . . BUT the emails still display indications that firejail is being used! This may be because internally mutt may not be calling lynx directly.

At the top of the attachment text:

[-- Autoview using lynx -restrictions=all -dump -force-html '/tmp/mutt-11915-14238489903687026758' --]
^[]0;firejail /usr/bin/lynx -restrictions=all -dump -force-html /tmp/mutt-11915-14238489903687026758 ^G

And after the end of the attachment text:

Parent pid 11952, child pid 11953

Parent is shutting down, bye...

@Boruch-Baum commented on GitHub (Aug 11, 2017): I tried creating empty dummy profiles for mutt, lynx and highlight in my ~/.config/firejail directory, which succeeded in making the attachments visible . . . BUT the emails still display indications that firejail is being used! This may be because internally mutt may not be calling lynx directly. At the top of the attachment text: ~~~~ [-- Autoview using lynx -restrictions=all -dump -force-html '/tmp/mutt-11915-14238489903687026758' --] ^[]0;firejail /usr/bin/lynx -restrictions=all -dump -force-html /tmp/mutt-11915-14238489903687026758 ^G ~~~~ And after the end of the attachment text: ~~~~ Parent pid 11952, child pid 11953 Parent is shutting down, bye... ~~~~

gitea-mirror commented

2026-05-05 07:15:42 -06:00

Author

Owner

@Boruch-Baum commented on GitHub (Aug 11, 2017):

Upon looking a bit deeper, the email attachments are still being slightly mangled, ie. text dropped, and text not diplayed properly.

@Boruch-Baum commented on GitHub (Aug 11, 2017): Upon looking a bit deeper, the email attachments are still being slightly mangled, ie. text dropped, and text not diplayed properly.

gitea-mirror commented

2026-05-05 07:15:44 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (Jul 16, 2018):

So I don't know exactly what setup you use, but here's what I use, which seems to work pretty well:

Use a directory under /tmp/user/1000/ for all of mutt's temporary files (composing emails, reading emails, etc).
Use an emacs socket that is under /tmp/user/1000/ as well (so that it's easily accessible by mutt).
Set up my mailcap with the proper programs.

Everything seems to just work with this setup. Mutt is just calling whatever you put in your .mailcap (or in /etc/mailcap if you don't have a personal one), so if it's using firejail when it shouldn't be, you should look there. I don't see the point of using firejail for that since it's always been run inside of mutt anyway (so it's already jailed).

@chiraag-nataraj commented on GitHub (Jul 16, 2018): So I don't know exactly what setup you use, but here's what I use, which seems to work pretty well: * Use a directory under `/tmp/user/1000/` for all of `mutt`'s temporary files (composing emails, reading emails, etc). * Use an emacs socket that is under `/tmp/user/1000/` as well (so that it's easily accessible by `mutt`). * Set up my mailcap with the proper programs. Everything seems to just work with this setup. Mutt is just calling whatever you put in your `.mailcap` (or in `/etc/mailcap` if you don't have a personal one), so if it's using firejail when it shouldn't be, you should look there. I don't see the point of using firejail for that since it's always been run inside of mutt anyway (so it's already jailed).

gitea-mirror commented

2026-05-05 07:15:46 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (Jul 23, 2018):

Also, this may be happening because you ran firecfg. Without more info, it's hard to debug.

@chiraag-nataraj commented on GitHub (Jul 23, 2018): Also, this may be happening because you ran `firecfg`. Without more info, it's hard to debug.

gitea-mirror commented

2026-05-05 07:15:48 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (Aug 20, 2018):

@Boruch-Baum I presume you're still having this problem. Have you tried my solution above?

@chiraag-nataraj commented on GitHub (Aug 20, 2018): @Boruch-Baum I presume you're still having this problem. Have you tried my solution above?

gitea-mirror commented

2026-05-05 07:15:49 -06:00

Author

Owner

@Boruch-Baum commented on GitHub (Aug 20, 2018):

Hi. No, what I did was drop using firejail for mutt; I need mutt too much too often without that issue, and am investing my time with other projects at this point. I don't remember whether I ran firecfg, but I do remember that I was using the symbolic links created / installed by the package.

@Boruch-Baum commented on GitHub (Aug 20, 2018): Hi. No, what I did was drop using firejail for mutt; I need mutt too much too often without that issue, and am investing my time with other projects at this point. I don't remember whether I ran firecfg, but I do remember that I was using the symbolic links created / installed by the package.

gitea-mirror referenced this issue

2026-05-05 10:08:30 -06:00

[PR #1002] [MERGED] main: guess_shell: use $SHELL variable if set #3819

Rows
Columns

[GH-ISSUE #1459] Mutt fails to read mail attachments (using lynx / gnu highlight) #983