This is Gentoo's testing wiki. It is a non-operational environment and its textual content is outdated.
Please visit our production wiki at https://wiki.gentoo.org
Talk:Sakaki's EFI Install Guide/Sandboxing the Firefox Browser with Firejail
This is a talk page. Please add newer comments below older ones, and sign your comments using four tildes (
~~~~).
When adding a new section (at the bottom of the page), please mark it as "open for discussion" by using {{talk|open}} so it will show up in the list of open discussions.Issue with linked /tmp and default firefox profile
On my installation I have /tmp linked to /var-tmp because I have a read-only mounted root filesystem. As a result the firefox profile does not work unless I comment out private-tmp, is there a better way of dealing with this issue? if so could it be added to this wiki page?
- Apologies, I've only just seen this (as the wiki doesn't seem to notify the original creator of page X when a talk page for X is created by someone else). Could you please elaborate a little on what you'd like to achieve on your setup, and how the default profile fails in your case? Many thanks --Sakaki (talk) 19:10, 10 November 2018 (UTC)
Using the default profile
firejail --profile=/home/Gentoo/jonathan-websurfer/.config/firejail/firefox.profile firefox
I get ...
Reading profile /home/Gentoo/jonathan-websurfer/.config/firejail/firefox.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Warning: noroot option is not available
Parent pid 1214, child pid 1215
Error: invalid whitelist path /tmp/.X11-unix
Error: proc 1214 cannot sync with peer: unexpected EOF
Peer 1215 unexpectedly exited with status 1
If I comment out private-tmp in the firefox.profile then firefox will start.
It looks as though this is due to /tmp being a symlink lrwxrwxrwx 1 root root 11 Oct 27 15:31 tmp -> var/var-tmp