Linux Mint 18.3 MATE 64-bit
4.15.0-20-generic #21~16.04.1-Ubuntu SMP Wed Apr 25 02:42:04 UTC 2018 x86_64
Firejail 0.9.54~rc1-1
Pale Moon 27.9.1 (27.9.1~repack-1 amd64) [
steve pusser's build]
tor 7.5.4 (based on Mozilla Firefox 52.8.0) (64-bit) [direct download tor's website]
firefox-esr 52.7.3esr-1~16.04.york (64-bit) [
PPA: Jonathon F]
vivaldi-stable 1.15.1147.36-1 (64-bit) [.deb package initially downloaded from
https://vivaldi.com/download/]
In summary:
Pale Moon
'firejail palemoon' from the command line
fails. (no surprise)
'firejail --ignore=tracelog palemoon' from the command line
succeeds .
Or adding 'ignore tracelog' to a modified '~/.config/firejail/palemoon.profile' file
also works. I.e.
Code: Select all
...
ignore tracelog
# Redirect
include /etc/firejail/firefox-common.profile
...
Also to note:
With 'private-bin palemoon'
un-commented in the modified '~/.config/firejail/palemoon.profile', 'firejail palemoon' from the command line (or launched from a modified 'Exec=firejail palemoon' line in a *.desktop file, also
succeeds.
Code: Select all
...
private-bin palemoon
# private-etc must first be enabled in firefox-common.profile
#private-etc palemoon
#private-opt palemoon
...
tor (no modified profile file)
No issues running either of these commands from the command line:
Code: Select all
firejail ~/.local/opt/tor-browser_en-US/Browser/start-tor-browser
--or--
Code: Select all
firejail sh -c '"/home/marty/.local/opt/tor-browser_en-US/Browser/start-tor-browser" --detach || ([ ! -x "/home/marty/.local/opt/tor-browser_en-US/Browser/start-tor-browser" ] && "$(dirname "$*")"/Browser/start-tor-browser --detach)' dummy %k
Also tor launches if I add 'firejail' to the 'Exec" line in the 'start-tor-browser.desktop' file:
Code: Select all
Exec=firejail sh -c '"/home/marty/.local/opt/tor-browser_en-US/Browser/start-tor-browser" --detach || ([ ! -x "/home/marty/.local/opt/tor-browser_en-US/Browser/start-tor-browser" ] && "$(dirname "$*")"/Browser/start-tor-browser --detach)' dummy %k
firefox-esr (no modified profile file)
Seems to run ok. I don't use this very much.
vivaldi-stable (no modified profile file)
Sync functionality, while experimental, _was_syncing_ without issues using 'firejail' install from [
Reiner Herrmann's PPA] (0.9.52-2~0ubuntu16.04.1)
NOW, with this latest firejail, syncing in vivaldi-stable is disabled! ....
Workaround?
Output from the command line:
Code: Select all
firejail vivaldi-stable
Reading profile /etc/firejail/vivaldi-stable.profile
Reading profile /etc/firejail/vivaldi.profile
Reading profile /etc/firejail/chromium-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Parent pid 22837, child pid 22838
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Child process initialized in 78.22 ms
/usr/bin/vivaldi-stable: line 87: /dev/fd/62: No such file or directory
/usr/bin/vivaldi-stable: line 88: /dev/fd/62: No such file or directory
[6:25:0510/104623.129006:ERROR:address_tracker_linux.cc(174)] Could not bind NETLINK socket: Address already in use (98)
[6:67:0510/104623.180816:ERROR:bus.cc(394)] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[6:32:0510/104623.180933:ERROR:in_progress_cache_impl.cc(93)] Could not read download entries from file because there was a read failure.
Gkr-Message: couldn't connect to dbus session bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
ATTENTION: default value of option force_s3tc_enable overridden by environment.
[6:198:0510/104624.811417:ERROR:leveldb_database.cc(311)] Failed to open LevelDB database from /home/marty/.config/vivaldi/Default/Storage/ext/mpognobbkildjkofajifpdfhcoklimli/def/IndexedDB/chrome-extension_mpognobbkildjkofajifpdfhcoklimli_0.indexeddb.leveldb,IO error: /home/marty/.config/vivaldi/Default/Storage/ext/mpognobbkildjkofajifpdfhcoklimli/def/IndexedDB/chrome-extension_mpognobbkildjkofajifpdfhcoklimli_0.indexeddb.leveldb/LOCK: No further details. (ChromeMethodBFE: 15::LockFile::1)
[6:198:0510/104624.811706:ERROR:indexed_db_backing_store.cc(951)] Unable to open backing store, not trying to recover - IO error: /home/marty/.config/vivaldi/Default/Storage/ext/mpognobbkildjkofajifpdfhcoklimli/def/IndexedDB/chrome-extension_mpognobbkildjkofajifpdfhcoklimli_0.indexeddb.leveldb/LOCK: No further details. (ChromeMethodBFE: 15::LockFile::1)
[6:198:0510/104625.821382:ERROR:leveldb_database.cc(311)] Failed to open LevelDB database from /home/marty/.config/vivaldi/Default/Storage/ext/mpognobbkildjkofajifpdfhcoklimli/def/IndexedDB/chrome-extension_mpognobbkildjkofajifpdfhcoklimli_0.indexeddb.leveldb,IO error: /home/marty/.config/vivaldi/Default/Storage/ext/mpognobbkildjkofajifpdfhcoklimli/def/IndexedDB/chrome-extension_mpognobbkildjkofajifpdfhcoklimli_0.indexeddb.leveldb/LOCK: No further details. (ChromeMethodBFE: 15::LockFile::1)
[6:198:0510/104625.821827:ERROR:indexed_db_backing_store.cc(951)] Unable to open backing store, not trying to recover - IO error: /home/marty/.config/vivaldi/Default/Storage/ext/mpognobbkildjkofajifpdfhcoklimli/def/IndexedDB/chrome-extension_mpognobbkildjkofajifpdfhcoklimli_0.indexeddb.leveldb/LOCK: No further details. (ChromeMethodBFE: 15::LockFile::1)
^C
Parent received signal 2, shutting down the child process...
Parent is shutting down, bye...
Child received signal 15, shutting down the sandbox...
marty@phobos ~ $ [6:6:0510/104628.518275:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.524910:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.525904:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.526685:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.527582:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.528278:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.529245:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.530058:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.530726:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.531398:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.534472:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:6:0510/104628.535517:ERROR:zygote_communication_linux.cc(281)] Failed to send GetTerminationStatus message to zygote
[6:45:0510/104628.579998:ERROR:browser_gpu_channel_host_factory.cc(120)] Failed to launch GPU process.
^C
I guess that's all I got?
................................
Edit to add...
I notice now, that after
quitting/exiting 'vivaldi-stable', processes are still showing up
Code: Select all
firejail --tree
4412:marty::firejail vivaldi-stable
4413:marty::firejail vivaldi-stable
4419:marty::/opt/vivaldi/vivaldi-bin
4428: (zombie)
4429: (zombie)
4430: (zombie)
4431: (zombie)
4434:marty::/opt/vivaldi/vivaldi-bin --type=zygote
4436:marty::/opt/vivaldi/vivaldi-bin --type=zygote
4562: (zombie)
4588: (zombie)
.