Page 1 of 1

Trouble with firejail firefox downloads not persisting

Posted: Thu Jun 01, 2017 12:41 am
by BigAngry
I have firefox setup to run through firejail at launch. It runs fine and everything seems ok until I try to download something. As an example I was trying to download the latest mint torrent file. It downloads, and if I click to open the folder its in then the folder opens. However, that folder that opens does not contain the file itself.

Here's the way things are set up.

Boot HD contains home
Storage HD mount point contains Downloads folder. Downloads dir linked to home.

And this is the config file:

Code: Select all

# Firejail profile for Mozilla Firefox (Iceweasel in Debian)
noblacklist ${HOME}/.mozilla
include /etc/firejail/
include /etc/firejail/
include /etc/firejail/
include /etc/firejail/
caps.drop all
protocol unix,inet,inet6,netlink
whitelist ~/.mozilla
whitelist ~/.cache/mozilla/firefox
whitelist ~/.lastpass
whitelist ~/.config/gnome-mplayer
whitelist ~/.cache/gnome-mplayer/plugin
whitelist ${HOME}/Downloads*
I think theres something that I dont quite understand here. Does anyone know how to fix this?

Re: Trouble with firejail firefox downloads not persisting

Posted: Thu Jun 01, 2017 12:07 pm
by prestonR
The only directory it can access is the Downloads folder inside home on your BootHD. You probably have to add something like:

Code: Select all

whitelist /dev/sdb/Downloads
where sdb is your StorageHD followed by the path to your target Downloads directory

Re: Trouble with firejail firefox downloads not persisting

Posted: Thu Jul 27, 2017 5:39 pm
by BigAngry
To resolve this I named my mount point and then used that name to reference the folder location (ie 'Potato', /Potato/Downloads) then I set my browser to also download to that location instead of referencing home. Seems to work perfectly now.

Re: Trouble with firejail firefox downloads not persisting

Posted: Thu Jul 27, 2017 8:27 pm
by phd21
Hi "BigAngry",

That is one way to handle a Firejail sandboxed browser, but I do not think that changing "mount points" is necessarily a good thing to do for this, and certainly not for a new or inexperienced user. Perhaps you are using "mount points" to mean something else than what it usually means.

Another way is to just use your "Downloads" folder for storing the torrents information files and the actual file downloads, and change the torrent software client to look in those folders. For instance, you could create a "/Downloads/torrents/NewTorrents" folder for saving ".torrent" information files and a "/Downloads/torrents" folder for saving the actual downloaded files (like a "LinuxMint.iso" file) and use those.

In the Torrent software clients, you can just open the saved ".torrent" information file from the Torrent client software to start the download, some Torrent software clients, like Tixati can be set to automatically start downloads from torrents saved in a folder you set, like "/Downloads/torrents/NewTorrents", regardless whether the browser is "firejailed".

+1 And of course, you can also add a whitelist entry to Firejail for browsers and torrent software client profiles for torrent folders.

FYI-1: The Firejail sandboxing with browsers also affects other downloads, like Linux software installation files. Best to save the installation files into your "Downloads" folder, and run the installation from outside of the Firejailed browser, even if the browser automatically starts the installation file (like a ".deb" file), then close it, bring up your file manager, and browse to your downloaded file and double click it to install it.

FYI-2: When I am using a Firejailed browser, I cannot even upload screenshot pictures from my "Pictures" folder. So, I created a ScreenShots folder underneath my "/Downloads" folder for that too, "/Downloads/ScreenShots", and I save my screenshots into that folder.

Hope this helps ...

"Tixati" Torrent software client

Location Folder Settings for actual downloaded files from torrents

Location Folder Settings for ".torrent" files

"Ktorrent" Torrent software client
Location Folder Settings

Opera browser with Firejail - saving a Linux Mint .torrent information file

Example of simply opening a ".torrent" file from within a torrent software client (Ktorrent) to download the file, in this case a Linux Mint .iso file.