Subject: firejail no longer allows some programs to run Package: firejail Version: 0.9.38-1 Severity: important
Dear Maintainer, Firejail no longer allows certain programs to run in the sandbox e.g. iceweasel (and other programs based on firefox e.g. tor browser, icedove), and java programs. It simply exits without starting the program (parent is shutting down) or hangs in the case of java. The Chromium browser seems to start normally, though. I have classed this as "important" as many of the programs I would normally use firejail with, no longer run! This started very recently - firejail used to work as expected. Thanks for any advice! Guy $ firejail --debug iceweasel <lots of debug path related info then finally> Save seccomp filter, size 744 bytes Dropping all capabilities noroot user namespace installed Starting "iceweasel" execvp argument 0: /bin/bash execvp argument 1: -c execvp argument 2: "iceweasel" Child process initialized Sandbox monitor: waitpid 2 retval 2 status 31 parent is shutting down, bye... < exits > $ firejail --debug --profile=/etc/firejail/firefox.profile java -jar JDownloader.jar <lots of debug path related info then finally> Save seccomp filter, size 744 bytes Dropping all capabilities noroot user namespace installed Starting "java" "-jar" "JDownloader.jar" execvp argument 0: /bin/bash execvp argument 1: -c execvp argument 2: "java" "-jar" "JDownloader.jar" Child process initialized JarHandlerWorkaroundOracle:setURLStreamHandlerFactory JarHandlerWorkaroundOracle:replaceLauncherFactory JarHandlerWorkaroundOracle:replaceURLClassPath JarHandlerWorkaroundOracle:replacejarHandler JarHandlerWorkaroundOracle:replaceLoaders:1 JarHandlerWorkaroundOracle:replaceLoader:0:handler JarHandlerWorkaroundOracle:replaceLoader:0:handler:jar:file:/home/user1/bin/jd2/JDownloader.jar!/ < hangs until ctrl-c is pressed > -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.5.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages firejail depends on: ii libc6 2.22-7 firejail recommends no packages. firejail suggests no packages. -- no debconf information
