Program asking for network access is not found in location stated by opensnitch

evilsocket / opensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

GNU General Public License v3.0

9.92k stars 490 forks source link

Program asking for network access is not found in location stated by opensnitch #771

Closed julikaiba closed 1 year ago

julikaiba commented 1 year ago

Starting recently some programs are supposedly launched from ~/.local/bin/ or /usr/local/bin/ even though these folders dont include any executables. Not sure if this is a problem with wrong detection by this tool, or some weird behavior of my OS but I dont know what to test.

Include the following information:

OpenSnitch version: 1.6.0rc2
OS: Manjaro
Window Manager: xfce
Kernel version: Linux someones-pc 5.15.78-1-MANJARO # 1 SMP PREEMPT Thu Nov 10 20:50:09 UTC 2022 x86_64 GNU/Linux

To Reproduce

Steps to reproduce the behavior:

Open for example telegram
get asked about the connection origination from ~/.local/bin/telegram-desktop
check ~/.local/bin/ and whereis and see no mention of that file

Screenshots https://i.imgur.com/zUbIxN8.png https://i.imgur.com/TJljSDy.png https://i.imgur.com/Wg0NO8t.png (somehow I'm currently not able to upload here directly)

gustavo-iniguez-goya commented 1 year ago

hi @julikaiba ,

This is a known bug with v1.6.0rc2. Could you download latest modules and see if the issues reproduces?

At the bottom of this page: https://github.com/evilsocket/opensnitch/actions/runs/3500148840

Direct link to opensnitch-ebpf-modules-5.8-master: https://github.com/evilsocket/opensnitch/suites/9391255521/artifacts/442881640

Unzip the file and copy the module opensnitch-procs.o to /etc/opensnitchd/opensnitch-procs.o

julikaiba commented 1 year ago

The issue (tested with telegram since its the easiest to test with) still persists, ~~seemingly only when launched using the applications menu or .desktop file though. So far it hasnt happened when launched using the terminal.~~

Edit: After a system restart it also happens when launched using the terminal, so it seems to be somewhat random if it works or not.

gustavo-iniguez-goya commented 1 year ago

Thank you for the feedback @julikaiba . I've just realized that the fix for this problem in particular needs, besides the ebpf module, a new daemon. I'm about to release the version 1.6.0rc3 , so it should be fixed in that version.

gustavo-iniguez-goya commented 1 year ago

I've modified the behaviour and now it should work as in previous versions. It'll be soon available on the next rc release.