Dunst notifications with Signal-Desktop not working

[vwheezy]

Bug and expected behavior

• After running sudo firecfg to create profiles for my applications and running signal-desktop, notifications through dunst no longer work.
• Expected a notification to pop up.

No profile and disabling firejail

• Running signal-desktop under --noprofile and through /usr/bin/signal-desktop exhibits the correct behavior.

Reproduce Steps to reproduce the behavior:

1. Run in bash firejail signal-desktop
2. Receive a notification through Signal
3. Observe lack of notification by dunst

Environment

• 5.11.11-arch1-1
• 0.9.64.4

Additional context Tried overriding the profile with some dbus options knowing that dunst uses it (I think).

ignore private-tmp
ignore nodbus
dbus-system.talk org.freedesktop.Notifications
include /etc/firejail/signal-desktop.profile

I have a feeling I just don't know enough about DBus or firejail itself to resolve this myself. Sorry if this belongs in questions and thank you!

debug output

``` Reading profile /home/vwheezy/.config/firejail/signal-desktop.profile Autoselecting /bin/bash as shell Building quoted command line: 'signal-desktop' Command name #signal-desktop# Found signal-desktop.profile profile in /home/vwheezy/.config/firejail directory Reading profile /etc/firejail/signal-desktop.profile Reading profile /etc/firejail/electron.profile Found electron.profile profile in /etc/firejail directory Reading profile /etc/firejail/disable-common.inc Found disable-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-devel.inc Found disable-devel.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-exec.inc Found disable-exec.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-interpreters.inc Found disable-interpreters.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-passwdmgr.inc Found disable-passwdmgr.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-programs.inc Found disable-programs.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-xdg.inc Found disable-xdg.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-common.inc Found whitelist-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-var-common.inc Found whitelist-var-common.inc profile in /etc/firejail directory DISPLAY=:0 parsed as 0 Ignoring "dbus-system.talk org.freedesktop.Notifications". Parent pid 19812, child pid 19813 Using the local network stack Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: file /etc/alternatives not found. Warning: skipping alternatives for private /etc Warning: file /etc/crypto-policies not found. Warning: skipping crypto-policies for private /etc Warning: file /etc/pki not found. Warning: skipping pki for private /etc Using the local network stack Initializing child process PID namespace installed Mounting tmpfs on /run/firejail/mnt directory Creating empty /run/firejail/mnt/seccomp directory Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file Mounting /proc filesystem representing the PID namespace Basic read-only filesystem: Mounting read-only /etc 1832 415 8:2 /etc /etc ro,relatime master:1 - ext4 /dev/sda2 rw mountid=1832 fsname=/etc dir=/etc fstype=ext4 Mounting noexec /etc 1833 1832 8:2 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw mountid=1833 fsname=/etc dir=/etc fstype=ext4 Mounting read-only /var 1834 415 8:2 /var /var ro,relatime master:1 - ext4 /dev/sda2 rw mountid=1834 fsname=/var dir=/var fstype=ext4 Mounting noexec /var 1835 1834 8:2 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw mountid=1835 fsname=/var dir=/var fstype=ext4 Mounting read-only /usr 1836 415 8:2 /usr /usr ro,relatime master:1 - ext4 /dev/sda2 rw mountid=1836 fsname=/usr dir=/usr fstype=ext4 Mounting tmpfs on /var/lock Mounting tmpfs on /var/tmp Mounting tmpfs on /var/log Create the new utmp file Mount the new utmp file Cleaning /home directory Cleaning /run/user directory Sanitizing /etc/passwd, UID_MIN 1000 Sanitizing /etc/group, GID_MIN 1000 Disable /home/vwheezy/.config/firejail Disable /run/firejail/network Disable /run/firejail/bandwidth Disable /run/firejail/name Disable /run/firejail/profile Disable /run/firejail/x11 Disable /run/firejail/appimage Mounting tmpfs on /dev mounting /run/firejail/mnt/dev/snd directory mounting /run/firejail/mnt/dev/dri directory Process /dev/shm directory Creating empty /run/firejail/mnt/dbus directory Creating empty /run/firejail/mnt/dbus/user file blacklist /run/user/1000/bus Creating empty /run/firejail/mnt/dbus/system file blacklist /run/dbus/system_bus_socket blacklist /run/firejail/dbus Mounting read-only /proc/sys Remounting /sys directory Disable /sys/firmware Disable /sys/hypervisor Disable /sys/power Disable /sys/kernel/debug Disable /sys/kernel/vmcoreinfo Disable /proc/sys/fs/binfmt_misc Disable /proc/sys/kernel/core_pattern Disable /proc/sys/kernel/modprobe Disable /proc/sysrq-trigger Disable /proc/sys/vm/panic_on_oom Disable /proc/irq Disable /proc/bus Disable /proc/sched_debug Disable /proc/timer_list Disable /proc/kcore Disable /proc/kallsyms Disable /usr/lib/modules/5.11.11-arch1-1/build (requested /usr/src/linux) Disable /usr/lib/modules (requested /lib/modules) Disable /boot Disable /run/user/1000/gnupg Disable /run/user/1000/systemd Disable /proc/kmsg Copying files in the new /etc directory: copying /etc/ca-certificates to private /etc Creating empty /run/firejail/mnt/etc/ca-certificates directory sbox run: /run/firejail/lib/fcopy /etc/ca-certificates /run/firejail/mnt/etc/ca-certificates copying /etc/fonts to private /etc Creating empty /run/firejail/mnt/etc/fonts directory sbox run: /run/firejail/lib/fcopy /etc/fonts /run/firejail/mnt/etc/fonts copying /etc/ld.so.cache to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.cache /run/firejail/mnt/etc copying /etc/ld.so.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf /run/firejail/mnt/etc copying /etc/ld.so.conf.d to private /etc Creating empty /run/firejail/mnt/etc/ld.so.conf.d directory sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf.d /run/firejail/mnt/etc/ld.so.conf.d copying /etc/ld.so.preload to private /etc sbox run: /run/firejail/lib/fcopy /etc/ld.so.preload /run/firejail/mnt/etc copying /etc/machine-id to private /etc sbox run: /run/firejail/lib/fcopy /etc/machine-id /run/firejail/mnt/etc copying /etc/nsswitch.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/nsswitch.conf /run/firejail/mnt/etc copying /etc/resolv.conf to private /etc sbox run: /run/firejail/lib/fcopy /etc/resolv.conf /run/firejail/mnt/etc copying /etc/ssl to private /etc Creating empty /run/firejail/mnt/etc/ssl directory sbox run: /runPrivate /etc installed in 44.21 ms /firejail/lib/fcopy /etc/ssl /run/firejail/mnt/etc/ssl Mount-bind /run/firejail/mnt/etc on top of /etc Debug 456: new_name #/home/vwheezy/.mozilla/firefox/profiles.ini#, whitelist Debug 571: fname #/home/vwheezy/.mozilla/firefox/profiles.ini#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/Signal#, whitelist Debug 571: fname #/home/vwheezy/.config/Signal#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/dl#, whitelist Debug 571: fname #/home/vwheezy/dl#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.XCompose#, whitelist Cannot find /usr/etc Replaced whitelist path: whitelist /home/vwheezy/.mozilla/firefox/profiles.ini Replaced whitelist path: whitelist /home/vwheezy/.config/Signal Directory ${DOWNLOADS} resolved as dl Replaced whitelist path: whitelist /home/vwheezy/dl Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose expanded: /home/vwheezy/.XCompose real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.alsaequal.bin#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.alsaequal.bin expanded: /home/vwheezy/.alsaequal.bin real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.asoundrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc expanded: /home/vwheezy/.asoundrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/ibus#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ibus expanded: /home/vwheezy/.config/ibus real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/mimeapps.list#, whitelist Debug 571: fname #/home/vwheezy/.config/mimeapps.list#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/pkcs11#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/mimeapps.list Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11 expanded: /home/vwheezy/.config/pkcs11 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/user-dirs.dirs#, whitelist Debug 571: fname #/home/vwheezy/.config/user-dirs.dirs#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/user-dirs.locale#, whitelist Debug 571: fname #/home/vwheezy/.config/user-dirs.locale#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.drirc#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/user-dirs.dirs Replaced whitelist path: whitelist /home/vwheezy/.config/user-dirs.locale Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc expanded: /home/vwheezy/.drirc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons expanded: /home/vwheezy/.icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/applications#, whitelist Debug 571: fname #/home/vwheezy/.local/share/applications#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.local/share/icons#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.local/share/applications Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/icons expanded: /home/vwheezy/.local/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/mime#, whitelist Debug 571: fname #/home/vwheezy/.local/share/mime#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.mime.types#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.local/share/mime Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types expanded: /home/vwheezy/.mime.types real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.uim.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d expanded: /home/vwheezy/.uim.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/dconf#, whitelist Debug 571: fname #/home/vwheezy/.config/dconf#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.cache/fontconfig#, whitelist Debug 571: fname #/home/vwheezy/.cache/fontconfig#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/fontconfig#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/dconf Replaced whitelist path: whitelist /home/vwheezy/.cache/fontconfig Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/fontconfig expanded: /home/vwheezy/.config/fontconfig real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fontconfig#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig expanded: /home/vwheezy/.fontconfig real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fonts#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts expanded: /home/vwheezy/.fonts real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fonts.conf#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf expanded: /home/vwheezy/.fonts.conf real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fonts.conf.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d expanded: /home/vwheezy/.fonts.conf.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.fonts.d#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d expanded: /home/vwheezy/.fonts.d real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/fonts#, whitelist Debug 571: fname #/home/vwheezy/.local/share/fonts#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.pangorc#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.local/share/fonts Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc expanded: /home/vwheezy/.pangorc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/gtk-2.0#, whitelist Debug 571: fname #/home/vwheezy/.config/gtk-2.0#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/gtk-3.0#, whitelist Debug 571: fname #/home/vwheezy/.config/gtk-3.0#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/gtk-4.0#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/gtk-2.0 Replaced whitelist path: whitelist /home/vwheezy/.config/gtk-3.0 Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0 expanded: /home/vwheezy/.config/gtk-4.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc expanded: /home/vwheezy/.config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc-2.0 expanded: /home/vwheezy/.config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gnome2#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2 expanded: /home/vwheezy/.gnome2 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gnome2-private#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private expanded: /home/vwheezy/.gnome2-private real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gtk-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0 expanded: /home/vwheezy/.gtk-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc expanded: /home/vwheezy/.gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc-2.0 expanded: /home/vwheezy/.gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc expanded: /home/vwheezy/.kde/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0 expanded: /home/vwheezy/.kde/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/gtkrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc expanded: /home/vwheezy/.kde4/share/config/gtkrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/gtkrc-2.0#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0 expanded: /home/vwheezy/.kde4/share/config/gtkrc-2.0 real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/themes#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes expanded: /home/vwheezy/.local/share/themes real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.themes#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes expanded: /home/vwheezy/.themes real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.cache/kioexec/krun#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun expanded: /home/vwheezy/.cache/kioexec/krun real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/Kvantum#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Kvantum expanded: /home/vwheezy/.config/Kvantum real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/Trolltech.conf#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Trolltech.conf expanded: /home/vwheezy/.config/Trolltech.conf real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/QtProject.conf#, whitelist Debug 571: fname #/home/vwheezy/.config/QtProject.conf#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/kdeglobals#, whitelist Debug 571: fname #/home/vwheezy/.config/kdeglobals#, cfg.homedir #/home/vwheezy# Debug 456: new_name #/home/vwheezy/.config/kio_httprc#, whitelist Replaced whitelist path: whitelist /home/vwheezy/.config/QtProject.conf Replaced whitelist path: whitelist /home/vwheezy/.config/kdeglobals Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kio_httprc expanded: /home/vwheezy/.config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc expanded: /home/vwheezy/.config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist expanded: /home/vwheezy/.config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qt5ct expanded: /home/vwheezy/.config/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.config/qtcurve#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qtcurve expanded: /home/vwheezy/.config/qtcurve real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals expanded: /home/vwheezy/.kde/share/config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc expanded: /home/vwheezy/.kde/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc expanded: /home/vwheezy/.kde/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist expanded: /home/vwheezy/.kde/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc expanded: /home/vwheezy/.kde/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons expanded: /home/vwheezy/.kde/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/kdeglobals#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals expanded: /home/vwheezy/.kde4/share/config/kdeglobals real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/kio_httprc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc expanded: /home/vwheezy/.kde4/share/config/kio_httprc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/kioslaverc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc expanded: /home/vwheezy/.kde4/share/config/kioslaverc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/ksslcablacklist#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist expanded: /home/vwheezy/.kde4/share/config/ksslcablacklist real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/config/oxygenrc#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc expanded: /home/vwheezy/.kde4/share/config/oxygenrc real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.kde4/share/icons#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons expanded: /home/vwheezy/.kde4/share/icons real path: (null) realpath: No such file or directory Debug 456: new_name #/home/vwheezy/.local/share/qt5ct#, whitelist Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct expanded: /home/vwheezy/.local/share/qt5ct real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/ca-certificates#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates expanded: /var/lib/ca-certificates real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/dbus#, whitelist Debug 456: new_name #/var/lib/menu-xdg#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg expanded: /var/lib/menu-xdg real path: (null) realpath: No such file or directory Debug 456: new_name #/var/lib/uim#, whitelist Removed whitelist/nowhitelist path: whitelist /var/lib/uim expanded: /var/lib/uim real path: (null) realpath: No such file or directory Debug 456: new_name #/var/cache/fontconfig#, whitelist Debug 456: new_name #/var/tmp#, whitelist Debug 456: new_name #/var/run#, whitelist Debug 456: new_name #/var/lock#, whitelist Replaced whitelist path: whitelist /run Replaced whitelist path: whitelist /run/lock Mounting tmpfs on /var directory Mounting a new /root directory Mounting a new /home directory Create a new user directory Whitelisting /home/vwheezy/.mozilla/firefox/profiles.ini 1898 1897 8:3 /vwheezy/.mozilla/firefox/profiles.ini /home/vwheezy/.mozilla/firefox/profiles.ini rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1898 fsname=/vwheezy/.mozilla/firefox/profiles.ini dir=/home/vwheezy/.mozilla/firefox/profiles.ini fstype=ext4 Whitelisting /home/vwheezy/.config/Signal 1899 1897 8:3 /vwheezy/.config/Signal /home/vwheezy/.config/Signal rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1899 fsname=/vwheezy/.config/Signal dir=/home/vwheezy/.config/Signal fstype=ext4 Whitelisting /home/vwheezy/dl 1900 1897 8:3 /vwheezy/dl /home/vwheezy/dl rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1900 fsname=/vwheezy/dl dir=/home/vwheezy/dl fstype=ext4 Whitelisting /home/vwheezy/.config/mimeapps.list 1901 1897 8:3 /vwheezy/.config/mimeapps.list /home/vwheezy/.config/mimeapps.list rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1901 fsname=/vwheezy/.config/mimeapps.list dir=/home/vwheezy/.config/mimeapps.list fstype=ext4 Whitelisting /home/vwheezy/.config/user-dirs.dirs 1902 1897 8:3 /vwheezy/.config/user-dirs.dirs /home/vwheezy/.config/user-dirs.dirs rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1902 fsname=/vwheezy/.config/user-dirs.dirs dir=/home/vwheezy/.config/user-dirs.dirs fstype=ext4 Whitelisting /home/vwheezy/.config/user-dirs.locale 1903 1897 8:3 /vwheezy/.config/user-dirs.locale /home/vwheezy/.config/user-dirs.locale rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1903 fsname=/vwheezy/.config/user-dirs.locale dir=/home/vwheezy/.config/user-dirs.locale fstype=ext4 Whitelisting /home/vwheezy/.local/share/applications 1904 1897 8:3 /vwheezy/.local/share/applications /home/vwheezy/.local/share/applications rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1904 fsname=/vwheezy/.local/share/applications dir=/home/vwheezy/.local/share/applications fstype=ext4 Whitelisting /home/vwheezy/.local/share/mime 1905 1897 8:3 /vwheezy/.local/share/mime /home/vwheezy/.local/share/mime rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1905 fsname=/vwheezy/.local/share/mime dir=/home/vwheezy/.local/share/mime fstype=ext4 Whitelisting /home/vwheezy/.config/dconf 1906 1897 8:3 /vwheezy/.config/dconf /home/vwheezy/.config/dconf rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1906 fsname=/vwheezy/.config/dconf dir=/home/vwheezy/.config/dconf fstype=ext4 Whitelisting /home/vwheezy/.cache/fontconfig 1907 1897 8:3 /vwheezy/.cache/fontconfig /home/vwheezy/.cache/fontconfig rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1907 fsname=/vwheezy/.cache/fontconfig dir=/home/vwheezy/.cache/fontconfig fstype=ext4 Whitelisting /home/vwheezy/.local/share/fonts 1908 1897 8:3 /vwheezy/.local/share/fonts /home/vwheezy/.local/share/fonts rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1908 fsname=/vwheezy/.local/share/fonts dir=/home/vwheezy/.local/share/fonts fstype=ext4 Whitelisting /home/vwheezy/.config/gtk-2.0 1909 1897 8:3 /vwheezy/.config/gtk-2.0 /home/vwheezy/.config/gtk-2.0 rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1909 fsname=/vwheezy/.config/gtk-2.0 dir=/home/vwheezy/.config/gtk-2.0 fstype=ext4 Whitelisting /home/vwheezy/.config/gtk-3.0 1910 1897 8:3 /vwheezy/.config/gtk-3.0 /home/vwheezy/.config/gtk-3.0 rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1910 fsname=/vwheezy/.config/gtk-3.0 dir=/home/vwheezy/.config/gtk-3.0 fstype=ext4 Whitelisting /home/vwheezy/.config/QtProject.conf 1911 1897 8:3 /vwheezy/.config/QtProject.conf /home/vwheezy/.config/QtProject.conf rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1911 fsname=/vwheezy/.config/QtProject.conf dir=/home/vwheezy/.config/QtProject.conf fstype=ext4 Whitelisting /home/yungwheezWarning: /sbin directory link was not blacklisted Warning: /usr/sbin directory link was not blacklisted y/.config/kdeglobals 1912 1897 8:3 /vwheezy/.config/kdeglobals /home/vwheezy/.config/kdeglobals rw,relatime master:43 - ext4 /dev/sda3 rw mountid=1912 fsname=/vwheezy/.config/kdeglobals dir=/home/vwheezy/.config/kdeglobals fstype=ext4 Whitelisting /var/lib/dbus 1913 1893 8:2 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw mountid=1913 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4 Whitelisting /var/cache/fontconfig 1914 1893 8:2 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda2 rw mountid=1914 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4 Whitelisting /var/tmp 1915 1893 0:126 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64 mountid=1915 fsname=/ dir=/var/tmp fstype=tmpfs Created symbolic link /var/run -> /run Created symbolic link /var/lock -> /run/lock Mounting read-only /home/vwheezy/.mozilla/firefox/profiles.ini 1918 1898 8:3 /vwheezy/.mozilla/firefox/profiles.ini /home/vwheezy/.mozilla/firefox/profiles.ini ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1918 fsname=/vwheezy/.mozilla/firefox/profiles.ini dir=/home/vwheezy/.mozilla/firefox/profiles.ini fstype=ext4 Mounting read-only /home/vwheezy/.config/kdeglobals 1919 1912 8:3 /vwheezy/.config/kdeglobals /home/vwheezy/.config/kdeglobals ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1919 fsname=/vwheezy/.config/kdeglobals dir=/home/vwheezy/.config/kdeglobals fstype=ext4 Mounting read-only /home/vwheezy/.config/dconf 1920 1906 8:3 /vwheezy/.config/dconf /home/vwheezy/.config/dconf ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1920 fsname=/vwheezy/.config/dconf dir=/home/vwheezy/.config/dconf fstype=ext4 Disable /usr/bin/systemd-run Disable /run/user/1000/systemd Mounting read-only /home/vwheezy/.local/share/applications 1923 1904 8:3 /vwheezy/.local/share/applications /home/vwheezy/.local/share/applications ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1923 fsname=/vwheezy/.local/share/applications dir=/home/vwheezy/.local/share/applications fstype=ext4 Mounting read-only /home/vwheezy/.config/mimeapps.list 1924 1901 8:3 /vwheezy/.config/mimeapps.list /home/vwheezy/.config/mimeapps.list ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1924 fsname=/vwheezy/.config/mimeapps.list dir=/home/vwheezy/.config/mimeapps.list fstype=ext4 Mounting read-only /home/vwheezy/.config/user-dirs.dirs 1925 1902 8:3 /vwheezy/.config/user-dirs.dirs /home/vwheezy/.config/user-dirs.dirs ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1925 fsname=/vwheezy/.config/user-dirs.dirs dir=/home/vwheezy/.config/user-dirs.dirs fstype=ext4 Mounting read-only /home/vwheezy/.config/user-dirs.locale 1926 1903 8:3 /vwheezy/.config/user-dirs.locale /home/vwheezy/.config/user-dirs.locale ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1926 fsname=/vwheezy/.config/user-dirs.locale dir=/home/vwheezy/.config/user-dirs.locale fstype=ext4 Mounting read-only /home/vwheezy/.local/share/mime 1927 1905 8:3 /vwheezy/.local/share/mime /home/vwheezy/.local/share/mime ro,relatime master:43 - ext4 /dev/sda3 rw mountid=1927 fsname=/vwheezy/.local/share/mime dir=/home/vwheezy/.local/share/mime fstype=ext4 Disable /usr/local/sbin Disable /usr/bin/chage Disable /usr/bin/chfn Disable /usr/bin/chsh Disable /usr/bin/expiry Disable /usr/bin/fusermount Disable /usr/bin/gpasswd Disable /usr/bin/ksu Disable /usr/bin/mount Disable /usr/bin/nc Disable /usr/bin/newgidmap Disable /usr/bin/newgrp Disable /usr/bin/newuidmap Disable /usr/bin/pkexec Disable /usr/bin/sg Disable /usr/bin/strace Disable /usr/bin/su Disable /usr/bin/sudo Disable /usr/bin/umount Disable /usr/bin/unix_chkpwd Disable /usr/bin/xev Disable /tmp/tmux-1000 Disable /proc/config.gz Disable /usr/bin/drill Disable /usr/bin/ldns-test-edns Disable /usr/bin/ldns-keygen Disable /usr/bin/ldns-walk Disable /usr/bin/ldns-gen-zone Disable /usr/bin/ldns-signzone Disable /usr/bin/ldns-read-zone Disable /usr/bin/ldns-verify-zone Disable /usr/bin/ldns-version Disable /usr/bin/ldns-revoke Disable /usr/bin/ldns-zsplit Disable /usr/bin/ldns-notify Disable /usr/bin/ldns-dane Disable /usr/bin/ldns-resolver Disable /usr/bin/ldns-nsec3-hash Disable /usr/bin/ldns-rrsig Disable /usr/bin/ldns-compare-zones Disable /usr/bin/ldns-config Disable /usr/bin/ldns-chaos Disable /usr/bin/ldns-update Disable /usr/bin/ldns-keyfetcher Disable /usr/bin/ldns-key2ds Disable /usr/bin/ldns-dpa Disable /usr/bin/ldns-zcat Disable /usr/bin/ldns-testns Disable /usr/bin/ldns-mx Disable /usr/bin/ldnsd Disable /usr/bin/resolvectl Disable /usr/bin/clang-check Disable /usr/bin/clang-include-fixer Disable /usr/bin/clang-11 (requested /usr/bin/clang) Disable /usr/bin/clang-query Disable /usr/bin/clang-scan-deps Disable /usr/bin/clang-rename Disable /usr/bin/clang-tidy Disable /usr/bin/clang-change-namespace Disable /usr/bin/clang-doc Disable /usr/bin/clang-11 Disable /usr/bin/clang-11 (requested /usr/bin/clang++) Disable /usr/bin/clang-11 (requested /usr/bin/clang-cl) Disable /usr/bin/clang-offload-wrapper Disable /usr/bin/clangd Disable /usr/bin/clang-11 (requested /usr/bin/clang-cpp) Disable /usr/bin/clang-refactor Disable /usr/bin/clang-reorder-fields Disable /usr/bin/clang-format Disable /usr/bin/clang-extdef-mapping Disable /usr/bin/clang-move Disable /usr/bin/clang-offload-bundler Disable /usr/bin/clang-apply-replacements Disable /usr/bin/llvm-lto2 Disable /usr/bin/llvm-cov Disable /usr/bin/llvm-exegesis Disable /usr/bin/llvm-lto Disable /usr/bin/llvm-nm Disable /usr/bin/llvm-lipo Disable /usr/bin/llvm-ml Disable /usr/bin/llvm-mt Disable /usr/bin/llvm-cfi-verify Disable /usr/bin/llvm-as Disable /usr/bin/llvm-undname Disable /usr/bin/llvm-readobj (requested /usr/bin/llvm-readelf) Disable /usr/bin/llvm-bcanalyzer Disable /usr/bin/llvm-objcopy (requested /usr/bin/llvm-install-name-tool) Disable /usr/bin/llvm-gsymutil Disable /usr/bin/llvm-dwarfdump Disable /usr/bin/llvm-ar (requested /usr/bin/llvm-lib) Disable /usr/bin/llvm-link Disable /usr/bin/llvm-rc Disable /usr/bin/llvm-xray Disable /usr/bin/llvm-PerfectShuffle Disable /usr/bin/llvm-ar (requested /usr/bin/llvm-ranlib) Disable /usr/bin/llvm-c-test Disable /usr/bin/llvm-symbolizer (requested /usr/bin/llvm-addr2line) Disable /usr/bin/llvm-jitlink Disable /usr/bin/llvm-ar Disable /usr/bin/llvm-mc Disable /usr/bin/llvm-objcopy Disable /usr/bin/llvm-cxxdump Disable /usr/bin/llvm-cxxmap Disable /usr/bin/llvm-opt-report Disable /usr/bin/llvm-config Disable /usr/bin/llvm-ar (requested /usr/bin/llvm-dlltool) Disable /usr/bin/llvm-diff Disable /usr/bin/llvm-mca Disable /usr/bin/llvm-pdbutil Disable /usr/bin/llvm-cat Disable /usr/bin/llvm-reduce Disable /usr/bin/llvm-strings Disable /usr/bin/llvm-rtdyld Disable /usr/bin/llvm-extract Disable /usr/bin/llvm-stress Disable /usr/bin/llvm-tblgen Disable /usr/bin/llvm-dis Disable /usr/bin/llvm-symbolizer Disable /usr/bin/llvm-objdump Disable /usr/bin/llvm-objcopy (requested /usr/bin/llvm-strip) Disable /usr/bin/llvm-profdata Disable /usr/bin/llvm-readobj Disable /usr/bin/llvm-ifs Disable /usr/bin/llvm-size Disable /usr/bin/llvm-elfabi Disable /usr/bin/llvm-dwp Disable /usr/bin/llvm-cvtres Disable /usr/bin/llvm-modextract Disable /usr/bin/llvm-cxxfilt Disable /usr/bin/llvm-split Disable /usr/bin/as Disable /usr/bin/gcc (requested /usr/bin/cc) Disable /usr/bin/c++ Disable /usr/bin/c++filt Disable /usr/bin/c89 Disable /usr/bin/c99 Disable /usr/bin/cpp Disable /usr/bin/cpp2html Disable /usr/bin/g++ Disable /usr/bin/gcc-nm Disable /usr/bin/gcc-ranlib Disable /usr/bin/gcc-ar Disable /usr/bin/gcc Disable /usr/bin/gdb Disable /usr/bin/ld Disable /usr/bin/riscv64-linux-gnu-gcc-ranlib Disable /usr/bin/riscv64-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/riscv64-linux-gnu-gcc Disable /usr/bin/riscv64-linux-gnu-gcc-nm Disable /usr/bin/riscv64-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/riscv64-linux-gnu-g++ Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/bin/riscv64-linux-gnu-gcc-ranlib Disable /usr/bin/riscv64-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0 Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc Disable /usr/bin/riscv64-linux-gnu-gcc Disable /usr/bin/riscv64-linux-gnu-gcc-nm Disable /usr/bin/riscv64-linux-gnu-gcc-ar Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm Disable /usr/bin/riscv64-linux-gnu-g++ Disable /usr/bin/x86_64-pc-linux-gnu-g++ Disable /usr/lib/jvm/java-15-openjdk/bin/java (requested /usr/bin/java) Disable /usr/lib/jvm/java-15-openjdk/bin/javac (requested /usr/bin/javac) Disable /usr/share/java Disable /usr/bin/openssl Disable /usr/bin/rustup (requested /usr/bin/rust-gdb) Disable /usr/bin/rustup (requested /usr/bin/rust-lldb) Disable /usr/bin/rustup (requested /usr/bin/rustc) Disable /usr/bin/valgrind-listener Disable /usr/bin/valgrind-di-server Disable /usr/bin/valgrind Disable /usr/lib/valgrind Disable /usr/src Disable /usr/local/src Disable /usr/include Disable /usr/local/include Mounting noexec /home/vwheezy/.mozilla/firefox/profiles.ini 2112 1918 8:3 /vwheezy/.mozilla/firefox/profiles.ini /home/vwheezy/.mozilla/firefox/profiles.ini ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2112 fsname=/vwheezy/.mozilla/firefox/profiles.ini dir=/home/vwheezy/.mozilla/firefox/profiles.ini fstype=ext4 Mounting noexec /home/vwheezy/.config/Signal 2113 1899 8:3 /vwheezy/.config/Signal /home/vwheezy/.config/Signal rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2113 fsname=/vwheezy/.config/Signal dir=/home/vwheezy/.config/Signal fstype=ext4 Mounting noexec /home/vwheezy/dl 2114 1900 8:3 /vwheezy/dl /home/vwheezy/dl rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2114 fsname=/vwheezy/dl dir=/home/vwheezy/dl fstype=ext4 Mounting noexec /home/vwheezy/.config/mimeapps.list 2115 1924 8:3 /vwheezy/.config/mimeapps.list /home/vwheezy/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2115 fsname=/vwheezy/.config/mimeapps.list dir=/home/vwheezy/.config/mimeapps.list fstype=ext4 Mounting noexec /home/vwheezy/.config/user-dirs.dirs 2116 1925 8:3 /vwheezy/.config/user-dirs.dirs /home/vwheezy/.config/user-dirs.dirs ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2116 fsname=/vwheezy/.config/user-dirs.dirs dir=/home/vwheezy/.config/user-dirs.dirs fstype=ext4 Mounting noexec /home/vwheezy/.config/user-dirs.locale 2117 1926 8:3 /vwheezy/.config/user-dirs.locale /home/vwheezy/.config/user-dirs.locale ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2117 fsname=/vwheezy/.config/user-dirs.locale dir=/home/vwheezy/.config/user-dirs.locale fstype=ext4 Mounting noexec /home/vwheezy/.local/share/applications 2118 1923 8:3 /vwheezy/.local/share/applications /home/vwheezy/.local/share/applications ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2118 fsname=/vwheezy/.local/share/applications dir=/home/vwheezy/.local/share/applications fstype=ext4 Mounting noexec /home/vwheezy/.local/share/mime 2119 1927 8:3 /vwheezy/.local/share/mime /home/vwheezy/.local/share/mime ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2119 fsname=/vwheezy/.local/share/mime dir=/home/vwheezy/.local/share/mime fstype=ext4 Mounting noexec /home/vwheezy/.config/dconf 2120 1920 8:3 /vwheezy/.config/dconf /home/vwheezy/.config/dconf ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2120 fsname=/vwheezy/.config/dconf dir=/home/vwheezy/.config/dconf fstype=ext4 Mounting noexec /home/vwheezy/.cache/fontconfig 2121 1907 8:3 /vwheezy/.cache/fontconfig /home/vwheezy/.cache/fontconfig rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2121 fsname=/vwheezy/.cache/fontconfig dir=/home/vwheezy/.cache/fontconfig fstype=ext4 Mounting noexec /home/vwheezy/.local/share/fonts 2122 1908 8:3 /vwheezy/.local/share/fonts /home/vwheezy/.local/share/fonts rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2122 fsname=/vwheezy/.local/share/fonts dir=/home/vwheezy/.local/share/fonts fstype=ext4 Mounting noexec /home/vwheezy/.config/gtk-2.0 2123 1909 8:3 /vwheezy/.config/gtk-2.0 /home/vwheezy/.config/gtk-2.0 rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2123 fsname=/vwheezy/.config/gtk-2.0 dir=/home/vwheezy/.config/gtk-2.0 fstype=ext4 Mounting noexec /home/vwheezy/.config/gtk-3.0 2124 1910 8:3 /vwheezy/.config/gtk-3.0 /home/vwheezy/.config/gtk-3.0 rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2124 fsname=/vwheezy/.config/gtk-3.0 dir=/home/vwheezy/.config/gtk-3.0 fstype=ext4 Mounting noexec /home/vwheezy/.config/QtProject.conf 2125 1911 8:3 /vwheezy/.config/QtProject.conf /home/vwheezy/.config/QtProject.conf rw,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2125 fsname=/vwheezy/.config/QtProject.conf dir=/home/vwheezy/.config/QtProject.conf fstype=ext4 Mounting noexec /home/vwheezy/.config/kdeglobals 2126 1919 8:3 /vwheezy/.config/kdeglobals /home/vwheezy/.config/kdeglobals ro,nosuid,nodev,noexec,relatime master:43 - ext4 /dev/sda3 rw mountid=2126 fsname=/vwheezy/.config/kdeglobals dir=/home/vwheezy/.config/kdeglobals fstype=ext4 Mounting noexec /run/user/1000 2131 2130 0:23 /firejail/firejail.ro.dir /run/user/1000/systemd rw,nosuid,nodev,relatime master:12 - tmpfs run rw,mode=755,inode64 mountid=2131 fsname=/firejail/firejail.ro.dir dir=/run/user/1000/systemd fstype=tmpfs Mounting noexec /dev/shm 2132 1864 0:132 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=2132 fsname=/shm dir=/dev/shm fstype=tmpfs Mounting noexec /var 2136 2133 0:126 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64 mountid=2136 fsname=/ dir=/var/tmp fstype=tmpfs Disable /usr/bin/luajit-2.0.5 Disable /usr/bin/luahbtex Disable /usr/bin/luajit-2.0.5 (requested /usr/bin/luajit) Disable /usr/share/texmf-dist/scripts/luaotfload/luaotfload-tool.lua (requested /usr/bin/luaotfload-tool) Disable /usr/bin/luajittex Disable /usr/bin/lua5.3 Disable /usr/bin/lua (requested /usr/bin/lua5.4) Disable /usr/bin/luac (requested /usr/bin/luac5.4) Disable /usr/bin/lua Disable /usr/bin/luac Disable /usr/bin/luahbtex (requested /usr/bin/lualatex) Disable /usr/bin/lua5.2 Disable /usr/bin/luatex Disable /usr/bin/luac5.2 Disable /usr/bin/luac5.3 Disable /usr/bin/luajithbtex Disable /usr/share/texmf-dist/scripts/context/stubs/unix/luatools (requested /usr/bin/luatools) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4) Disable /usr/lib/liblua.so.5.4.2 Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2) Disable /usr/lib/liblua5.3.so.5.3.6 Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib/liblua.so) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua5.3.so.5.3) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib/liblua.so.5.4) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua.so.5.3.6) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua5.3.so) Disable /usr/lib/libluajit-5.1.so.2.0.5 Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so.2) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so) Disable /usr/lib/liblua5.2.so.5.2.4 Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib/liblua5.4.so) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib/liblua.so.5.3) Disable /usr/lib/lua Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so.5.2) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua.so.5.2.4) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/libluDISPLAY=:0 parsed as 0 Warning: Cannot confine the application using AppArmor. Maybe firejail-default AppArmor profile is not loaded into the kernel. As root, run "aa-enforce firejail-default" to load it. a.so.5.4.2) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua.so.5.2) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua5.3.so.5.3.6) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/liblua.so) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua5.3.so.5.3) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/liblua.so.5.4) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua.so.5.3.6) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua5.3.so) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib64/libluajit-5.1.so.2.0.5) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib64/libluajit-5.1.so.2) Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib64/libluajit-5.1.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so.5.2.4) Disable /usr/lib/liblua.so.5.4.2 (requested /usr/lib64/liblua5.4.so) Disable /usr/lib/liblua5.3.so.5.3.6 (requested /usr/lib64/liblua.so.5.3) Disable /usr/lib/lua (requested /usr/lib64/lua) Disable /usr/share/luajit-2.0.5 Disable /usr/share/lua Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so) Disable /usr/bin/node Disable /usr/bin/core_perl Disable /usr/bin/perl Disable /usr/bin/site_perl Disable /usr/bin/vendor_perl Disable /usr/lib/perl5 Disable /usr/lib/perl5 (requested /usr/lib64/perl5) Disable /usr/share/perl5 Disable /usr/lib/ruby Disable /usr/bin/python2.7-config (requested /usr/bin/python2-config) Disable /usr/bin/python2.7 Disable /usr/bin/python2.7 (requested /usr/bin/python2) Disable /usr/bin/python2.7-config Disable /usr/lib/python2.7 Disable /usr/bin/python3.9 (requested /usr/bin/python3) Disable /usr/bin/python3.9 Disable /usr/bin/python3.9-config (requested /usr/bin/python3-config) Disable /usr/bin/python3.9-config Disable /usr/lib/python3.9 Disable /usr/lib/python3.8 Disable /usr/lib/python3.9 (requested /usr/lib64/python3.9) Disable /usr/lib/python3.8 (requested /usr/lib64/python3.8) Not blacklist /home/vwheezy/.config/Signal Not blacklist /home/vwheezy/.mozilla Disable /sys/fs Disable /sys/module Disable /mnt Disable /run/mount Disable /run/media /etc/pulse/client.conf not found Current directory: /home/vwheezy Mounting read-only /run/firejail/mnt/seccomp 2220 1829 0:123 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755,inode64 mountid=2220 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs Seccomp directory: ls /run/firejail/mnt/seccomp drwxr-xr-x root root 120 . drwxr-xr-x root root 320 .. -rw-r--r-- 1000 998 1072 seccomp -rw-r--r-- 1000 998 808 seccomp.32 -rw-r--r-- 1000 998 0 seccomp.postexec -rw-r--r-- 1000 998 0 seccomp.postexec32 No active seccomp files Set caps filter 240000 Drop privileges: pid 1, uid 1000, gid 998, nogroups 1 No supplementary groups Child process initialized in 156.93 ms Starting application LD_PRELOAD=(null) execvp argument 0: signal-desktop Error getpwuid: main.c:236 init_cfg: Success Parent is shutting down, bye... ```

[glitsj16]

From your debug output:

Ignoring "dbus-system.talk org.freedesktop.Notifications".

• (ignore) nodbus is deprecated, you'll need to allow filtering instead;
• access freedesktop's notification over the session bus instead of the system bus

[...] Error getpwuid: main.c:236 init_cfg: Success Try adding group and passwd to private-etc.

Proposed file for testing: use a .local file for overrides (you can drop including the default signal-desktop.profile this way) e.g. /home/vwheezy/.config/firejail/signal-desktop.local

private-etc group,passwd
ignore private-tmp

# override D-Bus options included from electron.profile
dbus-user filter
dbus-user.talk org.freedesktop.Notifications
ignore dbus-user none

What happens when you use the above signal-desktop.local?

[vwheezy]

Sorry for the late response but it worked perfectly! Thank you so much.

Before I close this though, could you clarify and/or point to where I can get this clarification?

1. Is using .local files the preferred way of writing user configurations?
2. As far as I can understand, the reason why my profile didn't work was because I used the ignore nodbus option which basically contradicts dbus-system.talk org.freedesktop.Notifications. Is this correct?
3. Why am I using dbus-user instead of dbus-system? I can imagine that it's safer to only allow the user dbus instead of the system-wide one.

As I said before, my knowledge on this stuff is definitely lacking. I'll look up a dbus article, but thanks so much again for your help!

[rusty-snake]

1. For additions of existing profiles, yes.
2. No
   1. nodbus is deprecated and no longer used in any upstream profile. Therefore a ignore nodbus has no effect as there is no nodbus. You need to use ignore dbus-user none instead.
   2. dbus-user.talk org.freedesktop.Notifications (not -system) has only a effect if dbus-user filter is set. If there is no dbus-user XXX at all, everything is allowed and if dbus-user none is used (as in signal-desktop) everything is forbidden (by blacklisting the socket).
3. Sorry, don't understand.

[vwheezy]

Thanks again!

I was just trying to understand the difference between dbus-user and dbus-system. As I mentioned before, this is probably outside the scope of this issue. I'll look up an article.

[rusty-snake]

There are two primary use-cases for which D-Bus is designed:

• As a "system bus" for communicating between system applications and user sessions
• As a "session bus" for exhanging data between applications in a desktop environments

_{src: https://pythonhosted.org/txdbus/dbus_overview.html}

[glitsj16]

@rusty-snake Should we bring in these changes to allow D-Bus notifications? I took the liberty to prepare a PR to do so.

@vwheezy22 If we decide to integrate the changes into the default signal-desktop.profile you can drop them from your signal-desktop.local when upgrading your firejail in the future, just a FYI