Closed a61kt closed 2 years ago
audacity: error while loading shared libraries: lib-screen-geometry.so: cannot open shared object file: No such file or directory
Odd that audacity complains about missing that file: $ pkgfile lib-screen-geometry.so community/audacity
I've installed https://archlinux.org/packages/community/x86_64/audacity/ on my arch linux box and with firejail from git it works. Only thing that changed in /etc/firejail/audacity.profile compared to 0.9.70 is the removal of shell none
. But even when I add that back audacity starts and works as expected for me. So I cannot reproduce this.
UPDATE: other arch users i talked with on #archlinux IRC could reproduce this. For them audacity started to work by ignoring apparmor, so that's something you can try.
Do you use AppArmor? Can you post output from the below command here please?
$ firejail --ignore=quiet --ignore=apparmor /usr/bin/audacity
Commenting out the private-bin audacity
line fixes this error for me on Fedora 36. Which is curious because private-bin
is supposed to only bind-mount the /bin, /usr/bin, /sbin, and /usr/sbin dirs, and on my install of Fed36, this library is chilling at /usr/lib64/audacity/lib-screen-geometry.so
I don't know much about firejail profiles, but adding noblacklist /usr/lib64/audacity
did not solve the problem for me.
This error occurs on the Fedora 36 packaged version of firejail 0.9.66, and the version I compiled locally off of master (316749ae4) -- labelled as 0.9.71.
I'm adding a PR to adjust the profile, but I wonder why it's not reproduceable by some folks and why private-bin
would affect the lib
directories. I'm just a drive by, so I'll let the maintainers decide whether this should be a investigated deeper in a separate issue, or if slapping a bandage on the audacity profile is good enough.
I'm wondering if this has something to do with the distribution packaging of audacity. I heard there's drama about the upstream and some distro are doing some munging before packaging, maybe that's why some folks are having this issue and others aren't?
Okay, plot twist.
Removing apparmor
OR private-bin
(and leaving the other in place) fixes this issue for me on Fedora 36 (i.e. AppArmor is defs not installed).
How does one create a cross-platform app profile? I'm presuming that Debian distros will want the apparmor integration, but it appears to not be playing nice with non-apparmor setups.
Okay, plot twist. Removing apparmor OR private-bin (and leaving the other in place) fixes this issue for me on Fedora 36 (i.e. AppArmor is defs not installed).
Nice catch.
How does one create a cross-platform app profile? I'm presuming that Debian distros will want the apparmor integration, but it appears to not be playing nice with non-apparmor setups.
Firejail doesn't have cross-platform profiles. It's up to distro packagers to add/remove specifics in profiles. @reinerh Do you have any suggestions here?
IMO it would be sufficient to remove apparmor
from audacity. Can you edit your PR accordingly please?
I present to you a shiny new commit for your reviewing pleasure.
Audacity works fine on Debian with apparmor enabled, but I'm fine with keeping it disabled if it crashes on other distros.
I don't think it's worth to ship a Debian-specific patch for this.
Fixed in #5300 - closing.
Removing apparmor OR private-bin (and leaving the other in place) fixes this issue for me on Fedora 36 (i.e. AppArmor is defs not installed).
Is AppArmor support enabled in your firejail build?
Description
Steps to Reproduce
open firejail audacity / see it
LC_ALL=C firejail PROGRAM
(LC_ALL=C
to get a consistent output in English that can be understood by everybody)ERROR
Expected behavior
get my audacity
Actual behavior
its broken
Behavior without a profile
$ firejail --noprofile --net=none audacity
``` Parent pid 67492, child pid 67493 Child process initialized in 36.74 ms (process:3): Gdk-CRITICAL **: 23:36:36.123: gdk_screen_get_root_window: assertion 'GDK_IS_SCREEN (screen)' failed (process:3): Gdk-CRITICAL **: 23:36:36.125: gdk_window_get_display: assertion 'GDK_IS_WINDOW (window)' failed (process:3): Gdk-CRITICAL **: 23:36:36.125: gdk_cursor_new_from_pixbuf: assertion 'GDK_IS_DISPLAY (display)' failed (audacity:3): Gtk-WARNING **: 23:36:36.182: Theme parsing error: gtk.css:63:28: The :prelight pseudo-class is deprecated. Use :hover instead. (audacity:3): Gtk-WARNING **: 23:36:36.183: Theme parsing error: gtk.css:73:35: The :prelight pseudo-class is deprecated. Use :hover instead. (audacity:3): Gtk-WARNING **: 23:36:36.183: Theme parsing error: gtk.css:115:31: The :insensitive pseudo-class is deprecated. Use :disabled instead. (audacity:3): Gtk-WARNING **: 23:36:36.183: Theme parsing error: gtk.css:116:24: The :insensitive pseudo-class is deprecated. Use :disabled instead. (audacity:3): Gtk-WARNING **: 23:36:36.183: Theme parsing error: gtk.css:145:27: The :insensitive pseudo-class is deprecated. Use :disabled instead. (audacity:3): Gtk-WARNING **: 23:36:36.183: Theme parsing error: gtk.css:146:29: The :insensitive pseudo-class is deprecated. Use :disabled instead. (audacity:3): Gtk-WARNING **: 23:36:36.183: Theme parsing error: gtk.css:166:34: The :insensitive pseudo-class is deprecated. Use :disabled instead. (audacity:3): Gtk-WARNING **: 23:36:36.183: Theme parsing error: gtk.css:187:34: The :inconsistent pseudo-class is deprecated. Use :indeterminate instead. lilv_world_add_plugin(): warning: Duplicate pluginAdditional context
Any other detail that may help to understand/debug the problem
Environment
Checklist
/usr/bin/vlc
) "fixes" it).https://github.com/netblue30/firejail/issues/1139
)browser-allow-drm yes
/browser-disable-u2f no
infirejail.config
to allow DRM/U2F in browsers.--profile=PROFILENAME
to set the right profile. (Only relevant for AppImages)Log
Output of
LC_ALL=C firejail /path/to/program
``` output goes here ```
Output of
LC_ALL=C firejail --debug /path/to/program
``` output goes here ```