mousepad: cannot edit any setting

[exchaex]

Description

Cannot edit any mousepad settings, nothing happens at all. dconf-WARNING.

Steps to Reproduce

Steps to reproduce the behavior

1. RunMousepad 0.6.1 with bash to see firejail logs
2. (one of many examples) Change color scheme in view dropdown menu
3. Nothing changes.

Expected behavior

Color scheme changed

Actual behavior

No ui behavior. lots of dconf warnings:

(mousepad:7): dconf-WARNING **: 17:20:10.923: failed to commit changes to dconf: Could not connect: No such file or directory

Behavior without a profile

No warning or errors in logs. Everything works at expected

Additional context

Any other detail that may help to understand/debug the problem

Environment

• Artix linux
• firejail 0.9.72

Checklist

• [x] The issues is caused by firejail (i.e. running the program by path (e.g. /usr/bin/vlc) "fixes" it).
• [x] I can reproduce the issue without custom modifications (e.g. globals.local).
• [x] The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
• [x] The profile (and redirect profile if exists) hasn't already been fixed upstream.
• [x] I have performed a short search for similar issues (to avoid opening a duplicate).
  • [x] I'm aware of browser-allow-drm yes/browser-disable-u2f no in firejail.config to allow DRM/U2F in browsers.
• [x] I used --profile=PROFILENAME to set the right profile. (Only relevant for AppImages)

Log

Output of LC_ALL=C firejail /path/to/program

``` Reading profile /etc/firejail/mousepad.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-shell.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: private-lib feature is disabled in Firejail configuration file Parent pid 12979, child pid 12980 1 program installed in 1.68 ms Warning: /sbin directory link was not blacklisted Warning: /usr/sbin directory link was not blacklisted Child process initialized in 77.84 ms Mousepad-Message: 17:20:09.635: Failed to load plugin "mousepad-plugin-gspell": libgspell-1.so.2: cannot open shared object file: No such file or directory (mousepad:7): dconf-WARNING **: 17:20:09.697: failed to commit changes to dconf: Could not connect: No such file or directory (mousepad:7): dconf-WARNING **: 17:20:09.697: failed to commit changes to dconf: Could not connect: No such file or directory Failed to create secure directory (/run/user/1000/pulse): Permission denied (mousepad:7): dconf-WARNING **: 17:20:10.806: failed to commit changes to dconf: Could not connect: No such file or directory (mousepad:7): dconf-WARNING **: 17:20:10.806: failed to commit changes to dconf: Could not connect: No such file or directory (mousepad:7): dconf-WARNING **: 17:20:10.923: failed to commit changes to dconf: Could not connect: No such file or directory (mousepad:7): dconf-WARNING **: 17:20:10.923: failed to commit changes to dconf: Could not connect: No such file or directory ```

Output of LC_ALL=C firejail --debug /path/to/program

``` Building quoted command line: '/usr/bin/mousepad' Command name #mousepad# Found mousepad.profile profile in /etc/firejail directory Reading profile /etc/firejail/mousepad.profile Found disable-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-common.inc Found disable-devel.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-devel.inc Found disable-exec.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-exec.inc Found disable-interpreters.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-interpreters.inc Found disable-programs.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-programs.inc Found disable-shell.inc profile in /etc/firejail directory Reading profile /etc/firejail/disable-shell.inc Found whitelist-var-common.inc profile in /etc/firejail directory Reading profile /etc/firejail/whitelist-var-common.inc [profile] combined protocol list: "unix" Warning: private-lib feature is disabled in Firejail configuration file DISPLAY=:0 parsed as 0 Parent pid 13140, child pid 13141 Initializing child process PID namespace installed Mounting tmpfs on /run/firejail/mnt directory Creating empty /run/firejail/mnt/seccomp directory Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file Creating empty /run/firejail/mnt/seccomp/seccomp.namespaces file Creating empty /run/firejail/mnt/seccomp/seccomp.namespaces.32 file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file sbox run: /run/firejail/lib/fnet ifup lo Set caps filter 3000 Network namespace enabled, only loopback interface available Build protocol filter: unix sbox run: /run/firejail/lib/fseccomp protocol build unix /run/firejail/mnt/seccomp/seccomp.protocol Dropping all capabilities Drop privileges: pid 3, uid 1000, gid 1000, force_nogroups 1 No supplementary groups Mounting /proc filesystem representing the PID namespace Basic read-only filesystem: Mounting read-only /etc 360 325 259:3 /etc /etc ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=360 fsname=/etc dir=/etc fstype=ext4 Mounting noexec /etc 361 360 259:3 /etc /etc ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=361 fsname=/etc dir=/etc fstype=ext4 Mounting read-only /var 362 325 259:3 /var /var ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=362 fsname=/var dir=/var fstype=ext4 Mounting noexec /var 363 362 259:3 /var /var ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=363 fsname=/var dir=/var fstype=ext4 Mounting read-only /usr 364 325 259:3 /usr /usr ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=364 fsname=/usr dir=/usr fstype=ext4 Mounting tmpfs on /var/lock Mounting tmpfs on /var/tmp Mounting tmpfs on /var/log Create the new utmp file Mount the new utmp file Cleaning /home directory Cleaning /run/user directory Sanitizing /etc/passwd, UID_MIN 1000 Sanitizing /etc/group, GID_MIN 1000 Disable /run/firejail/sandbox Disable /run/firejail/network Disable /run/firejail/bandwidth Disable /run/firejail/name Disable /run/firejail/profile Disable /run/firejail/x11 Mounting tmpfs on /dev mounting /run/firejail/mnt/dev/dri directory Process /dev/shm directory Copying files in the new bin directory Checking /usr/local/bin/mousepad Checking /usr/bin/mousepad sbox run: /run/firejail/lib/fcopy /usr/bin/mousepad /run/firejail/mnt/bin Mount-bind /run/firejail/mnt/bin on top of /usr/local/bin Mount-bind /run/firejail/mnt/bin on top of /usr/bin Mount-bind /run/firejail/mnt/bin on top of /bin Mount-bind /run/firejail/mnt/bin on top of /usr/local/games Mount-bind /run/firejail/mnt/bin on top of /usr/local/sbin Mount-bind /run/firejail/mnt/bin on top of /usr/sbin Mount-bind /run/firejail/mnt/bin on top of /sbin 1 program installed in 1.35 ms Generate private-tmp whitelist commands blacklist /run/firejail/dbus Mounting read-only /proc/sys Remounting /sys directory Disable /sys/firmware Disable /sys/hypervisor Disable /sys/power Disable /sys/kernel/debug Disable /sys/kernel/vmcoreinfo Disable /proc/sys/fs/binfmt_misc Disable /proc/sys/kernel/core_pattern Disable /proc/sys/kernel/modprobe Disable /proc/sysrq-trigger Disable /proc/sys/vm/panic_on_oom Disable /proc/irq Disable /proc/bus Disable /proc/timer_list Disable /proc/kcore Disable /proc/kallsyms Disable /usr/lib/modules (requested /lib/modules) Disable /boot Disable /run/user/1000/gnupg Disable /run/user/1000/systemd Disable /proc/kmsg Debug 588: whitelist /var/lib/aspell Debug 609: expanded: /var/lib/aspell Debug 620: new_name: /var/lib/aspell Debug 630: dir: /var Adding whitelist top level directory /var Removed path: whitelist /var/lib/aspell new_name: /var/lib/aspell realpath: (null) No such file or directory Debug 588: whitelist /var/lib/ca-certificates Debug 609: expanded: /var/lib/ca-certificates Debug 620: new_name: /var/lib/ca-certificates Debug 630: dir: /var Removed path: whitelist /var/lib/ca-certificates new_name: /var/lib/ca-certificates realpath: (null) No such file or directory Debug 588: whitelist /var/lib/dbus Debug 609: expanded: /var/lib/dbus Debug 620: new_name: /var/lib/dbus Debug 630: dir: /var Removed path: whitelist /var/lib/dbus new_name: /var/lib/dbus realpath: (null) No such file or directory Debug 588: whitelist /var/lib/menu-xdg Debug 609: expanded: /var/lib/menu-xdg Debug 620: new_name: /var/lib/menu-xdg Debug 630: dir: /var Removed path: whitelist /var/lib/menu-xdg new_name: /var/lib/menu-xdg realpath: (null) No such file or directory Debug 588: whitelist /var/lib/uim Debug 609: expanded: /var/lib/uim Debug 620: new_name: /var/lib/uim Debug 630: dir: /var Removed path: whitelist /var/lib/uim new_name: /var/lib/uim realpath: (null) No such file or directory Debug 588: whitelist /var/cache/fontconfig Debug 609: expanded: /var/cache/fontconfig Debug 620: new_name: /var/cache/fontconfig Debug 630: dir: /var Debug 588: whitelist /var/tmp Debug 609: expanded: /var/tmp Debug 620: new_name: /var/tmp Debug 630: dir: /var Debug 588: whitelist /var/run Debug 609: expanded: /var/run Debug 620: new_name: /var/run Debug 630: dir: /var Debug 588: whitelist /var/lock Debug 609: expanded: /var/lock Debug 620: new_name: /var/lock Debug 630: dir: /var Debug 588: whitelist /tmp/.X11-unix Debug 609: expanded: /tmp/.X11-unix Debug 620: new_name: /tmp/.X11-unix Debug 630: dir: /tmp Adding whitelist top level directory /tmp Debug 588: whitelist /tmp/sndio Debug 609: expanded: /tmp/sndio Debug 620: new_name: /tmp/sndio Debug 630: dir: /tmp Removed path: whitelist /tmp/sndio new_name: /tmp/sndio realpath: (null) No such file or directory Debug 588: whitelist /tmp/pulse-PKdhtXMmr18n Debug 609: expanded: /tmp/pulse-PKdhtXMmr18n Debug 620: new_name: /tmp/pulse-PKdhtXMmr18n Debug 630: dir: /tmp Mounting tmpfs on /var, check owner: no 401 363 0:66 / /var rw,nosuid,nodev,noexec,relatime - tmpfs tmpfs rw,mode=755,inode64 mountid=401 fsname=/ dir=/var fstype=tmpfs Mounting tmpfs on /tmp, check owner: no 402 325 0:67 / /tmp rw,nosuid,nodev,relatime - tmpfs tmpfs rw,inode64 mountid=402 fsname=/ dir=/tmp fstype=tmpfs Whitelisting /var/cache/fontconfig 403 401 259:3 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=403 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4 Whitelisting /var/tmp 404 401 0:59 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw,inode64 mountid=404 fsname=/ dir=/var/tmp fstype=tmpfs Created symbolic link /var/run -> /run Created symbolic link /var/lock -> /run/lock Whitelisting /tmp/.X11-unix 405 402 259:3 /tmp/.X11-unix /tmp/.X11-unix rw,relatime - ext4 /dev/nvme0n1p3 rw mountid=405 fsname=/tmp/.X11-unix dir=/tmp/.X11-unix fstype=ext4 Whitelisting /tmp/pulse-PKdhtXMmr18n 406 402 259:3 /tmp/pulse-PKdhtXMmr18n /tmp/pulse-PKdhtXMmr18n rw,relatime - ext4 /dev/nvme0n1p3 rw mountid=406 fsname=/tmp/pulse-PKdhtXMmr18n dir=/tmp/pulse-PKdhtXMmr18n fstype=ext4 Disable /home/corinto/.bash_history Disable /home/corinto/.lesshst Disable /home/corinto/.config/autostart Disable /home/corinto/.xinitrc Disable /etc/xdg/autostart Mounting read-only /home/corinto/.Xauthority 412 371 259:3 /home/corinto/.Xauthority /home/corinto/.Xauthority ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=412 fsname=/home/corinto/.Xauthority dir=/home/corinto/.Xauthority fstype=ext4 Mounting read-only /home/corinto/.config/dconf 413 371 259:3 /home/corinto/.config/dconf /home/corinto/.config/dconf ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=413 fsname=/home/corinto/.config/dconf dir=/home/corinto/.config/dconf fstype=ext4 Disable /run/user/1000/systemd Disable /etc/init.d Disable /home/corinto/.config/libvirt Disable /etc/apparmor Disable /etc/apparmor.d Disable /etc/cron.daily Disable /etc/default Disable /etc/dkms Disable /etc/grub.d Disable /etc/logrotate.conf Disable /etc/logrotate.d Disable /etc/modules-load.d Disable /etc/rc.local Disable /etc/sysconfig Mounting read-only /home/corinto/.bash_logout 428 371 259:3 /home/corinto/.bash_logout /home/corinto/.bash_logout ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=428 fsname=/home/corinto/.bash_logout dir=/home/corinto/.bash_logout fstype=ext4 Mounting read-only /home/corinto/.bash_profile 429 371 259:3 /home/corinto/.bash_profile /home/corinto/.bash_profile ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=429 fsname=/home/corinto/.bash_profile dir=/home/corinto/.bash_profile fstype=ext4 Mounting read-only /home/corinto/.bashrc 430 371 259:3 /home/corinto/.bashrc /home/corinto/.bashrc ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=430 fsname=/home/corinto/.bashrc dir=/home/corinto/.bashrc fstype=ext4 Mounting read-only /home/corinto/.local/lib 431 371 259:3 /home/corinto/.local/lib /home/corinto/.local/lib ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=431 fsname=/home/corinto/.local/lib dir=/home/corinto/.local/lib fstype=ext4 Mounting read-only /home/corinto/.rustup 432 371 259:3 /home/corinto/.rustup /home/corinto/.rustup ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=432 fsname=/home/corinto/.rustup dir=/home/corinto/.rustup fstype=ext4 Mounting read-only /home/corinto/.config/menus 433 371 259:3 /home/corinto/.config/menus /home/corinto/.config/menus ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=433 fsname=/home/corinto/.config/menus dir=/home/corinto/.config/menus fstype=ext4 Mounting read-only /home/corinto/.gnome/apps 434 371 259:3 /home/corinto/.gnome/apps /home/corinto/.gnome/apps ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=434 fsname=/home/corinto/.gnome/apps dir=/home/corinto/.gnome/apps fstype=ext4 Mounting read-only /home/corinto/.local/share/applications 435 371 259:3 /home/corinto/.local/share/applications /home/corinto/.local/share/applications ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=435 fsname=/home/corinto/.local/share/applications dir=/home/corinto/.local/share/applications fstype=ext4 Mounting read-only /home/corinto/.config/mimeapps.list 436 371 259:3 /home/corinto/.config/mimeapps.list /home/corinto/.config/mimeapps.list ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=436 fsname=/home/corinto/.config/mimeapps.list dir=/home/corinto/.config/mimeapps.list fstype=ext4 Mounting read-only /home/corinto/.local/share/mime 437 371 259:3 /home/corinto/.local/share/mime /home/corinto/.local/share/mime ro,relatime - ext4 /dev/nvme0n1p3 rw mountid=437 fsname=/home/corinto/.local/share/mime dir=/home/corinto/.local/share/mime fstype=ext4 Disable /etc/group- Disable /etc/gshadow Disable /etc/gshadow- Disable /etc/passwd- Disable /etc/shadow Disable /etc/shadow- Disable /etc/ssh Warning (blacklisting): cannot open /etc/ssh/*: Permission denied Disable /home/corinto/Passwords.kdbx Disable /home/corinto/.gnupg Disable /home/corinto/.local/share/pki Disable /home/corinto/.netrc Disable /home/corinto/.pki Warning: /sbin directory link was not blacklisted Disable /usr/local/sbin Warning: /usr/sbin directory link was not blacklisted Warning (blacklisting): cannot open /usr/local/sbin/at: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/busybox: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/chage: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/chfn: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/chsh: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/crontab: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/doas: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/evtest: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/expiry: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/fusermount: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gksu: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gksudo: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gpasswd: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/kdesudo: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ksu: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/mount: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/mount.ecryptfs_private: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/nc: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ncat: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/nmap: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/newgidmap: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/newgrp: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/newuidmap: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ntfs-3g: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/pkexec: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/procmail: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/sg: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/strace: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/su: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/sudo: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/tcpdump: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/umount: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/unix_chkpwd: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/xev: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/xinput: Permission denied Disable /usr/lib/ssh Warning (blacklisting): cannot open /usr/local/sbin/passwd: Permission denied Disable /usr/lib/dbus-1.0/dbus-daemon-launch-helper Warning (blacklisting): cannot open /usr/local/sbin/suexec: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/slock: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/physlock: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/schroot: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/wshowkeys: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/pmount: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/pumount: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/bmon: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/fping: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/fping6: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/hostname: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/mtr: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/mtr-packet: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/netstat: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/nm-online: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/nmcli: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/nmtui: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/nmtui-connect: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/nmtui-edit: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/nmtui-hostname: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/networkctl: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ss: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/traceroute: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gnome-terminal: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gnome-terminal.wrapper: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/kgx: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/lilyterm: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/lxterminal: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/mate-terminal: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/mate-terminal.wrapper: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/pantheon-terminal: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/roxterm: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/roxterm-config: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/terminix: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/tilix: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/urxvtc: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/urxvtcd: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/xfce4-terminal: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/xfce4-terminal.wrapper: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/bwrap: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/snap: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/snapctl: Permission denied Disable /proc/config.gz Warning (blacklisting): cannot open /usr/local/sbin/dig: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/dlint: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/dns2tcp: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/dnssec-*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/dnswalk: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/drill: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/host: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/iodine: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/kdig: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/khost: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/knsupdate: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ldns-*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ldnsd: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/nslookup: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/resolvectl: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/unbound-host: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ftp: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ssh: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/telnet: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/clang*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/lldb*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/llvm*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/as: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/cc: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/c++*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/c8*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/c9*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/cpp*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/g++*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gcc*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gdb: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ld: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/*-gcc*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/*-g++*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/*-gcc*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/*-g++*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gccgo: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/go: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gofmt: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/java: Permission denied Disable /usr/lib/jvm/java-21-openjdk/bin/java (requested /usr/lib/jvm/default/bin/java) Warning (blacklisting): cannot open /usr/local/sbin/javac: Permission denied Disable /usr/share/java Warning (blacklisting): cannot open /usr/local/sbin/scala: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/scala3: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/scala3-compiler: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/scala3-repl: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/scalac: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/openssl: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/openssl-1.0: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/rust-gdb: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/rust-lldb: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/rustc: Permission denied Disable /home/corinto/.rustup Warning (blacklisting): cannot open /usr/local/sbin/tcc: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/x86_64-tcc: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/valgrind*: Permission denied Disable /usr/src Disable /usr/local/src Disable /usr/include Disable /usr/local/include Mounting noexec /home/corinto 484 461 0:24 /firejail/firejail.ro.dir /home/corinto/.pki ro,nosuid,nodev,relatime - tmpfs run rw,mode=755,inode64 mountid=484 fsname=/firejail/firejail.ro.dir dir=/home/corinto/.pki fstype=tmpfs Mounting noexec /home/corinto/.bash_history 485 462 0:24 /firejail/firejail.ro.file /home/corinto/.bash_history ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=485 fsname=/firejail/firejail.ro.file dir=/home/corinto/.bash_history fstype=tmpfs Mounting noexec /home/corinto/.lesshst 486 463 0:24 /firejail/firejail.ro.file /home/corinto/.lesshst ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=486 fsname=/firejail/firejail.ro.file dir=/home/corinto/.lesshst fstype=tmpfs Mounting noexec /home/corinto/.config/autostart 487 464 0:24 /firejail/firejail.ro.dir /home/corinto/.config/autostart ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=487 fsname=/firejail/firejail.ro.dir dir=/home/corinto/.config/autostart fstype=tmpfs Mounting noexec /home/corinto/.xinitrc 488 465 0:24 /firejail/firejail.ro.file /home/corinto/.xinitrc ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=488 fsname=/firejail/firejail.ro.file dir=/home/corinto/.xinitrc fstype=tmpfs Mounting noexec /home/corinto/.Xauthority 489 466 259:3 /home/corinto/.Xauthority /home/corinto/.Xauthority ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=489 fsname=/home/corinto/.Xauthority dir=/home/corinto/.Xauthority fstype=ext4 Mounting noexec /home/corinto/.config/dconf 490 467 259:3 /home/corinto/.config/dconf /home/corinto/.config/dconf ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=490 fsname=/home/corinto/.config/dconf dir=/home/corinto/.config/dconf fstype=ext4 Mounting noexec /home/corinto/.config/libvirt 491 468 0:24 /firejail/firejail.ro.dir /home/corinto/.config/libvirt ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=491 fsname=/firejail/firejail.ro.dir dir=/home/corinto/.config/libvirt fstype=tmpfs Mounting noexec /home/corinto/.bash_logout 492 469 259:3 /home/corinto/.bash_logout /home/corinto/.bash_logout ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=492 fsname=/home/corinto/.bash_logout dir=/home/corinto/.bash_logout fstype=ext4 Mounting noexec /home/corinto/.bash_profile 493 470 259:3 /home/corinto/.bash_profile /home/corinto/.bash_profile ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=493 fsname=/home/corinto/.bash_profile dir=/home/corinto/.bash_profile fstype=ext4 Mounting noexec /home/corinto/.bashrc 494 471 259:3 /home/corinto/.bashrc /home/corinto/.bashrc ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=494 fsname=/home/corinto/.bashrc dir=/home/corinto/.bashrc fstype=ext4 Mounting noexec /home/corinto/.local/lib 495 472 259:3 /home/corinto/.local/lib /home/corinto/.local/lib ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=495 fsname=/home/corinto/.local/lib dir=/home/corinto/.local/lib fstype=ext4 Mounting noexec /home/corinto/.rustup 496 474 0:24 /firejail/firejail.ro.dir /home/corinto/.rustup ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=496 fsname=/firejail/firejail.ro.dir dir=/home/corinto/.rustup fstype=tmpfs Mounting noexec /home/corinto/.config/menus 497 475 259:3 /home/corinto/.config/menus /home/corinto/.config/menus ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=497 fsname=/home/corinto/.config/menus dir=/home/corinto/.config/menus fstype=ext4 Mounting noexec /home/corinto/.gnome/apps 498 476 259:3 /home/corinto/.gnome/apps /home/corinto/.gnome/apps ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=498 fsname=/home/corinto/.gnome/apps dir=/home/corinto/.gnome/apps fstype=ext4 Mounting noexec /home/corinto/.local/share/applications 499 477 259:3 /home/corinto/.local/share/applications /home/corinto/.local/share/applications ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=499 fsname=/home/corinto/.local/share/applications dir=/home/corinto/.local/share/applications fstype=ext4 Mounting noexec /home/corinto/.config/mimeapps.list 500 478 259:3 /home/corinto/.config/mimeapps.list /home/corinto/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=500 fsname=/home/corinto/.config/mimeapps.list dir=/home/corinto/.config/mimeapps.list fstype=ext4 Mounting noexec /home/corinto/.local/share/mime 501 479 259:3 /home/corinto/.local/share/mime /home/corinto/.local/share/mime ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=501 fsname=/home/corinto/.local/share/mime dir=/home/corinto/.local/share/mime fstype=ext4 Mounting noexec /home/corinto/Passwords.kdbx 502 480 0:24 /firejail/firejail.ro.file /home/corinto/Passwords.kdbx ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=502 fsname=/firejail/firejail.ro.file dir=/home/corinto/Passwords.kdbx fstype=tmpfs Mounting noexec /home/corinto/.gnupg 503 481 0:24 /firejail/firejail.ro.dir /home/corinto/.gnupg ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=503 fsname=/firejail/firejail.ro.dir dir=/home/corinto/.gnupg fstype=tmpfs Mounting noexec /home/corinto/.local/share/pki 504 482 0:24 /firejail/firejail.ro.dir /home/corinto/.local/share/pki ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=504 fsname=/firejail/firejail.ro.dir dir=/home/corinto/.local/share/pki fstype=tmpfs Mounting noexec /home/corinto/.netrc 505 483 0:24 /firejail/firejail.ro.file /home/corinto/.netrc ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=505 fsname=/firejail/firejail.ro.file dir=/home/corinto/.netrc fstype=tmpfs Mounting noexec /home/corinto/.pki 506 484 0:24 /firejail/firejail.ro.dir /home/corinto/.pki ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=506 fsname=/firejail/firejail.ro.dir dir=/home/corinto/.pki fstype=tmpfs Mounting noexec /run/user/1000 510 509 0:24 /firejail/firejail.ro.dir /run/user/1000/systemd ro,nosuid,nodev,relatime - tmpfs run rw,mode=755,inode64 mountid=510 fsname=/firejail/firejail.ro.dir dir=/run/user/1000/systemd fstype=tmpfs Mounting noexec /run/user/1000/gnupg 511 508 0:24 /firejail/firejail.ro.dir /run/user/1000/gnupg ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=511 fsname=/firejail/firejail.ro.dir dir=/run/user/1000/gnupg fstype=tmpfs Mounting noexec /run/user/1000/systemd 512 510 0:24 /firejail/firejail.ro.dir /run/user/1000/systemd ro,nosuid,nodev,noexec,relatime - tmpfs run rw,mode=755,inode64 mountid=512 fsname=/firejail/firejail.ro.dir dir=/run/user/1000/systemd fstype=tmpfs Mounting noexec /dev/shm 513 387 0:63 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755,inode64 mountid=513 fsname=/shm dir=/dev/shm fstype=tmpfs Mounting noexec /tmp 516 514 259:3 /tmp/pulse-PKdhtXMmr18n /tmp/pulse-PKdhtXMmr18n rw,relatime - ext4 /dev/nvme0n1p3 rw mountid=516 fsname=/tmp/pulse-PKdhtXMmr18n dir=/tmp/pulse-PKdhtXMmr18n fstype=ext4 Mounting noexec /tmp/.X11-unix 517 515 259:3 /tmp/.X11-unix /tmp/.X11-unix rw,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=517 fsname=/tmp/.X11-unix dir=/tmp/.X11-unix fstype=ext4 Mounting noexec /tmp/pulse-PKdhtXMmr18n 518 516 259:3 /tmp/pulse-PKdhtXMmr18n /tmp/pulse-PKdhtXMmr18n rw,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=518 fsname=/tmp/pulse-PKdhtXMmr18n dir=/tmp/pulse-PKdhtXMmr18n fstype=ext4 Warning (blacklisting): cannot open /usr/local/sbin/gjs: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/gjs-console: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/lua*: Permission denied Warning (blacklisting): cannot open /usr/include/lua*: Permission denied Disable /usr/lib/liblua++.so.5.4.6 (requested /usr/lib/liblua++.so) Disable /usr/lib/liblua++.so.5.4.6 (requested /usr/lib/liblua++.so.5.4) Disable /usr/lib/liblua.so.5.4.6 Disable /usr/lib/liblua.so.5.4.6 (requested /usr/lib/liblua.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2) Disable /usr/lib/libluajit-5.1.so.2.1.1702233742 (requested /usr/lib/libluajit-5.1.so) Disable /usr/lib/liblua5.2.so.5.2.4 Disable /usr/lib/liblua.so.5.4.6 (requested /usr/lib/liblua5.4.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2) Disable /usr/lib/liblua.so.5.4.6 (requested /usr/lib/liblua.so.5.4) Disable /usr/lib/liblua++.so.5.4.6 (requested /usr/lib/liblua++5.4.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so) Disable /usr/lib/libluajit-5.1.so.2.1.1702233742 Disable /usr/lib/liblua++.so.5.4.6 Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4) Disable /usr/lib/libluajit-5.1.so.2.1.1702233742 (requested /usr/lib/libluajit-5.1.so.2) Disable /usr/lib/lua Disable /usr/lib/liblua++.so.5.4.6 (requested /usr/lib64/liblua++.so) Disable /usr/lib/liblua++.so.5.4.6 (requested /usr/lib64/liblua++.so.5.4) Disable /usr/lib/liblua.so.5.4.6 (requested /usr/lib64/liblua.so.5.4.6) Disable /usr/lib/liblua.so.5.4.6 (requested /usr/lib64/liblua.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua.so.5.2) Disable /usr/lib/libluajit-5.1.so.2.1.1702233742 (requested /usr/lib64/libluajit-5.1.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so.5.2.4) Disable /usr/lib/liblua.so.5.4.6 (requested /usr/lib64/liblua5.4.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so.5.2) Disable /usr/lib/liblua.so.5.4.6 (requested /usr/lib64/liblua.so.5.4) Disable /usr/lib/liblua++.so.5.4.6 (requested /usr/lib64/liblua++5.4.so) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua5.2.so) Disable /usr/lib/libluajit-5.1.so.2.1.1702233742 (requested /usr/lib64/libluajit-5.1.so.2.1.1702233742) Disable /usr/lib/liblua++.so.5.4.6 (requested /usr/lib64/liblua++.so.5.4.6) Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib64/liblua.so.5.2.4) Disable /usr/lib/libluajit-5.1.so.2.1.1702233742 (requested /usr/lib64/libluajit-5.1.so.2) Disable /usr/lib/lua (requested /usr/lib64/lua) Disable /usr/share/luajit-2.1 Disable /usr/share/lua Warning (blacklisting): cannot open /usr/local/sbin/node: Permission denied Warning (blacklisting): cannot open /usr/include/node: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/core_perl: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/cpan*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/perl: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/site_perl: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/vendor_perl: Permission denied Disable /usr/lib/perl5 Disable /usr/lib/perl5 (requested /usr/lib64/perl5) Disable /usr/share/perl-image-exiftool Disable /usr/share/perl5 Warning (blacklisting): cannot open /usr/local/sbin/rxvt: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/php*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ruby: Permission denied Disable /usr/lib/ruby Disable /usr/lib/ruby (requested /usr/lib64/ruby) Warning (blacklisting): cannot open /usr/local/sbin/python2*: Permission denied Warning (blacklisting): cannot open /usr/include/python2*: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/python3*: Permission denied Warning (blacklisting): cannot open /usr/include/python3*: Permission denied Disable /usr/lib/python3.11 Disable /usr/lib/python3.10 Disable /usr/lib/python3.11 (requested /usr/lib64/python3.11) Disable /usr/lib/python3.10 (requested /usr/lib64/python3.10) Disable /usr/local/lib/python3.10 Disable /home/corinto/.android Disable /home/corinto/.cache/keepassxc Disable /home/corinto/.cache/mozilla Disable /home/corinto/.cargo Disable /home/corinto/.config/GIMP Disable /home/corinto/.config/Google Not blacklist /home/corinto/.config/Mousepad Disable /home/corinto/.config/Thunar Disable /home/corinto/.config/abiword Disable /home/corinto/.config/keepassxc Disable /home/corinto/.config/libreoffice Disable /home/corinto/.config/mpv Disable /home/corinto/.config/pavucontrol.ini Disable /home/corinto/.config/pcmanfm Disable /home/corinto/.config/redshift Disable /home/corinto/.config/wireshark Disable /home/corinto/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml Disable /home/corinto/.gradle Disable /home/corinto/.java Disable /home/corinto/.local/share/quadrapassel Disable /home/corinto/.mozilla Disable /home/corinto/.npm Disable /home/corinto/.wget-hsts Warning (blacklisting): cannot open /usr/local/sbin/bash: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/csh: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/dash: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/fish: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/ksh: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/mksh: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/oksh: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/sh: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/tclsh: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/tcsh: Permission denied Warning (blacklisting): cannot open /usr/local/sbin/zsh: Permission denied Disable /etc/environment Disable /etc/profile Disable /etc/profile.d Disable /etc/shells Disable /etc/skel Disable /etc/bash Mounting read-only /tmp/.X11-unix 594 517 259:3 /tmp/.X11-unix /tmp/.X11-unix ro,nosuid,nodev,noexec,relatime - ext4 /dev/nvme0n1p3 rw mountid=594 fsname=/tmp/.X11-unix dir=/tmp/.X11-unix fstype=ext4 Disable /sys/fs Disable /sys/module disable pulseaudio blacklist /home/corinto/.config/pulse blacklist /run/user/1000/pulse/native blacklist /run/user/1000/pulse blacklist /tmp/pulse-PKdhtXMmr18n disable pipewire Current directory: /home/corinto DISPLAY=:0 parsed as 0 Install protocol filter: unix configuring 19 seccomp entries in /run/firejail/mnt/seccomp/seccomp.protocol sbox run: /run/firejail/lib/fsec-print /run/firejail/mnt/seccomp/seccomp.protocol Dropping all capabilities Drop privileges: pid 5, uid 1000, gid 1000, force_nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 04 00 c000003e jeq ARCH_64 0006 (false 0002) 0002: 20 00 00 00000000 ld data.syscall-number 0003: 15 01 00 00000167 jeq unknown 0005 (false 0004) 0004: 06 00 00 7fff0000 ret ALLOW 0005: 05 00 00 00000009 jmp 000f 0006: 20 00 00 00000004 ld data.architecture 0007: 15 01 00 c000003e jeq ARCH_64 0009 (false 0008) 0008: 06 00 00 7fff0000 ret ALLOW 0009: 20 00 00 00000000 ld data.syscall-number 000a: 35 01 00 40000000 jge X32_ABI 000c (false 000b) 000b: 35 01 00 00000000 jge read 000d (false 000c) 000c: 06 00 00 00050001 ret ERRNO(1) 000d: 15 01 00 00000029 jeq socket 000f (false 000e) 000e: 06 00 00 7fff0000 ret ALLOW 000f: 20 00 00 00000010 ld data.args[0] 0010: 15 00 01 00000001 jeq 1 0011 (false 0012) 0011: 06 00 00 7fff0000 ret ALLOW 0012: 06 00 00 0005005f ret ERRNO(95) configuring 54 seccomp entries in /run/firejail/mnt/seccomp/seccomp.32 sbox run: /run/firejail/lib/fsec-print /run/firejail/mnt/seccomp/seccomp.32 Dropping all capabilities Drop privileges: pid 6, uid 1000, gid 1000, force_nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 40000003 jeq ARCH_32 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 15 30 00 00000015 jeq 15 0035 (false 0005) 0005: 15 2f 00 00000034 jeq 34 0035 (false 0006) 0006: 15 2e 00 0000001a jeq 1a 0035 (false 0007) 0007: 15 2d 00 0000011b jeq 11b 0035 (false 0008) 0008: 15 2c 00 00000155 jeq 155 0035 (false 0009) 0009: 15 2b 00 00000156 jeq 156 0035 (false 000a) 000a: 15 2a 00 0000007f jeq 7f 0035 (false 000b) 000b: 15 29 00 00000080 jeq 80 0035 (false 000c) 000c: 15 28 00 0000015e jeq 15e 0035 (false 000d) 000d: 15 27 00 00000081 jeq 81 0035 (false 000e) 000e: 15 26 00 0000006e jeq 6e 0035 (false 000f) 000f: 15 25 00 00000065 jeq 65 0035 (false 0010) 0010: 15 24 00 00000121 jeq 121 0035 (false 0011) 0011: 15 23 00 00000057 jeq 57 0035 (false 0012) 0012: 15 22 00 00000073 jeq 73 0035 (false 0013) 0013: 15 21 00 00000067 jeq 67 0035 (false 0014) 0014: 15 20 00 0000015b jeq 15b 0035 (false 0015) 0015: 15 1f 00 0000015c jeq 15c 0035 (false 0016) 0016: 15 1e 00 00000087 jeq 87 0035 (false 0017) 0017: 15 1d 00 00000095 jeq 95 0035 (false 0018) 0018: 15 1c 00 0000007c jeq 7c 0035 (false 0019) 0019: 15 1b 00 00000157 jeq 157 0035 (false 001a) 001a: 15 1a 00 000000fd jeq fd 0035 (false 001b) 001b: 15 19 00 00000150 jeq 150 0035 (false 001c) 001c: 15 18 00 00000152 jeq 152 0035 (false 001d) 001d: 15 17 00 0000015d jeq 15d 0035 (false 001e) 001e: 15 16 00 0000011e jeq 11e 0035 (false 001f) 001f: 15 15 00 0000011f jeq 11f 0035 (false 0020) 0020: 15 14 00 00000120 jeq 120 0035 (false 0021) 0021: 15 13 00 00000056 jeq 56 0035 (false 0022) 0022: 15 12 00 00000033 jeq 33 0035 (false 0023) 0023: 15 11 00 0000007b jeq 7b 0035 (false 0024) 0024: 15 10 00 000000d9 jeq d9 0035 (false 0025) 0025: 15 0f 00 000000f5 jeq f5 0035 (false 0026) 0026: 15 0e 00 000000f6 jeq f6 0035 (false 0027) 0027: 15 0d 00 000000f7 jeq f7 0035 (false 0028) 0028: 15 0c 00 000000f8 jeq f8 0035 (false 0029) 0029: 15 0b 00 000000f9 jeq f9 0035 (false 002a) 002a: 15 0a 00 00000101 jeq 101 0035 (false 002b) 002b: 15 09 00 00000112 jeq 112 0035 (false 002c) 002c: 15 08 00 00000114 jeq 114 0035 (false 002d) 002d: 15 07 00 00000126 jeq 126 0035 (false 002e) 002e: 15 06 00 0000013d jeq 13d 0035 (false 002f) 002f: 15 05 00 0000013c jeq 13c 0035 (false 0030) 0030: 15 04 00 0000003d jeq 3d 0035 (false 0031) 0031: 15 03 00 00000058 jeq 58 0035 (false 0032) 0032: 15 02 00 000000a9 jeq a9 0035 (false 0033) 0033: 15 01 00 00000082 jeq 82 0035 (false 0034) 0034: 06 00 00 7fff0000 ret ALLOW 0035: 06 00 00 00050001 ret ERRNO(1) Dual 32/64 bit seccomp filter configured configuring 80 seccomp entries in /run/firejail/mnt/seccomp/seccomp sbox run: /run/firejail/lib/fsec-print /run/firejail/mnt/seccomp/seccomp Dropping all capabilities Drop privileges: pid 7, uid 1000, gid 1000, force_nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 c000003e jeq ARCH_64 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 35 01 00 40000000 jge X32_ABI 0006 (false 0005) 0005: 35 01 00 00000000 jge read 0007 (false 0006) 0006: 06 00 00 00050001 ret ERRNO(1) 0007: 15 47 00 0000009f jeq adjtimex 004f (false 0008) 0008: 15 46 00 00000131 jeq clock_adjtime 004f (false 0009) 0009: 15 45 00 000000e3 jeq clock_settime 004f (false 000a) 000a: 15 44 00 000000a4 jeq settimeofday 004f (false 000b) 000b: 15 43 00 0000009a jeq modify_ldt 004f (false 000c) 000c: 15 42 00 000000d4 jeq lookup_dcookie 004f (false 000d) 000d: 15 41 00 0000012a jeq perf_event_open 004f (false 000e) 000e: 15 40 00 000001b6 jeq pidfd_getfd 004f (false 000f) 000f: 15 3f 00 00000137 jeq process_vm_writev 004f (false 0010) 0010: 15 3e 00 000000b0 jeq delete_module 004f (false 0011) 0011: 15 3d 00 00000139 jeq finit_module 004f (false 0012) 0012: 15 3c 00 000000af jeq init_module 004f (false 0013) 0013: 15 3b 00 000000a1 jeq chroot 004f (false 0014) 0014: 15 3a 00 000001af jeq fsconfig 004f (false 0015) 0015: 15 39 00 000001b0 jeq fsmount 004f (false 0016) 0016: 15 38 00 000001ae jeq fsopen 004f (false 0017) 0017: 15 37 00 000001b1 jeq fspick 004f (false 0018) 0018: 15 36 00 000000a5 jeq mount 004f (false 0019) 0019: 15 35 00 000001ad jeq move_mount 004f (false 001a) 001a: 15 34 00 000001ac jeq open_tree 004f (false 001b) 001b: 15 33 00 0000009b jeq pivot_root 004f (false 001c) 001c: 15 32 00 000000a6 jeq umount2 004f (false 001d) 001d: 15 31 00 0000009c jeq _sysctl 004f (false 001e) 001e: 15 30 00 000000b7 jeq afs_syscall 004f (false 001f) 001f: 15 2f 00 000000ae jeq create_module 004f (false 0020) 0020: 15 2e 00 000000b1 jeq get_kernel_syms 004f (false 0021) 0021: 15 2d 00 000000b5 jeq getpmsg 004f (false 0022) 0022: 15 2c 00 000000b6 jeq putpmsg 004f (false 0023) 0023: 15 2b 00 000000b2 jeq query_module 004f (false 0024) 0024: 15 2a 00 000000b9 jeq security 004f (false 0025) 0025: 15 29 00 0000008b jeq sysfs 004f (false 0026) 0026: 15 28 00 000000b8 jeq tuxcall 004f (false 0027) 0027: 15 27 00 00000086 jeq uselib 004f (false 0028) 0028: 15 26 00 00000088 jeq ustat 004f (false 0029) 0029: 15 25 00 000000ec jeq vserver 004f (false 002a) 002a: 15 24 00 000000ad jeq ioperm 004f (false 002b) 002b: 15 23 00 000000ac jeq iopl 004f (false 002c) 002c: 15 22 00 000000f6 jeq kexec_load 004f (false 002d) 002d: 15 21 00 00000140 jeq kexec_file_load 004f (false 002e) 002e: 15 20 00 000000a9 jeq reboot 004f (false 002f) 002f: 15 1f 00 000000a7 jeq swapon 004f (false 0030) 0030: 15 1e 00 000000a8 jeq swapoff 004f (false 0031) 0031: 15 1d 00 00000130 jeq open_by_handle_at 004f (false 0032) 0032: 15 1c 00 0000012f jeq name_to_handle_at 004f (false 0033) 0033: 15 1b 00 000000fb jeq ioprio_set 004f (false 0034) 0034: 15 1a 00 00000067 jeq syslog 004f (false 0035) 0035: 15 19 00 0000012c jeq fanotify_init 004f (false 0036) 0036: 15 18 00 000000f8 jeq add_key 004f (false 0037) 0037: 15 17 00 000000f9 jeq request_key 004f (false 0038) 0038: 15 16 00 000000ed jeq mbind 004f (false 0039) 0039: 15 15 00 00000100 jeq migrate_pages 004f (false 003a) 003a: 15 14 00 00000117 jeq move_pages 004f (false 003b) 003b: 15 13 00 000000fa jeq keyctl 004f (false 003c) 003c: 15 12 00 000000ce jeq io_setup 004f (false 003d) 003d: 15 11 00 000000cf jeq io_destroy 004f (false 003e) 003e: 15 10 00 000000d0 jeq io_getevents 004f (false 003f) 003f: 15 0f 00 000000d1 jeq io_submit 004f (false 0040) 0040: 15 0e 00 000000d2 jeq io_cancel 004f (false 0041) 0041: 15 0d 00 000000d8 jeq remap_file_pages 004f (false 0042) 0042: 15 0c 00 000000ee jeq set_mempolicy 004f (false 0043) 0043: 15 0b 00 00000116 jeq vmsplice 004f (false 0044) 0044: 15 0a 00 00000143 jeq userfaultfd 004f (false 0045) 0045: 15 09 00 000000a3 jeq acct 004f (false 0046) 0046: 15 08 00 00000141 jeq bpf 004f (false 0047) 0047: 15 07 00 000000b4 jeq nfsservctl 004f (false 0048) 0048: 15 06 00 000000ab jeq setdomainname 004f (false 0049) 0049: 15 05 00 000000aa jeq sethostname 004f (false 004a) 004a: 15 04 00 00000099 jeq vhangup 004f (false 004b) 004b: 15 03 00 00000065 jeq ptrace 004f (false 004c) 004c: 15 02 00 00000087 jeq personality 004f (false 004d) 004d: 15 01 00 00000136 jeq process_vm_readv 004f (false 004e) 004e: 06 00 00 7fff0000 ret ALLOW 004f: 06 00 01 00050001 ret ERRNO(1) seccomp filter configured Build restrict-namespaces filter sbox run: /run/firejail/lib/fseccomp restrict-namespaces /run/firejail/mnt/seccomp/seccomp.namespaces cgroup,ipc,net,mnt,pid,time,user,uts Dropping all capabilities Drop privileges: pid 8, uid 1000, gid 1000, force_nogroups 1 No supplementary groups restrict-namespaces filter configured Build restrict-namespaces filter sbox run: /run/firejail/lib/fseccomp restrict-namespaces.32 /run/firejail/mnt/seccomp/seccomp.namespaces.32 cgroup,ipc,net,mnt,pid,time,user,uts Dropping all capabilities Drop privileges: pid 9, uid 1000, gid 1000, force_nogroups 1 No supplementary groups restrict-namespaces filter configured Install namespaces filter configuring 26 seccomp entries in /run/firejail/mnt/seccomp/seccomp.namespaces sbox run: /run/firejail/lib/fsec-print /run/firejail/mnt/seccomp/seccomp.namespaces Dropping all capabilities Drop privileges: pid 10, uid 1000, gid 1000, force_nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 c000003e jeq ARCH_64 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 35 01 00 40000000 jge X32_ABI 0006 (false 0005) 0005: 35 01 00 00000000 jge read 0007 (false 0006) 0006: 06 00 00 00050001 ret ERRNO(1) 0007: 15 00 04 00000038 jeq clone 0008 (false 000c) 0008: 20 00 00 00000010 ld data.args[0] 0009: 45 00 01 7e020000 jset 7e020000 000a (false 000b) 000a: 06 00 00 00050001 ret ERRNO(1) 000b: 06 00 00 7fff0000 ret ALLOW 000c: 15 00 01 000001b3 jeq 1b3 000d (false 000e) 000d: 06 00 00 00050026 ret ERRNO(38) 000e: 15 00 04 00000110 jeq 110 000f (false 0013) 000f: 20 00 00 00000010 ld data.args[0] 0010: 45 00 01 7e020080 jset 7e020080 0011 (false 0012) 0011: 06 00 00 00050001 ret ERRNO(1) 0012: 06 00 00 7fff0000 ret ALLOW 0013: 15 00 04 00000134 jeq 134 0014 (false 0018) 0014: 20 00 00 00000018 ld data.args[8] 0015: 15 01 00 00000000 jeq 0 0017 (false 0016) 0016: 45 00 01 7e020080 jset 7e020080 0017 (false 0018) 0017: 06 00 00 00050001 ret ERRNO(1) 0018: 06 00 00 7fff0000 ret ALLOW 0019: 06 00 00 7fff0000 ret ALLOW configuring 23 seccomp entries in /run/firejail/mnt/seccomp/seccomp.namespaces.32 sbox run: /run/firejail/lib/fsec-print /run/firejail/mnt/seccomp/seccomp.namespaces.32 Dropping all capabilities Drop privileges: pid 11, uid 1000, gid 1000, force_nogroups 1 No supplementary groups line OP JT JF K ================================= 0000: 20 00 00 00000004 ld data.architecture 0001: 15 01 00 40000003 jeq ARCH_32 0003 (false 0002) 0002: 06 00 00 7fff0000 ret ALLOW 0003: 20 00 00 00000000 ld data.syscall-number 0004: 15 00 04 00000078 jeq 78 0005 (false 0009) 0005: 20 00 00 00000010 ld data.args[0] 0006: 45 00 01 7e020000 jset 7e020000 0007 (false 0008) 0007: 06 00 00 00050001 ret ERRNO(1) 0008: 06 00 00 7fff0000 ret ALLOW 0009: 15 00 01 000001b3 jeq 1b3 000a (false 000b) 000a: 06 00 00 00050026 ret ERRNO(38) 000b: 15 00 04 00000136 jeq 136 000c (false 0010) 000c: 20 00 00 00000010 ld data.args[0] 000d: 45 00 01 7e020080 jset 7e020080 000e (false 000f) 000e: 06 00 00 00050001 ret ERRNO(1) 000f: 06 00 00 7fff0000 ret ALLOW 0010: 15 00 04 0000015a jeq 15a 0011 (false 0015) 0011: 20 00 00 00000018 ld data.args[8] 0012: 15 01 00 00000000 jeq 0 0014 (false 0013) 0013: 45 00 01 7e020080 jset 7e020080 0014 (false 0015) 0014: 06 00 00 00050001 ret ERRNO(1) 0015: 06 00 00 7fff0000 ret ALLOW 0016: 06 00 00 7fff0000 ret ALLOW Mounting read-only /run/firejail/mnt/seccomp 601 357 0:56 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755,inode64 mountid=601 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs Seccomp directory: ls /run/firejail/mnt/seccomp drwxr-xr-x root root 200 . drwxr-xr-x root root 240 .. -rw-r--r-- corinto corinto 640 seccomp -rw-r--r-- corinto corinto 432 seccomp.32 -rw-r--r-- corinto corinto 207 seccomp.list -rw-r--r-- corinto corinto 208 seccomp.namespaces -rw-r--r-- corinto corinto 184 seccomp.namespaces.32 -rw-r--r-- corinto corinto 0 seccomp.postexec -rw-r--r-- corinto corinto 0 seccomp.postexec32 -rw-r--r-- corinto corinto 152 seccomp.protocol Active seccomp files: cat /run/firejail/mnt/seccomp/seccomp.list /run/firejail/mnt/seccomp/seccomp.protocol /run/firejail/mnt/seccomp/seccomp.32 /run/firejail/mnt/seccomp/seccomp /run/firejail/mnt/seccomp/seccomp.namespaces /run/firejail/mnt/seccomp/seccomp.namespaces.32 Dropping all capabilities nogroups command not ignored noroot user namespace installed Dropping all capabilities NO_NEW_PRIVS set Drop privileges: pid 1, uid 1000, gid 1000, force_nogroups 0 nogroups command not ignored No supplementary groups AppArmor enabled Closing non-standard file descriptors Starting application LD_PRELOAD=(null) execvp argument 0: /usr/bin/mousepad Child process initialized in 79.44 ms Installing /run/firejail/mnt/seccomp/seccomp.namespaces.32 seccomp filter Installing /run/firejail/mnt/seccomp/seccomp.namespaces seccomp filter Installing /run/firejail/mnt/seccomp/seccomp seccomp filter Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter monitoring pid 12 Mousepad-Message: 17:26:57.435: Failed to load plugin "mousepad-plugin-gspell": libgspell-1.so.2: cannot open shared object file: No such file or directory (mousepad:12): dconf-WARNING **: 17:26:57.499: failed to commit changes to dconf: Could not connect: No such file or directory (mousepad:12): dconf-WARNING **: 17:26:57.499: failed to commit changes to dconf: Could not connect: No such file or directory Failed to create secure directory (/run/user/1000/pulse): Permission denied (mousepad:12): dconf-WARNING **: 17:26:58.805: failed to commit changes to dconf: Could not connect: No such file or directory (mousepad:12): dconf-WARNING **: 17:26:58.805: failed to commit changes to dconf: Could not connect: No such file or directory (mousepad:12): dconf-WARNING **: 17:26:59.353: failed to commit changes to dconf: Could not connect: No such file or directory (mousepad:12): dconf-WARNING **: 17:26:59.353: failed to commit changes to dconf: Could not connect: No such file or directory Sandbox monitor: waitpid 12 retval 12 status 0 Parent is shutting down, bye... ```

[rusty-snake]

Possibly the same cause as in #5745, #6031, #5086, #3769, #5971. Check your dbus setup.

[exchaex]

From what I start? I don't know what to check.. New to firejail Running firejail mousepad with root does not give any warning, what should I add to mousepad.local?

[rusty-snake]

Check echo $DBUS_SESSION_BUS_ADDRESS. If it starts with /tmp/dbus- after the unix:path= add whitelist /tmp/dbus-*.

[exchaex]

It works! Thanks, I will try this with other program with same warnings