wesnoth: error while loading shared libraries: liblua++.so.5.4

[marek22k]

Description

When I start wesnoth with firejail, an error appears.

Steps to Reproduce

1. Run in bash LC_ALL=C firejail /usr/bin/wesnoth

Expected behavior

Wesnoth starts.

Actual behavior

Wesnoth doesn't start.

Behavior without a profile

Wesnoth starts.

Environment

Arch Linux

$ uname -srm
Linux 6.6.50-2-lts x86_64
$ firejail --version
firejail version 0.9.72

Compile time support:
    - always force nonewprivs support is disabled
    - AppArmor support is enabled
    - AppImage support is enabled
    - chroot support is enabled
    - D-BUS proxy support is enabled
    - file transfer support is enabled
    - firetunnel support is disabled
    - IDS support is disabled
    - networking support is enabled
    - output logging is enabled
    - overlayfs support is disabled
    - private-home support is enabled
    - private-cache and tmpfs as user enabled
    - SELinux support is disabled
    - user namespace support is enabled
    - X11 sandboxing support is enabled

$ pacman -Q wesnoth
wesnoth 1:1.18.2-2
$ pacman -Q lua
lua 5.4.7-1

Checklist

• [X] The issues is caused by firejail (i.e. running the program by path (e.g. /usr/bin/vlc) "fixes" it).
• [X] I can reproduce the issue without custom modifications (e.g. globals.local).
• [X] The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
• [ ] The profile (and redirect profile if exists) hasn't already been fixed upstream.
• [X] I have performed a short search for similar issues (to avoid opening a duplicate).
  • [X] I'm aware of browser-allow-drm yes/browser-disable-u2f no in firejail.config to allow DRM/U2F in browsers.
• [ ] I used --profile=PROFILENAME to set the right profile. (Only relevant for AppImages)

Log

Output of LC_ALL=C firejail /path/to/program

``` $ LC_ALL=C firejail /usr/bin/wesnoth Reading profile /etc/firejail/wesnoth.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/whitelist-common.inc Parent pid 197880, child pid 197881 Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Warning: /sbin directory link was not blacklisted Warning: /usr/sbin directory link was not blacklisted Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Child process initialized in 126.45 ms /usr/bin/wesnoth: error while loading shared libraries: liblua++.so.5.4: cannot open shared object file: Permission denied Parent is shutting down, bye... ```

Output of LC_ALL=C firejail --debug /path/to/program

[log.txt](https://github.com/user-attachments/files/16997895/log.txt)

[kmk3]

Does it work with the following?

include allow-lua.inc

[marek22k]

That works!