Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Freetube does not start #4506

Closed
5 tasks done
toby63 opened this issue Sep 3, 2021 · 4 comments
Closed
5 tasks done

Freetube does not start #4506

toby63 opened this issue Sep 3, 2021 · 4 comments

Comments

@toby63
Copy link

toby63 commented Sep 3, 2021

Bug and expected behavior

Freetube does not start, see below for details.

No profile and disabling firejail

  • What changed calling firejail --noprofile /path/to/program in a terminal?
    Program starts as expected.

  • What changed calling the program by path (e.g. /usr/bin/vlc)?
    Nothing.

Reproduce

Steps to reproduce the behavior:

  1. Run in bash firejail freetube
  2. See error Cannot start application: Permission denied

Environment

  • Linux distribution:
    Arch Linux

  • Firejail version (output of firejail --version) exclusive or used git commit (git rev-parse HEAD):
    Development version built from AUR package firejail-git:
    commit a44fa49
    (Also a problem with version: 0.9.66)

  • Freetube version:
    0.13.2

Additional context

Checklist

  • The profile (and redirect profile if exists) hasn't already been fixed upstream.
  • The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
  • I have performed a short search for similar issues (to avoid opening a duplicate).
  • If it is a AppImage, --profile=PROFILENAME is used to set the right profile.
  • Used LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 PROGRAM to get english error-messages.
  • I'm aware of browser-allow-drm yes/browser-disable-u2f no in firejail.config to allow DRM/U2F in browsers.
  • This is not a question. Questions should be asked in https://github.com/netblue30/firejail/discussions.

Log

debug output

firejail freetube:

Reading profile /etc/firejail/freetube.profile
Reading profile /etc/firejail/disable-shell.inc
Reading profile /etc/firejail/electron.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: Warning: NVIDIA card detected, nogroups command disabled
Parent pid 27029, child pid 27031
10 programs installed in 43.56 ms
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: skipping alternatives for private /etc
Warning: skipping asound.conf for private /etc
Warning: skipping crypto-policies for private /etc
Warning: skipping pki for private /etc
Private /etc installed in 355.86 ms
Private /usr/etc installed in 0.00 ms
Warning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted
Child process initialized in 546.62 ms
Cannot start application: Permission denied

Parent is shutting down, bye...

firejail --debug freetube:

I can add that later, if needed (the log contains too much information about my system for my taste, so I have to make that in a seperate environment ;) ).

@rusty-snake
Copy link
Collaborator

How did you installed freetube?

@toby63
Copy link
Author

toby63 commented Sep 3, 2021

Via AUR package.

@rusty-snake
Copy link
Collaborator

Does it work if you include allow-bin-sh.inc+private-bin sh?

--- a/etc/profile-a-l/freetube.profile
+++ b/etc/profile-a-l/freetube.profile
@@ -8,12 +8,14 @@ include globals.local
 
 noblacklist ${HOME}/.config/FreeTube
 
+include allow-bin-sh.inc
+
 include disable-shell.inc
 
 mkdir ${HOME}/.config/FreeTube
 whitelist ${HOME}/.config/FreeTube
 
-private-bin electron,electron[0-9],electron[0-9][0-9],freetube
+private-bin electron,electron[0-9],electron[0-9][0-9],freetube,sh
 private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,pki,pulse,resolv.conf,ssl,X11,xdg

@toby63
Copy link
Author

toby63 commented Sep 3, 2021

It works, thank you very much.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants