On a side note, could use a little help with the restricted network function. Something changed between earlier versions and 0.9.64.4. In earlier versions I could use "firejail --apparmor --net=eno1 firefox" to create a new network stack. When I try to use it now I do not get any errors, but am unable to browse to any site. If I change restricted-network to yes I get the error "Error: networking feature is disabled in Firejail configuration file". Networking is enabled according to both the config file and to "firejail --version".

The developers notes in /etc/firejail/firejail.config say "Restricted networking grants access to --interface, --net=ethXXX and # --netfilter only to root user. Regular users are only allowed --net=none. I'm guessing that firejail sees me as a regular user and not as a root user?

On Sat, Mar 20, 2021 at 7:05 AM John Seberg via PLUG-discuss <plug-discuss@lists.phxlinux.org> wrote:
Not really sure, but I think you need to launch it with an application such as /usr/bin/gtk-launch.

https://unix.stackexchange.com/questions/457410/start-desktop-launcher-from-command-line-on-mint






On Friday, March 19, 2021, 10:26:06 PM MST, Steve B via PLUG-discuss <plug-discuss@lists.phxlinux.org> wrote:





I took Brian's recommendation and created a file in ~/.local/share/applications called sandfox.desktop. Contents of that file are:

[Desktop Entry]
Encoding=UTF-8
Type=Application
Icon=/home/steve/Pictures/firejailed_firefox128.png
Exec=/usr/bin/firejail --apparmor firefox
Name=Sandboxed Web Browser
Terminal=false

I have it set to executable but when i try to run it "./sandfox.desktop" I get the error:
./sandfox.desktop: line 1: [Desktop: command not found
./sandfox.desktop: line 5: --apparmor: command not found
./sandfox.desktop: line 6: Web: command not found

Is my file misconfigured or what do I not have correct?



On Fri, Dec 25, 2020 at 5:47 PM Brian Cluff via PLUG-discuss <plug-discuss@lists.phxlinux.org> wrote:
>  
>  Under debian based distros, overriding an overwrite of ANY installed file is easily done.
> There's a really cool tool called dpkg-divert that the system uses to take whatever files would normally be installed and steer them into a different place so that you can put your own version of the file in the same place without fear of it going away on the next update.
>
> Just do:
> dpkg-divert --add --rename /usr/share/applications/firefox.desktop
>
> In this case, that would be the overkill and less correct way of handing the problem.  A better way would be to put your own version of the firefox.desktop into certain directories and that cause it to override the system version of the config.  Put them in ~/.local/share/applications/ to change an individual user and /usr/local/share/applications/ to effect every user on the system.
>
> Brian Cluff
>

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss