Hi, On 12/01/20 15:43:53 CET, Reiner Herrmann wrote: > I started with a fresh firefox profile (by using the firejail option > --private=/foo/bar for a separate/isolated home directory) and then > changed all of the settings you mentioned. > Then I restarted firefox, and all my changes were still applied, as > expected.
My test case is a bit different, I don't need a separate home directory but instead just using firejail for a specific ff profile in my home, eventually whitelisting some folders. But see next for details. > Can you please give some more information how you are starting firefox > inside firejail. For example, are you using --private (without > argument)? In this case it would use only a temporary home directory, > so all changes would be lost after restart. > Can you maybe also retry it from a clean profile? > > This is the command I used for testing: > $ firejail --private=/tmp/ff-home firefox-esr -no-remote Here my test: - run firefox without firejail; - create a new profile 'test' from about:profiles and close ff; - run 'firefox-esr -P test', customise preferences and quit; - run again 'firefox-esr -P test', preferences are the ones previously saved, quit ff; - run 'firejail firefox-esr -P test', preferences are not the ones previously saved, see my first e-mail and the output from the shell below; - run ff without firejail, 'firefox-esr -P test', loaded preferences are correct. Here the output from the shell: $ firejail firefox-esr -P test Reading profile /etc/firejail/firefox-esr.profile Reading profile /etc/firejail/firefox.profile Reading profile /etc/firejail/whitelist-usr-share-common.inc Reading profile /etc/firejail/firefox-common.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Warning: networking feature is disabled in Firejail configuration file Parent pid 15089, child pid 15090 Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Post-exec seccomp protector enabled Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, Child process initialized in 90.70 ms Gtk-Message: 16:34:47.781: Failed to load module "appmenu-gtk-module" Gtk-Message: 16:34:48.761: Failed to load module "appmenu-gtk-module" Gtk-Message: 16:34:49.086: Failed to load module "appmenu-gtk-module" Cheers
