Firejail: Spotify doesn't launch on Arch Linux
I'm using the spotify package from the AUR with firejail, no customizations to the firejail profile and I'm getting the following error:
$ firejail spotify
Reading profile /etc/firejail/spotify.profile
Reading profile /etc/firejail/globals.local
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Parent pid 1218, child pid 1219
Warning: skipping pki for private /etc
Warning: skipping crypto-policies for private /etc
Private /etc installed in 24.30 ms
Warning: skipping spotify for private /opt
Private /opt installed in 0.03 ms
5 programs installed in 4.33 ms
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: /sbin directory link was not blacklisted
Warning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted
Blacklist violations are logged to syslog
Child process initialized in 98.02 ms
/usr/local/bin/spotify: line 2: /usr/share/spotify/spotify: Permission denied
I tried whitelisting /usr/share/spotify but that didn't make any difference. Is there something special I need to do to make this work with the AUR package?
Algebro7
All 7 comments
How'd you install Spotify? Works here with the spotify-stable AUR package.
polyzen
on 6 Dec 2018
Thanks a bunch for the information--I switched to spotify-stable and it's working now.
Algebro7
on 7 Dec 2018
In case we see this later -- what version of firejail are you using? I'm using the latest build from git (0.9.57) and firejail spotify works without errors (and I have the ordinary spotify package from the AUR, not spotify-stable).
Thanks!
Fred-Barclay
on 8 Dec 2018
On December 8, 2018 12:50:22 PM EST, Fred Barclay notifications@github.com wrote:
In case we see this later -- what version of firejail are you using?
I'm using the latest build from git (0.9.57) andfirejail spotify
works without errors (and I have the ordinary spotify package from the
AUR, not spotify-stable).Thanks!
--
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
https://github.com/netblue30/firejail/issues/2292#issuecomment-445477097
Seems like they used a different install method.
--
Best,
polyzen
polyzen
on 8 Dec 2018
I was using the regular spotify package as well as firejail-apparmor, both from AUR. Looks like firejail version 0.9.56. It is possible the spotify installation got messed up over time as I recall there being some issues with ffmpeg awhile back that I had to manually resolve.
Algebro7
on 8 Dec 2018
Thanks! As an uneducated guess I'd suspect some incompatibility with firejail-apparmor. ;)
Fred-Barclay
on 8 Dec 2018
When spotify is used with --apparmor option, you need to add /usr/share/spotify/** ix, rule in /etc/apparmor.d/local/firejail-local.
spotify-stable isn't affected by this as it installs binary under /opt/spotify instead of /usr/share/spotify.
apparmor isn't enabled by default in spotify profile so you had to explicitly enable it somewhere.
Vincent43
on 8 Dec 2018
Related issues
dandelionred
路
3Comments
yourcelf
路
4Comments
Fincer
路
4Comments
bryce-lynch
路
4Comments
francoism90
路
4Comments
Most helpful comment
When spotify is used with
--apparmoroption, you need to add/usr/share/spotify/** ix,rule in/etc/apparmor.d/local/firejail-local.spotify-stableisn't affected by this as it installs binary under/opt/spotifyinstead of/usr/share/spotify.apparmorisn't enabled by default in spotify profile so you had to explicitly enable it somewhere.