Firejail: memory-deny-write-execute breaks several applications

Fixed in 704fc8b, Thanks for reporting.

Thanks for the quick response :)

It would be great if we could test graphical programs in our CI to catch errors like this... any ideas if this is possible?

CC: @reinerh since you've been working on our CI recently :smile:

@Fred-Barclay Yes, it would be possible. I think the tests (in test/ directory) already run some graphical programs.
It would be easy to run all tests also in our CI, but for now I didn't enable it, as it's a bit unrealiable.
See e.g. in Debian CI and Ubuntu CI.

We obviously can't test all graphical apps in CI, especially across various distros. The truth is that mdwe is unreliable in gtk/qt apps and perhaps in all gui apps and shouldn't be used there.

@Vincent43 I'm inclined to agree but I'd really like using mdwe as much as possible :smile: . Isn't Arch the distro that usually has issues with it?

Isn't Arch the distro that usually has issues with it?

_We need ~?IS_ARCH: mdwe~ ?NOT_ARCH: mdwe :smiley_cat:_

Yes if an app works fine with mdwe except on some distors, it is normaly Arch, Manjaro, ...

It would be interesting to find out what's causing the difference there.

$ grep -l "#1803" *
authenticator.profile
autokey-common.profile
baobab.profile
bitwarden.profile
clawsker.profile
d-feet.profile
enpass.profile
eo-common.profile
exfalso.profile
font-manager.profile
galculator.profile
geekbench.profile
mpDris2.profile
mumble.profile
ocenaudio.profile
pavucontrol.profile
QMediathekView.profile
qtox.profile
subdownloader.profile
viewnior.profile
youtube-dl.profile

ytdl not only GUI.

BTW: Should we reopen?

If a bug is reopened, it would make more sense to reopen #1803 than this one.

Regarding Arch specific breakage: recently mdwe was enhanced to block also memfd_create() system call. Maybe a library in Arch has started using it?

How recent is that enhancement? #1803 was opened in March 2018 so if it's after that it is not the (only) cause.

OK, that was added in March 2019, 59e3061.