Firejail: No response when using spacebar as push-to-talk in Zoom
When running Zoom through firejail, I'm unable to press space to temporarily unmute my mic. (It's essentially a push-to-talk feature.)
Steps to Reproduce
- Launch Zoom through firejail with "firejail zoom"
- Enter a meeting with working mic/audio.
- Mute your mic.
- Press spacebar to unmute - nothing happens.
Expected behavior
Zoom will unmute the mic while the spacebar is held down. Mutes again when it's released.
It would be a nice feature to have. I don't know what other keyboard shortcuts exist in Zoom, so I don't know how to test if others are also not working.
Environment
- Linux Mint 19.1 Tessa (bionic)
- kernel 4.15.0-96-generic
- Firejail version 0.9.52
Additional context
I haven't tried an external keyboard yet, but I will and report back.
bouncinglime
All 14 comments
Can you post the output of firejail --debug zoom here please? And possible journal output too if you see anything relevant popping-up when you press the spacebar. Looking at zoom.profile it isn't among the most restrictive profiles we have. It shouldn't have to take all that long to do some detective work eliminating options one by one until - hopefully - we can pinpoint what is causing your spacebar to fail.
glitsj16
on 9 Apr 2020
👍1
Thanks for the quick reply!
Output is very long and is all pasted below. Please let me know if it would be more helpful to attach as a text file instead.
$ firejail --debug zoom
Autoselecting /bin/bash as shell
Building quoted command line: 'zoom'
Command name #zoom#
Found zoom profile in /etc/firejail directory
Reading profile /etc/firejail/zoom.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
DISPLAY=:0.0 parsed as 0
Using the local network stack
Parent pid 18135, child pid 18136
Initializing child process
Host network configured
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp.postexec file
Build protocol filter: unix,inet,inet6
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fseccomp protocol build unix,inet,inet6 /run/firejail/mnt/seccomp.protocol (null)
sbox file descriptors:
total 0
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 0 -> /dev/null
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 1 -> /dev/pts/0
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 2 -> /dev/pts/0
lr-x------ 1 mhsu mhsu 64 Apr 9 17:16 3 -> /proc/18140/fd
Dropping all capabilities
Username mhsu, no supplementary groups
Mounting read-only /bin, /sbin, /lib, /lib32, /lib64, /usr, /etc, /var
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Mounting tmpfs on /var/lib/dhcp
Mounting tmpfs on /var/lib/nginx
Mounting tmpfs on /var/lib/snmp
Mounting tmpfs on /var/lib/sudo
Create the new utmp file
Mount the new utmp file
Cleaning /home directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/x11
Remounting /proc and /proc/sys filesystems
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/module
Disable /sys/power
Disable /sys/kernel/debug
Disable /sys/kernel/vmcoreinfo
Disable /sys/kernel/uevent_helper
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/kernel/hotplug
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kcore
Disable /proc/kallsyms
Disable /lib/modules
Disable /usr/lib/debug
Disable /boot
Disable /dev/port
Disable /run/user/1000/gnupg
Disable /run/user/1000/systemd
Disable /dev/kmsg
Disable /proc/kmsg
Debug 393: new_name #/home/mhsu/.cache/zoom#, whitelist
Debug 480: fname #/home/mhsu/.cache/zoom#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.cache/zoom
Debug 393: new_name #/home/mhsu/.zoom#, whitelist
Debug 480: fname #/home/mhsu/.zoom#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.zoom
Debug 393: new_name #/home/mhsu/.XCompose#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose
expanded: /home/mhsu/.XCompose
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.asoundrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc
expanded: /home/mhsu/.asoundrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/ibus#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ibus
expanded: /home/mhsu/.config/ibus
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/mimeapps.list#, whitelist
Debug 480: fname #/home/mhsu/.config/mimeapps.list#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/mimeapps.list
Debug 393: new_name #/home/mhsu/.config/pkcs11#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11
expanded: /home/mhsu/.config/pkcs11
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/user-dirs.dirs#, whitelist
Debug 480: fname #/home/mhsu/.config/user-dirs.dirs#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/user-dirs.dirs
Debug 393: new_name #/home/mhsu/.drirc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc
expanded: /home/mhsu/.drirc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons
expanded: /home/mhsu/.icons
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.local/share/applications#, whitelist
Debug 480: fname #/home/mhsu/.local/share/applications#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.local/share/applications
Debug 393: new_name #/home/mhsu/.local/share/icons#, whitelist
Debug 480: fname #/home/mhsu/.local/share/icons#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.local/share/icons
Debug 393: new_name #/home/mhsu/.local/share/mime#, whitelist
Debug 480: fname #/home/mhsu/.local/share/mime#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.local/share/mime
Debug 393: new_name #/home/mhsu/.mime.types#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types
expanded: /home/mhsu/.mime.types
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.cache/fontconfig#, whitelist
Debug 480: fname #/home/mhsu/.cache/fontconfig#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.cache/fontconfig
Debug 393: new_name #/home/mhsu/.config/fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/fontconfig
expanded: /home/mhsu/.config/fontconfig
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig
expanded: /home/mhsu/.fontconfig
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts
expanded: /home/mhsu/.fonts
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fonts.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf
expanded: /home/mhsu/.fonts.conf
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fonts.conf.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d
expanded: /home/mhsu/.fonts.conf.d
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fonts.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d
expanded: /home/mhsu/.fonts.d
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.local/share/fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/fonts
expanded: /home/mhsu/.local/share/fonts
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.pangorc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc
expanded: /home/mhsu/.pangorc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/gtk-2.0#, whitelist
Debug 480: fname #/home/mhsu/.config/gtk-2.0#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/gtk-2.0
Debug 393: new_name #/home/mhsu/.config/gtk-3.0#, whitelist
Debug 480: fname #/home/mhsu/.config/gtk-3.0#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/gtk-3.0
Debug 393: new_name #/home/mhsu/.config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc
expanded: /home/mhsu/.config/gtkrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc-2.0
expanded: /home/mhsu/.config/gtkrc-2.0
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gnome2#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2
expanded: /home/mhsu/.gnome2
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gnome2-private#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private
expanded: /home/mhsu/.gnome2-private
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gtk-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0
expanded: /home/mhsu/.gtk-2.0
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc
expanded: /home/mhsu/.gtkrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gtkrc-2.0#, whitelist
Debug 480: fname #/home/mhsu/.gtkrc-2.0#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.gtkrc-2.0
Debug 393: new_name #/home/mhsu/.kde/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc
expanded: /home/mhsu/.kde/share/config/gtkrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0
expanded: /home/mhsu/.kde/share/config/gtkrc-2.0
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc
expanded: /home/mhsu/.kde4/share/config/gtkrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0
expanded: /home/mhsu/.kde4/share/config/gtkrc-2.0
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.local/share/themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes
expanded: /home/mhsu/.local/share/themes
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes
expanded: /home/mhsu/.themes
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/dconf#, whitelist
Debug 480: fname #/home/mhsu/.config/dconf#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/dconf
Debug 393: new_name #/home/mhsu/.config/Trolltech.conf#, whitelist
Debug 480: fname #/home/mhsu/.config/Trolltech.conf#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/Trolltech.conf
Debug 393: new_name #/home/mhsu/.config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kdeglobals
expanded: /home/mhsu/.config/kdeglobals
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc
expanded: /home/mhsu/.config/kioslaverc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/qt5ct#, whitelist
Debug 480: fname #/home/mhsu/.config/qt5ct#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/qt5ct
Debug 393: new_name #/home/mhsu/.kde/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals
expanded: /home/mhsu/.kde/share/config/kdeglobals
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc
expanded: /home/mhsu/.kde/share/config/kioslaverc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc
expanded: /home/mhsu/.kde/share/config/oxygenrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons
expanded: /home/mhsu/.kde/share/icons
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals
expanded: /home/mhsu/.kde4/share/config/kdeglobals
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc
expanded: /home/mhsu/.kde4/share/config/kioslaverc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc
expanded: /home/mhsu/.kde4/share/config/oxygenrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons
expanded: /home/mhsu/.kde4/share/icons
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/tmp/.X11-unix#, whitelist
Username mhsu, groups 1000, 4, 24, 27, 30, 46, 112, 128, 129,
Mounting a new /home directory
Mounting a new /root directory
Create a new user directory
Username mhsu, groups 1000, 4, 24, 27, 30, 46, 112, 128, 129,
Username mhsu, groups 1000, 4, 24, 27, 30, 46, 112, 128, 129,
Mounting tmpfs on /tmp directory
Whitelisting /home/mhsu/.cache/zoom
Whitelisting /home/mhsu/.zoom
Whitelisting /home/mhsu/.config/mimeapps.list
Whitelisting /home/mhsu/.config/user-dirs.dirs
Whitelisting /home/mhsu/.local/share/applications
Whitelisting /home/mhsu/.local/share/icons
Whitelisting /home/mhsu/.local/share/mime
Whitelisting /home/mhsu/.cache/fontconfig
Whitelisting /home/mhsu/.config/gtk-2.0
Whitelisting /home/mhsu/.config/gtk-3.0
Whitelisting /home/mhsu/.gtkrc-2.0
Whitelisting /home/mhsu/.config/dconf
Whitelisting /home/mhsu/.config/Trolltech.conf
Whitelisting /home/mhsu/.config/qt5ct
Whitelisting /tmp/.X11-unix
Disable /etc/X11/Xsession.d
Disable /etc/xdg/autostart
Disable /var/lib/systemd
Disable /var/cache/apt
Disable /var/lib/apt
Disable /var/lib/dkms
Disable /var/lib/upower
Disable /var/mail
Disable /var/opt
Disable /run/acpid.socket (requested /var/run/acpid.socket)
Disable /var/spool/anacron
Disable /var/spool/cron
Disable /var/mail (requested /var/spool/mail)
Disable /etc/anacrontab
Disable /etc/crontab
Disable /etc/cron.d
Disable /etc/cron.monthly
Disable /etc/cron.hourly
Disable /etc/cron.daily
Disable /etc/cron.weekly
Disable /etc/profile.d
Disable /etc/rc1.d
Disable /etc/rc2.d
Disable /etc/rc4.d
Disable /etc/rc0.d
Disable /etc/rcS.d
Disable /etc/rc6.d
Disable /etc/rc5.d
Disable /etc/rc3.d
Disable /etc/kernel
Disable /etc/kernel-img.conf
Disable /etc/kerneloops.conf
Disable /etc/grub.d
Disable /etc/dkms
Disable /etc/apparmor
Disable /etc/apparmor.d
Disable /etc/selinux
Disable /etc/modules-load.d
Disable /etc/modules
Disable /etc/logrotate.conf
Disable /etc/logrotate.d
Disable /etc/adduser.conf
Mounting read-only /home/mhsu/.bashrc
Mounting read-only /home/mhsu/.local/share/applications
Disable /etc/group-
Disable /etc/gshadow
Disable /etc/gshadow-
Disable /etc/passwd-
Disable /etc/shadow
Disable /etc/shadow-
Disable /etc/ssh
Disable /sbin
Disable /usr/local/sbin
Disable /usr/sbin
Disable /usr/bin/chage
Disable /usr/bin/chfn
Disable /usr/bin/chsh
Disable /usr/bin/crontab
Disable /usr/bin/expiry
Disable /bin/fusermount
Disable /usr/bin/gpasswd
Disable /bin/mount
Disable /bin/nc.openbsd (requested /bin/nc)
Disable /usr/bin/newgrp
Disable /bin/ntfs-3g
Disable /usr/bin/pkexec
Disable /usr/bin/newgrp (requested /usr/bin/sg)
Disable /usr/bin/strace
Disable /bin/su
Disable /usr/bin/sudo
Disable /bin/umount
Disable /usr/bin/xev
Disable /usr/bin/xinput
Disable /usr/lib/virtualbox
Disable /usr/bin/xfce4-terminal
Disable /usr/bin/xfce4-terminal.wrapper
Mounting noexec /tmp/.X11-unix
Disable /usr/bin/x86_64-linux-gnu-as (requested /usr/bin/as)
Disable /usr/bin/x86_64-linux-gnu-c++filt (requested /usr/bin/c++filt)
Disable /usr/bin/x86_64-linux-gnu-g++-7 (requested /usr/bin/c++)
Disable /usr/bin/c89-gcc
Disable /usr/bin/c89-gcc (requested /usr/bin/c89)
Disable /usr/bin/c99-gcc (requested /usr/bin/c99)
Disable /usr/bin/c99-gcc
Disable /usr/bin/x86_64-linux-gnu-cpp-7 (requested /usr/bin/cpp)
Disable /usr/bin/x86_64-linux-gnu-cpp-7 (requested /usr/bin/cpp-7)
Disable /usr/bin/x86_64-linux-gnu-g++-7 (requested /usr/bin/g++)
Disable /usr/bin/x86_64-linux-gnu-g++-7 (requested /usr/bin/g++-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-7 (requested /usr/bin/gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-7 (requested /usr/bin/gcc-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-7 (requested /usr/bin/gcc-nm-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-7 (requested /usr/bin/gcc-ar)
Disable /usr/bin/x86_64-linux-gnu-gcc-7 (requested /usr/bin/gcc)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-7 (requested /usr/bin/gcc-ranlib-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-7 (requested /usr/bin/gcc-ar-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-7 (requested /usr/bin/gcc-nm)
Disable /usr/bin/gdb
Disable /usr/bin/x86_64-linux-gnu-ld.bfd (requested /usr/bin/ld)
Disable /usr/bin/x86_64-linux-gnu-g++-7
Disable /usr/bin/x86_64-linux-gnu-g++-7 (requested /usr/bin/x86_64-linux-gnu-g++)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-7 (requested /usr/bin/x86_64-linux-gnu-gcc-ar)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-7 (requested /usr/bin/x86_64-linux-gnu-gcc-nm)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-7
Disable /usr/bin/x86_64-linux-gnu-gcc-7 (requested /usr/bin/x86_64-linux-gnu-gcc)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-7 (requested /usr/bin/x86_64-linux-gnu-gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-7
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-7
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-7
Disable /usr/include
Disable /usr/lib/valgrind
Disable /usr/bin/cpan
Disable /usr/bin/cpan5.26-x86_64-linux-gnu
Disable /usr/bin/perl
Disable /usr/share/perl-openssl-defaults
Disable /usr/share/perl5
Disable /usr/share/perl
Disable /usr/bin/openssl
Not blacklist /home/mhsu/.config/zoomus.conf
Disable /home/mhsu/.zoom
Mounting read-only /home/mhsu/.config/user-dirs.dirs
Mounting read-only /home/mhsu/.local/share/applications
Disable /sys/fs
Username mhsu, groups 1000, 4, 24, 27, 30, 46, 112, 128, 129,
disable /dev/dvb
disable /dev/sr0
Current directory: /home/mhsu
DISPLAY=:0.0 parsed as 0
Dropping all capabilities
Install protocol filter: unix,inet,inet6
configuring 14 seccomp entries in /run/firejail/mnt/seccomp.protocol
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fseccomp print /run/firejail/mnt/seccomp.protocol (null)
sbox file descriptors:
total 0
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 0 -> /dev/null
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 1 -> /dev/pts/0
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 2 -> /dev/pts/0
lr-x------ 1 mhsu mhsu 64 Apr 9 17:16 3 -> /proc/11/fd
Dropping all capabilities
Username mhsu, no supplementary groups
SECCOMP Filter
VALIDATE_ARCHITECTURE_64
EXAMINE_SYSCALL
WHITELIST 41 socket
UNKNOWN ENTRY 20!
WHITELIST 1 write
WHITELIST 2 open
WHITELIST 10 mprotect
RETURN_ERRNO 95 EOPNOTSUPP
configuring 101 seccomp entries in /run/firejail/mnt/seccomp.32
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fseccomp print /run/firejail/mnt/seccomp.32 (null)
sbox file descriptors:
total 0
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 0 -> /dev/null
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 1 -> /dev/pts/0
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 2 -> /dev/pts/0
lr-x------ 1 mhsu mhsu 64 Apr 9 17:16 3 -> /proc/14/fd
Dropping all capabilities
Username mhsu, no supplementary groups
SECCOMP Filter
VALIDATE_ARCHITECTURE_32
EXAMINE_SYSCALL
BLACKLIST 21 access
BLACKLIST 52 getpeername
BLACKLIST 26 msync
BLACKLIST 283 timerfd_create
BLACKLIST 341 unknown
BLACKLIST 342 unknown
BLACKLIST 127 rt_sigpending
BLACKLIST 128 rt_sigtimedwait
BLACKLIST 350 unknown
BLACKLIST 129 rt_sigqueueinfo
BLACKLIST 110 getppid
BLACKLIST 101 ptrace
BLACKLIST 289 signalfd4
BLACKLIST 87 unlink
BLACKLIST 115 getgroups
BLACKLIST 103 syslog
BLACKLIST 347 unknown
BLACKLIST 348 unknown
BLACKLIST 135 personality
BLACKLIST 149 mlock
BLACKLIST 124 getsid
BLACKLIST 343 unknown
BLACKLIST 253 inotify_init
BLACKLIST 336 unknown
BLACKLIST 338 unknown
BLACKLIST 349 unknown
BLACKLIST 286 timerfd_settime
BLACKLIST 287 timerfd_gettime
BLACKLIST 288 accept4
BLACKLIST 86 link
BLACKLIST 51 getsockname
BLACKLIST 123 setfsgid
BLACKLIST 217 getdents64
BLACKLIST 245 mq_getsetattr
BLACKLIST 246 kexec_load
BLACKLIST 247 waitid
BLACKLIST 248 add_key
BLACKLIST 249 request_key
BLACKLIST 257 openat
BLACKLIST 274 get_robust_list
BLACKLIST 276 tee
BLACKLIST 294 inotify_init1
BLACKLIST 317 seccomp
BLACKLIST 316 renameat2
BLACKLIST 61 wait4
BLACKLIST 88 symlink
BLACKLIST 169 reboot
BLACKLIST 130 rt_sigsuspend
RETURN_ALLOW
Dual 32/64 bit seccomp filter configured
configuring 138 seccomp entries in /run/firejail/mnt/seccomp
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fseccomp print /run/firejail/mnt/seccomp (null)
sbox file descriptors:
total 0
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 0 -> /dev/null
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 1 -> /dev/pts/0
lrwx------ 1 mhsu mhsu 64 Apr 9 17:16 2 -> /dev/pts/0
lr-x------ 1 mhsu mhsu 64 Apr 9 17:16 3 -> /proc/17/fd
Dropping all capabilities
Username mhsu, no supplementary groups
SECCOMP Filter
VALIDATE_ARCHITECTURE
EXAMINE_SYSCALL
HANDLE_X32
BLACKLIST 154 modify_ldt
BLACKLIST 212 lookup_dcookie
BLACKLIST 298 perf_event_open
BLACKLIST 311 process_vm_writev
BLACKLIST 156 _sysctl
BLACKLIST 183 afs_syscall
BLACKLIST 174 create_module
BLACKLIST 177 get_kernel_syms
BLACKLIST 181 getpmsg
BLACKLIST 182 putpmsg
BLACKLIST 178 query_module
BLACKLIST 185 security
BLACKLIST 139 sysfs
BLACKLIST 184 tuxcall
BLACKLIST 134 uselib
BLACKLIST 136 ustat
BLACKLIST 236 vserver
BLACKLIST 159 adjtimex
BLACKLIST 305 clock_adjtime
BLACKLIST 227 clock_settime
BLACKLIST 164 settimeofday
BLACKLIST 176 delete_module
BLACKLIST 313 finit_module
BLACKLIST 175 init_module
BLACKLIST 173 ioperm
BLACKLIST 172 iopl
BLACKLIST 246 kexec_load
BLACKLIST 320 kexec_file_load
BLACKLIST 169 reboot
BLACKLIST 167 swapon
BLACKLIST 168 swapoff
BLACKLIST 163 acct
BLACKLIST 321 bpf
BLACKLIST 161 chroot
BLACKLIST 165 mount
BLACKLIST 180 nfsservctl
BLACKLIST 155 pivot_root
BLACKLIST 171 setdomainname
BLACKLIST 170 sethostname
BLACKLIST 166 umount2
BLACKLIST 153 vhangup
BLACKLIST 238 set_mempolicy
BLACKLIST 256 migrate_pages
BLACKLIST 279 move_pages
BLACKLIST 237 mbind
BLACKLIST 304 open_by_handle_at
BLACKLIST 303 name_to_handle_at
BLACKLIST 251 ioprio_set
BLACKLIST 103 syslog
BLACKLIST 300 fanotify_init
BLACKLIST 312 kcmp
BLACKLIST 248 add_key
BLACKLIST 249 request_key
BLACKLIST 250 keyctl
BLACKLIST 206 io_setup
BLACKLIST 207 io_destroy
BLACKLIST 208 io_getevents
BLACKLIST 209 io_submit
BLACKLIST 210 io_cancel
BLACKLIST 216 remap_file_pages
BLACKLIST 278 vmsplice
BLACKLIST 135 personality
BLACKLIST 323 userfaultfd
BLACKLIST 101 ptrace
BLACKLIST 310 process_vm_readv
RETURN_ALLOW
seccomp filter configured
Seccomp files:
-rw-r--r-- 1 mhsu mhsu 1104 Apr 9 17:16 /run/firejail/mnt/seccomp
-rw-r--r-- 1 mhsu mhsu 808 Apr 9 17:16 /run/firejail/mnt/seccomp.32
-rw-r--r-- 1 mhsu mhsu 824 Apr 9 17:16 /run/firejail/mnt/seccomp.64
-rw-r--r-- 1 mhsu mhsu 0 Apr 9 17:16 /run/firejail/mnt/seccomp.postexec
-rw-r--r-- 1 mhsu mhsu 112 Apr 9 17:16 /run/firejail/mnt/seccomp.protocol
noroot user namespace installed
Dropping all capabilities
NO_NEW_PRIVS set
starting application
LD_PRELOAD=(null)
Running 'zoom' command through /bin/bash
execvp argument 0: /bin/bash
execvp argument 1: -c
execvp argument 2: 'zoom'
Child process initialized in 97.66 ms
Installing /run/firejail/mnt/seccomp seccomp filter
Installing /run/firejail/mnt/seccomp.32 seccomp filter
Installing /run/firejail/mnt/seccomp.protocol seccomp filter
ZoomLauncher started.
Zoom not exist at current directory - /home/mhsu
Zoom path is: /opt/zoom
cmd line:
CreateReportChannel bp_server_fd=4
$HOME = /home/mhsu
Can't load/home/mhsu/.config/zoomus.conf
export SSB_HOME=/home/mhsu/.zoom; export QSG_INFO=1; export LD_LIBRARY_PATH=/opt/zoom; export BREAKPAD_CLIENT_FD=3; /opt/zoom/zoom ""
monitoring pid 20
No PulseAudio daemon running, or not running as session daemon.
zoom started.
Client: Breakpad is using Client-Server Mode! client fd = 3
[CZPClientLogMgr::LogClientEnvironment] [MacAddr: ][client: Linux][OS: Linux Mint 19.1][Hardware: CPU Core:2 Frenquency:1.1 G Memory size:7897MB CPU Brand:Intel(R) Processor 5Y70 CPU @ 1.10GHz GPU Brand:][Req ID: ]
Linux Client Version is 3.5.361976.0301
QSG_RENDER_LOOP is
XDG_CURRENT_DESKTOP = XFCE; GDMSESSION = xfce
Graphics Card Info:: 00:02.0 VGA compatible controller: Intel Corporation HD Graphics 5300 (rev 08)
Zoom package arch is 64bit, runing OS arch is x86_64
AppIconMgr::systemDesktopName log Desktop Name: xfce
qt.scenegraph.general: QSG: basic render loop
qt.scenegraph.general: Using sg animation driver
qt.svg: link image0 hasn't been detected!
qt.svg: :/images/wechat.svg:10:6: Could not resolve property: pattern0
qt.scenegraph.general: texture atlas dimensions: 1024x512
qt.scenegraph.general: R/G/B/A Buffers: 8 8 8 8
qt.scenegraph.general: Depth Buffer: 24
qt.scenegraph.general: Stencil Buffer: 8
qt.scenegraph.general: Samples: -1
qt.scenegraph.general: GL_VENDOR: Intel Open Source Technology Center
qt.scenegraph.general: GL_RENDERER: Mesa DRI Intel(R) HD Graphics 5300 (Broadwell GT2)
qt.scenegraph.general: GL_VERSION: 3.0 Mesa 19.2.8
qt.scenegraph.general: GL_EXTENSIONS: GL_ARB_point_sprite GL_ARB_transform_feedback_overflow_query GL_EXT_compiled_vertex_array GL_EXT_stencil_two_side GL_ARB_shader_image_load_store GL_KHR_no_error GL_AMD_shader_trinary_minmax GL_ARB_fragment_program_shadow GL_ARB_texture_multisample GL_ARB_texture_compression_bptc GL_ARB_framebuffer_object GL_EXT_point_parameters GL_ARB_point_parameters GL_S3_s3tc GL_ARB_explicit_attrib_location GL_EXT_texture_lod_bias GL_EXT_texture_rectangle GL_ARB_invalidate_subdata GL_EXT_framebuffer_blit GL_EXT_texture_shadow_lod GL_IBM_multimode_draw_arrays GL_ARB_texture_swizzle GL_EXT_texture_compression_dxt1 GL_ARB_vertex_array_bgra GL_ARB_texture_env_dot3 GL_EXT_blend_equation_separate GL_ARB_fragment_layer_viewport GL_ARB_shader_texture_image_samples GL_EXT_multi_draw_arrays GL_ARB_occlusion_query GL_ARB_texture_compression GL_ATI_texture_env_combine3 GL_EXT_packed_pixels GL_INGR_blend_func_separate GL_ARB_separate_shader_objects GL_AMD_seamless_cubemap_per_texture GL_ARB_texture_view GL_EXT_texture_env_add GL_IBM_rasterpos_clip GL_ARB_texture_env_crossbar GL_ARB_get_program_binary GL_EXT_copy_texture GL_KHR_parallel_shader_compile GL_ARB_vertex_program GL_EXT_texture_compression_rgtc GL_MESA_window_pos GL_ARB_texture_env_add GL_EXT_vertex_array GL_EXT_texture_env_dot3 GL_EXT_blend_color GL_KHR_blend_equation_advanced GL_EXT_blend_minmax GL_ARB_texture_query_levels GL_ARB_clip_control GL_NV_texture_env_combine4 GL_3DFX_texture_compression_FXT1 GL_ARB_texture_compression_rgtc GL_EXT_provoking_vertex GL_IBM_texture_mirrored_repeat GL_ARB_provoking_vertex GL_ARB_explicit_uniform_location GL_ARB_depth_clamp GL_EXT_texture_integer GL_EXT_packed_float GL_ANGLE_texture_compression_dxt3 GL_ARB_ES3_compatibility GL_ARB_clear_texture GL_AMD_multi_draw_indirect GL_ARB_shader_ballot GL_ARB_transform_feedback2 GL_EXT_texture_sRGB_decode GL_ARB_timer_query GL_ARB_arrays_of_arrays GL_ARB_get_texture_sub_image GL_ARB_map_buffer_range GL_ARB_draw_elements_base_vertex GL_ARB_shader_draw_parameters GL_EXT_texture GL_MESA_texture_signed_rgba GL_ARB_multi_draw_indirect GL_EXT_packed_depth_stencil GL_AMD_query_buffer_object GL_EXT_texture_cube_map GL_ARB_instanced_arrays GL_ARB_shader_storage_buffer_object GL_SGIS_texture_edge_clamp GL_SGIS_generate_mipmap GL_EXT_texture_swizzle GL_EXT_texture_filter_anisotropic GL_ARB_buffer_storage GL_ARB_debug_output GL_NV_packed_depth_stencil GL_ARB_uniform_buffer_object GL_EXT_abgr GL_NV_texture_barrier GL_ARB_texture_mirror_clamp_to_edge GL_ARB_draw_instanced GL_ARB_fragment_shader GL_NV_depth_clamp GL_ARB_texture_rg GL_EXT_texture_sRGB_R8 GL_ARB_shader_texture_lod GL_ARB_half_float_pixel GL_ARB_transform_feedback3 GL_EXT_separate_specular_color GL_ARB_pipeline_statistics_query GL_ARB_sync GL_ARB_sample_shading GL_ARB_shader_image_size GL_NV_compute_shader_derivatives GL_ANGLE_texture_compression_dxt5 GL_EXT_stencil_wrap GL_ARB_map_buffer_alignment GL_ARB_vertex_shader GL_EXT_rescale_normal GL_EXT_blend_func_separate GL_ARB_shading_language_100 GL_ARB_seamless_cubemap_per_texture GL_ARB_ES3_1_compatibility GL_ARB_texture_float GL_ARB_shader_precision GL_ARB_multi_bind GL_ARB_robustness GL_ARB_texture_filter_anisotropic GL_ARB_stencil_texturing GL_EXT_texture_compression_s3tc GL_ARB_texture_cube_map GL_EXT_draw_buffers2 GL_KHR_debug GL_OES_EGL_image GL_KHR_robust_buffer_access_behavior GL_NV_texgen_reflection GL_ARB_cull_distance GL_ARB_query_buffer_object GL_EXT_draw_range_elements GL_INTEL_performance_query GL_EXT_framebuffer_multisample_blit_scaled GL_EXT_shader_integer_mix GL_ARB_texture_cube_map_array GL_ARB_internalformat_query GL_ARB_framebuffer_sRGB GL_EXT_framebuffer_multisample GL_EXT_texture3D GL_EXT_texture_edge_clamp GL_ARB_vertex_type_10f_11f_11f_rev GL_ARB_copy_buffer GL_EXT_framebuffer_sRGB GL_ARB_sampler_objects GL_ARB_fragment_program GL_NV_blend_square GL_OES_read_format GL_ARB_draw_indirect GL_KHR_robustness GL_ARB_conservative_depth GL_ARB_texture_storage_multisample GL_ARB_texture_rgb10_a2ui GL_AMD_texture_texture4 GL_KHR_context_flush_control GL_EXT_pixel_buffer_object GL_ARB_ES2_compatibility GL_ARB_parallel_shader_compile GL_EXT_texture_array GL_ARB_copy_image GL_EXT_vertex_array_bgra GL_EXT_texture_shared_exponent GL_ARB_depth_texture GL_EXT_blend_subtract GL_SUN_multi_draw_arrays GL_EXT_fog_coord GL_ARB_compressed_texture_pixel_storage GL_ARB_texture_gather GL_NV_primitive_restart GL_EXT_shader_samples_identical GL_ARB_pixel_buffer_object GL_ARB_draw_buffers_blend GL_APPLE_object_purgeable GL_ARB_polygon_offset_clamp GL_NV_conditional_render GL_SGIS_texture_lod GL_ARB_shading_language_packing GL_ARB_shadow GL_ARB_texture_query_lod GL_ARB_draw_buffers GL_NV_light_max_exponent GL_ARB_program_interface_query GL_ARB_compute_shader GL_ATI_draw_buffers GL_EXT_texture_sRGB GL_EXT_framebuffer_object GL_MESA_pack_invert GL_MESA_shader_integer_functions GL_ARB_transform_feedback_instanced GL_ATI_separate_stencil GL_EXT_bgra GL_SGIS_texture_border_clamp GL_ARB_blend_func_extended GL_EXT_gpu_program_parameters GL_EXT_texture_object GL_EXT_texture_snorm GL_EXT_subtexture GL_ARB_shader_atomic_counter_ops GL_ARB_seamless_cube_map GL_ARB_half_float_vertex GL_ARB_vertex_type_2_10_10_10_rev GL_ARB_window_pos GL_ARB_shading_language_420pack GL_EXT_shadow_funcs GL_ARB_texture_barrier GL_AMD_conservative_depth GL_ATI_texture_float GL_ARB_occlusion_query2 GL_ARB_shader_bit_encoding GL_ARB_derivative_control GL_ARB_texture_storage GL_ARB_multisample GL_ARB_texture_env_combine GL_ARB_clear_buffer_object GL_EXT_secondary_color GL_ARB_color_buffer_float GL_EXT_transform_feedback GL_ARB_depth_buffer_float GL_ARB_texture_mirrored_repeat GL_EXT_draw_instanced GL_ARB_shader_objects GL_ARB_vertex_buffer_object GL_NV_fog_distance GL_ARB_robust_buffer_access_behavior GL_ARB_indirect_parameters GL_EXT_texture_env_combine GL_ARB_internalformat_query2 GL_NV_texture_rectangle GL_ARB_multitexture GL_ARB_texture_rectangle GL_ARB_transpose_matrix GL_ARB_shader_clock GL_ARB_vertex_array_object GL_EXT_polygon_offset_clamp GL_ARB_vertex_attrib_binding GL_EXT_shader_framebuffer_fetch_non_coherent GL_AMD_draw_buffers_blend GL_ARB_texture_non_power_of_two GL_ARB_texture_border_clamp GL_ARB_texture_stencil8 GL_APPLE_packed_pixels GL_ARB_fragment_coord_conventions GL_ATI_blend_equation_separate GL_EXT_timer_query GL_ARB_conditional_render_inverted GL_ARB_shader_atomic_counters GL_ARB_framebuffer_no_attachments GL_ARB_shader_group_vote
qt.scenegraph.general: Max Texture Size: 16384
qt.scenegraph.general: Debug context: false
Error: Send error, 22 Invalid argument
Error: Send error, 22 Invalid argument
Error: Send error, 22 Invalid argument
Output is very long and is all pasted below. Please let me know if it would be more helpful to attach as a text file instead.
As long as GitHub doesn't choke on it, that's fine.
Now, to the issue at hand. I did notice you are using firejail 0.9.52, which isn't a problem by itself but it might be worth trying to get a more recent firejail package if possible on Linux Mint 19.1 Tessa. After comparing the zoom.profile from 0.9.52 with our current one, and looking at the debug output, you might need to add 'netlink' to the protocol list and include another whitelist file. After adding the below in ${HOME}/.config/firejail/zoom.local, do you see any improvement?
include /etc/firejail/whitelist-var-common.inc
protocol unix,inet,inet6,netlink
Output is very long and is all pasted below. Please let me know if it would be more helpful to attach as a text file instead.
@bouncinglime FYI, you can use HTML tags:
(note the blank lines before/after the HTML tags)
<details><summary> firejail --debug zoom </summary>
` ` `
DEBUG OUTPUT
` ` `
</details>
firejail --debug zoom
DEBUG OUTPUT
@glitsj16 firejail 0.9.52 isn't loading .locals from user home. It must be /etc/firejail/zoom.local.
rusty-snake
on 10 Apr 2020
👍1
@rusty-snake Can you think of anything that would account for the pulseaudio line in the debug output here?
[...]
No PulseAudio daemon running, or not running as session daemon.
[...]
I mean, if PA isn't running, it would make sense that toggling mic mute doesn't do much... I have zero experience with zoom though.
glitsj16
on 10 Apr 2020
IDK how zoom checks PA. In the past we have PA issues, but he is running Mint19.
@bouncinglime can you try firecfg --fix-sound (just run it once). Does it work with --noprofile?
rusty-snake
on 10 Apr 2020
@bouncinglime @rusty-snake Apologies for the latest postings and potential confusion. My firejail-git is broken again after https://github.com/netblue30/firejail/commit/0f18c1bb2cf47a05b9936e3b54ece62360d45daa. Need to fix that asap.
glitsj16
on 10 Apr 2020
(Pronouns : she/her/hers. Please don't assume gender; they/them/theirs are good gender-neutral options.)
I've been having intermittent issues with this Mint install not connecting to PulseAudio, and this one weird sudo problem (but only when trying to adjust the brightness-change steps), so I may switch to standard Ubuntu over the weekend.
This is the version of firejail that was installed via apt, so I'm not sure why it wouldn't be the most recent.
I ran firefcg --fix-sound and did a quick test - PTT still isn't working.
Here's the new output :
$ firejail --debug zoom
Autoselecting /bin/bash as shell
Building quoted command line: 'zoom'
Command name #zoom#
Found zoom profile in /etc/firejail directory
Reading profile /etc/firejail/zoom.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
DISPLAY=:0.0 parsed as 0
Using the local network stack
Parent pid 4445, child pid 4446
Initializing child process
Host network configured
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp.postexec file
Build protocol filter: unix,inet,inet6
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fseccomp protocol build unix,inet,inet6 /run/firejail/mnt/seccomp.protocol (null)
sbox file descriptors:
total 0
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 0 -> /dev/null
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 1 -> /dev/pts/0
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 2 -> /dev/pts/0
lr-x------ 1 mhsu mhsu 64 Apr 10 09:43 3 -> /proc/4450/fd
Dropping all capabilities
Username mhsu, no supplementary groups
Mounting read-only /bin, /sbin, /lib, /lib32, /lib64, /usr, /etc, /var
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Mounting tmpfs on /var/lib/dhcp
Mounting tmpfs on /var/lib/nginx
Mounting tmpfs on /var/lib/snmp
Mounting tmpfs on /var/lib/sudo
Create the new utmp file
Mount the new utmp file
Cleaning /home directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/x11
Remounting /proc and /proc/sys filesystems
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/module
Disable /sys/power
Disable /sys/kernel/debug
Disable /sys/kernel/vmcoreinfo
Disable /sys/kernel/uevent_helper
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/kernel/hotplug
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kcore
Disable /proc/kallsyms
Disable /lib/modules
Disable /usr/lib/debug
Disable /boot
Disable /dev/port
Disable /run/user/1000/gnupg
Disable /run/user/1000/systemd
Disable /dev/kmsg
Disable /proc/kmsg
Debug 393: new_name #/home/mhsu/.cache/zoom#, whitelist
Debug 480: fname #/home/mhsu/.cache/zoom#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.cache/zoom
Debug 393: new_name #/home/mhsu/.zoom#, whitelist
Debug 480: fname #/home/mhsu/.zoom#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.zoom
Debug 393: new_name #/home/mhsu/.XCompose#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose
expanded: /home/mhsu/.XCompose
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.asoundrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc
expanded: /home/mhsu/.asoundrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/ibus#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ibus
expanded: /home/mhsu/.config/ibus
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/mimeapps.list#, whitelist
Debug 480: fname #/home/mhsu/.config/mimeapps.list#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/mimeapps.list
Debug 393: new_name #/home/mhsu/.config/pkcs11#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11
expanded: /home/mhsu/.config/pkcs11
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/user-dirs.dirs#, whitelist
Debug 480: fname #/home/mhsu/.config/user-dirs.dirs#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/user-dirs.dirs
Debug 393: new_name #/home/mhsu/.drirc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc
expanded: /home/mhsu/.drirc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons
expanded: /home/mhsu/.icons
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.local/share/applications#, whitelist
Debug 480: fname #/home/mhsu/.local/share/applications#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.local/share/applications
Debug 393: new_name #/home/mhsu/.local/share/icons#, whitelist
Debug 480: fname #/home/mhsu/.local/share/icons#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.local/share/icons
Debug 393: new_name #/home/mhsu/.local/share/mime#, whitelist
Debug 480: fname #/home/mhsu/.local/share/mime#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.local/share/mime
Debug 393: new_name #/home/mhsu/.mime.types#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types
expanded: /home/mhsu/.mime.types
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.cache/fontconfig#, whitelist
Debug 480: fname #/home/mhsu/.cache/fontconfig#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.cache/fontconfig
Debug 393: new_name #/home/mhsu/.config/fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/fontconfig
expanded: /home/mhsu/.config/fontconfig
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig
expanded: /home/mhsu/.fontconfig
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts
expanded: /home/mhsu/.fonts
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fonts.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf
expanded: /home/mhsu/.fonts.conf
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fonts.conf.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d
expanded: /home/mhsu/.fonts.conf.d
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.fonts.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d
expanded: /home/mhsu/.fonts.d
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.local/share/fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/fonts
expanded: /home/mhsu/.local/share/fonts
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.pangorc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc
expanded: /home/mhsu/.pangorc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/gtk-2.0#, whitelist
Debug 480: fname #/home/mhsu/.config/gtk-2.0#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/gtk-2.0
Debug 393: new_name #/home/mhsu/.config/gtk-3.0#, whitelist
Debug 480: fname #/home/mhsu/.config/gtk-3.0#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/gtk-3.0
Debug 393: new_name #/home/mhsu/.config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc
expanded: /home/mhsu/.config/gtkrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtkrc-2.0
expanded: /home/mhsu/.config/gtkrc-2.0
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gnome2#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2
expanded: /home/mhsu/.gnome2
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gnome2-private#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private
expanded: /home/mhsu/.gnome2-private
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gtk-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0
expanded: /home/mhsu/.gtk-2.0
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc
expanded: /home/mhsu/.gtkrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.gtkrc-2.0#, whitelist
Debug 480: fname #/home/mhsu/.gtkrc-2.0#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.gtkrc-2.0
Debug 393: new_name #/home/mhsu/.kde/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc
expanded: /home/mhsu/.kde/share/config/gtkrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0
expanded: /home/mhsu/.kde/share/config/gtkrc-2.0
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc
expanded: /home/mhsu/.kde4/share/config/gtkrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0
expanded: /home/mhsu/.kde4/share/config/gtkrc-2.0
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.local/share/themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes
expanded: /home/mhsu/.local/share/themes
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes
expanded: /home/mhsu/.themes
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/dconf#, whitelist
Debug 480: fname #/home/mhsu/.config/dconf#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/dconf
Debug 393: new_name #/home/mhsu/.config/Trolltech.conf#, whitelist
Debug 480: fname #/home/mhsu/.config/Trolltech.conf#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/Trolltech.conf
Debug 393: new_name #/home/mhsu/.config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kdeglobals
expanded: /home/mhsu/.config/kdeglobals
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc
expanded: /home/mhsu/.config/kioslaverc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.config/qt5ct#, whitelist
Debug 480: fname #/home/mhsu/.config/qt5ct#, cfg.homedir #/home/mhsu#
Replaced whitelist path: whitelist /home/mhsu/.config/qt5ct
Debug 393: new_name #/home/mhsu/.kde/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals
expanded: /home/mhsu/.kde/share/config/kdeglobals
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc
expanded: /home/mhsu/.kde/share/config/kioslaverc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc
expanded: /home/mhsu/.kde/share/config/oxygenrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons
expanded: /home/mhsu/.kde/share/icons
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals
expanded: /home/mhsu/.kde4/share/config/kdeglobals
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc
expanded: /home/mhsu/.kde4/share/config/kioslaverc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc
expanded: /home/mhsu/.kde4/share/config/oxygenrc
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/home/mhsu/.kde4/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons
expanded: /home/mhsu/.kde4/share/icons
real path: (null)
realpath: No such file or directory
Debug 393: new_name #/tmp/.X11-unix#, whitelist
Username mhsu, groups 1000, 4, 24, 27, 30, 46, 112, 128, 129,
Mounting a new /home directory
Mounting a new /root directory
Create a new user directory
Username mhsu, groups 1000, 4, 24, 27, 30, 46, 112, 128, 129,
Username mhsu, groups 1000, 4, 24, 27, 30, 46, 112, 128, 129,
Mounting tmpfs on /tmp directory
Whitelisting /home/mhsu/.cache/zoom
Whitelisting /home/mhsu/.zoom
Whitelisting /home/mhsu/.config/mimeapps.list
Whitelisting /home/mhsu/.config/user-dirs.dirs
Whitelisting /home/mhsu/.local/share/applications
Whitelisting /home/mhsu/.local/share/icons
Whitelisting /home/mhsu/.local/share/mime
Whitelisting /home/mhsu/.cache/fontconfig
Whitelisting /home/mhsu/.config/gtk-2.0
Whitelisting /home/mhsu/.config/gtk-3.0
Whitelisting /home/mhsu/.gtkrc-2.0
Whitelisting /home/mhsu/.config/dconf
Whitelisting /home/mhsu/.config/Trolltech.conf
Whitelisting /home/mhsu/.config/qt5ct
Whitelisting /tmp/.X11-unix
Disable /etc/X11/Xsession.d
Disable /etc/xdg/autostart
Disable /var/lib/systemd
Disable /var/cache/apt
Disable /var/lib/apt
Disable /var/lib/dkms
Disable /var/lib/upower
Disable /var/mail
Disable /var/opt
Disable /run/acpid.socket (requested /var/run/acpid.socket)
Disable /var/spool/anacron
Disable /var/spool/cron
Disable /var/mail (requested /var/spool/mail)
Disable /etc/anacrontab
Disable /etc/crontab
Disable /etc/cron.d
Disable /etc/cron.monthly
Disable /etc/cron.hourly
Disable /etc/cron.daily
Disable /etc/cron.weekly
Disable /etc/profile.d
Disable /etc/rc1.d
Disable /etc/rc2.d
Disable /etc/rc4.d
Disable /etc/rc0.d
Disable /etc/rcS.d
Disable /etc/rc6.d
Disable /etc/rc5.d
Disable /etc/rc3.d
Disable /etc/kernel
Disable /etc/kernel-img.conf
Disable /etc/kerneloops.conf
Disable /etc/grub.d
Disable /etc/dkms
Disable /etc/apparmor
Disable /etc/apparmor.d
Disable /etc/selinux
Disable /etc/modules-load.d
Disable /etc/modules
Disable /etc/logrotate.conf
Disable /etc/logrotate.d
Disable /etc/adduser.conf
Mounting read-only /home/mhsu/.bashrc
Mounting read-only /home/mhsu/.local/share/applications
Disable /etc/group-
Disable /etc/gshadow
Disable /etc/gshadow-
Disable /etc/passwd-
Disable /etc/shadow
Disable /etc/shadow-
Disable /etc/ssh
Disable /sbin
Disable /usr/local/sbin
Disable /usr/sbin
Disable /usr/bin/chage
Disable /usr/bin/chfn
Disable /usr/bin/chsh
Disable /usr/bin/crontab
Disable /usr/bin/expiry
Disable /bin/fusermount
Disable /usr/bin/gpasswd
Disable /bin/mount
Disable /bin/nc.openbsd (requested /bin/nc)
Disable /usr/bin/newgrp
Disable /bin/ntfs-3g
Disable /usr/bin/pkexec
Disable /usr/bin/newgrp (requested /usr/bin/sg)
Disable /usr/bin/strace
Disable /bin/su
Disable /usr/bin/sudo
Disable /bin/umount
Disable /usr/bin/xev
Disable /usr/bin/xinput
Disable /usr/lib/virtualbox
Disable /usr/bin/xfce4-terminal
Disable /usr/bin/xfce4-terminal.wrapper
Mounting noexec /tmp/.X11-unix
Disable /usr/bin/x86_64-linux-gnu-as (requested /usr/bin/as)
Disable /usr/bin/x86_64-linux-gnu-c++filt (requested /usr/bin/c++filt)
Disable /usr/bin/x86_64-linux-gnu-g++-7 (requested /usr/bin/c++)
Disable /usr/bin/c89-gcc
Disable /usr/bin/c89-gcc (requested /usr/bin/c89)
Disable /usr/bin/c99-gcc (requested /usr/bin/c99)
Disable /usr/bin/c99-gcc
Disable /usr/bin/x86_64-linux-gnu-cpp-7 (requested /usr/bin/cpp)
Disable /usr/bin/x86_64-linux-gnu-cpp-7 (requested /usr/bin/cpp-7)
Disable /usr/bin/x86_64-linux-gnu-g++-7 (requested /usr/bin/g++)
Disable /usr/bin/x86_64-linux-gnu-g++-7 (requested /usr/bin/g++-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-7 (requested /usr/bin/gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-7 (requested /usr/bin/gcc-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-7 (requested /usr/bin/gcc-nm-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-7 (requested /usr/bin/gcc-ar)
Disable /usr/bin/x86_64-linux-gnu-gcc-7 (requested /usr/bin/gcc)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-7 (requested /usr/bin/gcc-ranlib-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-7 (requested /usr/bin/gcc-ar-7)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-7 (requested /usr/bin/gcc-nm)
Disable /usr/bin/gdb
Disable /usr/bin/x86_64-linux-gnu-ld.bfd (requested /usr/bin/ld)
Disable /usr/bin/x86_64-linux-gnu-g++-7
Disable /usr/bin/x86_64-linux-gnu-g++-7 (requested /usr/bin/x86_64-linux-gnu-g++)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-7 (requested /usr/bin/x86_64-linux-gnu-gcc-ar)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-7 (requested /usr/bin/x86_64-linux-gnu-gcc-nm)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-7
Disable /usr/bin/x86_64-linux-gnu-gcc-7 (requested /usr/bin/x86_64-linux-gnu-gcc)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-7 (requested /usr/bin/x86_64-linux-gnu-gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-7
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-7
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-7
Disable /usr/include
Disable /usr/lib/valgrind
Disable /usr/bin/cpan
Disable /usr/bin/cpan5.26-x86_64-linux-gnu
Disable /usr/bin/perl
Disable /usr/share/perl-openssl-defaults
Disable /usr/share/perl5
Disable /usr/share/perl
Disable /usr/bin/openssl
Not blacklist /home/mhsu/.config/zoomus.conf
Disable /home/mhsu/.zoom
Mounting read-only /home/mhsu/.config/user-dirs.dirs
Mounting read-only /home/mhsu/.local/share/applications
Disable /sys/fs
Username mhsu, groups 1000, 4, 24, 27, 30, 46, 112, 128, 129,
disable /dev/dvb
disable /dev/sr0
Current directory: /home/mhsu
DISPLAY=:0.0 parsed as 0
Dropping all capabilities
Install protocol filter: unix,inet,inet6
configuring 14 seccomp entries in /run/firejail/mnt/seccomp.protocol
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fseccomp print /run/firejail/mnt/seccomp.protocol (null)
sbox file descriptors:
total 0
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 0 -> /dev/null
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 1 -> /dev/pts/0
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 2 -> /dev/pts/0
lr-x------ 1 mhsu mhsu 64 Apr 10 09:43 3 -> /proc/11/fd
Dropping all capabilities
Username mhsu, no supplementary groups
SECCOMP Filter
VALIDATE_ARCHITECTURE_64
EXAMINE_SYSCALL
WHITELIST 41 socket
UNKNOWN ENTRY 20!
WHITELIST 1 write
WHITELIST 2 open
WHITELIST 10 mprotect
RETURN_ERRNO 95 EOPNOTSUPP
configuring 101 seccomp entries in /run/firejail/mnt/seccomp.32
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fseccomp print /run/firejail/mnt/seccomp.32 (null)
sbox file descriptors:
total 0
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 0 -> /dev/null
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 1 -> /dev/pts/0
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 2 -> /dev/pts/0
lr-x------ 1 mhsu mhsu 64 Apr 10 09:43 3 -> /proc/14/fd
Dropping all capabilities
Username mhsu, no supplementary groups
SECCOMP Filter
VALIDATE_ARCHITECTURE_32
EXAMINE_SYSCALL
BLACKLIST 21 access
BLACKLIST 52 getpeername
BLACKLIST 26 msync
BLACKLIST 283 timerfd_create
BLACKLIST 341 unknown
BLACKLIST 342 unknown
BLACKLIST 127 rt_sigpending
BLACKLIST 128 rt_sigtimedwait
BLACKLIST 350 unknown
BLACKLIST 129 rt_sigqueueinfo
BLACKLIST 110 getppid
BLACKLIST 101 ptrace
BLACKLIST 289 signalfd4
BLACKLIST 87 unlink
BLACKLIST 115 getgroups
BLACKLIST 103 syslog
BLACKLIST 347 unknown
BLACKLIST 348 unknown
BLACKLIST 135 personality
BLACKLIST 149 mlock
BLACKLIST 124 getsid
BLACKLIST 343 unknown
BLACKLIST 253 inotify_init
BLACKLIST 336 unknown
BLACKLIST 338 unknown
BLACKLIST 349 unknown
BLACKLIST 286 timerfd_settime
BLACKLIST 287 timerfd_gettime
BLACKLIST 288 accept4
BLACKLIST 86 link
BLACKLIST 51 getsockname
BLACKLIST 123 setfsgid
BLACKLIST 217 getdents64
BLACKLIST 245 mq_getsetattr
BLACKLIST 246 kexec_load
BLACKLIST 247 waitid
BLACKLIST 248 add_key
BLACKLIST 249 request_key
BLACKLIST 257 openat
BLACKLIST 274 get_robust_list
BLACKLIST 276 tee
BLACKLIST 294 inotify_init1
BLACKLIST 317 seccomp
BLACKLIST 316 renameat2
BLACKLIST 61 wait4
BLACKLIST 88 symlink
BLACKLIST 169 reboot
BLACKLIST 130 rt_sigsuspend
RETURN_ALLOW
Dual 32/64 bit seccomp filter configured
configuring 138 seccomp entries in /run/firejail/mnt/seccomp
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fseccomp print /run/firejail/mnt/seccomp (null)
sbox file descriptors:
total 0
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 0 -> /dev/null
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 1 -> /dev/pts/0
lrwx------ 1 mhsu mhsu 64 Apr 10 09:43 2 -> /dev/pts/0
lr-x------ 1 mhsu mhsu 64 Apr 10 09:43 3 -> /proc/17/fd
Dropping all capabilities
Username mhsu, no supplementary groups
SECCOMP Filter
VALIDATE_ARCHITECTURE
EXAMINE_SYSCALL
HANDLE_X32
BLACKLIST 154 modify_ldt
BLACKLIST 212 lookup_dcookie
BLACKLIST 298 perf_event_open
BLACKLIST 311 process_vm_writev
BLACKLIST 156 _sysctl
BLACKLIST 183 afs_syscall
BLACKLIST 174 create_module
BLACKLIST 177 get_kernel_syms
BLACKLIST 181 getpmsg
BLACKLIST 182 putpmsg
BLACKLIST 178 query_module
BLACKLIST 185 security
BLACKLIST 139 sysfs
BLACKLIST 184 tuxcall
BLACKLIST 134 uselib
BLACKLIST 136 ustat
BLACKLIST 236 vserver
BLACKLIST 159 adjtimex
BLACKLIST 305 clock_adjtime
BLACKLIST 227 clock_settime
BLACKLIST 164 settimeofday
BLACKLIST 176 delete_module
BLACKLIST 313 finit_module
BLACKLIST 175 init_module
BLACKLIST 173 ioperm
BLACKLIST 172 iopl
BLACKLIST 246 kexec_load
BLACKLIST 320 kexec_file_load
BLACKLIST 169 reboot
BLACKLIST 167 swapon
BLACKLIST 168 swapoff
BLACKLIST 163 acct
BLACKLIST 321 bpf
BLACKLIST 161 chroot
BLACKLIST 165 mount
BLACKLIST 180 nfsservctl
BLACKLIST 155 pivot_root
BLACKLIST 171 setdomainname
BLACKLIST 170 sethostname
BLACKLIST 166 umount2
BLACKLIST 153 vhangup
BLACKLIST 238 set_mempolicy
BLACKLIST 256 migrate_pages
BLACKLIST 279 move_pages
BLACKLIST 237 mbind
BLACKLIST 304 open_by_handle_at
BLACKLIST 303 name_to_handle_at
BLACKLIST 251 ioprio_set
BLACKLIST 103 syslog
BLACKLIST 300 fanotify_init
BLACKLIST 312 kcmp
BLACKLIST 248 add_key
BLACKLIST 249 request_key
BLACKLIST 250 keyctl
BLACKLIST 206 io_setup
BLACKLIST 207 io_destroy
BLACKLIST 208 io_getevents
BLACKLIST 209 io_submit
BLACKLIST 210 io_cancel
BLACKLIST 216 remap_file_pages
BLACKLIST 278 vmsplice
BLACKLIST 135 personality
BLACKLIST 323 userfaultfd
BLACKLIST 101 ptrace
BLACKLIST 310 process_vm_readv
RETURN_ALLOW
seccomp filter configured
Seccomp files:
-rw-r--r-- 1 mhsu mhsu 1104 Apr 10 09:43 /run/firejail/mnt/seccomp
-rw-r--r-- 1 mhsu mhsu 808 Apr 10 09:43 /run/firejail/mnt/seccomp.32
-rw-r--r-- 1 mhsu mhsu 824 Apr 10 09:43 /run/firejail/mnt/seccomp.64
-rw-r--r-- 1 mhsu mhsu 0 Apr 10 09:43 /run/firejail/mnt/seccomp.postexec
-rw-r--r-- 1 mhsu mhsu 112 Apr 10 09:43 /run/firejail/mnt/seccomp.protocol
noroot user namespace installed
Dropping all capabilities
NO_NEW_PRIVS set
starting application
LD_PRELOAD=(null)
Running 'zoom' command through /bin/bash
execvp argument 0: /bin/bash
execvp argument 1: -c
execvp argument 2: 'zoom'
Child process initialized in 95.42 ms
Installing /run/firejail/mnt/seccomp seccomp filter
Installing /run/firejail/mnt/seccomp.32 seccomp filter
Installing /run/firejail/mnt/seccomp.protocol seccomp filter
ZoomLauncher started.
Zoom not exist at current directory - /home/mhsu
Zoom path is: /opt/zoom
cmd line:
CreateReportChannel bp_server_fd=4
$HOME = /home/mhsu
Can't load/home/mhsu/.config/zoomus.conf
export SSB_HOME=/home/mhsu/.zoom; export QSG_INFO=1; export LD_LIBRARY_PATH=/opt/zoom; export BREAKPAD_CLIENT_FD=3; /opt/zoom/zoom ""
monitoring pid 20
No PulseAudio daemon running, or not running as session daemon.
zoom started.
Client: Breakpad is using Client-Server Mode! client fd = 3
[CZPClientLogMgr::LogClientEnvironment] [MacAddr: ][client: Linux][OS: Linux Mint 19.1][Hardware: CPU Core:2 Frenquency:1.1 G Memory size:7897MB CPU Brand:Intel(R) Processor 5Y70 CPU @ 1.10GHz GPU Brand:][Req ID: ]
Linux Client Version is 3.5.361976.0301
QSG_RENDER_LOOP is
XDG_CURRENT_DESKTOP = XFCE; GDMSESSION = xfce
Graphics Card Info:: 00:02.0 VGA compatible controller: Intel Corporation HD Graphics 5300 (rev 08)
Zoom package arch is 64bit, runing OS arch is x86_64
AppIconMgr::systemDesktopName log Desktop Name: xfce
qt.scenegraph.general: QSG: basic render loop
qt.scenegraph.general: Using sg animation driver
qt.svg: link image0 hasn't been detected!
qt.svg: :/images/wechat.svg:10:6: Could not resolve property: pattern0
qt.scenegraph.general: texture atlas dimensions: 1024x512
qt.scenegraph.general: R/G/B/A Buffers: 8 8 8 8
qt.scenegraph.general: Depth Buffer: 24
qt.scenegraph.general: Stencil Buffer: 8
qt.scenegraph.general: Samples: -1
qt.scenegraph.general: GL_VENDOR: Intel Open Source Technology Center
qt.scenegraph.general: GL_RENDERER: Mesa DRI Intel(R) HD Graphics 5300 (Broadwell GT2)
qt.scenegraph.general: GL_VERSION: 3.0 Mesa 19.2.8
qt.scenegraph.general: GL_EXTENSIONS: GL_NV_texgen_reflection GL_EXT_texture_compression_s3tc GL_INGR_blend_func_separate GL_KHR_context_flush_control GL_NV_compute_shader_derivatives GL_NV_conditional_render GL_ARB_texture_query_levels GL_ARB_invalidate_subdata GL_AMD_conservative_depth GL_EXT_compiled_vertex_array GL_EXT_fog_coord GL_EXT_shader_integer_mix GL_ARB_texture_non_power_of_two GL_ARB_texture_stencil8 GL_ARB_clip_control GL_ARB_texture_env_add GL_ARB_texture_env_combine GL_EXT_shader_framebuffer_fetch_non_coherent GL_EXT_texture_sRGB_R8 GL_ARB_conservative_depth GL_ARB_indirect_parameters GL_ARB_fragment_layer_viewport GL_ARB_texture_border_clamp GL_NV_light_max_exponent GL_SGIS_generate_mipmap GL_EXT_texture_shadow_lod GL_ARB_provoking_vertex GL_ARB_sampler_objects GL_ARB_draw_buffers GL_EXT_abgr GL_ARB_texture_mirrored_repeat GL_EXT_texture_env_combine GL_ATI_blend_equation_separate GL_EXT_packed_pixels GL_ARB_shader_objects GL_ARB_clear_texture GL_KHR_robust_buffer_access_behavior GL_MESA_texture_signed_rgba GL_EXT_draw_instanced GL_ARB_draw_indirect GL_EXT_packed_depth_stencil GL_ARB_texture_rg GL_ARB_texture_compression_bptc GL_ARB_color_buffer_float GL_ARB_texture_storage_multisample GL_ARB_stencil_texturing GL_ARB_texture_view GL_INTEL_performance_query GL_ARB_copy_buffer GL_ARB_sync GL_ARB_timer_query GL_ARB_get_texture_sub_image GL_ARB_robust_buffer_access_behavior GL_ARB_shader_precision GL_ARB_seamless_cubemap_per_texture GL_EXT_blend_subtract GL_EXT_multi_draw_arrays GL_EXT_subtexture GL_ARB_draw_buffers_blend GL_EXT_draw_buffers2 GL_EXT_texture_array GL_ARB_shading_language_packing GL_ARB_instanced_arrays GL_ARB_seamless_cube_map GL_EXT_shader_samples_identical GL_AMD_query_buffer_object GL_ARB_occlusion_query2 GL_EXT_stencil_two_side GL_ARB_texture_barrier GL_EXT_secondary_color GL_EXT_texture_shared_exponent GL_EXT_texture_object GL_ARB_robustness GL_ARB_texture_float GL_ARB_texture_multisample GL_ARB_pipeline_statistics_query GL_ARB_copy_image GL_ARB_shader_draw_parameters GL_ARB_draw_elements_base_vertex GL_EXT_blend_minmax GL_EXT_bgra GL_ARB_texture_rgb10_a2ui GL_ARB_texture_storage GL_EXT_framebuffer_multisample GL_ARB_framebuffer_object GL_EXT_framebuffer_sRGB GL_EXT_texture_env_add GL_ARB_shadow GL_KHR_debug GL_SUN_multi_draw_arrays GL_ARB_parallel_shader_compile GL_ARB_derivative_control GL_NV_packed_depth_stencil GL_ARB_compute_shader GL_OES_EGL_image GL_NV_fog_distance GL_IBM_texture_mirrored_repeat GL_EXT_point_parameters GL_ARB_vertex_shader GL_ARB_query_buffer_object GL_ARB_texture_mirror_clamp_to_edge GL_EXT_blend_func_separate GL_EXT_blend_color GL_EXT_texture_compression_rgtc GL_ARB_texture_env_dot3 GL_NV_primitive_restart GL_ARB_fragment_program GL_MESA_window_pos GL_EXT_texture_rectangle GL_ATI_draw_buffers GL_ARB_shader_texture_lod GL_ATI_texture_float GL_ARB_arrays_of_arrays GL_ARB_shader_group_vote GL_ARB_texture_cube_map GL_IBM_multimode_draw_arrays GL_AMD_multi_draw_indirect GL_3DFX_texture_compression_FXT1 GL_ARB_shader_image_size GL_EXT_provoking_vertex GL_KHR_parallel_shader_compile GL_EXT_texture_lod_bias GL_ARB_depth_buffer_float GL_ARB_texture_gather GL_EXT_gpu_program_parameters GL_NV_depth_clamp GL_EXT_packed_float GL_EXT_shadow_funcs GL_ARB_polygon_offset_clamp GL_APPLE_packed_pixels GL_ARB_uniform_buffer_object GL_EXT_framebuffer_multisample_blit_scaled GL_EXT_vertex_array_bgra GL_KHR_blend_equation_advanced GL_APPLE_object_purgeable GL_ARB_ES2_compatibility GL_ARB_multi_draw_indirect GL_OES_read_format GL_ARB_transform_feedback2 GL_EXT_framebuffer_blit GL_EXT_rescale_normal GL_EXT_texture3D GL_ARB_conditional_render_inverted GL_ANGLE_texture_compression_dxt3 GL_ARB_buffer_storage GL_ARB_texture_compression GL_ARB_depth_clamp GL_EXT_texture GL_NV_texture_rectangle GL_ARB_shader_image_load_store GL_ARB_compressed_texture_pixel_storage GL_EXT_texture_snorm GL_ARB_occlusion_query GL_MESA_pack_invert GL_AMD_shader_trinary_minmax GL_EXT_texture_env_dot3 GL_ARB_internalformat_query2 GL_ARB_sample_shading GL_ANGLE_texture_compression_dxt5 GL_EXT_texture_cube_map GL_NV_blend_square GL_ARB_multisample GL_ARB_blend_func_extended GL_S3_s3tc GL_ARB_transpose_matrix GL_EXT_texture_sRGB GL_ARB_explicit_uniform_location GL_ARB_framebuffer_sRGB GL_ARB_shading_language_100 GL_AMD_texture_texture4 GL_ARB_internalformat_query GL_ARB_transform_feedback3 GL_ARB_debug_output GL_ARB_depth_texture GL_EXT_texture_sRGB_decode GL_ARB_clear_buffer_object GL_ARB_shader_texture_image_samples GL_ARB_vertex_buffer_object GL_EXT_texture_swizzle GL_ARB_ES3_compatibility GL_ARB_vertex_array_object GL_ARB_explicit_attrib_location GL_EXT_framebuffer_object GL_NV_texture_env_combine4 GL_ARB_ES3_1_compatibility GL_ARB_shader_bit_encoding GL_ARB_map_buffer_range GL_ARB_program_interface_query GL_AMD_draw_buffers_blend GL_ARB_cull_distance GL_ARB_texture_swizzle GL_ARB_shading_language_420pack GL_KHR_robustness GL_ARB_vertex_array_bgra GL_AMD_seamless_cubemap_per_texture GL_ARB_fragment_coord_conventions GL_ARB_point_parameters GL_EXT_blend_equation_separate GL_SGIS_texture_edge_clamp GL_ARB_half_float_vertex GL_ARB_texture_rectangle GL_EXT_copy_texture GL_ARB_texture_compression_rgtc GL_EXT_texture_filter_anisotropic GL_ARB_texture_query_lod GL_EXT_stencil_wrap GL_SGIS_texture_lod GL_ARB_shader_clock GL_ARB_texture_cube_map_array GL_ARB_draw_instanced GL_EXT_draw_range_elements GL_ARB_texture_filter_anisotropic GL_ARB_multitexture GL_MESA_shader_integer_functions GL_ARB_framebuffer_no_attachments GL_ATI_separate_stencil GL_EXT_texture_compression_dxt1 GL_ARB_transform_feedback_overflow_query GL_ARB_transform_feedback_instanced GL_ARB_vertex_attrib_binding GL_NV_texture_barrier GL_ARB_separate_shader_objects GL_ATI_texture_env_combine3 GL_EXT_pixel_buffer_object GL_EXT_texture_integer GL_EXT_vertex_array GL_ARB_map_buffer_alignment GL_ARB_texture_env_crossbar GL_ARB_shader_atomic_counter_ops GL_ARB_shader_ballot GL_EXT_timer_query GL_ARB_shader_storage_buffer_object GL_EXT_transform_feedback GL_ARB_half_float_pixel GL_ARB_get_program_binary GL_ARB_vertex_type_10f_11f_11f_rev GL_IBM_rasterpos_clip GL_KHR_no_error GL_ARB_fragment_shader GL_ARB_fragment_program_shadow GL_EXT_separate_specular_color GL_ARB_vertex_type_2_10_10_10_rev GL_ARB_pixel_buffer_object GL_ARB_multi_bind GL_SGIS_texture_border_clamp GL_ARB_point_sprite GL_ARB_shader_atomic_counters GL_ARB_vertex_program GL_ARB_window_pos GL_EXT_polygon_offset_clamp GL_EXT_texture_edge_clamp
qt.scenegraph.general: Max Texture Size: 16384
qt.scenegraph.general: Debug context: false
Error: Send error, 22 Invalid argument
Error: Send error, 22 Invalid argument
Error: Send error, 22 Invalid argument
(Pronouns : she/her/hers. Please don't assume gender; they/them/theirs are good gender-neutral options.)
Sorry about that, it was less about assume gender, more about low english skills.
rusty-snake
on 10 Apr 2020
👍1
This is the version of firejail that was installed via apt, so I'm not sure why it wouldn't be the most recent.
A collaborator here has a firejail PPA holding the latest releases. I do realize that not everyone wants to use PPA's on a Debian/Ubuntu based OS, and it probably isn't going to solve this particular issue. Just a FYI in other words.
Nothing 'clicked' yet in regards to your audio issue, so at the moment I can only pose more questions instead of offering a solution. Does the issue persist when running firejail --noprofile zoom?
glitsj16
on 10 Apr 2020
Yeah, still no PTT with --noprofile. Output below includes host (myself on another computer) ending the meeting.
@glitsj16 Thanks for the PPA info. I've added it and updated to 0.9.62. The below output is from 0.9.52.
firejail --noprofile zoom
Parent pid 32004, child pid 32005
Child process initialized in 27.04 ms
ZoomLauncher started.
Zoom not exist at current directory - /home/mhsu
Zoom path is: /opt/zoom
cmd line:
CreateReportChannel bp_server_fd=4
$HOME = /home/mhsu
export SSB_HOME=/home/mhsu/.zoom; export QSG_INFO=1; export LD_LIBRARY_PATH=/opt/zoom; export BREAKPAD_CLIENT_FD=3; /opt/zoom/zoom ""
No PulseAudio daemon running, or not running as session daemon.
zoom started.
Client: Breakpad is using Client-Server Mode! client fd = 3
[CZPClientLogMgr::LogClientEnvironment] [MacAddr: 38:B1:DB:E1:8B:CB][client: Linux][OS: Linux Mint 19.1][Hardware: CPU Core:2 Frenquency:1.1 G Memory size:7897MB CPU Brand:Intel(R) Processor 5Y70 CPU @ 1.10GHz GPU Brand:][Req ID: ]
Linux Client Version is 3.5.361976.0301
QSG_RENDER_LOOP is
XDG_CURRENT_DESKTOP = XFCE; GDMSESSION = xfce
Graphics Card Info:: 00:02.0 VGA compatible controller: Intel Corporation HD Graphics 5300 (rev 08)
Zoom package arch is 64bit, runing OS arch is x86_64
AppIconMgr::systemDesktopName log Desktop Name: xfce
qt.scenegraph.general: QSG: basic render loop
qt.scenegraph.general: Using sg animation driver
qt.svg: link image0 hasn't been detected!
Error: Send error, 22 Invalid argument
Error: Send error, 22 Invalid argument
Error: Send error, 22 Invalid argument
qt.svg: :/images/wechat.svg:10:6: Could not resolve property: pattern0
qt.scenegraph.general: texture atlas dimensions: 1024x512
qt.scenegraph.general: R/G/B/A Buffers: 8 8 8 8
qt.scenegraph.general: Depth Buffer: 24
qt.scenegraph.general: Stencil Buffer: 8
qt.scenegraph.general: Samples: -1
qt.scenegraph.general: GL_VENDOR: Intel Open Source Technology Center
qt.scenegraph.general: GL_RENDERER: Mesa DRI Intel(R) HD Graphics 5300 (Broadwell GT2)
qt.scenegraph.general: GL_VERSION: 3.0 Mesa 19.2.8
qt.scenegraph.general: GL_EXTENSIONS: GL_EXT_rescale_normal GL_ARB_texture_env_add GL_ARB_draw_instanced GL_ARB_pipeline_statistics_query GL_ARB_vertex_attrib_binding GL_ARB_map_buffer_alignment GL_ARB_arrays_of_arrays GL_ARB_fragment_coord_conventions GL_ARB_explicit_attrib_location GL_EXT_packed_pixels GL_ARB_texture_compression_bptc GL_ARB_texture_mirror_clamp_to_edge GL_ARB_copy_buffer GL_ARB_half_float_vertex GL_EXT_texture_sRGB_R8 GL_ARB_texture_rg GL_EXT_shadow_funcs GL_EXT_abgr GL_ARB_framebuffer_no_attachments GL_ARB_parallel_shader_compile GL_KHR_debug GL_EXT_copy_texture GL_ARB_shading_language_100 GL_ARB_shader_clock GL_ARB_vertex_array_bgra GL_EXT_framebuffer_multisample_blit_scaled GL_ARB_texture_barrier GL_EXT_texture_compression_rgtc GL_ARB_shader_atomic_counter_ops GL_MESA_shader_integer_functions GL_ARB_multi_draw_indirect GL_ARB_texture_storage GL_SGIS_generate_mipmap GL_APPLE_object_purgeable GL_NV_packed_depth_stencil GL_ARB_shader_draw_parameters GL_ARB_multi_bind GL_ARB_texture_stencil8 GL_ARB_ES3_compatibility GL_ARB_vertex_array_object GL_ARB_sync GL_ARB_get_program_binary GL_ARB_texture_filter_anisotropic GL_EXT_texture_filter_anisotropic GL_NV_light_max_exponent GL_NV_fog_distance GL_SGIS_texture_border_clamp GL_ARB_vertex_type_10f_11f_11f_rev GL_ARB_texture_cube_map_array GL_EXT_texture_object GL_EXT_texture_snorm GL_ARB_shader_precision GL_ARB_vertex_type_2_10_10_10_rev GL_NV_conditional_render GL_EXT_shader_framebuffer_fetch_non_coherent GL_ARB_texture_mirrored_repeat GL_ARB_ES3_1_compatibility GL_EXT_shader_samples_identical GL_ARB_shader_atomic_counters GL_ARB_cull_distance GL_ARB_shader_group_vote GL_EXT_texture_env_combine GL_MESA_pack_invert GL_NV_texgen_reflection GL_ARB_transform_feedback_instanced GL_SGIS_texture_lod GL_ARB_transpose_matrix GL_ARB_multisample GL_ARB_multitexture GL_NV_texture_rectangle GL_ARB_shader_image_load_store GL_ARB_robust_buffer_access_behavior GL_ARB_occlusion_query2 GL_EXT_texture_sRGB GL_ARB_query_buffer_object GL_ARB_vertex_buffer_object GL_EXT_polygon_offset_clamp GL_ARB_seamless_cubemap_per_texture GL_ARB_transform_feedback_overflow_query GL_ARB_buffer_storage GL_ARB_texture_border_clamp GL_EXT_texture_integer GL_NV_depth_clamp GL_SUN_multi_draw_arrays GL_ARB_shader_bit_encoding GL_ARB_debug_output GL_ARB_conditional_render_inverted GL_KHR_context_flush_control GL_ARB_texture_query_lod GL_ATI_blend_equation_separate GL_NV_compute_shader_derivatives GL_EXT_blend_color GL_AMD_shader_trinary_minmax GL_INTEL_performance_query GL_ARB_texture_env_combine GL_EXT_stencil_wrap GL_AMD_multi_draw_indirect GL_ARB_shading_language_packing GL_ARB_clear_texture GL_ARB_compressed_texture_pixel_storage GL_ARB_sample_shading GL_OES_EGL_image GL_EXT_framebuffer_sRGB GL_EXT_vertex_array GL_ARB_shadow GL_ARB_shader_texture_lod GL_IBM_multimode_draw_arrays GL_MESA_window_pos GL_ARB_blend_func_extended GL_AMD_draw_buffers_blend GL_EXT_framebuffer_object GL_ARB_draw_buffers GL_ARB_sampler_objects GL_KHR_parallel_shader_compile GL_ARB_framebuffer_sRGB GL_3DFX_texture_compression_FXT1 GL_EXT_texture_compression_s3tc GL_ARB_pixel_buffer_object GL_EXT_draw_range_elements GL_EXT_texture_swizzle GL_EXT_bgra GL_MESA_texture_signed_rgba GL_ARB_texture_swizzle GL_ARB_seamless_cube_map GL_ARB_shader_texture_image_samples GL_ARB_point_sprite GL_ARB_texture_query_levels GL_EXT_fog_coord GL_ARB_texture_multisample GL_ARB_polygon_offset_clamp GL_ARB_internalformat_query2 GL_EXT_draw_instanced GL_ARB_texture_env_crossbar GL_ARB_half_float_pixel GL_ANGLE_texture_compression_dxt3 GL_ARB_stencil_texturing GL_ARB_depth_buffer_float GL_EXT_compiled_vertex_array GL_ARB_texture_non_power_of_two GL_ARB_transform_feedback3 GL_ARB_texture_compression_rgtc GL_EXT_packed_depth_stencil GL_APPLE_packed_pixels GL_ARB_provoking_vertex GL_ARB_occlusion_query GL_ARB_uniform_buffer_object GL_ANGLE_texture_compression_dxt5 GL_ARB_program_interface_query GL_KHR_blend_equation_advanced GL_SGIS_texture_edge_clamp GL_ARB_window_pos GL_EXT_multi_draw_arrays GL_ARB_robustness GL_ARB_texture_view GL_EXT_texture_array GL_EXT_provoking_vertex GL_EXT_pixel_buffer_object GL_EXT_texture_env_dot3 GL_ARB_draw_elements_base_vertex GL_ARB_vertex_program GL_ARB_vertex_shader GL_EXT_gpu_program_parameters GL_EXT_texture_lod_bias GL_ATI_draw_buffers GL_EXT_shader_integer_mix GL_NV_primitive_restart GL_ARB_fragment_shader GL_EXT_framebuffer_multisample GL_AMD_seamless_cubemap_per_texture GL_EXT_blend_minmax GL_ARB_color_buffer_float GL_AMD_texture_texture4 GL_EXT_subtexture GL_ARB_conservative_depth GL_EXT_packed_float GL_EXT_draw_buffers2 GL_EXT_texture_shadow_lod GL_ARB_fragment_layer_viewport GL_EXT_framebuffer_blit GL_ARB_clip_control GL_ARB_draw_buffers_blend GL_ARB_texture_env_dot3 GL_ARB_fragment_program_shadow GL_OES_read_format GL_ARB_shader_image_size GL_ARB_texture_cube_map GL_EXT_texture_shared_exponent GL_ARB_draw_indirect GL_ARB_transform_feedback2 GL_EXT_blend_func_separate GL_EXT_vertex_array_bgra GL_ARB_shading_language_420pack GL_ATI_texture_float GL_INGR_blend_func_separate GL_ATI_texture_env_combine3 GL_EXT_secondary_color GL_ARB_framebuffer_object GL_EXT_texture_sRGB_decode GL_EXT_texture_compression_dxt1 GL_ARB_point_parameters GL_EXT_transform_feedback GL_EXT_texture_env_add GL_ARB_copy_image GL_EXT_separate_specular_color GL_NV_texture_barrier GL_EXT_blend_equation_separate GL_ARB_get_texture_sub_image GL_ARB_ES2_compatibility GL_KHR_no_error GL_ARB_compute_shader GL_IBM_rasterpos_clip GL_IBM_texture_mirrored_repeat GL_AMD_query_buffer_object GL_ARB_shader_ballot GL_ARB_invalidate_subdata GL_EXT_point_parameters GL_S3_s3tc GL_ARB_texture_gather GL_KHR_robust_buffer_access_behavior GL_ARB_indirect_parameters GL_ARB_instanced_arrays GL_ARB_map_buffer_range GL_ARB_depth_texture GL_ARB_shader_objects GL_ARB_texture_rectangle GL_KHR_robustness GL_EXT_texture_edge_clamp GL_ARB_texture_compression GL_ARB_texture_float GL_ARB_timer_query GL_EXT_timer_query GL_EXT_texture3D GL_ARB_shader_storage_buffer_object GL_ARB_fragment_program GL_EXT_texture_rectangle GL_AMD_conservative_depth GL_ARB_explicit_uniform_location GL_ARB_derivative_control GL_ARB_internalformat_query GL_EXT_stencil_two_side GL_ATI_separate_stencil GL_EXT_texture_cube_map GL_NV_blend_square GL_ARB_depth_clamp GL_ARB_clear_buffer_object GL_ARB_texture_rgb10_a2ui GL_EXT_blend_subtract GL_ARB_separate_shader_objects GL_NV_texture_env_combine4 GL_EXT_texture GL_ARB_texture_storage_multisample
qt.scenegraph.general: Max Texture Size: 16384
qt.scenegraph.general: Debug context: false
QCoreApplication::postEvent: Unexpected null receiver
QCoreApplication::postEvent: Unexpected null receiver
QCoreApplication::postEvent: Unexpected null receiver
QCoreApplication::postEvent: Unexpected null receiver
QCoreApplication::postEvent: Unexpected null receiver
WorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueCSBConfUI::OnConfStatusChanged UI_CMD_SHARE_READYQCoreApplication::postEvent: Unexpected null receiver
QCoreApplication::postEvent: Unexpected null receiver
QCoreApplication::postEvent: Unexpected null receiver
QCoreApplication::postEvent: Unexpected null receiver
WorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueWorkerBase::loop() normal exit, fds[0].revents & POLLIN = trueNo PulseAudio daemon running, or not running as session daemon.
success to create child process,status is 0.
zoom exited normally.
run zoom successfully,exit code is 0.
ZoomLauncher exit.
Parent is shutting down, bye...
Yeah, still no PTT with --noprofile.
I think they check pulseaudio by search its process like this:
firejail sh -c "ps aux | grep pulseaudio"
rusty-snake
on 14 Apr 2020
@rusty-snake sorry for the delay - end of semester has gotten very busy.
firejail sh -c "ps aux | grep pulseaudio"
Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Warning: networking feature is disabled in Firejail configuration file
** Note: you can use --noprofile to disable default.profile **
Parent pid 14667, child pid 14668
Warning: cleaning all supplementary groups
Child process initialized in 94.13 ms
[hidden] 1 0.0 0.0 23208 2884 pts/0 S+ 14:29 0:00 firejail sh -c ps aux | grep pulseaudio
[hidden] 3 0.0 0.0 4628 776 pts/0 S+ 14:29 0:00 sh -c ps aux | grep pulseaudio
[hidden] 5 0.0 0.0 14428 976 pts/0 S+ 14:29 0:00 grep pulseaudio
Parent is shutting down, bye...
This was just an example command, but as you see there is no pulseaudio process in the sandbox.
rusty-snake
on 24 Apr 2020
Was this page helpful?
0 / 5 - 0 ratings
Related issues
reinerh
路
3Comments
crass
路
3Comments
HulaHoopWhonix
路
4Comments
Vincent43
路
3Comments
bryce-lynch
路
4Comments