Firejail: Firefox widevinecdm crashes (e.g. Amazon Prime Video)
Write clear, concise and in textual form.
Bug and expected behavior
When activating the firejail profile for firefox, Amazon Prime will not work anymore because the plugin "widevinecdm" crashes.
No profile and disabling firejail
When disabling firejail, everything will work fine.
Reproduce
Steps to reproduce the behavior:
sudo firecfg
start firefox
play a video on amazon prime video (won't work)
close firefox
sudo firecfg --clean
start firefox
play a video on amazon prime video (will work)
Environment
- Archlinux x86_64 Linux 5.8.16.a-1-hardened
- firejail version 0.9.64
Additional context
Other context about the problem like related errors to understand the problem.
Checklist
- [ x ] The upstream profile (and redirect profile if exists) have no changes fixing it.
- [ x ] The program has a profile. (If not, request one in
https://github.com/netblue30/firejail/issues/1139) - [ x ] Programs needed for interaction are listed in the profile.
- [ x ] A short search for duplicates was performed.
- [ x ] If it is a AppImage,
--profile=PROFILENAMEis used to set the right profile.
debug output
firejail --debug firefox
Autoselecting /bin/zsh as shell
Building quoted command line: 'firefox'
Command name #firefox#
Found firefox.profile profile in /etc/firejail directory
Reading profile /etc/firejail/firefox.profile
Found whitelist-usr-share-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Found firefox-common.profile profile in /etc/firejail directory
Reading profile /etc/firejail/firefox-common.profile
Found disable-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-common.inc
Found disable-devel.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-devel.inc
Found disable-exec.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-exec.inc
Found disable-interpreters.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-interpreters.inc
Found disable-programs.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-programs.inc
Found whitelist-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-common.inc
Found whitelist-var-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: Warning: NVIDIA card detected, nogroups command disabled
conditional BROWSER_DISABLE_U2F, nou2f
conditional BROWSER_DISABLE_U2F, private-dev
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
DISPLAY=:0 parsed as 0
xdg-dbus-proxy arg: unix:path=/run/user/1000/bus
xdg-dbus-proxy arg: /run/firejail/dbus/1000/47441-user
xdg-dbus-proxy arg: --filter
xdg-dbus-proxy arg: --own=org.mozilla.firefox.*
xdg-dbus-proxy arg: --own=org.mpris.MediaPlayer2.firefox.*
starting xdg-dbus-proxy
sbox exec: /usr/bin/xdg-dbus-proxy --fd=8 --args=9
Dropping all capabilities
Drop privileges: pid 47442, uid 1000, gid 985, nogroups 1
No supplementary groups
xdg-dbus-proxy initialized
Using the local network stack
Parent pid 47441, child pid 47444
Initializing child process
Host network configured
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp directory
Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file
Build protocol filter: unix,inet,inet6,netlink
sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol
Dropping all capabilities
Drop privileges: pid 2, uid 1000, gid 985, nogroups 1
No supplementary groups
Mounting /proc filesystem representing the PID namespace
Basic read-only filesystem:
Mounting read-only /etc
727 684 254:1 /etc /etc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=727 fsname=/etc dir=/etc fstype=ext4
Mounting noexec /etc
728 727 254:1 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=728 fsname=/etc dir=/etc fstype=ext4
Mounting read-only /var
729 684 254:1 /var /var ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=729 fsname=/var dir=/var fstype=ext4
Mounting noexec /var
730 729 254:1 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=730 fsname=/var dir=/var fstype=ext4
Mounting read-only /usr
731 684 254:1 /usr /usr ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=731 fsname=/usr dir=/usr fstype=ext4
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Create the new utmp file
Mount the new utmp file
Cleaning /home directory
Cleaning /run/user directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /home/Username/.config/firejail
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/profile
Disable /run/firejail/x11
Mounting tmpfs on /dev
mounting /run/firejail/mnt/dev/snd directory
mounting /run/firejail/mnt/dev/dri directory
mounting /run/firejail/mnt/dev/nvidia0 file
mounting /run/firejail/mnt/dev/nvidiactl file
mounting /run/firejail/mnt/dev/nvidia-modeset file
mounting /run/firejail/mnt/dev/video0 file
mounting /run/firejail/mnt/dev/video1 file
Process /dev/shm directory
Generate private-tmp whitelist commands
Creating empty /run/firejail/mnt/dbus directory
Creating empty /run/firejail/mnt/dbus/user file
blacklist /run/user/1000/bus
Creating empty /run/firejail/mnt/dbus/system file
blacklist /run/dbus/system_bus_socket
blacklist /run/firejail/dbus
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Mounting read-only /proc/sys
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/power
Disable /sys/kernel/debug
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kallsyms
Disable /usr/lib/modules/5.9.3-arch1-1/build (requested /usr/src/linux)
Disable /usr/lib/modules (requested /lib/modules)
Disable /boot
Disable /run/user/1000/gnupg
Disable /run/user/1000/systemd
Disable /proc/kmsg
Debug 456: new_name #/home/Username/.cache/mozilla/firefox#, whitelist
Debug 571: fname #/home/Username/.cache/mozilla/firefox#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.cache/mozilla/firefox
Debug 456: new_name #/home/Username/.mozilla#, whitelist
Debug 571: fname #/home/Username/.mozilla#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.mozilla
Debug 456: new_name #/usr/share/doc#, whitelist
Debug 456: new_name #/usr/share/firefox#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/firefox
expanded: /usr/share/firefox
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/gtk-doc/html#, whitelist
Debug 456: new_name #/usr/share/mozilla#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/mozilla
expanded: /usr/share/mozilla
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/webext#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/webext
expanded: /usr/share/webext
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/alsa#, whitelist
Debug 456: new_name #/usr/share/applications#, whitelist
Debug 456: new_name #/usr/share/ca-certificates#, whitelist
Debug 456: new_name #/usr/share/crypto-policies#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/crypto-policies
expanded: /usr/share/crypto-policies
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/cursors#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/cursors
expanded: /usr/share/cursors
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/dconf#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/dconf
expanded: /usr/share/dconf
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/distro-info#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/distro-info
expanded: /usr/share/distro-info
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/drirc.d#, whitelist
Debug 456: new_name #/usr/share/enchant#, whitelist
Debug 456: new_name #/usr/share/enchant-2#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/enchant-2
expanded: /usr/share/enchant-2
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/file#, whitelist
Debug 456: new_name #/usr/share/fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/fontconfig
expanded: /usr/share/fontconfig
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/fonts#, whitelist
Debug 456: new_name #/usr/share/gir-1.0#, whitelist
Debug 456: new_name #/usr/share/gjs-1.0#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/gjs-1.0
expanded: /usr/share/gjs-1.0
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/glib-2.0#, whitelist
Debug 456: new_name #/usr/share/glvnd#, whitelist
Debug 456: new_name #/usr/share/gtk-2.0#, whitelist
Debug 456: new_name #/usr/share/gtk-3.0#, whitelist
Debug 456: new_name #/usr/share/gtk-engines#, whitelist
Debug 456: new_name #/usr/share/gtksourceview-3.0#, whitelist
Debug 456: new_name #/usr/share/gtksourceview-4#, whitelist
Debug 456: new_name #/usr/share/hunspell#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/hunspell
expanded: /usr/share/hunspell
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/hwdata#, whitelist
Debug 456: new_name #/usr/share/icons#, whitelist
Debug 456: new_name #/usr/share/icu#, whitelist
Debug 456: new_name #/usr/share/knotifications5#, whitelist
Debug 456: new_name #/usr/share/kservices5#, whitelist
Debug 456: new_name #/usr/share/Kvantum#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/Kvantum
expanded: /usr/share/Kvantum
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/kxmlgui5#, whitelist
Debug 456: new_name #/usr/share/libdrm#, whitelist
Debug 456: new_name #/usr/share/libthai#, whitelist
Debug 456: new_name #/usr/share/locale#, whitelist
Debug 456: new_name #/usr/share/mime#, whitelist
Debug 456: new_name #/usr/share/misc#, whitelist
Debug 456: new_name #/usr/share/Modules#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/Modules
expanded: /usr/share/Modules
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/myspell#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/myspell
expanded: /usr/share/myspell
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/p11-kit#, whitelist
Debug 456: new_name #/usr/share/perl#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/perl
expanded: /usr/share/perl
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/perl5#, whitelist
Debug 456: new_name #/usr/share/pixmaps#, whitelist
Debug 456: new_name #/usr/share/pki#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/pki
expanded: /usr/share/pki
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/plasma#, whitelist
Debug 456: new_name #/usr/share/publicsuffix#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/publicsuffix
expanded: /usr/share/publicsuffix
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/qt#, whitelist
Debug 456: new_name #/usr/share/qt4#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/qt4
expanded: /usr/share/qt4
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/qt5#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/qt5
expanded: /usr/share/qt5
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/qt5ct
expanded: /usr/share/qt5ct
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/sounds#, whitelist
Debug 456: new_name #/usr/share/tcl8.6#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/tcl8.6
expanded: /usr/share/tcl8.6
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/tcltk#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/tcltk
expanded: /usr/share/tcltk
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/terminfo#, whitelist
Debug 456: new_name #/usr/share/texlive#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/texlive
expanded: /usr/share/texlive
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/texmf#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/texmf
expanded: /usr/share/texmf
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/themes#, whitelist
Debug 456: new_name #/usr/share/thumbnail.so#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/thumbnail.so
expanded: /usr/share/thumbnail.so
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/usr/share/X11#, whitelist
Debug 456: new_name #/usr/share/xml#, whitelist
Debug 456: new_name #/usr/share/zoneinfo#, whitelist
Directory ${DOWNLOADS} resolved as Downloads
Debug 456: new_name #/home/Username/Downloads#, whitelist
Debug 571: fname #/home/Username/Downloads#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/Downloads
Debug 456: new_name #/home/Username/.pki#, whitelist
Debug 571: fname #/home/Username/.pki#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.pki
Debug 456: new_name #/home/Username/.local/share/pki#, whitelist
Debug 571: fname #/home/Username/.local/share/pki#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.local/share/pki
Debug 456: new_name #/home/Username/.XCompose#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose
expanded: /home/Username/.XCompose
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.asoundrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc
expanded: /home/Username/.asoundrc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/ibus#, whitelist
Debug 571: fname #/home/Username/.config/ibus#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/ibus
Debug 456: new_name #/home/Username/.config/mimeapps.list#, whitelist
Debug 571: fname #/home/Username/.config/mimeapps.list#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/mimeapps.list
Debug 456: new_name #/home/Username/.config/pkcs11#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11
expanded: /home/Username/.config/pkcs11
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/user-dirs.dirs#, whitelist
Debug 571: fname #/home/Username/.config/user-dirs.dirs#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/user-dirs.dirs
Debug 456: new_name #/home/Username/.config/user-dirs.locale#, whitelist
Debug 571: fname #/home/Username/.config/user-dirs.locale#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/user-dirs.locale
Debug 456: new_name #/home/Username/.drirc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc
expanded: /home/Username/.drirc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.icons
expanded: /home/Username/.icons
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/applications#, whitelist
Debug 571: fname #/home/Username/.local/share/applications#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.local/share/applications
Debug 456: new_name #/home/Username/.local/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/icons
expanded: /home/Username/.local/share/icons
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/mime#, whitelist
Debug 571: fname #/home/Username/.local/share/mime#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.local/share/mime
Debug 456: new_name #/home/Username/.mime.types#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types
expanded: /home/Username/.mime.types
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.uim.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d
expanded: /home/Username/.uim.d
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/dconf#, whitelist
Debug 571: fname #/home/Username/.config/dconf#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/dconf
Debug 456: new_name #/home/Username/.cache/fontconfig#, whitelist
Debug 571: fname #/home/Username/.cache/fontconfig#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.cache/fontconfig
Debug 456: new_name #/home/Username/.config/fontconfig#, whitelist
Debug 571: fname #/home/Username/.config/fontconfig#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/fontconfig
Debug 456: new_name #/home/Username/.fontconfig#, whitelist
Debug 571: fname #/home/Username/.fontconfig#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.fontconfig
Debug 456: new_name #/home/Username/.fonts#, whitelist
Debug 571: fname #/home/Username/.fonts#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.fonts
Debug 456: new_name #/home/Username/.fonts.conf#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf
expanded: /home/Username/.fonts.conf
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.fonts.conf.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d
expanded: /home/Username/.fonts.conf.d
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.fonts.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d
expanded: /home/Username/.fonts.d
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/fonts
expanded: /home/Username/.local/share/fonts
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.pangorc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc
expanded: /home/Username/.pangorc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/gtk-2.0#, whitelist
Debug 571: fname #/home/Username/.config/gtk-2.0#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/gtk-2.0
Debug 456: new_name #/home/Username/.config/gtk-3.0#, whitelist
Debug 571: fname #/home/Username/.config/gtk-3.0#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/gtk-3.0
Debug 456: new_name #/home/Username/.config/gtk-4.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0
expanded: /home/Username/.config/gtk-4.0
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/gtkrc#, whitelist
Debug 571: fname #/home/Username/.config/gtkrc#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/gtkrc
Debug 456: new_name #/home/Username/.config/gtkrc-2.0#, whitelist
Debug 571: fname #/home/Username/.config/gtkrc-2.0#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/gtkrc-2.0
Debug 456: new_name #/home/Username/.gnome2#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2
expanded: /home/Username/.gnome2
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.gnome2-private#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private
expanded: /home/Username/.gnome2-private
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.gtk-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0
expanded: /home/Username/.gtk-2.0
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc
expanded: /home/Username/.gtkrc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.gtkrc-2.0#, whitelist
Debug 571: fname #/home/Username/.gtkrc-2.0#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.gtkrc-2.0
Debug 456: new_name #/home/Username/.kde/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc
expanded: /home/Username/.kde/share/config/gtkrc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/gtkrc-2.0
expanded: /home/Username/.kde/share/config/gtkrc-2.0
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc
expanded: /home/Username/.kde4/share/config/gtkrc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0
expanded: /home/Username/.kde4/share/config/gtkrc-2.0
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes
expanded: /home/Username/.local/share/themes
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes
expanded: /home/Username/.themes
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.cache/kioexec/krun#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun
expanded: /home/Username/.cache/kioexec/krun
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/Kvantum#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Kvantum
expanded: /home/Username/.config/Kvantum
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/Trolltech.conf#, whitelist
Debug 571: fname #/home/Username/.config/Trolltech.conf#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/Trolltech.conf
Debug 456: new_name #/home/Username/.config/kdeglobals#, whitelist
Debug 571: fname #/home/Username/.config/kdeglobals#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/kdeglobals
Debug 456: new_name #/home/Username/.config/kio_httprc#, whitelist
Debug 571: fname #/home/Username/.config/kio_httprc#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.config/kio_httprc
Debug 456: new_name #/home/Username/.config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/kioslaverc
expanded: /home/Username/.config/kioslaverc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist
expanded: /home/Username/.config/ksslcablacklist
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.config/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/qt5ct
expanded: /home/Username/.config/qt5ct
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kdeglobals
expanded: /home/Username/.kde/share/config/kdeglobals
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kio_httprc
expanded: /home/Username/.kde/share/config/kio_httprc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/kioslaverc
expanded: /home/Username/.kde/share/config/kioslaverc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist
expanded: /home/Username/.kde/share/config/ksslcablacklist
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/oxygenrc
expanded: /home/Username/.kde/share/config/oxygenrc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons
expanded: /home/Username/.kde/share/icons
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/kdeglobals#, whitelist
Debug 571: fname #/home/Username/.kde4/share/config/kdeglobals#, cfg.homedir #/home/Username#
Replaced whitelist path: whitelist /home/Username/.kde4/share/config/kdeglobals
Debug 456: new_name #/home/Username/.kde4/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc
expanded: /home/Username/.kde4/share/config/kio_httprc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc
expanded: /home/Username/.kde4/share/config/kioslaverc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist
expanded: /home/Username/.kde4/share/config/ksslcablacklist
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc
expanded: /home/Username/.kde4/share/config/oxygenrc
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.kde4/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons
expanded: /home/Username/.kde4/share/icons
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/home/Username/.local/share/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct
expanded: /home/Username/.local/share/qt5ct
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/var/lib/ca-certificates#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates
expanded: /var/lib/ca-certificates
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/var/lib/dbus#, whitelist
Debug 456: new_name #/var/lib/menu-xdg#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg
expanded: /var/lib/menu-xdg
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/var/lib/uim#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/uim
expanded: /var/lib/uim
real path: (null)
realpath: No such file or directory
Debug 456: new_name #/var/cache/fontconfig#, whitelist
Debug 456: new_name #/var/tmp#, whitelist
Debug 456: new_name #/var/run#, whitelist
Replaced whitelist path: whitelist /run
Debug 456: new_name #/var/lock#, whitelist
Replaced whitelist path: whitelist /run/lock
Debug 456: new_name #/tmp/.X11-unix#, whitelist
Mounting tmpfs on /tmp directory
Mounting tmpfs on /var directory
Mounting tmpfs on /usr/share directory
Drop privileges: pid 3, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Mounting a new /root directory
Mounting a new /home directory
Create a new user directory
Drop privileges: pid 4, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Drop privileges: pid 5, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Whitelisting /home/Username/.cache/mozilla/firefox
1379 1287 254:1 /home/Username/.cache/mozilla/firefox /home/Username/.cache/mozilla/firefox rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1379 fsname=/home/Username/.cache/mozilla/firefox dir=/home/Username/.cache/mozilla/firefox fstype=ext4
Whitelisting /home/Username/.mozilla
1482 1287 254:1 /home/Username/.mozilla /home/Username/.mozilla rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1482 fsname=/home/Username/.mozilla dir=/home/Username/.mozilla fstype=ext4
Whitelisting /usr/share/doc
1500 1160 254:1 /usr/share/doc /usr/share/doc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1500 fsname=/usr/share/doc dir=/usr/share/doc fstype=ext4
Whitelisting /usr/share/gtk-doc/html
1501 1160 254:1 /usr/share/gtk-doc/html /usr/share/gtk-doc/html ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1501 fsname=/usr/share/gtk-doc/html dir=/usr/share/gtk-doc/html fstype=ext4
Whitelisting /usr/share/alsa
1643 1160 254:1 /usr/share/alsa /usr/share/alsa ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1643 fsname=/usr/share/alsa dir=/usr/share/alsa fstype=ext4
Whitelisting /usr/share/applications
1658 1160 254:1 /usr/share/applications /usr/share/applications ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1658 fsname=/usr/share/applications dir=/usr/share/applications fstype=ext4
Whitelisting /usr/share/ca-certificates
1659 1160 254:1 /usr/share/ca-certificates /usr/share/ca-certificates ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1659 fsname=/usr/share/ca-certificates dir=/usr/share/ca-certificates fstype=ext4
Whitelisting /usr/share/drirc.d
1773 1160 254:1 /usr/share/drirc.d /usr/share/drirc.d ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1773 fsname=/usr/share/drirc.d dir=/usr/share/drirc.d fstype=ext4
Whitelisting /usr/share/enchant
1811 1160 254:1 /usr/share/enchant /usr/share/enchant ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1811 fsname=/usr/share/enchant dir=/usr/share/enchant fstype=ext4
Whitelisting /usr/share/file
1848 1160 254:1 /usr/share/file /usr/share/file ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1848 fsname=/usr/share/file dir=/usr/share/file fstype=ext4
Whitelisting /usr/share/fonts
1855 1160 254:1 /usr/share/fonts /usr/share/fonts ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1855 fsname=/usr/share/fonts dir=/usr/share/fonts fstype=ext4
Whitelisting /usr/share/gir-1.0
1948 1160 254:1 /usr/share/gir-1.0 /usr/share/gir-1.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1948 fsname=/usr/share/gir-1.0 dir=/usr/share/gir-1.0 fstype=ext4
Whitelisting /usr/share/glib-2.0
1949 1160 254:1 /usr/share/glib-2.0 /usr/share/glib-2.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1949 fsname=/usr/share/glib-2.0 dir=/usr/share/glib-2.0 fstype=ext4
Whitelisting /usr/share/glvnd
1961 1160 254:1 /usr/share/glvnd /usr/share/glvnd ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1961 fsname=/usr/share/glvnd dir=/usr/share/glvnd fstype=ext4
Whitelisting /usr/share/gtk-2.0
1962 1160 254:1 /usr/share/gtk-2.0 /usr/share/gtk-2.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1962 fsname=/usr/share/gtk-2.0 dir=/usr/share/gtk-2.0 fstype=ext4
Whitelisting /usr/share/gtk-3.0
1977 1160 254:1 /usr/share/gtk-3.0 /usr/share/gtk-3.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1977 fsname=/usr/share/gtk-3.0 dir=/usr/share/gtk-3.0 fstype=ext4
Whitelisting /usr/share/gtk-engines
1978 1160 254:1 /usr/share/gtk-engines /usr/share/gtk-engines ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1978 fsname=/usr/share/gtk-engines dir=/usr/share/gtk-engines fstype=ext4
Whitelisting /usr/share/gtksourceview-3.0
1979 1160 254:1 /usr/share/gtksourceview-3.0 /usr/share/gtksourceview-3.0 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1979 fsname=/usr/share/gtksourceview-3.0 dir=/usr/share/gtksourceview-3.0 fstype=ext4
Whitelisting /usr/share/gtksourceview-4
1980 1160 254:1 /usr/share/gtksourceview-4 /usr/share/gtksourceview-4 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1980 fsname=/usr/share/gtksourceview-4 dir=/usr/share/gtksourceview-4 fstype=ext4
Whitelisting /usr/share/hwdata
1981 1160 254:1 /usr/share/hwdata /usr/share/hwdata ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1981 fsname=/usr/share/hwdata dir=/usr/share/hwdata fstype=ext4
Whitelisting /usr/share/icons
1982 1160 254:1 /usr/share/icons /usr/share/icons ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1982 fsname=/usr/share/icons dir=/usr/share/icons fstype=ext4
Whitelisting /usr/share/icu
1983 1160 254:1 /usr/share/icu /usr/share/icu ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1983 fsname=/usr/share/icu dir=/usr/share/icu fstype=ext4
Whitelisting /usr/share/knotifications5
1984 1160 254:1 /usr/share/knotifications5 /usr/share/knotifications5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1984 fsname=/usr/share/knotifications5 dir=/usr/share/knotifications5 fstype=ext4
Whitelisting /usr/share/kservices5
1985 1160 254:1 /usr/share/kservices5 /usr/share/kservices5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1985 fsname=/usr/share/kservices5 dir=/usr/share/kservices5 fstype=ext4
Whitelisting /usr/share/kxmlgui5
1986 1160 254:1 /usr/share/kxmlgui5 /usr/share/kxmlgui5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1986 fsname=/usr/share/kxmlgui5 dir=/usr/share/kxmlgui5 fstype=ext4
Whitelisting /usr/share/libdrm
1987 1160 254:1 /usr/share/libdrm /usr/share/libdrm ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1987 fsname=/usr/share/libdrm dir=/usr/share/libdrm fstype=ext4
Whitelisting /usr/share/libthai
1988 1160 254:1 /usr/share/libthai /usr/share/libthai ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1988 fsname=/usr/share/libthai dir=/usr/share/libthai fstype=ext4
Whitelisting /usr/share/locale
1989 1160 254:1 /usr/share/locale /usr/share/locale ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1989 fsname=/usr/share/locale dir=/usr/share/locale fstype=ext4
Whitelisting /usr/share/mime
1990 1160 254:1 /usr/share/mime /usr/share/mime ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1990 fsname=/usr/share/mime dir=/usr/share/mime fstype=ext4
Whitelisting /usr/share/misc
1991 1160 254:1 /usr/share/misc /usr/share/misc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1991 fsname=/usr/share/misc dir=/usr/share/misc fstype=ext4
Whitelisting /usr/share/p11-kit
1992 1160 254:1 /usr/share/p11-kit /usr/share/p11-kit ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1992 fsname=/usr/share/p11-kit dir=/usr/share/p11-kit fstype=ext4
Whitelisting /usr/share/perl5
1993 1160 254:1 /usr/share/perl5 /usr/share/perl5 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1993 fsname=/usr/share/perl5 dir=/usr/share/perl5 fstype=ext4
Whitelisting /usr/share/pixmaps
1994 1160 254:1 /usr/share/pixmaps /usr/share/pixmaps ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1994 fsname=/usr/share/pixmaps dir=/usr/share/pixmaps fstype=ext4
Whitelisting /usr/share/plasma
1995 1160 254:1 /usr/share/plasma /usr/share/plasma ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1995 fsname=/usr/share/plasma dir=/usr/share/plasma fstype=ext4
Whitelisting /usr/share/qt
1996 1160 254:1 /usr/share/qt /usr/share/qt ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1996 fsname=/usr/share/qt dir=/usr/share/qt fstype=ext4
Whitelisting /usr/share/sounds
1997 1160 254:1 /usr/share/sounds /usr/share/sounds ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1997 fsname=/usr/share/sounds dir=/usr/share/sounds fstype=ext4
Whitelisting /usr/share/terminfo
1998 1160 254:1 /usr/share/terminfo /usr/share/terminfo ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1998 fsname=/usr/share/terminfo dir=/usr/share/terminfo fstype=ext4
Whitelisting /usr/share/themes
1999 1160 254:1 /usr/share/themes /usr/share/themes ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=1999 fsname=/usr/share/themes dir=/usr/share/themes fstype=ext4
Whitelisting /usr/share/X11
2000 1160 254:1 /usr/share/X11 /usr/share/X11 ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2000 fsname=/usr/share/X11 dir=/usr/share/X11 fstype=ext4
Whitelisting /usr/share/xml
2001 1160 254:1 /usr/share/xml /usr/share/xml ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2001 fsname=/usr/share/xml dir=/usr/share/xml fstype=ext4
Whitelisting /usr/share/zoneinfo
2002 1160 254:1 /usr/share/zoneinfo /usr/share/zoneinfo ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2002 fsname=/usr/share/zoneinfo dir=/usr/share/zoneinfo fstype=ext4
Whitelisting /home/Username/Downloads
2003 1287 254:1 /home/Username/Downloads /home/Username/Downloads rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2003 fsname=/home/Username/Downloads dir=/home/Username/Downloads fstype=ext4
Whitelisting /home/Username/.pki
2004 1287 254:1 /home/Username/.pki /home/Username/.pki rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2004 fsname=/home/Username/.pki dir=/home/Username/.pki fstype=ext4
Whitelisting /home/Username/.local/share/pki
2005 1287 254:1 /home/Username/.local/share/pki /home/Username/.local/share/pki rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2005 fsname=/home/Username/.local/share/pki dir=/home/Username/.local/share/pki fstype=ext4
Whitelisting /home/Username/.config/ibus
2006 1287 254:1 /home/Username/.config/ibus /home/Username/.config/ibus rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2006 fsname=/home/Username/.config/ibus dir=/home/Username/.config/ibus fstype=ext4
Whitelisting /home/Username/.config/mimeapps.list
2007 1287 254:1 /home/Username/.config/mimeapps.list /home/Username/.config/mimeapps.list rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2007 fsname=/home/Username/.config/mimeapps.list dir=/home/Username/.config/mimeapps.list fstype=ext4
Whitelisting /home/Username/.config/user-dirs.dirs
2008 1287 254:1 /home/Username/.config/user-dirs.dirs /home/Username/.config/user-dirs.dirs rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2008 fsname=/home/Username/.config/user-dirs.dirs dir=/home/Username/.config/user-dirs.dirs fstype=ext4
Whitelisting /home/Username/.config/user-dirs.locale
2009 1287 254:1 /home/Username/.config/user-dirs.locale /home/Username/.config/user-dirs.locale rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2009 fsname=/home/Username/.config/user-dirs.locale dir=/home/Username/.config/user-dirs.locale fstype=ext4
Whitelisting /home/Username/.local/share/applications
2010 1287 254:1 /home/Username/.local/share/applications /home/Username/.local/share/applications rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2010 fsname=/home/Username/.local/share/applications dir=/home/Username/.local/share/applications fstype=ext4
Whitelisting /home/Username/.local/share/mime
2011 1287 254:1 /home/Username/.local/share/mime /home/Username/.local/share/mime rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2011 fsname=/home/Username/.local/share/mime dir=/home/Username/.local/share/mime fstype=ext4
Whitelisting /home/Username/.config/dconf
2012 1287 254:1 /home/Username/.config/dconf /home/Username/.config/dconf rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2012 fsname=/home/Username/.config/dconf dir=/home/Username/.config/dconf fstype=ext4
Whitelisting /home/Username/.cache/fontconfig
2013 1287 254:1 /home/Username/.cache/fontconfig /home/Username/.cache/fontconfig rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2013 fsname=/home/Username/.cache/fontconfig dir=/home/Username/.cache/fontconfig fstype=ext4
Whitelisting /home/Username/.config/fontconfig
2014 1287 254:1 /home/Username/.config/fontconfig /home/Username/.config/fontconfig rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2014 fsname=/home/Username/.config/fontconfig dir=/home/Username/.config/fontconfig fstype=ext4
Whitelisting /home/Username/.fontconfig
2015 1287 254:1 /home/Username/.fontconfig /home/Username/.fontconfig rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2015 fsname=/home/Username/.fontconfig dir=/home/Username/.fontconfig fstype=ext4
Whitelisting /home/Username/.fonts
2016 1287 254:1 /home/Username/.fonts /home/Username/.fonts rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2016 fsname=/home/Username/.fonts dir=/home/Username/.fonts fstype=ext4
Whitelisting /home/Username/.config/gtk-2.0
2017 1287 254:1 /home/Username/.config/gtk-2.0 /home/Username/.config/gtk-2.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2017 fsname=/home/Username/.config/gtk-2.0 dir=/home/Username/.config/gtk-2.0 fstype=ext4
Whitelisting /home/Username/.config/gtk-3.0
2018 1287 254:1 /home/Username/.config/gtk-3.0 /home/Username/.config/gtk-3.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2018 fsname=/home/Username/.config/gtk-3.0 dir=/home/Username/.config/gtk-3.0 fstype=ext4
Whitelisting /home/Username/.config/gtkrc
2019 1287 254:1 /home/Username/.config/gtkrc /home/Username/.config/gtkrc rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2019 fsname=/home/Username/.config/gtkrc dir=/home/Username/.config/gtkrc fstype=ext4
Whitelisting /home/Username/.config/gtkrc-2.0
2020 1287 254:1 /home/Username/.config/gtkrc-2.0 /home/Username/.config/gtkrc-2.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2020 fsname=/home/Username/.config/gtkrc-2.0 dir=/home/Username/.config/gtkrc-2.0 fstype=ext4
Whitelisting /home/Username/.gtkrc-2.0
2021 1287 254:1 /home/Username/.gtkrc-2.0 /home/Username/.gtkrc-2.0 rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2021 fsname=/home/Username/.gtkrc-2.0 dir=/home/Username/.gtkrc-2.0 fstype=ext4
Whitelisting /home/Username/.config/Trolltech.conf
2022 1287 254:1 /home/Username/.config/Trolltech.conf /home/Username/.config/Trolltech.conf rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2022 fsname=/home/Username/.config/Trolltech.conf dir=/home/Username/.config/Trolltech.conf fstype=ext4
Whitelisting /home/Username/.config/kdeglobals
2023 1287 254:1 /home/Username/.config/kdeglobals /home/Username/.config/kdeglobals rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2023 fsname=/home/Username/.config/kdeglobals dir=/home/Username/.config/kdeglobals fstype=ext4
Whitelisting /home/Username/.config/kio_httprc
2024 1287 254:1 /home/Username/.config/kio_httprc /home/Username/.config/kio_httprc rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2024 fsname=/home/Username/.config/kio_httprc dir=/home/Username/.config/kio_httprc fstype=ext4
Whitelisting /home/Username/.kde4/share/config/kdeglobals
2025 1287 254:1 /home/Username/.kde4/share/config/kdeglobals /home/Username/.kde4/share/config/kdeglobals rw,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2025 fsname=/home/Username/.kde4/share/config/kdeglobals dir=/home/Username/.kde4/share/config/kdeglobals fstype=ext4
Whitelisting /var/lib/dbus
2026 1093 254:1 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2026 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4
Whitelisting /var/cache/fontconfig
2027 1093 254:1 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2027 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4
Whitelisting /var/tmp
2028 1093 0:96 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw
mountid=2028 fsname=/ dir=/var/tmp fstype=tmpfs
Created symbolic link /var/run -> /run
Created symbolic link /var/lock -> /run/lock
Whitelisting /tmp/.X11-unix
2029 715 0:47 /.X11-unix /tmp/.X11-unix rw,nosuid,nodev master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600
mountid=2029 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs
Disable /etc/X11/Xsession.d
Disable /etc/xdg/autostart
Mounting read-only /home/Username/.Xauthority
2036 1287 0:108 /Username/.Xauthority /home/Username/.Xauthority ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2036 fsname=/Username/.Xauthority dir=/home/Username/.Xauthority fstype=tmpfs
Mounting read-only /home/Username/.config/kdeglobals
2037 2023 254:1 /home/Username/.config/kdeglobals /home/Username/.config/kdeglobals ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2037 fsname=/home/Username/.config/kdeglobals dir=/home/Username/.config/kdeglobals fstype=ext4
Mounting read-only /home/Username/.config/kio_httprc
2038 2024 254:1 /home/Username/.config/kio_httprc /home/Username/.config/kio_httprc ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2038 fsname=/home/Username/.config/kio_httprc dir=/home/Username/.config/kio_httprc fstype=ext4
Mounting read-only /home/Username/.kde4/share/config/kdeglobals
2039 2025 254:1 /home/Username/.kde4/share/config/kdeglobals /home/Username/.kde4/share/config/kdeglobals ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2039 fsname=/home/Username/.kde4/share/config/kdeglobals dir=/home/Username/.kde4/share/config/kdeglobals fstype=ext4
Disable /run/user/1000/klauncherLdudZi.1.slave-socket
Disable /run/user/1000/kdeinit5__0
Mounting read-only /home/Username/.config/dconf
2042 2012 254:1 /home/Username/.config/dconf /home/Username/.config/dconf ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2042 fsname=/home/Username/.config/dconf dir=/home/Username/.config/dconf fstype=ext4
Disable /usr/bin/systemd-run
Disable /run/user/1000/systemd
Disable /usr/bin/veracrypt
Disable /usr/share/applications/veracrypt.desktop
Disable /usr/share/pixmaps/veracrypt.xpm
Disable /etc/profile.d
Disable /etc/kernel
Disable /etc/grub.d
Disable /etc/dkms
Disable /etc/apparmor
Disable /etc/apparmor.d
Disable /etc/modules-load.d
Disable /etc/logrotate.d
Disable /etc/logrotate.conf
Mounting read-only /home/Username/.bashrc
2057 1287 0:108 /Username/.bashrc /home/Username/.bashrc ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2057 fsname=/Username/.bashrc dir=/home/Username/.bashrc fstype=tmpfs
Mounting read-only /home/Username/.local/share/applications
2058 2010 254:1 /home/Username/.local/share/applications /home/Username/.local/share/applications ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2058 fsname=/home/Username/.local/share/applications dir=/home/Username/.local/share/applications fstype=ext4
Mounting read-only /home/Username/.config/mimeapps.list
2059 2007 254:1 /home/Username/.config/mimeapps.list /home/Username/.config/mimeapps.list ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2059 fsname=/home/Username/.config/mimeapps.list dir=/home/Username/.config/mimeapps.list fstype=ext4
Mounting read-only /home/Username/.config/user-dirs.dirs
2060 2008 254:1 /home/Username/.config/user-dirs.dirs /home/Username/.config/user-dirs.dirs ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2060 fsname=/home/Username/.config/user-dirs.dirs dir=/home/Username/.config/user-dirs.dirs fstype=ext4
Mounting read-only /home/Username/.config/user-dirs.locale
2061 2009 254:1 /home/Username/.config/user-dirs.locale /home/Username/.config/user-dirs.locale ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2061 fsname=/home/Username/.config/user-dirs.locale dir=/home/Username/.config/user-dirs.locale fstype=ext4
Mounting read-only /home/Username/.local/share/mime
2062 2011 254:1 /home/Username/.local/share/mime /home/Username/.local/share/mime ro,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2062 fsname=/home/Username/.local/share/mime dir=/home/Username/.local/share/mime fstype=ext4
Not blacklist /home/Username/.pki
Not blacklist /home/Username/.local/share/pki
Disable /etc/group-
Disable /etc/gshadow
Disable /etc/gshadow-
Disable /etc/passwd-
Disable /etc/shadow
Disable /etc/shadow-
Disable /etc/ssh
Warning: /sbin directory link was not blacklisted
Disable /usr/local/sbin
Warning: /usr/sbin directory link was not blacklisted
Disable /usr/bin/chage
Disable /usr/bin/chfn
Disable /usr/bin/chsh
Disable /usr/bin/expiry
Disable /usr/bin/fusermount
Disable /usr/bin/gpasswd
Disable /usr/bin/ksu
Disable /usr/bin/mount
Disable /usr/bin/netcat (requested /usr/bin/nc)
Disable /usr/bin/newgidmap
Disable /usr/bin/newgrp
Disable /usr/bin/newuidmap
Disable /usr/bin/ntfs-3g
Disable /usr/bin/pkexec
Disable /usr/bin/sg
Disable /usr/bin/su
Disable /usr/bin/sudo
Disable /usr/bin/umount
Disable /usr/bin/unix_chkpwd
Disable /usr/bin/xev
Disable /usr/bin/xinput
Disable /usr/bin/bwrap
Disable /proc/config.gz
Disable /usr/bin/dig
Disable /usr/bin/nslookup
Disable /usr/bin/host
Disable /usr/bin/resolvectl
Disable /usr/bin/clang-refactor
Disable /usr/bin/clang-format
Disable /usr/bin/clang-10 (requested /usr/bin/clang)
Disable /usr/bin/clang-reorder-fields
Disable /usr/bin/clang-query
Disable /usr/bin/clang-scan-deps
Disable /usr/bin/clang-10
Disable /usr/bin/clang-check
Disable /usr/bin/clang-move
Disable /usr/bin/clang-doc
Disable /usr/bin/clang-10 (requested /usr/bin/clang-cl)
Disable /usr/bin/clang-10 (requested /usr/bin/clang-cpp)
Disable /usr/bin/clang-apply-replacements
Disable /usr/bin/clang-rename
Disable /usr/bin/clang-offload-bundler
Disable /usr/bin/clang-tidy
Disable /usr/bin/clang-10 (requested /usr/bin/clang++)
Disable /usr/bin/clangd
Disable /usr/bin/clang-offload-wrapper
Disable /usr/bin/clang-extdef-mapping
Disable /usr/bin/clang-import-test
Disable /usr/bin/clang-change-namespace
Disable /usr/bin/clang-include-fixer
Disable /usr/bin/llvm-spirv
Disable /usr/bin/as
Disable /usr/bin/gcc (requested /usr/bin/cc)
Disable /usr/bin/c++filt
Disable /usr/bin/c++
Disable /usr/bin/c89
Disable /usr/bin/c99
Disable /usr/bin/cpp
Disable /usr/bin/cpp2html
Disable /usr/bin/g++
Disable /usr/bin/gcc-ar
Disable /usr/bin/gcc-ranlib
Disable /usr/bin/gcc
Disable /usr/bin/gcc-nm
Disable /usr/bin/gdb
Disable /usr/bin/ld
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-10.2.0
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ar
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-ranlib
Disable /usr/bin/x86_64-pc-linux-gnu-gcc
Disable /usr/bin/x86_64-pc-linux-gnu-gcc-nm
Disable /usr/bin/x86_64-pc-linux-gnu-g++
Disable /usr/bin/openssl
Disable /usr/bin/openssl-1.0
Disable /usr/src
Disable /usr/local/src
Disable /usr/include
Disable /usr/local/include
Mounting noexec /home/Username/.cache/mozilla/firefox
2155 1379 254:1 /home/Username/.cache/mozilla/firefox /home/Username/.cache/mozilla/firefox rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2155 fsname=/home/Username/.cache/mozilla/firefox dir=/home/Username/.cache/mozilla/firefox fstype=ext4
Mounting noexec /home/Username/.mozilla
2156 1482 254:1 /home/Username/.mozilla /home/Username/.mozilla rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2156 fsname=/home/Username/.mozilla dir=/home/Username/.mozilla fstype=ext4
Mounting noexec /home/Username/Downloads
2157 2003 254:1 /home/Username/Downloads /home/Username/Downloads rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2157 fsname=/home/Username/Downloads dir=/home/Username/Downloads fstype=ext4
Mounting noexec /home/Username/.pki
2158 2004 254:1 /home/Username/.pki /home/Username/.pki rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2158 fsname=/home/Username/.pki dir=/home/Username/.pki fstype=ext4
Mounting noexec /home/Username/.local/share/pki
2159 2005 254:1 /home/Username/.local/share/pki /home/Username/.local/share/pki rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2159 fsname=/home/Username/.local/share/pki dir=/home/Username/.local/share/pki fstype=ext4
Mounting noexec /home/Username/.config/ibus
2160 2006 254:1 /home/Username/.config/ibus /home/Username/.config/ibus rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2160 fsname=/home/Username/.config/ibus dir=/home/Username/.config/ibus fstype=ext4
Mounting noexec /home/Username/.config/mimeapps.list
2161 2059 254:1 /home/Username/.config/mimeapps.list /home/Username/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2161 fsname=/home/Username/.config/mimeapps.list dir=/home/Username/.config/mimeapps.list fstype=ext4
Mounting noexec /home/Username/.config/user-dirs.dirs
2162 2060 254:1 /home/Username/.config/user-dirs.dirs /home/Username/.config/user-dirs.dirs ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2162 fsname=/home/Username/.config/user-dirs.dirs dir=/home/Username/.config/user-dirs.dirs fstype=ext4
Mounting noexec /home/Username/.config/user-dirs.locale
2163 2061 254:1 /home/Username/.config/user-dirs.locale /home/Username/.config/user-dirs.locale ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2163 fsname=/home/Username/.config/user-dirs.locale dir=/home/Username/.config/user-dirs.locale fstype=ext4
Mounting noexec /home/Username/.local/share/applications
2164 2058 254:1 /home/Username/.local/share/applications /home/Username/.local/share/applications ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2164 fsname=/home/Username/.local/share/applications dir=/home/Username/.local/share/applications fstype=ext4
Mounting noexec /home/Username/.local/share/mime
2165 2062 254:1 /home/Username/.local/share/mime /home/Username/.local/share/mime ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2165 fsname=/home/Username/.local/share/mime dir=/home/Username/.local/share/mime fstype=ext4
Mounting noexec /home/Username/.config/dconf
2166 2042 254:1 /home/Username/.config/dconf /home/Username/.config/dconf ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2166 fsname=/home/Username/.config/dconf dir=/home/Username/.config/dconf fstype=ext4
Mounting noexec /home/Username/.cache/fontconfig
2167 2013 254:1 /home/Username/.cache/fontconfig /home/Username/.cache/fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2167 fsname=/home/Username/.cache/fontconfig dir=/home/Username/.cache/fontconfig fstype=ext4
Mounting noexec /home/Username/.config/fontconfig
2168 2014 254:1 /home/Username/.config/fontconfig /home/Username/.config/fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2168 fsname=/home/Username/.config/fontconfig dir=/home/Username/.config/fontconfig fstype=ext4
Mounting noexec /home/Username/.fontconfig
2169 2015 254:1 /home/Username/.fontconfig /home/Username/.fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2169 fsname=/home/Username/.fontconfig dir=/home/Username/.fontconfig fstype=ext4
Mounting noexec /home/Username/.fonts
2170 2016 254:1 /home/Username/.fonts /home/Username/.fonts rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2170 fsname=/home/Username/.fonts dir=/home/Username/.fonts fstype=ext4
Mounting noexec /home/Username/.config/gtk-2.0
2171 2017 254:1 /home/Username/.config/gtk-2.0 /home/Username/.config/gtk-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2171 fsname=/home/Username/.config/gtk-2.0 dir=/home/Username/.config/gtk-2.0 fstype=ext4
Mounting noexec /home/Username/.config/gtk-3.0
2172 2018 254:1 /home/Username/.config/gtk-3.0 /home/Username/.config/gtk-3.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2172 fsname=/home/Username/.config/gtk-3.0 dir=/home/Username/.config/gtk-3.0 fstype=ext4
Mounting noexec /home/Username/.config/gtkrc
2173 2019 254:1 /home/Username/.config/gtkrc /home/Username/.config/gtkrc rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2173 fsname=/home/Username/.config/gtkrc dir=/home/Username/.config/gtkrc fstype=ext4
Mounting noexec /home/Username/.config/gtkrc-2.0
2174 2020 254:1 /home/Username/.config/gtkrc-2.0 /home/Username/.config/gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2174 fsname=/home/Username/.config/gtkrc-2.0 dir=/home/Username/.config/gtkrc-2.0 fstype=ext4
Mounting noexec /home/Username/.gtkrc-2.0
2175 2021 254:1 /home/Username/.gtkrc-2.0 /home/Username/.gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2175 fsname=/home/Username/.gtkrc-2.0 dir=/home/Username/.gtkrc-2.0 fstype=ext4
Mounting noexec /home/Username/.config/Trolltech.conf
2176 2022 254:1 /home/Username/.config/Trolltech.conf /home/Username/.config/Trolltech.conf rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2176 fsname=/home/Username/.config/Trolltech.conf dir=/home/Username/.config/Trolltech.conf fstype=ext4
Mounting noexec /home/Username/.config/kdeglobals
2177 2037 254:1 /home/Username/.config/kdeglobals /home/Username/.config/kdeglobals ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2177 fsname=/home/Username/.config/kdeglobals dir=/home/Username/.config/kdeglobals fstype=ext4
Mounting noexec /home/Username/.config/kio_httprc
2178 2038 254:1 /home/Username/.config/kio_httprc /home/Username/.config/kio_httprc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2178 fsname=/home/Username/.config/kio_httprc dir=/home/Username/.config/kio_httprc fstype=ext4
Mounting noexec /home/Username/.kde4/share/config/kdeglobals
2179 2039 254:1 /home/Username/.kde4/share/config/kdeglobals /home/Username/.kde4/share/config/kdeglobals ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/mapper/MyVolumeGroups-root rw
mountid=2179 fsname=/home/Username/.kde4/share/config/kdeglobals dir=/home/Username/.kde4/share/config/kdeglobals fstype=ext4
Mounting noexec /run/user/1000
2187 2180 0:23 /firejail/firejail.ro.file /run/user/1000/kdeinit5__0 rw,nosuid,nodev,relatime master:14 - tmpfs run rw,mode=755
mountid=2187 fsname=/firejail/firejail.ro.file dir=/run/user/1000/kdeinit5__0 fstype=tmpfs
Warning: not remounting /run/user/1000/gvfs
Mounting noexec /dev/shm
2188 914 0:102 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2188 fsname=/shm dir=/dev/shm fstype=tmpfs
Mounting noexec /tmp
2190 2189 0:47 /.X11-unix /tmp/.X11-unix rw,nosuid,nodev master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600
mountid=2190 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs
Mounting noexec /tmp/.X11-unix
2191 2190 0:47 /.X11-unix /tmp/.X11-unix rw,nosuid,nodev,noexec master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600
mountid=2191 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs
Mounting noexec /var
2195 2192 0:96 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw
mountid=2195 fsname=/ dir=/var/tmp fstype=tmpfs
Disable /usr/bin/luac5.2
Disable /usr/bin/luajit-2.0.5
Disable /usr/bin/lua (requested /usr/bin/lua5.4)
Disable /usr/bin/luac (requested /usr/bin/luac5.4)
Disable /usr/bin/lua
Disable /usr/bin/luajit-2.0.5 (requested /usr/bin/luajit)
Disable /usr/bin/lua5.2
Disable /usr/bin/luac
Disable /usr/lib/liblua.so.5.4.1
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so)
Disable /usr/lib/libluajit-5.1.so.2.0.5
Disable /usr/lib/libluajit-5.1.so.2.0.5 (requested /usr/lib/libluajit-5.1.so.2)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua.so.5.4)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2.4)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so)
Disable /usr/lib/liblua5.2.so.5.2.4
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua.so.5.2)
Disable /usr/lib/liblua5.2.so.5.2.4 (requested /usr/lib/liblua5.2.so.5.2)
Disable /usr/lib/liblua.so.5.4.1 (requested /usr/lib/liblua5.4.so)
Disable /usr/lib/lua
Disable /usr/lib/libmozjs-78.so (requested /usr/lib64/libmozjs-78.so)
Disable /usr/bin/core_perl/cpan
Disable /usr/bin/core_perl
Disable /usr/bin/perl
Disable /usr/bin/site_perl
Disable /usr/bin/vendor_perl
Disable /usr/lib/perl5
Disable /usr/share/perl5
Disable /usr/lib/ruby
Disable /usr/bin/python2.7-config
Disable /usr/bin/python2.7-config (requested /usr/bin/python2-config)
Disable /usr/bin/python2.7 (requested /usr/bin/python2)
Disable /usr/bin/python2.7
Disable /usr/lib/python2.7
Disable /usr/bin/python3.8-config (requested /usr/bin/python3-config)
Disable /usr/bin/python3.8 (requested /usr/bin/python3)
Disable /usr/bin/python3.8
Disable /usr/bin/python3.8-config
Disable /usr/lib/python3.7
Disable /usr/lib/python3.8
Disable /usr/lib/python3.7 (requested /usr/lib64/python3.7)
Disable /usr/lib/python3.8 (requested /usr/lib64/python3.8)
Not blacklist /home/Username/.mozilla
Not blacklist /home/Username/.cache/mozilla
Mounting read-only /tmp/.X11-unix
2239 2191 0:47 /.X11-unix /tmp/.X11-unix ro,nosuid,nodev,noexec master:31 - tmpfs tmpfs rw,size=16145976k,nr_inodes=409600
mountid=2239 fsname=/.X11-unix dir=/tmp/.X11-unix fstype=tmpfs
Disable /sys/fs
Disable /sys/module
Disable /mnt
Disable /media
Disable /run/mount
Disable /run/media
Mounting noexec /run/firejail/mnt/pulse
2246 724 0:55 /pulse /run/firejail/mnt/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2246 fsname=/pulse dir=/run/firejail/mnt/pulse fstype=tmpfs
Creating empty /home/Username/.config/pulse directory
Drop privileges: pid 6, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Mounting /run/firejail/mnt/pulse on /home/Username/.config/pulse
2247 1287 0:55 /pulse /home/Username/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=2247 fsname=/pulse dir=/home/Username/.config/pulse fstype=tmpfs
Current directory: /home/Username
DISPLAY=:0 parsed as 0
Install protocol filter: unix,inet,inet6,netlink
configuring 22 seccomp entries in /run/firejail/mnt/seccomp/seccomp.protocol
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.protocol
Dropping all capabilities
Drop privileges: pid 7, uid 1000, gid 985, nogroups 1
No supplementary groups
line OP JT JF K
=================================
0000: 20 00 00 00000004 ld data.architecture
0001: 15 04 00 c000003e jeq ARCH_64 0006 (false 0002)
0002: 20 00 00 00000000 ld data.syscall-number
0003: 15 01 00 00000167 jeq unknown 0005 (false 0004)
0004: 06 00 00 7fff0000 ret ALLOW
0005: 05 00 00 00000006 jmp 000c
0006: 20 00 00 00000004 ld data.architecture
0007: 15 01 00 c000003e jeq ARCH_64 0009 (false 0008)
0008: 06 00 00 7fff0000 ret ALLOW
0009: 20 00 00 00000000 ld data.syscall-number
000a: 15 01 00 00000029 jeq socket 000c (false 000b)
000b: 06 00 00 7fff0000 ret ALLOW
000c: 20 00 00 00000010 ld data.args[0]
000d: 15 00 01 00000001 jeq 1 000e (false 000f)
000e: 06 00 00 7fff0000 ret ALLOW
000f: 15 00 01 00000002 jeq 2 0010 (false 0011)
0010: 06 00 00 7fff0000 ret ALLOW
0011: 15 00 01 0000000a jeq a 0012 (false 0013)
0012: 06 00 00 7fff0000 ret ALLOW
0013: 15 00 01 00000010 jeq 10 0014 (false 0015)
0014: 06 00 00 7fff0000 ret ALLOW
0015: 06 00 00 0005005f ret ERRNO(95)
configuring 101 seccomp entries in /run/firejail/mnt/seccomp/seccomp.32
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.32
Dropping all capabilities
Drop privileges: pid 8, uid 1000, gid 985, nogroups 1
No supplementary groups
line OP JT JF K
=================================
0000: 20 00 00 00000004 ld data.architecture
0001: 15 01 00 40000003 jeq ARCH_32 0003 (false 0002)
0002: 06 00 00 7fff0000 ret ALLOW
0003: 20 00 00 00000000 ld data.syscall-number
0004: 15 00 01 00000015 jeq 15 0005 (false 0006)
0005: 06 00 00 00000001 ret KILL
0006: 15 00 01 00000034 jeq 34 0007 (false 0008)
0007: 06 00 00 00000001 ret KILL
0008: 15 00 01 0000001a jeq 1a 0009 (false 000a)
0009: 06 00 00 00000001 ret KILL
000a: 15 00 01 0000011b jeq 11b 000b (false 000c)
000b: 06 00 00 00000001 ret KILL
000c: 15 00 01 00000155 jeq 155 000d (false 000e)
000d: 06 00 00 00000001 ret KILL
000e: 15 00 01 00000156 jeq 156 000f (false 0010)
000f: 06 00 00 00000001 ret KILL
0010: 15 00 01 0000007f jeq 7f 0011 (false 0012)
0011: 06 00 00 00000001 ret KILL
0012: 15 00 01 00000080 jeq 80 0013 (false 0014)
0013: 06 00 00 00000001 ret KILL
0014: 15 00 01 0000015e jeq 15e 0015 (false 0016)
0015: 06 00 00 00000001 ret KILL
0016: 15 00 01 00000081 jeq 81 0017 (false 0018)
0017: 06 00 00 00000001 ret KILL
0018: 15 00 01 0000006e jeq 6e 0019 (false 001a)
0019: 06 00 00 00000001 ret KILL
001a: 15 00 01 00000065 jeq 65 001b (false 001c)
001b: 06 00 00 00000001 ret KILL
001c: 15 00 01 00000121 jeq 121 001d (false 001e)
001d: 06 00 00 00000001 ret KILL
001e: 15 00 01 00000057 jeq 57 001f (false 0020)
001f: 06 00 00 00000001 ret KILL
0020: 15 00 01 00000073 jeq 73 0021 (false 0022)
0021: 06 00 00 00000001 ret KILL
0022: 15 00 01 00000067 jeq 67 0023 (false 0024)
0023: 06 00 00 00000001 ret KILL
0024: 15 00 01 0000015b jeq 15b 0025 (false 0026)
0025: 06 00 00 00000001 ret KILL
0026: 15 00 01 0000015c jeq 15c 0027 (false 0028)
0027: 06 00 00 00000001 ret KILL
0028: 15 00 01 00000087 jeq 87 0029 (false 002a)
0029: 06 00 00 00000001 ret KILL
002a: 15 00 01 00000095 jeq 95 002b (false 002c)
002b: 06 00 00 00000001 ret KILL
002c: 15 00 01 0000007c jeq 7c 002d (false 002e)
002d: 06 00 00 00000001 ret KILL
002e: 15 00 01 00000157 jeq 157 002f (false 0030)
002f: 06 00 00 00000001 ret KILL
0030: 15 00 01 000000fd jeq fd 0031 (false 0032)
0031: 06 00 00 00000001 ret KILL
0032: 15 00 01 00000150 jeq 150 0033 (false 0034)
0033: 06 00 00 00000001 ret KILL
0034: 15 00 01 00000152 jeq 152 0035 (false 0036)
0035: 06 00 00 00000001 ret KILL
0036: 15 00 01 0000015d jeq 15d 0037 (false 0038)
0037: 06 00 00 00000001 ret KILL
0038: 15 00 01 0000011e jeq 11e 0039 (false 003a)
0039: 06 00 00 00000001 ret KILL
003a: 15 00 01 0000011f jeq 11f 003b (false 003c)
003b: 06 00 00 00000001 ret KILL
003c: 15 00 01 00000120 jeq 120 003d (false 003e)
003d: 06 00 00 00000001 ret KILL
003e: 15 00 01 00000056 jeq 56 003f (false 0040)
003f: 06 00 00 00000001 ret KILL
0040: 15 00 01 00000033 jeq 33 0041 (false 0042)
0041: 06 00 00 00000001 ret KILL
0042: 15 00 01 0000007b jeq 7b 0043 (false 0044)
0043: 06 00 00 00000001 ret KILL
0044: 15 00 01 000000d9 jeq d9 0045 (false 0046)
0045: 06 00 00 00000001 ret KILL
0046: 15 00 01 000000f5 jeq f5 0047 (false 0048)
0047: 06 00 00 00000001 ret KILL
0048: 15 00 01 000000f6 jeq f6 0049 (false 004a)
0049: 06 00 00 00000001 ret KILL
004a: 15 00 01 000000f7 jeq f7 004b (false 004c)
004b: 06 00 00 00000001 ret KILL
004c: 15 00 01 000000f8 jeq f8 004d (false 004e)
004d: 06 00 00 00000001 ret KILL
004e: 15 00 01 000000f9 jeq f9 004f (false 0050)
004f: 06 00 00 00000001 ret KILL
0050: 15 00 01 00000101 jeq 101 0051 (false 0052)
0051: 06 00 00 00000001 ret KILL
0052: 15 00 01 00000112 jeq 112 0053 (false 0054)
0053: 06 00 00 00000001 ret KILL
0054: 15 00 01 00000114 jeq 114 0055 (false 0056)
0055: 06 00 00 00000001 ret KILL
0056: 15 00 01 00000126 jeq 126 0057 (false 0058)
0057: 06 00 00 00000001 ret KILL
0058: 15 00 01 0000013d jeq 13d 0059 (false 005a)
0059: 06 00 00 00000001 ret KILL
005a: 15 00 01 0000013c jeq 13c 005b (false 005c)
005b: 06 00 00 00000001 ret KILL
005c: 15 00 01 0000003d jeq 3d 005d (false 005e)
005d: 06 00 00 00000001 ret KILL
005e: 15 00 01 00000058 jeq 58 005f (false 0060)
005f: 06 00 00 00000001 ret KILL
0060: 15 00 01 000000a9 jeq a9 0061 (false 0062)
0061: 06 00 00 00000001 ret KILL
0062: 15 00 01 00000082 jeq 82 0063 (false 0064)
0063: 06 00 00 00000001 ret KILL
0064: 06 00 00 7fff0000 ret ALLOW
Dual 32/64 bit seccomp filter configured
Build default+drop seccomp filter
sbox run: /run/firejail/lib/fseccomp default drop /run/firejail/mnt/seccomp/seccomp /run/firejail/mnt/seccomp/seccomp.postexec !chroot
Dropping all capabilities
Drop privileges: pid 9, uid 1000, gid 985, nogroups 1
No supplementary groups
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
sbox run: /run/firejail/lib/fsec-optimize /run/firejail/mnt/seccomp/seccomp
Dropping all capabilities
Drop privileges: pid 10, uid 1000, gid 985, nogroups 1
No supplementary groups
configuring 136 seccomp entries in /run/firejail/mnt/seccomp/seccomp
sbox run: /usr/lib/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp
Dropping all capabilities
Drop privileges: pid 11, uid 1000, gid 985, nogroups 1
No supplementary groups
line OP JT JF K
=================================
0000: 20 00 00 00000004 ld data.architecture
0001: 15 01 00 c000003e jeq ARCH_64 0003 (false 0002)
0002: 06 00 00 7fff0000 ret ALLOW
0003: 20 00 00 00000000 ld data.syscall-number
0004: 35 01 00 40000000 jge X32_ABI 0006 (false 0005)
0005: 35 01 00 00000000 jge read 0007 (false 0006)
0006: 06 00 00 00050001 ret ERRNO(1)
0007: 15 00 01 000000a1 jeq chroot 0008 (false 0009)
0008: 06 00 00 7fff0000 ret ALLOW
0009: 15 00 01 0000009f jeq adjtimex 000a (false 000b)
000a: 06 00 00 00050001 ret ERRNO(1)
000b: 15 00 01 00000131 jeq clock_adjtime 000c (false 000d)
000c: 06 00 00 00050001 ret ERRNO(1)
000d: 15 00 01 000000e3 jeq clock_settime 000e (false 000f)
000e: 06 00 00 00050001 ret ERRNO(1)
000f: 15 00 01 000000a4 jeq settimeofday 0010 (false 0011)
0010: 06 00 00 00050001 ret ERRNO(1)
0011: 15 00 01 0000009a jeq modify_ldt 0012 (false 0013)
0012: 06 00 00 00050001 ret ERRNO(1)
0013: 15 00 01 000000d4 jeq lookup_dcookie 0014 (false 0015)
0014: 06 00 00 00050001 ret ERRNO(1)
0015: 15 00 01 0000012a jeq perf_event_open 0016 (false 0017)
0016: 06 00 00 00050001 ret ERRNO(1)
0017: 15 00 01 00000137 jeq process_vm_writev 0018 (false 0019)
0018: 06 00 00 00050001 ret ERRNO(1)
0019: 15 00 01 000000b0 jeq delete_module 001a (false 001b)
001a: 06 00 00 00050001 ret ERRNO(1)
001b: 15 00 01 00000139 jeq finit_module 001c (false 001d)
001c: 06 00 00 00050001 ret ERRNO(1)
001d: 15 00 01 000000af jeq init_module 001e (false 001f)
001e: 06 00 00 00050001 ret ERRNO(1)
001f: 15 00 01 000000a1 jeq chroot 0020 (false 0021)
0020: 06 00 00 00050001 ret ERRNO(1)
0021: 15 00 01 000000a5 jeq mount 0022 (false 0023)
0022: 06 00 00 00050001 ret ERRNO(1)
0023: 15 00 01 0000009b jeq pivot_root 0024 (false 0025)
0024: 06 00 00 00050001 ret ERRNO(1)
0025: 15 00 01 000000a6 jeq umount2 0026 (false 0027)
0026: 06 00 00 00050001 ret ERRNO(1)
0027: 15 00 01 0000009c jeq _sysctl 0028 (false 0029)
0028: 06 00 00 00050001 ret ERRNO(1)
0029: 15 00 01 000000b7 jeq afs_syscall 002a (false 002b)
002a: 06 00 00 00050001 ret ERRNO(1)
002b: 15 00 01 000000ae jeq create_module 002c (false 002d)
002c: 06 00 00 00050001 ret ERRNO(1)
002d: 15 00 01 000000b1 jeq get_kernel_syms 002e (false 002f)
002e: 06 00 00 00050001 ret ERRNO(1)
002f: 15 00 01 000000b5 jeq getpmsg 0030 (false 0031)
0030: 06 00 00 00050001 ret ERRNO(1)
0031: 15 00 01 000000b6 jeq putpmsg 0032 (false 0033)
0032: 06 00 00 00050001 ret ERRNO(1)
0033: 15 00 01 000000b2 jeq query_module 0034 (false 0035)
0034: 06 00 00 00050001 ret ERRNO(1)
0035: 15 00 01 000000b9 jeq security 0036 (false 0037)
0036: 06 00 00 00050001 ret ERRNO(1)
0037: 15 00 01 0000008b jeq sysfs 0038 (false 0039)
0038: 06 00 00 00050001 ret ERRNO(1)
0039: 15 00 01 000000b8 jeq tuxcall 003a (false 003b)
003a: 06 00 00 00050001 ret ERRNO(1)
003b: 15 00 01 00000086 jeq uselib 003c (false 003d)
003c: 06 00 00 00050001 ret ERRNO(1)
003d: 15 00 01 00000088 jeq ustat 003e (false 003f)
003e: 06 00 00 00050001 ret ERRNO(1)
003f: 15 00 01 000000ec jeq vserver 0040 (false 0041)
0040: 06 00 00 00050001 ret ERRNO(1)
0041: 15 00 01 000000ad jeq ioperm 0042 (false 0043)
0042: 06 00 00 00050001 ret ERRNO(1)
0043: 15 00 01 000000ac jeq iopl 0044 (false 0045)
0044: 06 00 00 00050001 ret ERRNO(1)
0045: 15 00 01 000000f6 jeq kexec_load 0046 (false 0047)
0046: 06 00 00 00050001 ret ERRNO(1)
0047: 15 00 01 00000140 jeq kexec_file_load 0048 (false 0049)
0048: 06 00 00 00050001 ret ERRNO(1)
0049: 15 00 01 000000a9 jeq reboot 004a (false 004b)
004a: 06 00 00 00050001 ret ERRNO(1)
004b: 15 00 01 000000a7 jeq swapon 004c (false 004d)
004c: 06 00 00 00050001 ret ERRNO(1)
004d: 15 00 01 000000a8 jeq swapoff 004e (false 004f)
004e: 06 00 00 00050001 ret ERRNO(1)
004f: 15 00 01 00000130 jeq open_by_handle_at 0050 (false 0051)
0050: 06 00 00 00050001 ret ERRNO(1)
0051: 15 00 01 0000012f jeq name_to_handle_at 0052 (false 0053)
0052: 06 00 00 00050001 ret ERRNO(1)
0053: 15 00 01 000000fb jeq ioprio_set 0054 (false 0055)
0054: 06 00 00 00050001 ret ERRNO(1)
0055: 15 00 01 00000067 jeq syslog 0056 (false 0057)
0056: 06 00 00 00050001 ret ERRNO(1)
0057: 15 00 01 0000012c jeq fanotify_init 0058 (false 0059)
0058: 06 00 00 00050001 ret ERRNO(1)
0059: 15 00 01 00000138 jeq kcmp 005a (false 005b)
005a: 06 00 00 00050001 ret ERRNO(1)
005b: 15 00 01 000000f8 jeq add_key 005c (false 005d)
005c: 06 00 00 00050001 ret ERRNO(1)
005d: 15 00 01 000000f9 jeq request_key 005e (false 005f)
005e: 06 00 00 00050001 ret ERRNO(1)
005f: 15 00 01 000000ed jeq mbind 0060 (false 0061)
0060: 06 00 00 00050001 ret ERRNO(1)
0061: 15 00 01 00000100 jeq migrate_pages 0062 (false 0063)
0062: 06 00 00 00050001 ret ERRNO(1)
0063: 15 00 01 00000117 jeq move_pages 0064 (false 0065)
0064: 06 00 00 00050001 ret ERRNO(1)
0065: 15 00 01 000000fa jeq keyctl 0066 (false 0067)
0066: 06 00 00 00050001 ret ERRNO(1)
0067: 15 00 01 000000ce jeq io_setup 0068 (false 0069)
0068: 06 00 00 00050001 ret ERRNO(1)
0069: 15 00 01 000000cf jeq io_destroy 006a (false 006b)
006a: 06 00 00 00050001 ret ERRNO(1)
006b: 15 00 01 000000d0 jeq io_getevents 006c (false 006d)
006c: 06 00 00 00050001 ret ERRNO(1)
006d: 15 00 01 000000d1 jeq io_submit 006e (false 006f)
006e: 06 00 00 00050001 ret ERRNO(1)
006f: 15 00 01 000000d2 jeq io_cancel 0070 (false 0071)
0070: 06 00 00 00050001 ret ERRNO(1)
0071: 15 00 01 000000d8 jeq remap_file_pages 0072 (false 0073)
0072: 06 00 00 00050001 ret ERRNO(1)
0073: 15 00 01 00000143 jeq userfaultfd 0074 (false 0075)
0074: 06 00 00 00050001 ret ERRNO(1)
0075: 15 00 01 000000a3 jeq acct 0076 (false 0077)
0076: 06 00 00 00050001 ret ERRNO(1)
0077: 15 00 01 00000141 jeq bpf 0078 (false 0079)
0078: 06 00 00 00050001 ret ERRNO(1)
0079: 15 00 01 000000b4 jeq nfsservctl 007a (false 007b)
007a: 06 00 00 00050001 ret ERRNO(1)
007b: 15 00 01 000000ab jeq setdomainname 007c (false 007d)
007c: 06 00 00 00050001 ret ERRNO(1)
007d: 15 00 01 000000aa jeq sethostname 007e (false 007f)
007e: 06 00 00 00050001 ret ERRNO(1)
007f: 15 00 01 00000099 jeq vhangup 0080 (false 0081)
0080: 06 00 00 00050001 ret ERRNO(1)
0081: 15 00 01 00000065 jeq ptrace 0082 (false 0083)
0082: 06 00 00 00050001 ret ERRNO(1)
0083: 15 00 01 00000087 jeq personality 0084 (false 0085)
0084: 06 00 00 00050001 ret ERRNO(1)
0085: 15 00 01 00000136 jeq process_vm_readv 0086 (false 0087)
0086: 06 00 00 00050001 ret ERRNO(1)
0087: 06 00 00 7fff0000 ret ALLOW
seccomp filter configured
Mounting read-only /run/firejail/mnt/seccomp
2249 724 0:55 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755
mountid=2249 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs
Seccomp directory:
ls /run/firejail/mnt/seccomp
drwxr-xr-x root root 160 .
drwxr-xr-x root root 400 ..
-rw-r--r-- Username users 1088 seccomp
-rw-r--r-- Username users 808 seccomp.32
-rw-r--r-- Username users 114 seccomp.list
-rw-r--r-- Username users 0 seccomp.postexec
-rw-r--r-- Username users 0 seccomp.postexec32
-rw-r--r-- Username users 176 seccomp.protocol
Active seccomp files:
cat /run/firejail/mnt/seccomp/seccomp.list
/run/firejail/mnt/seccomp/seccomp.protocol
/run/firejail/mnt/seccomp/seccomp.32
/run/firejail/mnt/seccomp/seccomp
Dropping all capabilities
noroot user namespace installed
Dropping all capabilities
NO_NEW_PRIVS set
Drop privileges: pid 1, uid 1000, gid 985, nogroups 0
Warning: cleaning all supplementary groups
Warning: Cannot confine the application using AppArmor.
Maybe firejail-default AppArmor profile is not loaded into the kernel.
As root, run "aa-enforce firejail-default" to load it.
starting application
LD_PRELOAD=(null)
execvp argument 0: firefox
Child process initialized in 117.56 ms
Searching $PATH for firefox
trying #/usr/local/sbin/firefox#
trying #/usr/local/bin/firefox#
Installing /run/firejail/mnt/seccomp/seccomp seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter
Warning: an existing sandbox was detected. /usr/bin/firefox will run without any additional sandboxing features
monitoring pid 12
(firefox:12): Gtk-WARNING **: 20:03:23.178: Theme parsing error: gtk.css:2:0: Expected semicolon
(firefox:12): Gtk-WARNING **: 20:03:23.178: Theme parsing error: gtk.css:3:0: Expected semicolon
(firefox:12): Gtk-WARNING **: 20:03:23.178: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory
libGL error: failed to create dri screen
libGL error: failed to load driver: nouveau
Can't find symbol 'eglGetNativeClientBufferANDROID'.
Can't find symbol 'eglQuerySurfacePointerANGLE'.
Can't find symbol 'eglCreateStreamProducerD3DTextureANGLE'.
Can't find symbol 'eglStreamPostD3DTextureANGLE'.
libEGL warning: DRI2: failed to create dri screen
(/usr/lib/firefox/firefox:125): Gtk-WARNING **: 20:03:23.576: Theme parsing error: gtk.css:2:0: Expected semicolon
(/usr/lib/firefox/firefox:125): Gtk-WARNING **: 20:03:23.576: Theme parsing error: gtk.css:3:0: Expected semicolon
(/usr/lib/firefox/firefox:125): Gtk-WARNING **: 20:03:23.577: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory
(/usr/lib/firefox/firefox:190): Gtk-WARNING **: 20:03:24.192: Theme parsing error: gtk.css:2:0: Expected semicolon
(/usr/lib/firefox/firefox:190): Gtk-WARNING **: 20:03:24.192: Theme parsing error: gtk.css:3:0: Expected semicolon
(/usr/lib/firefox/firefox:190): Gtk-WARNING **: 20:03:24.192: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory
(/usr/lib/firefox/firefox:209): Gtk-WARNING **: 20:03:24.281: Theme parsing error: gtk.css:2:0: Expected semicolon
(/usr/lib/firefox/firefox:209): Gtk-WARNING **: 20:03:24.281: Theme parsing error: gtk.css:3:0: Expected semicolon
(/usr/lib/firefox/firefox:209): Gtk-WARNING **: 20:03:24.281: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory
(/usr/lib/firefox/firefox:232): Gtk-WARNING **: 20:03:24.369: Theme parsing error: gtk.css:2:0: Expected semicolon
(/usr/lib/firefox/firefox:232): Gtk-WARNING **: 20:03:24.369: Theme parsing error: gtk.css:3:0: Expected semicolon
(/usr/lib/firefox/firefox:232): Gtk-WARNING **: 20:03:24.370: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory
(/usr/lib/firefox/firefox:338): Gtk-WARNING **: 20:03:25.819: Theme parsing error: gtk.css:2:0: Expected semicolon
(/usr/lib/firefox/firefox:338): Gtk-WARNING **: 20:03:25.819: Theme parsing error: gtk.css:3:0: Expected semicolon
(/usr/lib/firefox/firefox:338): Gtk-WARNING **: 20:03:25.820: Theme parsing error: gtk.css:6:33: Failed to import: Error opening file /home/Username/.config/gtk-3.0/window_decorations.css: No such file or directory
Can't find symbol 'eglGetNativeClientBufferANDROID'.
Can't find symbol 'eglQuerySurfacePointerANGLE'.
Can't find symbol 'eglCreateStreamProducerD3DTextureANGLE'.
Can't find symbol 'eglStreamPostD3DTextureANGLE'.
libEGL warning: DRI2: failed to create dri screen
libEGL warning: DRI2: failed to create dri screen
libEGL warning: DRI2: failed to create dri screen
###!!! [Parent][MessageChannel::Call] Error: Channel error: cannot send/recv
Sandbox monitor: waitpid 12 retval 12 status 0
Sandbox monitor: monitoring 125
monitoring pid 125
Sandbox monitor: waitpid 125 retval 125 status 0
Sandbox monitor: monitoring 209
monitoring pid 209
Sandbox monitor: waitpid 209 retval 209 status 0
Sandbox monitor: monitoring 232
monitoring pid 232
Sandbox monitor: waitpid 232 retval 232 status 0
Sandbox monitor: monitoring 338
monitoring pid 338
Sandbox monitor: waitpid 338 retval 338 status 0
Parent is shutting down, bye...
information
Utini2000
👍1
All 22 comments
[ x ] A short search for duplicates was performed.
3681
3645
3390
SkewedZeppelin
on 5 Nov 2020
👍2
Oh crap... sorry but I really searched. Must be blind today :S
Utini2000
on 5 Nov 2020
It happens...
:)
SkewedZeppelin
on 5 Nov 2020
@SkewedZeppelin I cannot fix the issue though
I created /home/.config/firejail/firefox.local and added:
browser-allow-drm yes
This line does not work at all and firefox won't start.
It is also not included in /etc/firejail/firefox.profile
The following line starts firefox but DRM will will not play:
?BROWSER_ALLOW_DRM: yes
Utini2000
on 5 Nov 2020
That line goes into /etc/firejail/firejail.config
SkewedZeppelin
on 5 Nov 2020
But in that case the next update will overwrite it again?
Utini2000
on 5 Nov 2020
Does Arch just overwrite config files that the user has modified?
reinerh
on 5 Nov 2020
Changing browser-allow-drm no to browser-allow-drm yes in /etc/firejail/firejail.config did nothing for me.
Widevine was still crashing until I added ignore noexec ${HOME} to ~/.config/firejail/firefox.local.
I suspect the ?BROWSER_ALLOW_DRM flag wasn't working on my system for some reason.
For reference:
OS: Manjaro 20.2 Nibia
Kernel: x86_64 Linux 5.7.19-2-MANJARO
DE: KDE 5.75.0 / Plasma 5.20.2
And my firefox.local file just contains these lines:
dbus-user.talk org.freedesktop.Notifications
include firefox-common-addons.inc
ignore noexec ${HOME}
I've only had this issue since installing a large number of package updates today, which included updates for firejail and firefox among many other packages.
Jazzyboy1
on 6 Nov 2020
Changing browser-allow-drm no to browser-allow-drm yes in /etc/firejail/firejail.config did nothing for me.
Has you uncommented it? Are there any global.local or firefox-common.local files? If you edited BROWSER_ALLOW_DRM in firefox.profile: have you made any typos?
rusty-snake
on 6 Nov 2020
.... I actually did not uncomment it. I feel like such an idiot right now. Sorry for the trouble.
It works fine now after uncommenting that line. (so I removed the ignore noexec ${HOME} from my firefox.local)
Thanks
Jazzyboy1
on 6 Nov 2020
@Jazzyboy1 can you please post the changes you now have in:
~/.config/firejail/firefox.local
and
/etc/firejail/firejail.config
I believe I re-produced all your steps and didn't get it to work. But I might have done something wrong so I would love to double check with your files :-)
Utini2000
on 6 Nov 2020
All you need:
sudo sed -i 's/# browser-allow-drm no/browser-allow-drm yes/'
/etc/firejail/firejail.config
SkewedZeppelin
on 6 Nov 2020
👍2
Alright, but with the next update it might be gone and break firefox again.
Why can't this be done in the ~/.config/firejail/firefox.local ?
Utini2000
on 6 Nov 2020
Because these are settings supposed to be set by the system administrator and should not be overwritable by users.
reinerh
on 6 Nov 2020
Also I would be highly surprised if settings are gone after an upgrade in Arch... This would mean users can never touch a file in /etc?
reinerh
on 6 Nov 2020
Files won't be gone after an update. you get a message to manually compare new and old files. One more manual step to do when updating.
Utini2000
on 6 Nov 2020
All you need: sudo sed -i 's/# browser-allow-drm no/browser-allow-drm yes/' /etc/firejail/firejail.config
Does not work for me:
sed: no input files
zsh: permission denied: /etc/firejail/firejail.config
Also for me there is no "browser-allow-drm" line is in firefox.profile?
How ever, there is in firefox-commong.profile
---- Update:
Okay I realized you set "browser-allow-drm" in "/etc/firejail/firejail.config" and not in the firefox specific file. So this will allow it system wide? Why not allow it for firefox only?
Utini2000
on 6 Nov 2020
permission denied
for root ???!
Why can't this be done in the ~/.config/firejail/firefox.local ?
You can not set conditions in profile, but you can set the command behind a condition unconditional to your locals. However using the condition is the suggested by, because if widevine requires new permissions (for example whitelist /var/lib/widevine), then we will add these commands behind this condition. So you set browser-allow-drm once and it works also if new things are added to this condition.
rusty-snake
on 6 Nov 2020
Yes even with sudo :o
Hmm but what if I want to allow DRM only in a specific browser instead of allowing DRM on my whole system?
Utini2000
on 6 Nov 2020
instead of allowing DRM on my whole system?
browser-allow-drm only allows drm in briwser with drm support (firefox and chrom*).
- set browser-allow-drm yes and add
noexec ${HOME}to BROWSER.local to opt-out - add
ignore noexec ${HOME}to firefox.local
rusty-snake
on 6 Nov 2020
Thanks, I will give it a try later.
I would still prefer to blacklist it for the whole system and whitelist it application specific instead of whitelistening it to the whole system and blacklisting it to specific apps.
Utini2000
on 6 Nov 2020
I'm closing here due to inactivity, please fell free to request to reopen if you have more questions.
rusty-snake
on 16 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings
Related issues
kmotoko
路
3Comments
francoism90
路
4Comments
SkewedZeppelin
路
3Comments
crass
路
3Comments
fl-chris
路
4Comments
Most helpful comment
All you need:
sudo sed -i 's/# browser-allow-drm no/browser-allow-drm yes/'
/etc/firejail/firejail.config