Replies: 3 comments 5 replies
-
Hi @osevan. You might be already aware of the below remarks regarding
$ grep private-lib /etc/firejail/firejail.config
# Enable or disable private-lib feature, default disabled
private-lib yes
I think in that case (subfolder) you're good to go. Doesn't hurt to run a few quick tests to make sure, before you start adding private-lib stuff in your .local overrides. And beware of some potential pitfalls, see the below examples: $ firejail --ignore=quiet --private-lib -- echo "foo"
...
Standard C library installed in 5.62 ms
Firejail libraries installed in 5.44 ms
Program libraries installed in 42.01 ms
Installed 26 libraries and 2 directories
...
/bin/bash: error while loading shared libraries: libreadline.so.8: cannot open shared object file: No such file or directory $ firejail --ignore=quiet --private-lib=libreadline.so.* -- echo "foo"
...
Standard C library installed in 5.62 ms
Firejail libraries installed in 5.44 ms
Program libraries installed in 42.01 ms
Installed 29 libraries and 2 directories
...
foo Feel free to ask away, I use private-lib too in several profiles. HTH |
Beta Was this translation helpful? Give feedback.
-
I think setting temporart ld_library_path should do this job. But, will private-lib tool follow this path before binary start and symlinking or copying inside virtualfs? |
Beta Was this translation helpful? Give feedback.
-
Still need answers. Because firejail doesnt follow different glibc folder in private-lib flag inside profile. I want inject every library path with new glibc path. |
Beta Was this translation helpful? Give feedback.
-
Hi community,
im using firejal since 2016 amd love every improvement.
Today i want ask a question about one of my favourite functions private-lib:
Im maintaining seperate glibc under subfolder of default debian sid library path and want use these librarys - because my apps compiled already dynamicly against them - inside fj containers private-lib function.
How i can tell Firejail for my seperate glibc directory instead of system defaults directory?
If this not existing yet, could we make argument as private-lib-path=/usr/lib/mypath?
Thanks and
Best regards
Beta Was this translation helpful? Give feedback.
All reactions