Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

0.9.38-1~bpo: firejail cannot handle /etc/skel/.bashrc as symlink #556

Closed
Symbolis opened this issue Jun 5, 2016 · 2 comments

Comments

@Symbolis
Copy link

commented Jun 5, 2016

Was told to report this issue from distro downstream from Debian Jessie (jessie-backports).

Firejail whitelisting fails because /etc/skel/.bashrc is a symlink in their distro:

user@host:~$ firejail /usr/bin/iceweasel
Reading profile /home/user/.config/firejail/iceweasel.profile
Reading profile /etc/firejail/disable-mgmt.inc
Reading profile /etc/firejail/disable-secret.inc
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/whitelist-common.inc
Parent pid 30345, child pid 30346
Error: invalid /etc/skel/.bashrc file
Error: cannot establish communication with the parent, exiting...

Issue goes away when /etc/skel/.bashrc is not a symlink (rm -f /etc/skel/.bashrc and copy original instead)

I can't check if fixed in 9.40 or not, sorry, but not finding tickets.

How to reproduce:

cp /etc/skel/.bashrc /etc/skel/.bashrc.orig
rm /etc/skel/.bashrc
ln -s /etc/skel/.bashrc.orig /etc/skel/.bashrc
firejail /usr/bin/iceweasel

@Symbolis

This comment has been minimized.

Copy link
Author

commented Jun 5, 2016

Also happens on 9.40 (attempted on another distro).

@netblue30 netblue30 added the bug label Jun 6, 2016
@netblue30

This comment has been minimized.

Copy link
Owner

commented Jun 6, 2016

I have a fix in git. The commit is c5ed2af

Thank you for the bug report.

@netblue30 netblue30 closed this Jun 6, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.