Documentation

 

I’ve just installed Firejail, now what?!

Integrate your sandbox into your desktop by running:

$ sudo firecfg
 

Start your program the way you are used to – desktop manager menus, file manager, desktop starters – and it will be sandboxed automatically. There are over 1000 applications supported by default in the current Firejail software version, and the number goes up with every new release.

The browser is by far the most important program you would ever need to protect. Take a look at Firefox Sandboxing Guide to get in the mood. Tor browser setup is discussed in Firejail Tips and Tricks.

Firejail Usage document will help you get started in command line. If you are stuck and need help to figure something out, don’t be afraid to ask.

Do I really need to build a security profile for my application?

No. If your application is not recognized, Firejail will use a very restrictive default profile. Yet, we encourage users to customize profiles. Building Custom Profiles describe how to change exiting security profiles and how to create new ones. For developers we keep a more detailed document in our wiki here.

It’s too easy, I’m getting bored!

There is no difficult in Firejail, at least not SELinux-difficult. But if you need something more challenging, try to customize your security filters, or go into some more advanced security topics such as X11 sandboxing:

Not quite like that, I was thinking about sandboxing games…

Take a look at this excellent Steam article on Joris_VR blog. Both Steam and Wine games are supported by Firejail sandbox, with full sound and 3D acceleration.

 

External Reviews

If you are looking for external reviews, these are some of the best: LWN.net, DistroWatch.com, and linux.com. Linux Magazine published a very detailed feature article in April 2015. An online copy is available here.

 

HowTo Videos

For our less-experienced Linux users, we are building a video HowTo channel. Hopefully, we can pair each video with a blog entry, if not, we provide the relevant info in the video description. Currently the videos are on Brighteon, and the backup channel is on BitChute.

 

14 thoughts on “Documentation

  1. Pingback: How to Sandbox Apps in Linux Systems | Beebom

  2. Pingback: linux process sandboxing with linux ‘user namespaces’ and firejail – atropineal

  3. Pingback: How to Sandbox Non-Trusted Apps in Linux Systems - PC - Learn in 30 Sec from Microsoft Awarded MVP

  4. Pingback: Firejail | security sandbox

  5. Pingback: FireJail for Linux Security – Chainsaw's Privacy

  6. Pingback: ▷ How to Sandbox Non-trusted Apps in Linux Systems | Howw

  7. Pingback: با Firejail در مقابل آسیب پذیری های برنامه ها در لینوکس محفوظ تر بمانید! – OpenJDK.ir

  8. sioeuhdiwuehd

    I am using 0.9.60 version.
    >Without sudo on mint 19.2…
    $ firecfg –fix-sound
    Error: cannot detect login user
    >And with sudo…
    sudo firecfg –fix-sound
    [sudo] senha para user:
    Writing file /root/.config/pulse/client.conf
    fopen: No such file or directory
    Error: cannot configure sound file

    Like

    Reply
  9. iuehduihe

    Netblue, start fixing this shit for new users. I did install firejail in mint and in popOS.
    Always lots of headaches for breaking the system just for installing.
    Now? Installed the normal ubuntu repo version in popos…
    >Chromium already do not work after firejail install, can not type anything, keyboard is blocked to acess it. It reminded me it gave me problems in mint and manjaro too with opera and brave.
    >Then i went to install VERACRYPT DEB file i downloaded… Gives an error. Only if i uninstall firejail i can install veracrypt. Very annoying.

    Like

    Reply
  10. Pingback: Locking Down Linux: Using Ubuntu as Your Primary OS, Part 3 (Application Hardening & Sandboxing) « Null Byte :: WonderHowTo

  11. Pingback: Cómo crear aplicaciones de sandbox en sistemas Linux - uzco.online

  12. K

    After running sudo firecfg its impossible to shut down firejail using command firejail –shutdown=PID because the PID is everchanging. Each invocation of firejail –list to get the PID will change the PID of the result (e.g 4054: –list)

    Like

    Reply
  13. Pingback: Sandbox-Apps in Linux-Systemen - weeo.online

  14. Pingback: Comment mettre en sandbox les applications dans les systèmes Linux - xaer.online

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s