Code: Alles auswählen
firejail /usr/bin/chromium
Code: Alles auswählen
shinji@nerv-kommandozentrale:~$ firejail /usr/bin/chromium
Reading profile /etc/firejail/chromium.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Parent pid 2166, child pid 2167
Child process initialized
ATTENTION: default value of option force_s3tc_enable overridden by environment.
[61:61:1126/194646.329850:ERROR:sandbox_linux.cc(346)] InitializeSandbox() called with multiple threads in process gpu-process.
Meine /etc/firejail/chromium.profile sieht folgendermaßen aus:
Code: Alles auswählen
# Chromium browser profile
noblacklist ~/.config/chromium
noblacklist ~/.cache/chromium
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
# chromium is distributed with a perl script on Arch
# include /etc/firejail/disable-devel.inc
#
netfilter
whitelist ${DOWNLOADS}
mkdir ~/.config/chromium
whitelist ~/.config/chromium
mkdir ~/.cache/chromium
whitelist ~/.cache/chromium
mkdir ~/.pki
whitelist ~/.pki
# lastpass, keepassx
whitelist ~/.keepassx
whitelist ~/.config/keepassx
whitelist ~/keepassx.kdbx
whitelist ~/.lastpass
whitelist ~/.config/lastpass
# specific to Arch
whitelist ~/.config/chromium-flags.conf
include /etc/firejail/whitelist-common.inc