Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Running firejail in Docker #2579

Closed
mwz opened this issue Mar 12, 2019 · 4 comments
Closed

Running firejail in Docker #2579

mwz opened this issue Mar 12, 2019 · 4 comments
Labels
information_old (Deprecated; use "doc-todo" or "needinfo" instead) Information was/is required

Comments

@mwz
Copy link

mwz commented Mar 12, 2019

Hi, I'm trying to run firejail in a Docker container, however I'm not having any luck.

I'm using the following:

  • base docker image openjdk:8 (Debian Stretch)
  • firejail 0.9.44.8-2 (the latest version available)

Running firejail in the following way

firejail --force --noprofile echo hello

results in this error message:

Error clone: main.c:2519 main: Operation not permitted

I've seen in the release notes that the --force flag was removed in 0.9.54 - is it possible to run firejail in Docker? If so, what is the recommended way of doing that?
@Fred-Barclay
Copy link
Collaborator

Hi @mwz
As far as I know it's no longer possible to run firejail inside Docker because they both need/use similar features. Sorry -- I know it's not the news you wanted to hear -- maybe someone can correct me if this is actually possible??
#1956 (comment)

@Fred-Barclay Fred-Barclay added the information_old (Deprecated; use "doc-todo" or "needinfo" instead) Information was/is required label Mar 13, 2019
@mwz mwz mentioned this issue Mar 15, 2019
Closed
@KOLANICH
Copy link
Contributor

I have run FJ in docker in CI environment, IMHO works fine.

@matu3ba
Copy link
Contributor

matu3ba commented Jun 21, 2019

@KOLANICH Please refer your firejail version, if you claim otherwise.
This should be closed due to technical reasons otherwise as explained in #1956.

@Fred-Barclay
Copy link
Collaborator

Let's close now and reopen later if needed. Thanks everyone! 😄

@matu3ba matu3ba mentioned this issue Jul 1, 2019
Closed
joelpet added a commit to joelpet/ab-svenska-pass-in-firejail that referenced this issue Jan 1, 2020
@joelpet
Skip audit in CI since Firejail cannot run inside Docker
c855631 
See:
- netblue30/firejail#189
- netblue30/firejail#1956
- netblue30/firejail#2579
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
information_old (Deprecated; use "doc-todo" or "needinfo" instead) Information was/is required
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@KOLANICH @mwz @Fred-Barclay @matu3ba