Problem with Brave and firejail on Linux

linux
privacy

#1

Description of the issue:
Brave doesn’t load the brave-software setting folder from .config/ (Linux)

Steps to Reproduce:

  1. firejail is required
  2. open a terminal
  3. run firejail brave (or the path to brave executable, mine is /opt/brave-v0.XX.X-linux-x64/brave)

Actual Result (gifs and screenshots are welcome!):
New factory setting brave window, like a first launch.

Expected result:
Brave open with user setting stored in .config/ folder, as basic use.

Reproduces how often:
Always

Brave Version(about:brave):
All recents, from linux-x64.zip archives from github like the last stable, beta and dev versions.

Reproducible on current live release (yes/no):
Yes

Additional Information:
Don’t know if other Linux users have the same issue and if it’s a firejail bug or not.
Don’t have this issue with other browsers (opera, vivaldi, waterfox)
Also:



It should be fine to have some feedback of Linux users about firejail and Brave, please. :wink:


#2

So glad that you posted this! I was just about to do my own posting complaining about the same issue!

Not sure if I have much to add except how my system is configured. I am running Xubuntu 18.04 inside VirtualBox 6.0.0 on a Windows 7 host at the moment.

I created an Xubuntu desktop Launcher to run Brave. Its command line is:

firejail --profile=/etc/firejail/brave.profile /usr/bin/brave-browser --incognito %U

As you can see, I am explicitly using firejail’s builtin profile for Brave. Is it possible that this profile is deficient, lacking some privilege that would allow Brave to load its default Settings?

The --incognito switch launches Brave in that mode, but that is NOT an issue: I have tested removing it and firejail Brave still fails to read the Settings.


#3

thanks for the help, but unfortunately, still unable to get Brave to work with firejail. I tried your command without success. :roll_eyes:


#4

What specifically happened? Did Brave fail to run at all, or merely fail to load the Settings?

If Brave failed to run at all, make sure that you use the exact path to Brave and the Brave firejail profile on your system.

If Brave is merely failing to load the Settings, well, that is what I also see.


#5

Instead of using an Xubuntu desktop launcher, I decided to try running firejail Brave in a Terminal to see if anything interesting gets printed out.

If I execute either of these 2 command lines

firejail /usr/bin/brave-browser
firejail /usr/bin/brave-browser %U

I see this output:

Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc

** Note: you can use --noprofile to disable default.profile **

Parent pid 2112, child pid 2113
Child process initialized in 33.97 ms

Parent is shutting down, bye...

As that last line of output indicates, Brave failed to stay running.

The key for me to make Brave stay running is to use the firejail Brave profile.

In particular, if I execute either of these 2 command lines

firejail --profile=/etc/firejail/brave.profile /usr/bin/brave-browser
firejail --profile=/etc/firejail/brave.profile /usr/bin/brave-browser %U

I see this output:

Reading profile /etc/firejail/brave.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Parent pid 2597, child pid 2598
Child process initialized in 73.01 ms
[6:37:0109/221838.490381:ERROR:rewards_service_impl.cc(141)] Failed to read file: /home/kevin/.config/BraveSoftware/Brave-Browser/Default/ledger_state
[6:6:0109/221838.651804:ERROR:gpu_process_transport_factory.cc(967)] Lost UI shared context.
[6:6:0109/221838.830687:ERROR:x11_input_method_context_impl_gtk.cc(144)] Not implemented reached in virtual void libgtkui::X11InputMethodContextImplGtk::SetSurroundingText(const base::string16 &, const gfx::Range &)
[1:8:0109/221839.071762:ERROR:command_buffer_proxy_impl.cc(105)] ContextResult::kTransientFailure: Shared memory region is not valid

Interesting that Brave stays running–and seems to operate perfectly normally, other than not loading the Settings–even tho 4 ERRORs happen.

Does anyone know if that final %U option is really needed or not? I got the idea to use it from some website that I now cannot find… The command lines above indicate that it makes no difference to include it or not, so I am now inclined to remove it. All I know about it is that it is “a parameter for the Exec key in .desktop files”.


#6

I suggested earlier that this problem might be due to the firejail Brave profile.

The contents of my firejail Brave profile (/etc/firejail/brave.profile) include these lines:

...
noblacklist ${HOME}/.config/brave
...
mkdir ${HOME}/.config/brave
...
whitelist ${HOME}/.config/brave
...

I am not exactly sure what these lines do.

I would have guessed that ${HOME}/.config/brave is the directory where Brave saves any changes to its Settings if you run it inside firejail.

However, just now when I ran Brave inside firejail and modified its Settings, I failed to see anything written to that directory.


closed #7

This topic was automatically closed after 30 days. New replies are no longer allowed.