How To Install Firejail and Run Unsecure Application On Linux

How To Install Firejail and Run Unsecure Application On Linux

Firejail can solve your problems to install the unsecure application on Linux. If you want to install them.  So, we can use the application in the Sandbox. This is the ability to run the application in a limited environment. This way we can run install and run unsecure applications in Linux using the Firejail sandbox.

Check Out: Install and Configure AWS CLI Version 2 Tool On Windows

Firejail Installation starts:

You will need git to download the setup from Github and if you don’t want to install, you can simply download the setup and upload it on the server. 

[root@example ~]# yum install git -y
[root@example ~]# git clone https://github.com/netblue30/firejail.git
[root@example ~]# mv firejail /opt/
[root@example ~]# cd /opt/firejail/
[root@example firejail]# ls

linux sandbox

We need to configure the compiler and it will also look for GCC libraries and install them to run the application. 

Check Out: Learn Cat Commands With Examples On CentOS 8

Start with the below commands and install them.

[root@example firejail]# ./configure
[root@example firejail]# make
-bash: make: command not found

If make command is not found, you can install it using yum install make -y 

Installed:
make-1:4.2.1-9.el8.x86_64

Complete!

Now run the make command. It will install Firejail configuration file. 

[root@example firejail]# make

install firejail sandbox

[root@example firejail]# make install-strip

Check Version

[root@example ~]# firejail --version
firejail version 0.9.63

Compile time support:
- AppArmor support is disabled
- AppImage support is enabled
- chroot support is enabled
- file and directory whitelisting support is enabled
- file transfer support is enabled
- firetunnel support is enabled
- networking support is enabled
- overlayfs support is enabled
- private-home support is enabled
- seccomp-bpf support is enabled
- SELinux support is disabled
- user namespace support is enabled
- X11 sandboxing support is enabled

Check Out: Useful Git Command For Admin and Developers On Linux

Start the Application with Firejail:

The next step is to run the application with Firejail using the below commands. 

[root@example ~]# firejail firefox                  #Start firefox
[root@example ~]# firejail vlc                      #Start videolan client

You can also list the sandboxes using firejail –list

Integration Firejail With Desktop: 

You can integrate your sandbox to the desktop with Firejail using the below commands. This command will solve some shared memory/PID namespaces bugs in Pulse Audio software. 

[root@example ~]# firecfg --fix-sound

The below command will integrate your sandbox to the desktop. you will have to logout and login again to get changes to reflect in Pulse Audio. 

[root@example ~]# firecfg

Check Out: How To Install and Enable RepoForge Repository On Linux

Create Security Profiles:

We can find the profile for all supported applications. You must have noticed at the time of installation it has created a profile under /opt/firejail/etc. 

You’re done linux sandbox firejail install 

Share on:

I'm the founder of Curious Viral. I hope this blog will provide you complete information about Linux Technology & I would like to share my technical knowledge with you which I have learned during this period.

Other Posts You May Like...

Leave a comment