How would I go about launching Icecat from firetools through a tar?

19 replies [Last post]
CalmStorm

I am a member!

Offline
Joined: 12/31/2014

icecat-52.0.2.en-US.linux-x86_64.tar.bz2

Once unpacked, how do I make firetools launch it?

I tried the same method as launching tor browser that I used,

I am using a different distro and would like to use it through firetools.

firejail /home/username/icecat/run-icecat.sh

didn't work though.

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

If I'm not mistaken firetools is a gui for firejail. Never used it. Firejail is extremely simple to use, no need for graphical interfaces. With that out of the way, you need to launch Icecat via its executable. I haven't used the damn thing in ages so I don't remember exactly but you can easily find out if you open a terminal and try to launch Icecat from the terminal. When you succeed doing so you will find your answer because whatever command launched successfully Icecat is the same command preceded by 'firejail' to launch Icecat sandboxed..

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

Strangest thing though, the error I received when I Tried via cd /home/user/icecat/icecat then

firejail /home/user/icecat/icecat

was that it is already sandboxed. which I found very very strange.

dunno why though...

but yeah... I think icecat must have built in sandboxing.

just try testing icecat 52 within firejail or firetools, you will understand what I am talking about. but do it through terminal emulator and cd to the location of icecat's startup area and then firejail /home/user/icecat/icecat

that's my advice to you if you think I am wrong mind you ;)

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

I really don't think Icecat is sandboxed on its own and even if it was it would still get sandboxed in firejail. Mozilla is working on sandboxing Firefox, but it's a looong way. My guess is you will need to edit /etc/firejail/icecat.profile to fix your issue. If I had to make a very wild guess I'd say you did not whitelist the folder containing Icecat in /home ..

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

okay...

eading profile /etc/firejail/icecat.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/whitelist-common.inc
Parent pid 2597, child pid 2598
Blacklist violations are logged to syslog
Child process initialized
/bin/bash: /home/user/icecat/icecat.run.sh: No such file or directory

what does this tell you and what do I need to do to fix this?

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

Hmm, not much other than there is no such file or directory :)

Have you right clicked on the icecat.run.sh and marked the boxy "allow to run as a program" or executable or whatever?

If by tomorrow you haven't solved it (tell me if you don't) I'll download it and try on my laptop (it's very late now, very tired)

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

Still doesn't work sadly...

does anyone know how to help me?

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

Hey mateson. Ok, I just downloaded it and made it launch sandboxed, working fine. Follow waht I did:

/home/gnu/.icecat/icecat
/bin/bash: /home/gnu/.icecat/icecat: No such file or directory

^same error it was giving to you..

So, as I suspected it is a permission issue and I just whitelisted the .icecat folder (which is the folder containing the executable (the one extracted from the downloaded tar).

sudo mousepad /etc/firejail/icecat.profile

and add this in:

whitelist ~/.icecat

Now it should work without issue.

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

Yes, you were correct. :)

I realize now that I tried your idea before but I put the

whitelist ~/.icecat

in the wrong place in the profile.

it has been corrected though. :)

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

Nice! cheers mate :)

Mangy Dog

I am a member!

I am a translator!

Offline
Joined: 03/15/2015

Bravo SuperTramp83!

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

tx... mangy dawg :P

awww.jpg
CalmStorm

I am a member!

Offline
Joined: 12/31/2014

is there a way to do this for thunderbird as well?

It doesn't seem to work in firetools and in firejail, it doesn't invoke my preset emails.

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

Sure, mate. Firejaillino can sanboxino everything, and I mean **any** thing :)

Basically what you need to do each time a sandboxed application isn't working is edit it's profile file to whitelist the impeding entry. In this case /etc/firejail/thunderbird

# Firejail profile for Mozilla Thunderbird
# Users have thunderbird set to open a browser by clicking a link in an email
# We are not allowed to blacklist browser-specific directories

noblacklist ~/.gnupg
mkdir ~/.gnupg
whitelist ~/.gnupg

noblacklist ~/.thunderbird
mkdir ~/.thunderbird
whitelist ~/.thunderbird

noblacklist ~/.cache/thunderbird
mkdir ~/.cache/thunderbird
whitelist ~/.cache/thunderbird

include /etc/firejail/firefox.profile

What you see here is the **default** whitelisting of .gnupg (in order for the mail encryption to work) and the application's folder and cache folder (.thunderbird and /.cache/thunderbird).

Now, with this default profile the thunderbird application should work flawlwessly. I assume you are not using thunderbird but icedove. If that is indeed the case you'll need to whitelist its folders. I use claws mails but if I remember the old icedove times, the folders are .icedove and /.cache/icedove.

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

I actually was talking about thunderbird, although, I am using debian stretch currently...

till devuan ascii becomes as stable as debian stretch.

or until trisquel 8 becomes stable xD

What would I do for that anyways... though.

just curious. is it basically the same?

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

>is it basically the same

Yep.

I'm on Stretch too.

CalmStorm

I am a member!

Offline
Joined: 12/31/2014

hmm, it seems to not know I already have a thunderbird profile...

weird...

how do I fix this?

I would like to use the latest thunderbird...

now I have a new error:

Reading profile /etc/firejail/thunderbird.profile
Reading profile /etc/firejail/thunderbird.profile
Reading profile /etc/firejail/thunderbird.profile
Reading profile /etc/firejail/thunderbird.profile
Reading profile /etc/firejail/thunderbird.profile
Reading profile /etc/firejail/thunderbird.profile
Reading profile /etc/firejail/thunderbird.profile
Error: maximum profile include level was reached

?

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

Never saw that 'max profile bla bla' warning. Hmm, you are forcing me to install (temporarily fortunately) bloat'a'bird :P

k, so I installed it and launched it, 'firejail thunderbird', and it launched just fine.. I have a scrotty screenshot to prove it :D

I guess your profile is messed up. Did you modify it?

Here, the profile (which is btw the standard, default one)

noblacklist ~/.gnupg
mkdir ~/.gnupg
whitelist ~/.gnupg
noblacklist ~/.thunderbird
mkdir ~/.thunderbird
whitelist ~/.thunderbird
noblacklist ~/.cache/thunderbird
mkdir ~/.cache/thunderbird
whitelist ~/.cache/thunderbird
include /etc/firejail/firefox.profile

I suggest you comment the last line -->

#include /etc/firejail/firefox.profile

unless clicking on links inside thunderbird to open them in firefox is something you need.

meh.png
CalmStorm

I am a member!

Offline
Joined: 12/31/2014

Thanks that solved my problem, I am curious though, is thunderbird anymore bloated than icedove if you add no nonfree software?

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

Icedove and thunderbird are the same software, just another branding. Just like Firemocks, Thunderbird suffers from bloat. Apparently Mozilla's philosophy is: the more code you write and the more features (useless crap mostly) you add the better you are at programming... which is needless saying, sheer madness.

I will steal from the suckless website, it's as if they had in mind Mozilla when they wrote this:

Many (open source) hackers are proud if they achieve large amounts of code, because they believe the more lines of code they’ve written, the more progress they have made. The more progress they have made, the more skilled they are. This is simply a delusion.

Most hackers actually don’t care much about code quality. Thus, if they get something working which seems to solve a problem, they stick with it. If this kind of software development is applied to the same source code throughout its entire life-cycle, we’re left with large amounts of code, a totally screwed code structure, and a flawed system design. This is because of a lack of conceptual clarity and integrity in the development process.

Code complexity is the mother of bloated, hard to use, and totally inconsistent software. With complex code, problems are solved in suboptimal ways, valuable resources are endlessly tied up, performance slows to a halt, and vulnerabilities become a commonplace. The only solution is to scrap the entire project and rewrite it from scratch.

The bad news: quality rewrites rarely happen, because hackers are proud of large amounts of code. They think they understand the complexity in the code, thus there’s no need to rewrite it. They think of themselves as masterminds, understanding what others can never hope to grasp. To these types, complex software is the ideal.

Ingenious ideas are simple. Ingenious software is simple. Simplicity is the heart of the Unix philosophy. The more code lines you have removed, the more progress you have made. As the number of lines of code in your software shrinks, the more skilled you have become and the less your software sucks.