[Solved] Proxychains and firejail at the same time

Fred7109 · 2016-06-10 07:10:52

Hello

I have a question regarding proxychains and firejail: I would like to have the security of running thunderbird through firejail with seccomp, and at the same time the privacy by running it through a socks proxy in proxychains. I cannot get i to function properly, does anyone have an idea regarding how I can get this to work, or another way I can accomplish the same?

This is how I would run thunderbird with firejail:

firejail --seccomp thunderbird

And with proxychains:

proxychains thunderbird

Regards,
Frederik

Last edited by Fred7109 (2016-06-23 20:39:14)

paulstelian97 · 2016-06-20 16:31:46

Does proxychains not work inside firejail?

Fred7109 · 2016-06-21 11:35:48

Unfortunately not. When I for example try to run:

firejail proxychains thunderbird

It says following:

[xxx@xxx-arch-linux Startup]$ firejail proxychains thunderbird
Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Warning: user namespaces not available in the current kernel.

** Note: you can use --noprofile to disable default.profile **

Parent pid 19433, child pid 19434
Warning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted

Child process initialized
[proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading /usr/lib/libproxychains4.so
[proxychains] DLL init: proxychains-ng 4.11
Sandbox: unexpected multithreading found; this prevents using namespace sandboxing.  (If you're LD_PRELOAD'ing nVidia GL: that's not necessary for Gecko.)

It asks for a new profile in Thunderbird, because it cannot find the correct one?

smudge · 2016-06-22 22:21:27

I think that's firejail pointing out that you could disable the default.profile if you wanted to. You could try:

firejail --profile=/etc/firejail/thunderbird.profile

followed by:

proxychains thunderbird

in the new firejail shell but I've no idea if that will work.

Fred7109 · 2016-06-23 20:38:51

Thank you smudge, it works! However, it comes with an error message:

Exception... "Component returned failure code: 0x8000ffff (NS_ERROR_UNEXPECTED) [nsIPrefBranch.getCharPref]"  nsresult: "0x8000ffff (NS_ERROR_UNEXPECTED)"  location: "JS frame :: chrome://sogo-connector/content/general/preference.service.addressbook.groupdav.js :: GdPSvc__getPref :: line 126"  data: no] (126)
exception getting pref 'extensions.ca.inverse.addressbook.groupdav.ldap_2.servers.history.url':

maltfield · 2026-02-03 23:55:17

I was able to get this working with the following command

firejail --profile=firefox --whitelist="/home/user/.mozilla/firefox/google" proxychains firefox -no-remote -new-instance -profile "/home/user/.mozilla/firefox/google" "www.google.com"

I still have issues getting DNS to go through the proxychains, but otherwise it's working. I wrote a guide with more info here:

* https://tech.michaelaltfield.net/2026/0 … oxychains/

schard · 2026-02-04 15:23:42

Mod note: Thanks for sharing, but please refrain from necro-bumping in the future. Closing this old thread.

Arch Linux

#1 2016-06-10 07:10:52

[Solved] Proxychains and firejail at the same time

#2 2016-06-20 16:31:46

Re: [Solved] Proxychains and firejail at the same time

#3 2016-06-21 11:35:48

Re: [Solved] Proxychains and firejail at the same time

#4 2016-06-22 22:21:27

Re: [Solved] Proxychains and firejail at the same time

#5 2016-06-23 20:38:51

Re: [Solved] Proxychains and firejail at the same time

#6 2026-02-03 23:55:17

Re: [Solved] Proxychains and firejail at the same time

#7 2026-02-04 15:23:42

Re: [Solved] Proxychains and firejail at the same time

Board footer