|
Installing Apparmor or Firejail on Mint?
I've recently come across numerous videos suggesting the importance of additional hardening w.Firejail or Apparmor.
One, the other or both? https://www.invidio.us/watch?v=MVLrclfbS4U https://www.invidio.us/watch?v=JFjXvIwAeVI https://firejail.wordpress.com/ ^ These are the resources I currently have, but am a relative newb, and definitely want to set it up. Question: Can someone provide a step-by-step line guide to installing FJ? Do I want to Firetools with it? I heard on Aaron Jone's video [12:40 in] that "firecnfg" will firejail every single app on your system, but it sometimes has unintended consequences. What I'm looking for here: A simple way of hardening my system by separating the app access, with a list explaining how to do it. -Seriously appreciate all the help here, am grateful for such a concerned community, and hopeful to be in the same position one day so that I can help people make the Linux switch. Thanks so much again |
Firejail may be easier to use because it comes equipped out of the box with profiles for many applications (on Debian-based systems, they're in package firejail-profiles). So, if all your uses are covered by them then you don't need to configure anything.
OTOH, if you use applications not listed there and don't know (or don't want to learn) how to write Firejail profiles for them, then AppArmor offers a more generic solution including a learning mode. Mind you, AppArmor also comes with some ready-made profiles (in package apparmor-profiles), but most of them seem rather to be geared toward server uses. |
Quote:
Unfortunately, I'm still unsure how to install Firejail. :/ When I type the command[s] into the line, it runs processes, but firejail is nowhere to be found in my applications. Any help? -Thanks so much again |
? ? ? ?
|
Quote:
|
Quote:
When I type the command[s] into the line, it runs processes, but firejail is nowhere to be found in my applications." I found the command lines online, and when I put them in, it listed a number of processes as being activated, but afterwards, firejail was nowhere to be found. Any chance you could let me know the right command lines in order to install it properly? -Sincerely appreciate all the help here |
Quote:
firejail is a command line application, it won't show up in your GUI menu. If you're not comfortable using the command line you won't be comfortable using firejail either. Sorry. |
Creating Firejail profiles using the GUI?
Hi everyone,
Does anybody know how to add (customised) profiles on Firejail using the user interface rather than on the terminal? I have been searching online but I have not found anything at all. For example, I tried to add CherryTree using the path below (executable file?) but did not work; actually, it does not even display the cherrytree icon on the GUI once the steps on the configuration wizard are completed: /var/lib/flatpak/app/com.giuspen.cherrytree/current/b4c816bbcf50260aacaf9e258096d3619eaf15c6707da0b3986c9158074721c8/export/bin Is there any way to do it? Any guidelines or suggestions, please? Thanks. |
^ I'm not firejail will even work with flatpaks.
https://github.com/flatpak/flatpak/issues/66 |
| All times are GMT -5. The time now is 02:23 PM. |