How To Install Firejail In Linux | Security For Regular User

Arjun Singh 4:17 PM
sandbox security

Sandbox: A security technique in which you can run an untrusted or doubtful (testing / beta mode) application  in an isolated environment in order to protect your core system.Sandbox gives these untrusted/unverified  application in separate storage network memory resources in order to perform tasks. In this way you can run an application without taking headache of security breaches of your system.The process is called sandboxing or jailing. 

Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. It uses the Linux inbuilt features like Namespaces, seccomp-bpf. It can be implemented with SE Linux. It has features like run an application with internet restriction. It reduces the security risks from attackers who can target your system by accessing the system via application's loop holes.


How to install Firejail : To install firejail in any Linux distro , use the native package manager command to install it.  Firejail is included in Alpine, ALT Linux, Arch, Chakra, Debian, Deepin, Devuan, Fedora, Gentoo, Manjaro, Mint, NixOS, Parabola, Parrot, PCLinuxOS, ROSA, Solus, Slackware/SlackBuilds, Trisquel, Ubuntu, Void and possibly others. Ubuntu/Debian & Arch examples are below.


Ubuntu/Debian

On Ubuntu 18.04 LTS users are advised to use the PPA

sudo add-apt-repository ppa:deki/firejail
sudo apt-get update
sudo apt-get install firejail
sudo firecfg
sudo apparmor_parser -r /etc/apparmor.d/firejail-default

For Arch Linux

- Install the package

sudo pacman -S firejail
sudo firecfg
sudo apparmor_parser -r /etc/apparmor.d/firejail-default


From Source Code : You can install the firejail by compiling it from your system & install it.Below are the commands to compile the source code & install the firejail.  

$ git clone https://github.com/netblue30/firejail.git
$ cd firejail
$ ./configure && make && sudo make install-strip

For Debian you also need to install below packages  to compile the firejail

$ sudo apt-get install git build-essential libapparmor-dev pkg-config


Run An Application in Firejail

firejail "Application_Name"

Example : firejail firefox

Disable The internet for an application

firejail --net=none ping google.com


Graphical Windows : You can install the graphical interface launcher for firejail. Run below command to install it.

sudo apt-get install firetools

run launcher by command

firetools


Sharing is Caring 😊


Tags:
Arjun Singh

Posted by: Arjun Singh

Hi Geeks, I am Arjun Singh & I am an IT Engineer. Always enthusiastic to learn new things & troubleshoot the issues of computers (Windows , Linux, Cisco ), Mobile (Android) & Internet.I am always happy to share my experience of these things with people and all who love to learn technical things & take challenges in their life.

Post a Comment

0 Comments