Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

zoom: program does not start (private-etc) #3726

Closed
hyiltiz opened this issue Nov 5, 2020 · 11 comments
Closed

zoom: program does not start (private-etc) #3726

hyiltiz opened this issue Nov 5, 2020 · 11 comments

Comments

@hyiltiz
Copy link

hyiltiz commented Nov 5, 2020
edited
Loading

Bug and expected behavior

  • Describe the bug.
    Zoom insta crashes with profile, but succeeds without. The error message in a firejail --debug call is:
...
Installing /run/firejail/mnt/seccomp/seccomp seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter
Error getpwuid: main.c:237 init_cfg: No such file or directory                    <-------------------
monitoring pid 24

Sandbox monitor: waitpid 24 retval 24 status 256

Parent is shutting down, bye...
  • What did you expect to happen?
    Zoom opens and works as a video conference app.

No profile and disabling firejail

  • What changed calling firejail --noprofile /path/to/program in a terminal?
    Zoom opens fine:
command line output ``` firejail --noprofile zoom Parent pid 183899, child pid 183900 Child process initialized in 6.29 ms Warning: an existing sandbox was detected. /usr/bin/zoom will run without any additional sandboxing features ```
  • What changed calling the program by path (check which <program> or firejail --list while the sandbox is running)?
command line output ``` $ /opt/zoom/zoom # works! ```

Reproduce
Steps to reproduce the behavior:

  1. Run in bash firejail zoom
  2. See error
command line output ``` zoom & Reading profile /etc/firejail/zoom.profile hyiltiz@iPhone ~/D/AdvStats2020> Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-runuser-common.inc Reading profile /etc/firejail/whitelist-usr-share-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, Parent pid 183689, child pid 183712 Warning fcopy: skipping /etc/alternatives/wine.fr.1.gz, cannot find inode Error fcopy: size limit of 500 MB reached Warning: skipping crypto-policies for private /etc Private /etc installed in 41.95 ms Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Blacklist violations are logged to syslog Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, Child process initialized in 302.50 ms

Parent is shutting down, bye...
Job 1, 'zoom &' has ended

</details>

**Environment**
 - Linux distribution and version (ie output of `lsb_release -a`, `screenfetch` or `cat /etc/os-release`)

$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux bullseye/sid
Release: testing
Codename: bullseye


 - Firejail version (output of `firejail --version`) exclusive or used git commit (`git rev-parse HEAD`)

firejail version 0.9.64

Compile time support:
- AppArmor support is enabled
- AppImage support is enabled
- chroot support is enabled
- D-BUS proxy support is enabled
- file and directory whitelisting support is enabled
- file transfer support is enabled
- firetunnel support is enabled
- networking support is enabled
- overlayfs support is enabled
- private-home support is enabled
- SELinux support is enabled
- user namespace support is enabled
- X11 sandboxing support is enabled


**Additional context**
It worked before. A recent update about a week ago broke it. 

**Checklist**
 - [X] The upstream (`master`) profile (and redirect profile if exists) have no changes fixing it.
 - [X] The program has a profile. (If not, request one in `https://github.com/netblue30/firejail/issues/1139`)
 - [X] Programs needed for interaction are listed in the profile.
 - [X] A short search for duplicates was performed.
 - [-] If it is a AppImage, `--profile=PROFILENAME` is used to set the right profile.


<details>
<summary>command line output</summary>
`firejail --debug zoom
Autoselecting /bin/bash as shell
Building quoted command line: 'zoom' 
Command name #zoom#
Found zoom.profile profile in /etc/firejail directory
Reading profile /etc/firejail/zoom.profile
Found disable-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-common.inc
Found disable-devel.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-devel.inc
Found disable-exec.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-exec.inc
Found disable-interpreters.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-interpreters.inc
Found disable-passwdmgr.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-passwdmgr.inc
Found disable-programs.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-programs.inc
Found disable-xdg.inc profile in /etc/firejail directory
Reading profile /etc/firejail/disable-xdg.inc
Found whitelist-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-common.inc
Found whitelist-runuser-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-runuser-common.inc
Found whitelist-usr-share-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Found whitelist-var-common.inc profile in /etc/firejail directory
Reading profile /etc/firejail/whitelist-var-common.inc
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
DISPLAY=:0 parsed as 0
Using the local network stack
Parent pid 183799, child pid 183800
Initializing child process
Host network configured
PID namespace installed
Mounting tmpfs on /run/firejail/mnt directory
Creating empty /run/firejail/mnt/seccomp directory
Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file
Creating empty /run/firejail/mnt/seccomp/seccomp.postexec32 file
IBUS_ADDRESS=unix:abstract=/home/hyiltiz/.cache/ibus/dbus-1NqukWQT,guid=b6bd86790350b69dc4934caa5e686c7c
IBUS_DAEMON_PID=3566
Build protocol filter: unix,inet,inet6,netlink
sbox run: /run/firejail/lib/fseccomp protocol build unix,inet,inet6,netlink /run/firejail/mnt/seccomp/seccomp.protocol 
Dropping all capabilities
Drop privileges: pid 2, uid 1000, gid 1000, nogroups 1
No supplementary groups
Mounting /proc filesystem representing the PID namespace
Basic read-only filesystem:
Mounting read-only /etc
2990 2956 8:17 /etc /etc ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=2990 fsname=/etc dir=/etc fstype=ext4
Mounting noexec /etc
2991 2990 8:17 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=2991 fsname=/etc dir=/etc fstype=ext4
Mounting read-only /var
2992 2956 8:17 /var /var ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=2992 fsname=/var dir=/var fstype=ext4
Mounting noexec /var
2993 2992 8:17 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=2993 fsname=/var dir=/var fstype=ext4
Mounting read-only /usr
2994 2956 8:17 /usr /usr ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=2994 fsname=/usr dir=/usr fstype=ext4
Mounting tmpfs on /var/lock
Mounting tmpfs on /var/tmp
Mounting tmpfs on /var/log
Mounting tmpfs on /var/lib/dhcp
Mounting tmpfs on /var/lib/nginx
Mounting tmpfs on /var/lib/snmp
Mounting tmpfs on /var/lib/sudo
Mounting tmpfs on /var/cache/apache2
Create the new utmp file
Mount the new utmp file
Cleaning /home directory
Cleaning /run/user directory
Sanitizing /etc/passwd, UID_MIN 1000
Sanitizing /etc/group, GID_MIN 1000
Disable /home/hyiltiz/.config/firejail
Disable /run/firejail/network
Disable /run/firejail/bandwidth
Disable /run/firejail/name
Disable /run/firejail/profile
Disable /run/firejail/x11
Mounting tmpfs on /dev
mounting /run/firejail/mnt/dev/snd directory
mounting /run/firejail/mnt/dev/dri directory
mounting /run/firejail/mnt/dev/video0 file
mounting /run/firejail/mnt/dev/video1 file
Process /dev/shm directory
Mounting tmpfs on /home/hyiltiz/.cache
3037 3006 0:118 / /home/hyiltiz/.cache rw,nosuid,nodev,relatime - tmpfs tmpfs rw,mode=700,uid=1000,gid=1000
mountid=3037 fsname=/ dir=/home/hyiltiz/.cache fstype=tmpfs
Generate private-tmp whitelist commands
blacklist /run/firejail/dbus
Mounting read-only /proc/sys
Remounting /sys directory
Disable /sys/firmware
Disable /sys/hypervisor
Disable /sys/power
Disable /sys/kernel/debug
Disable /sys/kernel/vmcoreinfo
Disable /proc/sys/fs/binfmt_misc
Disable /proc/sys/kernel/core_pattern
Disable /proc/sys/kernel/modprobe
Disable /proc/sysrq-trigger
Disable /proc/sys/vm/panic_on_oom
Disable /proc/irq
Disable /proc/bus
Disable /proc/sched_debug
Disable /proc/timer_list
Disable /proc/kcore
Disable /proc/kallsyms
Disable /usr/lib/modules (requested /lib/modules)
Disable /usr/lib/debug
Disable /boot
Disable /run/user/1000/gnupg
Disable /run/user/1000/systemd
Disable /proc/kmsg
Copying files in the new /etc directory:
copying /etc/alternatives to private /etc
Creating empty /run/firejail/mnt/etc/alternatives directory
sbox run: /run/firejail/lib/fcopy /etc/alternatives /run/firejail/mnt/etc/alternatives 
Warning fcopy: skipping /etc/alternatives/wine.fr.1.gz, cannot find inode
Error fcopy: size limit of 500 MB reached
copying /etc/ca-certificates to private /etc
Creating empty /run/firejail/mnt/etc/ca-certificates directory
sbox run: /run/firejail/lib/fcopy /etc/ca-certificates /run/firejail/mnt/etc/ca-certificates 
Warning: file /etc/crypto-policies not found.
Warning: skipping crypto-policies for private /etc
copying /etc/fonts to private /etc
Creating empty /run/firejail/mnt/etc/fonts directory
sbox run: /run/firejail/lib/fcopy /etc/fonts /run/firejail/mnt/etc/fonts 
copying /etc/ld.so.cache to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.cache /run/firejail/mnt/etc 
copying /etc/ld.so.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf /run/firejail/mnt/etc 
copying /etc/ld.so.conf.d to private /etc
Creating empty /run/firejail/mnt/etc/ld.so.conf.d directory
sbox run: /run/firejail/lib/fcopy /etc/ld.so.conf.d /run/firejail/mnt/etc/ld.so.conf.d 
copying /etc/ld.so.preload to private /etc
sbox run: /run/firejail/lib/fcopy /etc/ld.so.preload /run/firejail/mnt/etc 
copying /etc/machine-id to private /etc
sbox run: /run/firejail/lib/fcopy /etc/machine-id /run/firejail/mnt/etc 
copying /etc/nsswitch.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/nsswitch.conf /run/firejail/mnt/etc 
copying /etc/pki to private /etc
Creating empty /run/firejail/mnt/etc/pki directory
sbox run: /run/firejail/lib/fcopy /etc/pki /run/firejail/mnt/etc/pki 
copying /etc/resolv.conf to private /etc
sbox run: /run/firejail/lib/fcopy /etc/resolv.conf /run/firejail/mnt/etc 
copying /etc/ssl to private /etc
Creating empty /run/firejail/mnt/etc/ssl directory
sbox run: /run/firejail/lib/fcopy /etc/ssl /run/firejail/mnt/etc/ssl 
Mount-bind /run/firejail/mnt/etc on top of /etc
Private /etc installed in 34.68 ms
Cannot find /usr/etc
Debug 456: new_name #/home/hyiltiz/.cache/zoom#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/zoom
        expanded: /home/hyiltiz/.cache/zoom
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/zoomus.conf#, whitelist
Debug 571: fname #/home/hyiltiz/.config/zoomus.conf#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/zoomus.conf
Debug 456: new_name #/home/hyiltiz/.zoom#, whitelist
Debug 571: fname #/home/hyiltiz/.zoom#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.zoom
Debug 456: new_name #/home/hyiltiz/.XCompose#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.XCompose
        expanded: /home/hyiltiz/.XCompose
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.asoundrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.asoundrc
        expanded: /home/hyiltiz/.asoundrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/ibus#, whitelist
Debug 571: fname #/home/hyiltiz/.config/ibus#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/ibus
Debug 456: new_name #/home/hyiltiz/.config/mimeapps.list#, whitelist
Debug 571: fname #/home/hyiltiz/.config/mimeapps.list#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/mimeapps.list
Debug 456: new_name #/home/hyiltiz/.config/pkcs11#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/pkcs11
        expanded: /home/hyiltiz/.config/pkcs11
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/user-dirs.dirs#, whitelist
Debug 571: fname #/home/hyiltiz/.config/user-dirs.dirs#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/user-dirs.dirs
Debug 456: new_name #/home/hyiltiz/.config/user-dirs.locale#, whitelist
Debug 571: fname #/home/hyiltiz/.config/user-dirs.locale#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/user-dirs.locale
Debug 456: new_name #/home/hyiltiz/.drirc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.drirc
        expanded: /home/hyiltiz/.drirc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.icons#, whitelist
Debug 571: fname #/home/hyiltiz/.icons#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.icons
Debug 456: new_name #/home/hyiltiz/.local/share/applications#, whitelist
Debug 571: fname #/home/hyiltiz/.local/share/applications#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.local/share/applications
Debug 456: new_name #/home/hyiltiz/.local/share/icons#, whitelist
Debug 571: fname #/home/hyiltiz/.local/share/icons#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.local/share/icons
Debug 456: new_name #/home/hyiltiz/.local/share/mime#, whitelist
Debug 571: fname #/home/hyiltiz/.local/share/mime#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.local/share/mime
Debug 456: new_name #/home/hyiltiz/.mime.types#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.mime.types
        expanded: /home/hyiltiz/.mime.types
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.uim.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.uim.d
        expanded: /home/hyiltiz/.uim.d
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/dconf#, whitelist
Debug 571: fname #/home/hyiltiz/.config/dconf#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/dconf
Debug 456: new_name #/home/hyiltiz/.cache/fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/fontconfig
        expanded: /home/hyiltiz/.cache/fontconfig
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/fontconfig#, whitelist
Debug 571: fname #/home/hyiltiz/.config/fontconfig#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/fontconfig
Debug 456: new_name #/home/hyiltiz/.fontconfig#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fontconfig
        expanded: /home/hyiltiz/.fontconfig
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.fonts#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts
        expanded: /home/hyiltiz/.fonts
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.fonts.conf#, whitelist
Debug 571: fname #/home/hyiltiz/.config/fontconfig/fonts.conf#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/fontconfig/fonts.conf
Debug 456: new_name #/home/hyiltiz/.fonts.conf.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.conf.d
        expanded: /home/hyiltiz/.fonts.conf.d
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.fonts.d#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.fonts.d
        expanded: /home/hyiltiz/.fonts.d
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.local/share/fonts#, whitelist
Debug 571: fname #/home/hyiltiz/.local/share/fonts#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.local/share/fonts
Debug 456: new_name #/home/hyiltiz/.pangorc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.pangorc
        expanded: /home/hyiltiz/.pangorc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/gtk-2.0#, whitelist
Debug 571: fname #/home/hyiltiz/.config/gtk-2.0#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/gtk-2.0
Debug 456: new_name #/home/hyiltiz/.config/gtk-3.0#, whitelist
Debug 571: fname #/home/hyiltiz/.config/gtk-3.0#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/gtk-3.0
Debug 456: new_name #/home/hyiltiz/.config/gtk-4.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/gtk-4.0
        expanded: /home/hyiltiz/.config/gtk-4.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/gtkrc#, whitelist
Debug 571: fname #/home/hyiltiz/.config/gtkrc#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/gtkrc
Debug 456: new_name #/home/hyiltiz/.config/gtkrc-2.0#, whitelist
Debug 571: fname #/home/hyiltiz/.config/gtkrc-2.0#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/gtkrc-2.0
Debug 456: new_name #/home/hyiltiz/.gnome2#, whitelist
Debug 571: fname #/home/hyiltiz/.gnome2#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.gnome2
Debug 456: new_name #/home/hyiltiz/.gnome2-private#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gnome2-private
        expanded: /home/hyiltiz/.gnome2-private
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.gtk-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtk-2.0
        expanded: /home/hyiltiz/.gtk-2.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.gtkrc
        expanded: /home/hyiltiz/.gtkrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.gtkrc-2.0#, whitelist
Debug 571: fname #/home/hyiltiz/.gtkrc-2.0#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.gtkrc-2.0
Debug 456: new_name #/home/hyiltiz/.kde/share/config/gtkrc#, whitelist
Debug 571: fname #/home/hyiltiz/.kde/share/config/gtkrc#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.kde/share/config/gtkrc
Debug 456: new_name #/home/hyiltiz/.kde/share/config/gtkrc-2.0#, whitelist
Debug 571: fname #/home/hyiltiz/.kde/share/config/gtkrc-2.0#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.kde/share/config/gtkrc-2.0
Debug 456: new_name #/home/hyiltiz/.kde4/share/config/gtkrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc
        expanded: /home/hyiltiz/.kde4/share/config/gtkrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.kde4/share/config/gtkrc-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/gtkrc-2.0
        expanded: /home/hyiltiz/.kde4/share/config/gtkrc-2.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.local/share/themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/themes
        expanded: /home/hyiltiz/.local/share/themes
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.themes#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.themes
        expanded: /home/hyiltiz/.themes
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.cache/kioexec/krun#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.cache/kioexec/krun
        expanded: /home/hyiltiz/.cache/kioexec/krun
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/Kvantum#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/Kvantum
        expanded: /home/hyiltiz/.config/Kvantum
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/Trolltech.conf#, whitelist
Debug 571: fname #/home/hyiltiz/.config/Trolltech.conf#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/Trolltech.conf
Debug 456: new_name #/home/hyiltiz/.config/kdeglobals#, whitelist
Debug 571: fname #/home/hyiltiz/.config/kdeglobals#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/kdeglobals
Debug 456: new_name #/home/hyiltiz/.config/kio_httprc#, whitelist
Debug 571: fname #/home/hyiltiz/.config/kio_httprc#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/kio_httprc
Debug 456: new_name #/home/hyiltiz/.config/kioslaverc#, whitelist
Debug 571: fname #/home/hyiltiz/.config/kioslaverc#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/kioslaverc
Debug 456: new_name #/home/hyiltiz/.config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.config/ksslcablacklist
        expanded: /home/hyiltiz/.config/ksslcablacklist
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.config/qt5ct#, whitelist
Debug 571: fname #/home/hyiltiz/.config/qt5ct#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.config/qt5ct
Debug 456: new_name #/home/hyiltiz/.kde/share/config/kdeglobals#, whitelist
Debug 571: fname #/home/hyiltiz/.kde/share/config/kdeglobals#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.kde/share/config/kdeglobals
Debug 456: new_name #/home/hyiltiz/.kde/share/config/kio_httprc#, whitelist
Debug 571: fname #/home/hyiltiz/.kde/share/config/kio_httprc#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.kde/share/config/kio_httprc
Debug 456: new_name #/home/hyiltiz/.kde/share/config/kioslaverc#, whitelist
Debug 571: fname #/home/hyiltiz/.kde/share/config/kioslaverc#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.kde/share/config/kioslaverc
Debug 456: new_name #/home/hyiltiz/.kde/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/config/ksslcablacklist
        expanded: /home/hyiltiz/.kde/share/config/ksslcablacklist
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.kde/share/config/oxygenrc#, whitelist
Debug 571: fname #/home/hyiltiz/.kde/share/config/oxygenrc#, cfg.homedir #/home/hyiltiz#
Replaced whitelist path: whitelist /home/hyiltiz/.kde/share/config/oxygenrc
Debug 456: new_name #/home/hyiltiz/.kde/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde/share/icons
        expanded: /home/hyiltiz/.kde/share/icons
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.kde4/share/config/kdeglobals#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kdeglobals
        expanded: /home/hyiltiz/.kde4/share/config/kdeglobals
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.kde4/share/config/kio_httprc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kio_httprc
        expanded: /home/hyiltiz/.kde4/share/config/kio_httprc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.kde4/share/config/kioslaverc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/kioslaverc
        expanded: /home/hyiltiz/.kde4/share/config/kioslaverc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.kde4/share/config/ksslcablacklist#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/ksslcablacklist
        expanded: /home/hyiltiz/.kde4/share/config/ksslcablacklist
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.kde4/share/config/oxygenrc#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/config/oxygenrc
        expanded: /home/hyiltiz/.kde4/share/config/oxygenrc
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.kde4/share/icons#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.kde4/share/icons
        expanded: /home/hyiltiz/.kde4/share/icons
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/home/hyiltiz/.local/share/qt5ct#, whitelist
Removed whitelist/nowhitelist path: whitelist ${HOME}/.local/share/qt5ct
        expanded: /home/hyiltiz/.local/share/qt5ct
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/run/user/1000/bus#, whitelist
Replaced whitelist path: whitelist /run/user/1000/bus
Debug 456: new_name #/run/user/1000/dconf#, whitelist
Replaced whitelist path: whitelist /run/user/1000/dconf
Debug 456: new_name #/run/user/1000/gdm/Xauthority#, whitelist
Removed whitelist/nowhitelist path: whitelist ${RUNUSER}/gdm/Xauthority
        expanded: /run/user/1000/gdm/Xauthority
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/run/user/1000/ICEauthority#, whitelist
Replaced whitelist path: whitelist /run/user/1000/ICEauthority
Debug 456: new_name #/run/user/1000/.mutter-Xwaylandauth.*#, whitelist
Removed whitelist/nowhitelist path: whitelist ${RUNUSER}/.mutter-Xwaylandauth.*
        expanded: /run/user/1000/.mutter-Xwaylandauth.*
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/run/user/1000/pulse/native#, whitelist
Replaced whitelist path: whitelist /run/user/1000/pulse/native
Debug 456: new_name #/run/user/1000/wayland-0#, whitelist
Removed whitelist/nowhitelist path: whitelist ${RUNUSER}/wayland-0
        expanded: /run/user/1000/wayland-0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/alsa#, whitelist
Debug 456: new_name #/usr/share/applications#, whitelist
Debug 456: new_name #/usr/share/ca-certificates#, whitelist
Debug 456: new_name #/usr/share/crypto-policies#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/crypto-policies
        expanded: /usr/share/crypto-policies
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/cursors#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/cursors
        expanded: /usr/share/cursors
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/dconf#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/dconf
        expanded: /usr/share/dconf
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/distro-info#, whitelist
Debug 456: new_name #/usr/share/drirc.d#, whitelist
Debug 456: new_name #/usr/share/enchant#, whitelist
Debug 456: new_name #/usr/share/enchant-2#, whitelist
Debug 456: new_name #/usr/share/file#, whitelist
Debug 456: new_name #/usr/share/fontconfig#, whitelist
Debug 456: new_name #/usr/share/fonts#, whitelist
Debug 456: new_name #/usr/share/gir-1.0#, whitelist
Debug 456: new_name #/usr/share/gjs-1.0#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/gjs-1.0
        expanded: /usr/share/gjs-1.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/glib-2.0#, whitelist
Debug 456: new_name #/usr/share/glvnd#, whitelist
Debug 456: new_name #/usr/share/gtk-2.0#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/gtk-2.0
        expanded: /usr/share/gtk-2.0
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/gtk-3.0#, whitelist
Debug 456: new_name #/usr/share/gtk-engines#, whitelist
Debug 456: new_name #/usr/share/gtksourceview-3.0#, whitelist
Debug 456: new_name #/usr/share/gtksourceview-4#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/gtksourceview-4
        expanded: /usr/share/gtksourceview-4
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/hunspell#, whitelist
Debug 456: new_name #/usr/share/hwdata#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/hwdata
        expanded: /usr/share/hwdata
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/icons#, whitelist
Debug 456: new_name #/usr/share/icu#, whitelist
Debug 456: new_name #/usr/share/knotifications5#, whitelist
Debug 456: new_name #/usr/share/kservices5#, whitelist
Debug 456: new_name #/usr/share/Kvantum#, whitelist
Debug 456: new_name #/usr/share/kxmlgui5#, whitelist
Debug 456: new_name #/usr/share/libdrm#, whitelist
Debug 456: new_name #/usr/share/libthai#, whitelist
Debug 456: new_name #/usr/share/locale#, whitelist
Debug 456: new_name #/usr/share/mime#, whitelist
Debug 456: new_name #/usr/share/misc#, whitelist
Debug 456: new_name #/usr/share/Modules#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/Modules
        expanded: /usr/share/Modules
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/myspell#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/myspell
        expanded: /usr/share/myspell
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/p11-kit#, whitelist
Debug 456: new_name #/usr/share/perl#, whitelist
Debug 456: new_name #/usr/share/perl5#, whitelist
Debug 456: new_name #/usr/share/pixmaps#, whitelist
Debug 456: new_name #/usr/share/pki#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/pki
        expanded: /usr/share/pki
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/plasma#, whitelist
Debug 456: new_name #/usr/share/publicsuffix#, whitelist
Debug 456: new_name #/usr/share/qt#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/qt
        expanded: /usr/share/qt
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/qt4#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/qt4
        expanded: /usr/share/qt4
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/qt5#, whitelist
Debug 456: new_name #/usr/share/qt5ct#, whitelist
Debug 456: new_name #/usr/share/sounds#, whitelist
Debug 456: new_name #/usr/share/tcl8.6#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/tcl8.6
        expanded: /usr/share/tcl8.6
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/tcltk#, whitelist
Debug 456: new_name #/usr/share/terminfo#, whitelist
Debug 456: new_name #/usr/share/texlive#, whitelist
Debug 456: new_name #/usr/share/texmf#, whitelist
Debug 456: new_name #/usr/share/themes#, whitelist
Debug 456: new_name #/usr/share/thumbnail.so#, whitelist
Removed whitelist/nowhitelist path: whitelist /usr/share/thumbnail.so
        expanded: /usr/share/thumbnail.so
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/usr/share/X11#, whitelist
Debug 456: new_name #/usr/share/xml#, whitelist
Debug 456: new_name #/usr/share/zoneinfo#, whitelist
Debug 456: new_name #/var/lib/ca-certificates#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/ca-certificates
        expanded: /var/lib/ca-certificates
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/var/lib/dbus#, whitelist
Debug 456: new_name #/var/lib/menu-xdg#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/menu-xdg
        expanded: /var/lib/menu-xdg
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/var/lib/uim#, whitelist
Removed whitelist/nowhitelist path: whitelist /var/lib/uim
        expanded: /var/lib/uim
        real path: (null)
        realpath: No such file or directory
Debug 456: new_name #/var/cache/fontconfig#, whitelist
Debug 456: new_name #/var/tmp#, whitelist
Debug 456: new_name #/var/run#, whitelist
Replaced whitelist path: whitelist /run
Debug 456: new_name #/var/lock#, whitelist
Replaced whitelist path: whitelist /run/lock
Debug 456: new_name #/tmp/.X11-unix#, whitelist
Mounting tmpfs on /tmp directory
Mounting tmpfs on /var directory
Mounting tmpfs on /usr/share directory
Mounting tmpfs on /run/user/1000 directory
Drop privileges: pid 15, uid 1000, gid 1000, nogroups 0
Warning: cleaning all supplementary groups
Mounting a new /root directory
Mounting a new /home directory
Create a new user directory
Drop privileges: pid 16, uid 1000, gid 1000, nogroups 0
Warning: cleaning all supplementary groups
Whitelisting /home/hyiltiz/.config/zoomus.conf
3078 3077 8:17 /home/hyiltiz/.config/zoomus.conf /home/hyiltiz/.config/zoomus.conf rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3078 fsname=/home/hyiltiz/.config/zoomus.conf dir=/home/hyiltiz/.config/zoomus.conf fstype=ext4
Whitelisting /home/hyiltiz/.zoom
3079 3077 8:17 /home/hyiltiz/.zoom /home/hyiltiz/.zoom rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3079 fsname=/home/hyiltiz/.zoom dir=/home/hyiltiz/.zoom fstype=ext4
Whitelisting /home/hyiltiz/.config/ibus
3080 3077 8:17 /home/hyiltiz/.config/ibus /home/hyiltiz/.config/ibus rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3080 fsname=/home/hyiltiz/.config/ibus dir=/home/hyiltiz/.config/ibus fstype=ext4
Whitelisting /home/hyiltiz/.config/mimeapps.list
3081 3077 8:17 /home/hyiltiz/.config/mimeapps.list /home/hyiltiz/.config/mimeapps.list rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3081 fsname=/home/hyiltiz/.config/mimeapps.list dir=/home/hyiltiz/.config/mimeapps.list fstype=ext4
Whitelisting /home/hyiltiz/.config/user-dirs.dirs
3082 3077 8:17 /home/hyiltiz/.config/user-dirs.dirs /home/hyiltiz/.config/user-dirs.dirs rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3082 fsname=/home/hyiltiz/.config/user-dirs.dirs dir=/home/hyiltiz/.config/user-dirs.dirs fstype=ext4
Whitelisting /home/hyiltiz/.config/user-dirs.locale
3083 3077 8:17 /home/hyiltiz/.config/user-dirs.locale /home/hyiltiz/.config/user-dirs.locale rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3083 fsname=/home/hyiltiz/.config/user-dirs.locale dir=/home/hyiltiz/.config/user-dirs.locale fstype=ext4
Whitelisting /home/hyiltiz/.icons
3084 3077 8:17 /home/hyiltiz/.icons /home/hyiltiz/.icons rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3084 fsname=/home/hyiltiz/.icons dir=/home/hyiltiz/.icons fstype=ext4
Whitelisting /home/hyiltiz/.local/share/applications
3085 3077 8:17 /home/hyiltiz/.local/share/applications /home/hyiltiz/.local/share/applications rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3085 fsname=/home/hyiltiz/.local/share/applications dir=/home/hyiltiz/.local/share/applications fstype=ext4
Whitelisting /home/hyiltiz/.local/share/icons
3086 3077 8:17 /home/hyiltiz/.local/share/icons /home/hyiltiz/.local/share/icons rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3086 fsname=/home/hyiltiz/.local/share/icons dir=/home/hyiltiz/.local/share/icons fstype=ext4
Whitelisting /home/hyiltiz/.local/share/mime
3087 3077 8:17 /home/hyiltiz/.local/share/mime /home/hyiltiz/.local/share/mime rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3087 fsname=/home/hyiltiz/.local/share/mime dir=/home/hyiltiz/.local/share/mime fstype=ext4
Whitelisting /home/hyiltiz/.config/dconf
3088 3077 8:17 /home/hyiltiz/.config/dconf /home/hyiltiz/.config/dconf rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3088 fsname=/home/hyiltiz/.config/dconf dir=/home/hyiltiz/.config/dconf fstype=ext4
Whitelisting /home/hyiltiz/.config/fontconfig
3089 3077 8:17 /home/hyiltiz/.config/fontconfig /home/hyiltiz/.config/fontconfig rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3089 fsname=/home/hyiltiz/.config/fontconfig dir=/home/hyiltiz/.config/fontconfig fstype=ext4
Whitelisting /home/hyiltiz/.config/fontconfig/fonts.conf
Created symbolic link /home/hyiltiz/.fonts.conf -> /home/hyiltiz/.config/fontconfig/fonts.conf
Whitelisting /home/hyiltiz/.local/share/fonts
3090 3077 8:17 /home/hyiltiz/.local/share/fonts /home/hyiltiz/.local/share/fonts rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3090 fsname=/home/hyiltiz/.local/share/fonts dir=/home/hyiltiz/.local/share/fonts fstype=ext4
Whitelisting /home/hyiltiz/.config/gtk-2.0
3091 3077 8:17 /home/hyiltiz/.config/gtk-2.0 /home/hyiltiz/.config/gtk-2.0 rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3091 fsname=/home/hyiltiz/.config/gtk-2.0 dir=/home/hyiltiz/.config/gtk-2.0 fstype=ext4
Whitelisting /home/hyiltiz/.config/gtk-3.0
3092 3077 8:17 /home/hyiltiz/.config/gtk-3.0 /home/hyiltiz/.config/gtk-3.0 rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3092 fsname=/home/hyiltiz/.config/gtk-3.0 dir=/home/hyiltiz/.config/gtk-3.0 fstype=ext4
Whitelisting /home/hyiltiz/.config/gtkrc
3093 3077 8:17 /home/hyiltiz/.config/gtkrc /home/hyiltiz/.config/gtkrc rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3093 fsname=/home/hyiltiz/.config/gtkrc dir=/home/hyiltiz/.config/gtkrc fstype=ext4
Whitelisting /home/hyiltiz/.config/gtkrc-2.0
3094 3077 8:17 /home/hyiltiz/.config/gtkrc-2.0 /home/hyiltiz/.config/gtkrc-2.0 rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3094 fsname=/home/hyiltiz/.config/gtkrc-2.0 dir=/home/hyiltiz/.config/gtkrc-2.0 fstype=ext4
Whitelisting /home/hyiltiz/.gnome2
3095 3077 8:17 /home/hyiltiz/.gnome2 /home/hyiltiz/.gnome2 rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3095 fsname=/home/hyiltiz/.gnome2 dir=/home/hyiltiz/.gnome2 fstype=ext4
Whitelisting /home/hyiltiz/.gtkrc-2.0
3096 3077 8:17 /home/hyiltiz/.gtkrc-2.0 /home/hyiltiz/.gtkrc-2.0 rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3096 fsname=/home/hyiltiz/.gtkrc-2.0 dir=/home/hyiltiz/.gtkrc-2.0 fstype=ext4
Whitelisting /home/hyiltiz/.kde/share/config/gtkrc
3097 3077 8:17 /home/hyiltiz/.kde/share/config/gtkrc /home/hyiltiz/.kde/share/config/gtkrc rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3097 fsname=/home/hyiltiz/.kde/share/config/gtkrc dir=/home/hyiltiz/.kde/share/config/gtkrc fstype=ext4
Whitelisting /home/hyiltiz/.kde/share/config/gtkrc-2.0
3098 3077 8:17 /home/hyiltiz/.kde/share/config/gtkrc-2.0 /home/hyiltiz/.kde/share/config/gtkrc-2.0 rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3098 fsname=/home/hyiltiz/.kde/share/config/gtkrc-2.0 dir=/home/hyiltiz/.kde/share/config/gtkrc-2.0 fstype=ext4
Whitelisting /home/hyiltiz/.config/Trolltech.conf
3099 3077 8:17 /home/hyiltiz/.config/Trolltech.conf /home/hyiltiz/.config/Trolltech.conf rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3099 fsname=/home/hyiltiz/.config/Trolltech.conf dir=/home/hyiltiz/.config/Trolltech.conf fstype=ext4
Whitelisting /home/hyiltiz/.config/kdeglobals
3100 3077 8:17 /home/hyiltiz/.config/kdeglobals /home/hyiltiz/.config/kdeglobals rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3100 fsname=/home/hyiltiz/.config/kdeglobals dir=/home/hyiltiz/.config/kdeglobals fstype=ext4
Whitelisting /home/hyiltiz/.config/kio_httprc
3101 3077 8:17 /home/hyiltiz/.config/kio_httprc /home/hyiltiz/.config/kio_httprc rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3101 fsname=/home/hyiltiz/.config/kio_httprc dir=/home/hyiltiz/.config/kio_httprc fstype=ext4
Whitelisting /home/hyiltiz/.config/kioslaverc
3102 3077 8:17 /home/hyiltiz/.config/kioslaverc /home/hyiltiz/.config/kioslaverc rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3102 fsname=/home/hyiltiz/.config/kioslaverc dir=/home/hyiltiz/.config/kioslaverc fstype=ext4
Whitelisting /home/hyiltiz/.config/qt5ct
3103 3077 8:17 /home/hyiltiz/.config/qt5ct /home/hyiltiz/.config/qt5ct rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3103 fsname=/home/hyiltiz/.config/qt5ct dir=/home/hyiltiz/.config/qt5ct fstype=ext4
Whitelisting /home/hyiltiz/.kde/share/config/kdeglobals
3104 3077 8:17 /home/hyiltiz/.kde/share/config/kdeglobals /home/hyiltiz/.kde/share/config/kdeglobals rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3104 fsname=/home/hyiltiz/.kde/share/config/kdeglobals dir=/home/hyiltiz/.kde/share/config/kdeglobals fstype=ext4
Whitelisting /home/hyiltiz/.kde/share/config/kio_httprc
3105 3077 8:17 /home/hyiltiz/.kde/share/config/kio_httprc /home/hyiltiz/.kde/share/config/kio_httprc rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3105 fsname=/home/hyiltiz/.kde/share/config/kio_httprc dir=/home/hyiltiz/.kde/share/config/kio_httprc fstype=ext4
Whitelisting /home/hyiltiz/.kde/share/config/kioslaverc
3106 3077 8:17 /home/hyiltiz/.kde/share/config/kioslaverc /home/hyiltiz/.kde/share/config/kioslaverc rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3106 fsname=/home/hyiltiz/.kde/share/config/kioslaverc dir=/home/hyiltiz/.kde/share/config/kioslaverc fstype=ext4
Whitelisting /home/hyiltiz/.kde/share/config/oxygenrc
3107 3077 8:17 /home/hyiltiz/.kde/share/config/oxygenrc /home/hyiltiz/.kde/share/config/oxygenrc rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3107 fsname=/home/hyiltiz/.kde/share/config/oxygenrc dir=/home/hyiltiz/.kde/share/config/oxygenrc fstype=ext4
Whitelisting /run/user/1000/bus
3108 3072 0:39 /bus /run/user/1000/bus rw,nosuid,nodev,relatime master:239 - tmpfs tmpfs rw,size=805956k,nr_inodes=201489,mode=700,uid=1000,gid=1000
mountid=3108 fsname=/bus dir=/run/user/1000/bus fstype=tmpfs
Whitelisting /run/user/1000/dconf
3109 3072 0:39 /dconf /run/user/1000/dconf rw,nosuid,nodev,relatime master:239 - tmpfs tmpfs rw,size=805956k,nr_inodes=201489,mode=700,uid=1000,gid=1000
mountid=3109 fsname=/dconf dir=/run/user/1000/dconf fstype=tmpfs
Whitelisting /run/user/1000/ICEauthority
3110 3072 0:39 /ICEauthority /run/user/1000/ICEauthority rw,nosuid,nodev,relatime master:239 - tmpfs tmpfs rw,size=805956k,nr_inodes=201489,mode=700,uid=1000,gid=1000
mountid=3110 fsname=/ICEauthority dir=/run/user/1000/ICEauthority fstype=tmpfs
Whitelisting /run/user/1000/pulse/native
3111 3072 0:39 /pulse/native /run/user/1000/pulse/native rw,nosuid,nodev,relatime master:239 - tmpfs tmpfs rw,size=805956k,nr_inodes=201489,mode=700,uid=1000,gid=1000
mountid=3111 fsname=/pulse/native dir=/run/user/1000/pulse/native fstype=tmpfs
Whitelisting /usr/share/alsa
3112 3067 8:17 /usr/share/alsa /usr/share/alsa ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3112 fsname=/usr/share/alsa dir=/usr/share/alsa fstype=ext4
Whitelisting /usr/share/applications
3113 3067 8:17 /usr/share/applications /usr/share/applications ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3113 fsname=/usr/share/applications dir=/usr/share/applications fstype=ext4
Whitelisting /usr/share/ca-certificates
3114 3067 8:17 /usr/share/ca-certificates /usr/share/ca-certificates ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3114 fsname=/usr/share/ca-certificates dir=/usr/share/ca-certificates fstype=ext4
Whitelisting /usr/share/distro-info
3115 3067 8:17 /usr/share/distro-info /usr/share/distro-info ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3115 fsname=/usr/share/distro-info dir=/usr/share/distro-info fstype=ext4
Whitelisting /usr/share/drirc.d
3116 3067 8:17 /usr/share/drirc.d /usr/share/drirc.d ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3116 fsname=/usr/share/drirc.d dir=/usr/share/drirc.d fstype=ext4
Whitelisting /usr/share/enchant
3117 3067 8:17 /usr/share/enchant /usr/share/enchant ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3117 fsname=/usr/share/enchant dir=/usr/share/enchant fstype=ext4
Whitelisting /usr/share/enchant-2
3118 3067 8:17 /usr/share/enchant-2 /usr/share/enchant-2 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3118 fsname=/usr/share/enchant-2 dir=/usr/share/enchant-2 fstype=ext4
Whitelisting /usr/share/file
3119 3067 8:17 /usr/share/file /usr/share/file ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3119 fsname=/usr/share/file dir=/usr/share/file fstype=ext4
Whitelisting /usr/share/fontconfig
3120 3067 8:17 /usr/share/fontconfig /usr/share/fontconfig ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3120 fsname=/usr/share/fontconfig dir=/usr/share/fontconfig fstype=ext4
Whitelisting /usr/share/fonts
3121 3067 8:17 /usr/share/fonts /usr/share/fonts ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3121 fsname=/usr/share/fonts dir=/usr/share/fonts fstype=ext4
Whitelisting /usr/share/gir-1.0
3122 3067 8:17 /usr/share/gir-1.0 /usr/share/gir-1.0 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3122 fsname=/usr/share/gir-1.0 dir=/usr/share/gir-1.0 fstype=ext4
Whitelisting /usr/share/glib-2.0
3123 3067 8:17 /usr/share/glib-2.0 /usr/share/glib-2.0 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3123 fsname=/usr/share/glib-2.0 dir=/usr/share/glib-2.0 fstype=ext4
Whitelisting /usr/share/glvnd
3124 3067 8:17 /usr/share/glvnd /usr/share/glvnd ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3124 fsname=/usr/share/glvnd dir=/usr/share/glvnd fstype=ext4
Whitelisting /usr/share/gtk-3.0
3125 3067 8:17 /usr/share/gtk-3.0 /usr/share/gtk-3.0 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3125 fsname=/usr/share/gtk-3.0 dir=/usr/share/gtk-3.0 fstype=ext4
Whitelisting /usr/share/gtk-engines
3126 3067 8:17 /usr/share/gtk-engines /usr/share/gtk-engines ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3126 fsname=/usr/share/gtk-engines dir=/usr/share/gtk-engines fstype=ext4
Whitelisting /usr/share/gtksourceview-3.0
3127 3067 8:17 /usr/share/gtksourceview-3.0 /usr/share/gtksourceview-3.0 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3127 fsname=/usr/share/gtksourceview-3.0 dir=/usr/share/gtksourceview-3.0 fstype=ext4
Whitelisting /usr/share/hunspell
3128 3067 8:17 /usr/share/hunspell /usr/share/hunspell ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3128 fsname=/usr/share/hunspell dir=/usr/share/hunspell fstype=ext4
Whitelisting /usr/share/icons
3129 3067 8:17 /usr/share/icons /usr/share/icons ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3129 fsname=/usr/share/icons dir=/usr/share/icons fstype=ext4
Whitelisting /usr/share/icu
3130 3067 8:17 /usr/share/icu /usr/share/icu ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3130 fsname=/usr/share/icu dir=/usr/share/icu fstype=ext4
Whitelisting /usr/share/knotifications5
3131 3067 8:17 /usr/share/knotifications5 /usr/share/knotifications5 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3131 fsname=/usr/share/knotifications5 dir=/usr/share/knotifications5 fstype=ext4
Whitelisting /usr/share/kservices5
3132 3067 8:17 /usr/share/kservices5 /usr/share/kservices5 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3132 fsname=/usr/share/kservices5 dir=/usr/share/kservices5 fstype=ext4
Whitelisting /usr/share/Kvantum
3133 3067 8:17 /usr/share/Kvantum /usr/share/Kvantum ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3133 fsname=/usr/share/Kvantum dir=/usr/share/Kvantum fstype=ext4
Whitelisting /usr/share/kxmlgui5
3134 3067 8:17 /usr/share/kxmlgui5 /usr/share/kxmlgui5 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3134 fsname=/usr/share/kxmlgui5 dir=/usr/share/kxmlgui5 fstype=ext4
Whitelisting /usr/share/libdrm
3135 3067 8:17 /usr/share/libdrm /usr/share/libdrm ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3135 fsname=/usr/share/libdrm dir=/usr/share/libdrm fstype=ext4
Whitelisting /usr/share/libthai
3136 3067 8:17 /usr/share/libthai /usr/share/libthai ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3136 fsname=/usr/share/libthai dir=/usr/share/libthai fstype=ext4
Whitelisting /usr/share/locale
3137 3067 8:17 /usr/share/locale /usr/share/locale ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3137 fsname=/usr/share/locale dir=/usr/share/locale fstype=ext4
Whitelisting /usr/share/mime
3138 3067 8:17 /usr/share/mime /usr/share/mime ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3138 fsname=/usr/share/mime dir=/usr/share/mime fstype=ext4
Whitelisting /usr/share/misc
3139 3067 8:17 /usr/share/misc /usr/share/misc ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3139 fsname=/usr/share/misc dir=/usr/share/misc fstype=ext4
Whitelisting /usr/share/p11-kit
3140 3067 8:17 /usr/share/p11-kit /usr/share/p11-kit ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3140 fsname=/usr/share/p11-kit dir=/usr/share/p11-kit fstype=ext4
Whitelisting /usr/share/perl
3141 3067 8:17 /usr/share/perl /usr/share/perl ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3141 fsname=/usr/share/perl dir=/usr/share/perl fstype=ext4
Whitelisting /usr/share/perl5
3142 3067 8:17 /usr/share/perl5 /usr/share/perl5 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3142 fsname=/usr/share/perl5 dir=/usr/share/perl5 fstype=ext4
Whitelisting /usr/share/pixmaps
3143 3067 8:17 /usr/share/pixmaps /usr/share/pixmaps ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3143 fsname=/usr/share/pixmaps dir=/usr/share/pixmaps fstype=ext4
Whitelisting /usr/share/plasma
3144 3067 8:17 /usr/share/plasma /usr/share/plasma ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3144 fsname=/usr/share/plasma dir=/usr/share/plasma fstype=ext4
Whitelisting /usr/share/publicsuffix
3145 3067 8:17 /usr/share/publicsuffix /usr/share/publicsuffix ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3145 fsname=/usr/share/publicsuffix dir=/usr/share/publicsuffix fstype=ext4
Whitelisting /usr/share/qt5
3146 3067 8:17 /usr/share/qt5 /usr/share/qt5 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3146 fsname=/usr/share/qt5 dir=/usr/share/qt5 fstype=ext4
Whitelisting /usr/share/qt5ct
3147 3067 8:17 /usr/share/qt5ct /usr/share/qt5ct ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3147 fsname=/usr/share/qt5ct dir=/usr/share/qt5ct fstype=ext4
Whitelisting /usr/share/sounds
3148 3067 8:17 /usr/share/sounds /usr/share/sounds ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3148 fsname=/usr/share/sounds dir=/usr/share/sounds fstype=ext4
Whitelisting /usr/share/tcltk
3149 3067 8:17 /usr/share/tcltk /usr/share/tcltk ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3149 fsname=/usr/share/tcltk dir=/usr/share/tcltk fstype=ext4
Whitelisting /usr/share/terminfo
3150 3067 8:17 /usr/share/terminfo /usr/share/terminfo ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3150 fsname=/usr/share/terminfo dir=/usr/share/terminfo fstype=ext4
Whitelisting /usr/share/texlive
3151 3067 8:17 /usr/share/texlive /usr/share/texlive ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3151 fsname=/usr/share/texlive dir=/usr/share/texlive fstype=ext4
Whitelisting /usr/share/texmf
3152 3067 8:17 /usr/share/texmf /usr/share/texmf ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3152 fsname=/usr/share/texmf dir=/usr/share/texmf fstype=ext4
Whitelisting /usr/share/themes
3153 3067 8:17 /usr/share/themes /usr/share/themes ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3153 fsname=/usr/share/themes dir=/usr/share/themes fstype=ext4
Whitelisting /usr/share/X11
3154 3067 8:17 /usr/share/X11 /usr/share/X11 ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3154 fsname=/usr/share/X11 dir=/usr/share/X11 fstype=ext4
Whitelisting /usr/share/xml
3155 3067 8:17 /usr/share/xml /usr/share/xml ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3155 fsname=/usr/share/xml dir=/usr/share/xml fstype=ext4
Whitelisting /usr/share/zoneinfo
3156 3067 8:17 /usr/share/zoneinfo /usr/share/zoneinfo ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3156 fsname=/usr/share/zoneinfo dir=/usr/share/zoneinfo fstype=ext4
Whitelisting /var/lib/dbus
3157 3065 8:17 /var/lib/dbus /var/lib/dbus ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3157 fsname=/var/lib/dbus dir=/var/lib/dbus fstype=ext4
Whitelisting /var/cache/fontconfig
3158 3065 8:17 /var/cache/fontconfig /var/cache/fontconfig ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3158 fsname=/var/cache/fontconfig dir=/var/cache/fontconfig fstype=ext4
Whitelisting /var/tmp
3159 3065 0:90 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw
mountid=3159 fsname=/ dir=/var/tmp fstype=tmpfs
Created symbolic link /var/run -> /run
Created symbolic link /var/lock -> /run/lock
Whitelisting /tmp/.X11-unix
3160 3056 8:17 /tmp/.X11-unix /tmp/.X11-unix rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3160 fsname=/tmp/.X11-unix dir=/tmp/.X11-unix fstype=ext4
Mounting read-only /home/hyiltiz/.Xauthority
3166 3077 0:145 /hyiltiz/.Xauthority /home/hyiltiz/.Xauthority ro,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=3166 fsname=/hyiltiz/.Xauthority dir=/home/hyiltiz/.Xauthority fstype=tmpfs
Mounting read-only /home/hyiltiz/.config/kdeglobals
3167 3100 8:17 /home/hyiltiz/.config/kdeglobals /home/hyiltiz/.config/kdeglobals ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3167 fsname=/home/hyiltiz/.config/kdeglobals dir=/home/hyiltiz/.config/kdeglobals fstype=ext4
Mounting read-only /home/hyiltiz/.config/kio_httprc
3168 3101 8:17 /home/hyiltiz/.config/kio_httprc /home/hyiltiz/.config/kio_httprc ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3168 fsname=/home/hyiltiz/.config/kio_httprc dir=/home/hyiltiz/.config/kio_httprc fstype=ext4
Mounting read-only /home/hyiltiz/.config/kioslaverc
3169 3102 8:17 /home/hyiltiz/.config/kioslaverc /home/hyiltiz/.config/kioslaverc ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3169 fsname=/home/hyiltiz/.config/kioslaverc dir=/home/hyiltiz/.config/kioslaverc fstype=ext4
Mounting read-only /home/hyiltiz/.kde/share/config/kdeglobals
3170 3104 8:17 /home/hyiltiz/.kde/share/config/kdeglobals /home/hyiltiz/.kde/share/config/kdeglobals ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3170 fsname=/home/hyiltiz/.kde/share/config/kdeglobals dir=/home/hyiltiz/.kde/share/config/kdeglobals fstype=ext4
Mounting read-only /home/hyiltiz/.kde/share/config/kio_httprc
3171 3105 8:17 /home/hyiltiz/.kde/share/config/kio_httprc /home/hyiltiz/.kde/share/config/kio_httprc ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3171 fsname=/home/hyiltiz/.kde/share/config/kio_httprc dir=/home/hyiltiz/.kde/share/config/kio_httprc fstype=ext4
Mounting read-only /home/hyiltiz/.kde/share/config/kioslaverc
3172 3106 8:17 /home/hyiltiz/.kde/share/config/kioslaverc /home/hyiltiz/.kde/share/config/kioslaverc ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3172 fsname=/home/hyiltiz/.kde/share/config/kioslaverc dir=/home/hyiltiz/.kde/share/config/kioslaverc fstype=ext4
Mounting read-only /home/hyiltiz/.config/dconf
3173 3088 8:17 /home/hyiltiz/.config/dconf /home/hyiltiz/.config/dconf ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3173 fsname=/home/hyiltiz/.config/dconf dir=/home/hyiltiz/.config/dconf fstype=ext4
Disable /usr/bin/systemd-run
Disable /usr/bin/systemd-run (requested /bin/systemd-run)
Mounting read-only /home/hyiltiz/.local/share/applications
3176 3085 8:17 /home/hyiltiz/.local/share/applications /home/hyiltiz/.local/share/applications ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3176 fsname=/home/hyiltiz/.local/share/applications dir=/home/hyiltiz/.local/share/applications fstype=ext4
Mounting read-only /home/hyiltiz/.config/mimeapps.list
3177 3081 8:17 /home/hyiltiz/.config/mimeapps.list /home/hyiltiz/.config/mimeapps.list ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3177 fsname=/home/hyiltiz/.config/mimeapps.list dir=/home/hyiltiz/.config/mimeapps.list fstype=ext4
Mounting read-only /home/hyiltiz/.config/user-dirs.dirs
3178 3082 8:17 /home/hyiltiz/.config/user-dirs.dirs /home/hyiltiz/.config/user-dirs.dirs ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3178 fsname=/home/hyiltiz/.config/user-dirs.dirs dir=/home/hyiltiz/.config/user-dirs.dirs fstype=ext4
Mounting read-only /home/hyiltiz/.config/user-dirs.locale
3179 3083 8:17 /home/hyiltiz/.config/user-dirs.locale /home/hyiltiz/.config/user-dirs.locale ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3179 fsname=/home/hyiltiz/.config/user-dirs.locale dir=/home/hyiltiz/.config/user-dirs.locale fstype=ext4
Mounting read-only /home/hyiltiz/.local/share/mime
3180 3087 8:17 /home/hyiltiz/.local/share/mime /home/hyiltiz/.local/share/mime ro,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3180 fsname=/home/hyiltiz/.local/share/mime dir=/home/hyiltiz/.local/share/mime fstype=ext4
Disable /usr/sbin (requested /sbin)
Disable /usr/local/sbin
Disable /usr/sbin
Disable /usr/bin/busybox
Disable /usr/bin/busybox (requested /bin/busybox)
Disable /usr/bin/chage
Disable /usr/bin/chage (requested /bin/chage)
Disable /usr/bin/chfn
Disable /usr/bin/chfn (requested /bin/chfn)
Disable /usr/bin/chsh
Disable /usr/bin/chsh (requested /bin/chsh)
Disable /usr/bin/crontab
Disable /usr/bin/crontab (requested /bin/crontab)
Disable /usr/bin/evtest
Disable /usr/bin/evtest (requested /bin/evtest)
Disable /usr/bin/expiry
Disable /usr/bin/expiry (requested /bin/expiry)
Disable /usr/bin/fusermount3 (requested /usr/bin/fusermount)
Disable /usr/bin/fusermount3 (requested /bin/fusermount)
Disable /usr/bin/gpasswd
Disable /usr/bin/gpasswd (requested /bin/gpasswd)
Disable /usr/bin/mount
Disable /usr/bin/mount (requested /bin/mount)
Disable /usr/bin/ncat
Disable /usr/bin/ncat (requested /bin/ncat)
Disable /usr/bin/newgrp
Disable /usr/bin/newgrp (requested /bin/newgrp)
Disable /usr/bin/ntfs-3g
Disable /usr/bin/ntfs-3g (requested /bin/ntfs-3g)
Disable /usr/bin/pkexec
Disable /usr/bin/pkexec (requested /bin/pkexec)
Disable /usr/bin/newgrp (requested /usr/bin/sg)
Disable /usr/bin/newgrp (requested /bin/sg)
Disable /usr/bin/strace
Disable /usr/bin/strace (requested /bin/strace)
Disable /usr/bin/su
Disable /usr/bin/su (requested /bin/su)
Disable /usr/bin/sudo
Disable /usr/bin/sudo (requested /bin/sudo)
Disable /usr/bin/umount
Disable /usr/bin/umount (requested /bin/umount)
Disable /usr/bin/xev
Disable /usr/bin/xev (requested /bin/xev)
Disable /usr/bin/xinput
Disable /usr/bin/xinput (requested /bin/xinput)
Disable /usr/lib/virtualbox
Disable /usr/bin/xfce4-terminal
Disable /usr/bin/xfce4-terminal (requested /bin/xfce4-terminal)
Disable /usr/bin/xfce4-terminal.wrapper
Disable /usr/bin/xfce4-terminal.wrapper (requested /bin/xfce4-terminal.wrapper)
Disable /usr/bin/bwrap
Disable /usr/bin/bwrap (requested /bin/bwrap)
Disable /usr/bin/dig
Disable /usr/bin/dig (requested /bin/dig)
Disable /usr/bin/nslookup
Disable /usr/bin/nslookup (requested /bin/nslookup)
Disable /usr/bin/host
Disable /usr/bin/host (requested /bin/host)
Disable /usr/bin/dnswalk
Disable /usr/bin/dnswalk (requested /bin/dnswalk)
Disable /usr/bin/resolvectl
Disable /usr/bin/resolvectl (requested /bin/resolvectl)
Disable /usr/lib/llvm-9/bin/clang (requested /usr/bin/clang-cpp-9)
Disable /usr/lib/llvm-9/bin/clang (requested /usr/bin/clang++-9)
Disable /usr/lib/llvm-9/bin/clang (requested /usr/bin/clang-9)
Disable /usr/lib/llvm-9/bin/clang (requested /bin/clang-cpp-9)
Disable /usr/lib/llvm-9/bin/clang (requested /bin/clang++-9)
Disable /usr/lib/llvm-9/bin/clang (requested /bin/clang-9)
Disable /usr/bin/x86_64-linux-gnu-as (requested /usr/bin/as)
Disable /usr/bin/x86_64-linux-gnu-as (requested /bin/as)
Disable /usr/bin/x86_64-linux-gnu-c++filt (requested /usr/bin/c++filt)
Disable /usr/bin/x86_64-linux-gnu-c++filt (requested /bin/c++filt)
Disable /usr/bin/c89-gcc
Disable /usr/bin/c89-gcc (requested /bin/c89-gcc)
Disable /usr/bin/c99-gcc
Disable /usr/bin/c99-gcc (requested /bin/c99-gcc)
Disable /usr/bin/x86_64-linux-gnu-cpp-10 (requested /usr/bin/cpp-10)
Disable /usr/bin/x86_64-linux-gnu-cpp-10 (requested /usr/bin/cpp)
Disable /usr/bin/x86_64-linux-gnu-cpp-10 (requested /bin/cpp-10)
Disable /usr/bin/x86_64-linux-gnu-cpp-10 (requested /bin/cpp)
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /usr/bin/g++-10)
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /usr/bin/g++)
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /bin/g++-10)
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /bin/g++)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /usr/bin/gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /usr/bin/gcc)
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /usr/bin/gcc-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /usr/bin/gcc-ranlib-10)
Disable /usr/bin/x86_64-linux-gnu-gccgo-10 (requested /usr/bin/gccgo-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /usr/bin/gcc-ar)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /usr/bin/gcc-nm)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /usr/bin/gcc-ar-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /usr/bin/gcc-nm-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /bin/gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /bin/gcc)
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /bin/gcc-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /bin/gcc-ranlib-10)
Disable /usr/bin/x86_64-linux-gnu-gccgo-10 (requested /bin/gccgo-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /bin/gcc-ar)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /bin/gcc-nm)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /bin/gcc-ar-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /bin/gcc-nm-10)
Disable /usr/bin/gdb
Disable /usr/bin/gdb (requested /bin/gdb)
Disable /usr/bin/x86_64-linux-gnu-ld.bfd (requested /usr/bin/ld)
Disable /usr/bin/x86_64-linux-gnu-ld.bfd (requested /bin/ld)
Disable /usr/bin/x86_64-w64-mingw32-gcc-ar-posix
Disable /usr/bin/i686-w64-mingw32-gcc-posix
Disable /usr/bin/i686-w64-mingw32-gcc-ranlib-win32
Disable /usr/bin/i686-w64-mingw32-gcc-10-win32
Disable /usr/bin/x86_64-linux-gnu-gcc-10
Disable /usr/bin/c89-gcc
Disable /usr/bin/x86_64-w64-mingw32-gcc-nm-posix
Disable /usr/bin/x86_64-w64-mingw32-gcc-win32
Disable /usr/bin/c99-gcc
Disable /usr/bin/i686-w64-mingw32-gcc-win32
Disable /usr/bin/x86_64-w64-mingw32-gcc-nm-win32
Disable /usr/bin/i686-w64-mingw32-gcc-ar-posix
Disable /usr/bin/musl-gcc
Disable /usr/bin/i686-w64-mingw32-gcc-10-posix
Disable /usr/bin/x86_64-w64-mingw32-gcc-ranlib-win32
Disable /usr/bin/x86_64-w64-mingw32-gcc-ar-win32
Disable /usr/bin/x86_64-w64-mingw32-gcc-10-win32
Disable /usr/bin/afl-gcc
Disable /usr/bin/i686-w64-mingw32-gcc-ranlib-posix
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /usr/bin/x86_64-linux-gnu-gcc-ar)
Disable /usr/bin/i686-w64-mingw32-gcc-ar-win32
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /usr/bin/x86_64-linux-gnu-gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /usr/bin/x86_64-linux-gnu-gcc-nm)
Disable /usr/bin/i686-w64-mingw32-gcc-nm-posix
Disable /usr/bin/x86_64-w64-mingw32-gcc-ranlib-posix
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /usr/bin/x86_64-linux-gnu-gcc)
Disable /usr/bin/x86_64-w64-mingw32-gcc-10-posix
Disable /usr/bin/x86_64-w64-mingw32-gcc-posix
Disable /usr/bin/x86_64-linux-gnu-gccgo-10
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10
Disable /usr/bin/i686-w64-mingw32-gcc-nm-win32
Disable /usr/bin/x86_64-w64-mingw32-gcc-ar-posix (requested /bin/x86_64-w64-mingw32-gcc-ar-posix)
Disable /usr/bin/i686-w64-mingw32-gcc-posix (requested /bin/i686-w64-mingw32-gcc-posix)
Disable /usr/bin/i686-w64-mingw32-gcc-ranlib-win32 (requested /bin/i686-w64-mingw32-gcc-ranlib-win32)
Disable /usr/bin/i686-w64-mingw32-gcc-10-win32 (requested /bin/i686-w64-mingw32-gcc-10-win32)
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /bin/x86_64-linux-gnu-gcc-10)
Disable /usr/bin/c89-gcc (requested /bin/c89-gcc)
Disable /usr/bin/x86_64-w64-mingw32-gcc-nm-posix (requested /bin/x86_64-w64-mingw32-gcc-nm-posix)
Disable /usr/bin/x86_64-w64-mingw32-gcc-win32 (requested /bin/x86_64-w64-mingw32-gcc-win32)
Disable /usr/bin/c99-gcc (requested /bin/c99-gcc)
Disable /usr/bin/i686-w64-mingw32-gcc-win32 (requested /bin/i686-w64-mingw32-gcc-win32)
Disable /usr/bin/x86_64-w64-mingw32-gcc-nm-win32 (requested /bin/x86_64-w64-mingw32-gcc-nm-win32)
Disable /usr/bin/i686-w64-mingw32-gcc-ar-posix (requested /bin/i686-w64-mingw32-gcc-ar-posix)
Disable /usr/bin/musl-gcc (requested /bin/musl-gcc)
Disable /usr/bin/i686-w64-mingw32-gcc-10-posix (requested /bin/i686-w64-mingw32-gcc-10-posix)
Disable /usr/bin/x86_64-w64-mingw32-gcc-ranlib-win32 (requested /bin/x86_64-w64-mingw32-gcc-ranlib-win32)
Disable /usr/bin/x86_64-w64-mingw32-gcc-ar-win32 (requested /bin/x86_64-w64-mingw32-gcc-ar-win32)
Disable /usr/bin/x86_64-w64-mingw32-gcc-10-win32 (requested /bin/x86_64-w64-mingw32-gcc-10-win32)
Disable /usr/bin/afl-gcc (requested /bin/afl-gcc)
Disable /usr/bin/i686-w64-mingw32-gcc-ranlib-posix (requested /bin/i686-w64-mingw32-gcc-ranlib-posix)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /bin/x86_64-linux-gnu-gcc-ar)
Disable /usr/bin/i686-w64-mingw32-gcc-ar-win32 (requested /bin/i686-w64-mingw32-gcc-ar-win32)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /bin/x86_64-linux-gnu-gcc-ranlib-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /bin/x86_64-linux-gnu-gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /bin/x86_64-linux-gnu-gcc-nm)
Disable /usr/bin/i686-w64-mingw32-gcc-nm-posix (requested /bin/i686-w64-mingw32-gcc-nm-posix)
Disable /usr/bin/x86_64-w64-mingw32-gcc-ranlib-posix (requested /bin/x86_64-w64-mingw32-gcc-ranlib-posix)
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /bin/x86_64-linux-gnu-gcc)
Disable /usr/bin/x86_64-w64-mingw32-gcc-10-posix (requested /bin/x86_64-w64-mingw32-gcc-10-posix)
Disable /usr/bin/x86_64-w64-mingw32-gcc-posix (requested /bin/x86_64-w64-mingw32-gcc-posix)
Disable /usr/bin/x86_64-linux-gnu-gccgo-10 (requested /bin/x86_64-linux-gnu-gccgo-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /bin/x86_64-linux-gnu-gcc-nm-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /bin/x86_64-linux-gnu-gcc-ar-10)
Disable /usr/bin/i686-w64-mingw32-gcc-nm-win32 (requested /bin/i686-w64-mingw32-gcc-nm-win32)
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /usr/bin/x86_64-linux-gnu-g++)
Disable /usr/bin/i686-w64-mingw32-g++-win32
Disable /usr/bin/i686-w64-mingw32-g++-posix
Disable /usr/bin/x86_64-w64-mingw32-g++-posix
Disable /usr/bin/x86_64-linux-gnu-g++-10
Disable /usr/bin/afl-gcc (requested /usr/bin/afl-g++)
Disable /usr/bin/x86_64-w64-mingw32-g++-win32
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /bin/x86_64-linux-gnu-g++)
Disable /usr/bin/i686-w64-mingw32-g++-win32 (requested /bin/i686-w64-mingw32-g++-win32)
Disable /usr/bin/i686-w64-mingw32-g++-posix (requested /bin/i686-w64-mingw32-g++-posix)
Disable /usr/bin/x86_64-w64-mingw32-g++-posix (requested /bin/x86_64-w64-mingw32-g++-posix)
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /bin/x86_64-linux-gnu-g++-10)
Disable /usr/bin/afl-gcc (requested /bin/afl-g++)
Disable /usr/bin/x86_64-w64-mingw32-g++-win32 (requested /bin/x86_64-w64-mingw32-g++-win32)
Disable /usr/bin/x86_64-w64-mingw32-gcc-ar-posix
Disable /usr/bin/i686-w64-mingw32-gcc-posix
Disable /usr/bin/i686-w64-mingw32-gcc-ranlib-win32
Disable /usr/bin/i686-w64-mingw32-gcc-10-win32
Disable /usr/bin/x86_64-linux-gnu-gcc-10
Disable /usr/bin/c89-gcc
Disable /usr/bin/x86_64-w64-mingw32-gcc-nm-posix
Disable /usr/bin/x86_64-w64-mingw32-gcc-win32
Disable /usr/bin/c99-gcc
Disable /usr/bin/i686-w64-mingw32-gcc-win32
Disable /usr/bin/x86_64-w64-mingw32-gcc-nm-win32
Disable /usr/bin/i686-w64-mingw32-gcc-ar-posix
Disable /usr/bin/musl-gcc
Disable /usr/bin/i686-w64-mingw32-gcc-10-posix
Disable /usr/bin/x86_64-w64-mingw32-gcc-ranlib-win32
Disable /usr/bin/x86_64-w64-mingw32-gcc-ar-win32
Disable /usr/bin/x86_64-w64-mingw32-gcc-10-win32
Disable /usr/bin/afl-gcc
Disable /usr/bin/i686-w64-mingw32-gcc-ranlib-posix
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /usr/bin/x86_64-linux-gnu-gcc-ar)
Disable /usr/bin/i686-w64-mingw32-gcc-ar-win32
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /usr/bin/x86_64-linux-gnu-gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /usr/bin/x86_64-linux-gnu-gcc-nm)
Disable /usr/bin/i686-w64-mingw32-gcc-nm-posix
Disable /usr/bin/x86_64-w64-mingw32-gcc-ranlib-posix
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /usr/bin/x86_64-linux-gnu-gcc)
Disable /usr/bin/x86_64-w64-mingw32-gcc-10-posix
Disable /usr/bin/x86_64-w64-mingw32-gcc-posix
Disable /usr/bin/x86_64-linux-gnu-gccgo-10
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10
Disable /usr/bin/i686-w64-mingw32-gcc-nm-win32
Disable /usr/bin/x86_64-w64-mingw32-gcc-ar-posix (requested /bin/x86_64-w64-mingw32-gcc-ar-posix)
Disable /usr/bin/i686-w64-mingw32-gcc-posix (requested /bin/i686-w64-mingw32-gcc-posix)
Disable /usr/bin/i686-w64-mingw32-gcc-ranlib-win32 (requested /bin/i686-w64-mingw32-gcc-ranlib-win32)
Disable /usr/bin/i686-w64-mingw32-gcc-10-win32 (requested /bin/i686-w64-mingw32-gcc-10-win32)
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /bin/x86_64-linux-gnu-gcc-10)
Disable /usr/bin/c89-gcc (requested /bin/c89-gcc)
Disable /usr/bin/x86_64-w64-mingw32-gcc-nm-posix (requested /bin/x86_64-w64-mingw32-gcc-nm-posix)
Disable /usr/bin/x86_64-w64-mingw32-gcc-win32 (requested /bin/x86_64-w64-mingw32-gcc-win32)
Disable /usr/bin/c99-gcc (requested /bin/c99-gcc)
Disable /usr/bin/i686-w64-mingw32-gcc-win32 (requested /bin/i686-w64-mingw32-gcc-win32)
Disable /usr/bin/x86_64-w64-mingw32-gcc-nm-win32 (requested /bin/x86_64-w64-mingw32-gcc-nm-win32)
Disable /usr/bin/i686-w64-mingw32-gcc-ar-posix (requested /bin/i686-w64-mingw32-gcc-ar-posix)
Disable /usr/bin/musl-gcc (requested /bin/musl-gcc)
Disable /usr/bin/i686-w64-mingw32-gcc-10-posix (requested /bin/i686-w64-mingw32-gcc-10-posix)
Disable /usr/bin/x86_64-w64-mingw32-gcc-ranlib-win32 (requested /bin/x86_64-w64-mingw32-gcc-ranlib-win32)
Disable /usr/bin/x86_64-w64-mingw32-gcc-ar-win32 (requested /bin/x86_64-w64-mingw32-gcc-ar-win32)
Disable /usr/bin/x86_64-w64-mingw32-gcc-10-win32 (requested /bin/x86_64-w64-mingw32-gcc-10-win32)
Disable /usr/bin/afl-gcc (requested /bin/afl-gcc)
Disable /usr/bin/i686-w64-mingw32-gcc-ranlib-posix (requested /bin/i686-w64-mingw32-gcc-ranlib-posix)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /bin/x86_64-linux-gnu-gcc-ar)
Disable /usr/bin/i686-w64-mingw32-gcc-ar-win32 (requested /bin/i686-w64-mingw32-gcc-ar-win32)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /bin/x86_64-linux-gnu-gcc-ranlib-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-ranlib-10 (requested /bin/x86_64-linux-gnu-gcc-ranlib)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /bin/x86_64-linux-gnu-gcc-nm)
Disable /usr/bin/i686-w64-mingw32-gcc-nm-posix (requested /bin/i686-w64-mingw32-gcc-nm-posix)
Disable /usr/bin/x86_64-w64-mingw32-gcc-ranlib-posix (requested /bin/x86_64-w64-mingw32-gcc-ranlib-posix)
Disable /usr/bin/x86_64-linux-gnu-gcc-10 (requested /bin/x86_64-linux-gnu-gcc)
Disable /usr/bin/x86_64-w64-mingw32-gcc-10-posix (requested /bin/x86_64-w64-mingw32-gcc-10-posix)
Disable /usr/bin/x86_64-w64-mingw32-gcc-posix (requested /bin/x86_64-w64-mingw32-gcc-posix)
Disable /usr/bin/x86_64-linux-gnu-gccgo-10 (requested /bin/x86_64-linux-gnu-gccgo-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-nm-10 (requested /bin/x86_64-linux-gnu-gcc-nm-10)
Disable /usr/bin/x86_64-linux-gnu-gcc-ar-10 (requested /bin/x86_64-linux-gnu-gcc-ar-10)
Disable /usr/bin/i686-w64-mingw32-gcc-nm-win32 (requested /bin/i686-w64-mingw32-gcc-nm-win32)
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /usr/bin/x86_64-linux-gnu-g++)
Disable /usr/bin/i686-w64-mingw32-g++-win32
Disable /usr/bin/i686-w64-mingw32-g++-posix
Disable /usr/bin/x86_64-w64-mingw32-g++-posix
Disable /usr/bin/x86_64-linux-gnu-g++-10
Disable /usr/bin/afl-gcc (requested /usr/bin/afl-g++)
Disable /usr/bin/x86_64-w64-mingw32-g++-win32
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /bin/x86_64-linux-gnu-g++)
Disable /usr/bin/i686-w64-mingw32-g++-win32 (requested /bin/i686-w64-mingw32-g++-win32)
Disable /usr/bin/i686-w64-mingw32-g++-posix (requested /bin/i686-w64-mingw32-g++-posix)
Disable /usr/bin/x86_64-w64-mingw32-g++-posix (requested /bin/x86_64-w64-mingw32-g++-posix)
Disable /usr/bin/x86_64-linux-gnu-g++-10 (requested /bin/x86_64-linux-gnu-g++-10)
Disable /usr/bin/afl-gcc (requested /bin/afl-g++)
Disable /usr/bin/x86_64-w64-mingw32-g++-win32 (requested /bin/x86_64-w64-mingw32-g++-win32)
Disable /usr/bin/x86_64-linux-gnu-go-10 (requested /usr/bin/go)
Disable /usr/bin/x86_64-linux-gnu-go-10 (requested /bin/go)
Disable /usr/bin/x86_64-linux-gnu-gofmt-10 (requested /usr/bin/gofmt)
Disable /usr/bin/x86_64-linux-gnu-gofmt-10 (requested /bin/gofmt)
Disable /usr/lib/java
Disable /usr/bin/openssl
Disable /usr/bin/openssl (requested /bin/openssl)
Disable /usr/bin/rustc
Disable /usr/bin/rustc (requested /bin/rustc)
Disable /usr/bin/tcc
Disable /usr/bin/tcc (requested /bin/tcc)
Disable /usr/lib/valgrind
Disable /usr/src
Disable /usr/local/src
Disable /usr/include
Disable /usr/local/include
Mounting noexec /home/hyiltiz/.config/zoomus.conf
3463 3078 8:17 /home/hyiltiz/.config/zoomus.conf /home/hyiltiz/.config/zoomus.conf rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3463 fsname=/home/hyiltiz/.config/zoomus.conf dir=/home/hyiltiz/.config/zoomus.conf fstype=ext4
Mounting noexec /home/hyiltiz/.zoom
3464 3079 8:17 /home/hyiltiz/.zoom /home/hyiltiz/.zoom rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3464 fsname=/home/hyiltiz/.zoom dir=/home/hyiltiz/.zoom fstype=ext4
Mounting noexec /home/hyiltiz/.config/ibus
3465 3080 8:17 /home/hyiltiz/.config/ibus /home/hyiltiz/.config/ibus rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3465 fsname=/home/hyiltiz/.config/ibus dir=/home/hyiltiz/.config/ibus fstype=ext4
Mounting noexec /home/hyiltiz/.config/mimeapps.list
3466 3177 8:17 /home/hyiltiz/.config/mimeapps.list /home/hyiltiz/.config/mimeapps.list ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3466 fsname=/home/hyiltiz/.config/mimeapps.list dir=/home/hyiltiz/.config/mimeapps.list fstype=ext4
Mounting noexec /home/hyiltiz/.config/user-dirs.dirs
3467 3178 8:17 /home/hyiltiz/.config/user-dirs.dirs /home/hyiltiz/.config/user-dirs.dirs ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3467 fsname=/home/hyiltiz/.config/user-dirs.dirs dir=/home/hyiltiz/.config/user-dirs.dirs fstype=ext4
Mounting noexec /home/hyiltiz/.config/user-dirs.locale
3468 3179 8:17 /home/hyiltiz/.config/user-dirs.locale /home/hyiltiz/.config/user-dirs.locale ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3468 fsname=/home/hyiltiz/.config/user-dirs.locale dir=/home/hyiltiz/.config/user-dirs.locale fstype=ext4
Mounting noexec /home/hyiltiz/.icons
3469 3084 8:17 /home/hyiltiz/.icons /home/hyiltiz/.icons rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3469 fsname=/home/hyiltiz/.icons dir=/home/hyiltiz/.icons fstype=ext4
Mounting noexec /home/hyiltiz/.local/share/applications
3470 3176 8:17 /home/hyiltiz/.local/share/applications /home/hyiltiz/.local/share/applications ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3470 fsname=/home/hyiltiz/.local/share/applications dir=/home/hyiltiz/.local/share/applications fstype=ext4
Mounting noexec /home/hyiltiz/.local/share/icons
3471 3086 8:17 /home/hyiltiz/.local/share/icons /home/hyiltiz/.local/share/icons rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3471 fsname=/home/hyiltiz/.local/share/icons dir=/home/hyiltiz/.local/share/icons fstype=ext4
Mounting noexec /home/hyiltiz/.local/share/mime
3472 3180 8:17 /home/hyiltiz/.local/share/mime /home/hyiltiz/.local/share/mime ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3472 fsname=/home/hyiltiz/.local/share/mime dir=/home/hyiltiz/.local/share/mime fstype=ext4
Mounting noexec /home/hyiltiz/.config/dconf
3473 3173 8:17 /home/hyiltiz/.config/dconf /home/hyiltiz/.config/dconf ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3473 fsname=/home/hyiltiz/.config/dconf dir=/home/hyiltiz/.config/dconf fstype=ext4
Mounting noexec /home/hyiltiz/.config/fontconfig
3474 3089 8:17 /home/hyiltiz/.config/fontconfig /home/hyiltiz/.config/fontconfig rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3474 fsname=/home/hyiltiz/.config/fontconfig dir=/home/hyiltiz/.config/fontconfig fstype=ext4
Mounting noexec /home/hyiltiz/.local/share/fonts
3475 3090 8:17 /home/hyiltiz/.local/share/fonts /home/hyiltiz/.local/share/fonts rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3475 fsname=/home/hyiltiz/.local/share/fonts dir=/home/hyiltiz/.local/share/fonts fstype=ext4
Mounting noexec /home/hyiltiz/.config/gtk-2.0
3476 3091 8:17 /home/hyiltiz/.config/gtk-2.0 /home/hyiltiz/.config/gtk-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3476 fsname=/home/hyiltiz/.config/gtk-2.0 dir=/home/hyiltiz/.config/gtk-2.0 fstype=ext4
Mounting noexec /home/hyiltiz/.config/gtk-3.0
3477 3092 8:17 /home/hyiltiz/.config/gtk-3.0 /home/hyiltiz/.config/gtk-3.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3477 fsname=/home/hyiltiz/.config/gtk-3.0 dir=/home/hyiltiz/.config/gtk-3.0 fstype=ext4
Mounting noexec /home/hyiltiz/.config/gtkrc
3478 3093 8:17 /home/hyiltiz/.config/gtkrc /home/hyiltiz/.config/gtkrc rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3478 fsname=/home/hyiltiz/.config/gtkrc dir=/home/hyiltiz/.config/gtkrc fstype=ext4
Mounting noexec /home/hyiltiz/.config/gtkrc-2.0
3479 3094 8:17 /home/hyiltiz/.config/gtkrc-2.0 /home/hyiltiz/.config/gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3479 fsname=/home/hyiltiz/.config/gtkrc-2.0 dir=/home/hyiltiz/.config/gtkrc-2.0 fstype=ext4
Mounting noexec /home/hyiltiz/.gnome2
3480 3095 8:17 /home/hyiltiz/.gnome2 /home/hyiltiz/.gnome2 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3480 fsname=/home/hyiltiz/.gnome2 dir=/home/hyiltiz/.gnome2 fstype=ext4
Mounting noexec /home/hyiltiz/.gtkrc-2.0
3481 3096 8:17 /home/hyiltiz/.gtkrc-2.0 /home/hyiltiz/.gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3481 fsname=/home/hyiltiz/.gtkrc-2.0 dir=/home/hyiltiz/.gtkrc-2.0 fstype=ext4
Mounting noexec /home/hyiltiz/.kde/share/config/gtkrc
3482 3097 8:17 /home/hyiltiz/.kde/share/config/gtkrc /home/hyiltiz/.kde/share/config/gtkrc rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3482 fsname=/home/hyiltiz/.kde/share/config/gtkrc dir=/home/hyiltiz/.kde/share/config/gtkrc fstype=ext4
Mounting noexec /home/hyiltiz/.kde/share/config/gtkrc-2.0
3483 3098 8:17 /home/hyiltiz/.kde/share/config/gtkrc-2.0 /home/hyiltiz/.kde/share/config/gtkrc-2.0 rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3483 fsname=/home/hyiltiz/.kde/share/config/gtkrc-2.0 dir=/home/hyiltiz/.kde/share/config/gtkrc-2.0 fstype=ext4
Mounting noexec /home/hyiltiz/.config/Trolltech.conf
3484 3099 8:17 /home/hyiltiz/.config/Trolltech.conf /home/hyiltiz/.config/Trolltech.conf rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3484 fsname=/home/hyiltiz/.config/Trolltech.conf dir=/home/hyiltiz/.config/Trolltech.conf fstype=ext4
Mounting noexec /home/hyiltiz/.config/kdeglobals
3485 3167 8:17 /home/hyiltiz/.config/kdeglobals /home/hyiltiz/.config/kdeglobals ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3485 fsname=/home/hyiltiz/.config/kdeglobals dir=/home/hyiltiz/.config/kdeglobals fstype=ext4
Mounting noexec /home/hyiltiz/.config/kio_httprc
3486 3168 8:17 /home/hyiltiz/.config/kio_httprc /home/hyiltiz/.config/kio_httprc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3486 fsname=/home/hyiltiz/.config/kio_httprc dir=/home/hyiltiz/.config/kio_httprc fstype=ext4
Mounting noexec /home/hyiltiz/.config/kioslaverc
3487 3169 8:17 /home/hyiltiz/.config/kioslaverc /home/hyiltiz/.config/kioslaverc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3487 fsname=/home/hyiltiz/.config/kioslaverc dir=/home/hyiltiz/.config/kioslaverc fstype=ext4
Mounting noexec /home/hyiltiz/.config/qt5ct
3488 3103 8:17 /home/hyiltiz/.config/qt5ct /home/hyiltiz/.config/qt5ct rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3488 fsname=/home/hyiltiz/.config/qt5ct dir=/home/hyiltiz/.config/qt5ct fstype=ext4
Mounting noexec /home/hyiltiz/.kde/share/config/kdeglobals
3489 3170 8:17 /home/hyiltiz/.kde/share/config/kdeglobals /home/hyiltiz/.kde/share/config/kdeglobals ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3489 fsname=/home/hyiltiz/.kde/share/config/kdeglobals dir=/home/hyiltiz/.kde/share/config/kdeglobals fstype=ext4
Mounting noexec /home/hyiltiz/.kde/share/config/kio_httprc
3490 3171 8:17 /home/hyiltiz/.kde/share/config/kio_httprc /home/hyiltiz/.kde/share/config/kio_httprc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3490 fsname=/home/hyiltiz/.kde/share/config/kio_httprc dir=/home/hyiltiz/.kde/share/config/kio_httprc fstype=ext4
Mounting noexec /home/hyiltiz/.kde/share/config/kioslaverc
3491 3172 8:17 /home/hyiltiz/.kde/share/config/kioslaverc /home/hyiltiz/.kde/share/config/kioslaverc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3491 fsname=/home/hyiltiz/.kde/share/config/kioslaverc dir=/home/hyiltiz/.kde/share/config/kioslaverc fstype=ext4
Mounting noexec /home/hyiltiz/.kde/share/config/oxygenrc
3492 3107 8:17 /home/hyiltiz/.kde/share/config/oxygenrc /home/hyiltiz/.kde/share/config/oxygenrc rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3492 fsname=/home/hyiltiz/.kde/share/config/oxygenrc dir=/home/hyiltiz/.kde/share/config/oxygenrc fstype=ext4
Mounting noexec /run/user/1000
3497 3493 0:39 /pulse/native /run/user/1000/pulse/native rw,nosuid,nodev,relatime master:239 - tmpfs tmpfs rw,size=805956k,nr_inodes=201489,mode=700,uid=1000,gid=1000
mountid=3497 fsname=/pulse/native dir=/run/user/1000/pulse/native fstype=tmpfs
Mounting noexec /run/user/1000/bus
3498 3494 0:39 /bus /run/user/1000/bus rw,nosuid,nodev,noexec,relatime master:239 - tmpfs tmpfs rw,size=805956k,nr_inodes=201489,mode=700,uid=1000,gid=1000
mountid=3498 fsname=/bus dir=/run/user/1000/bus fstype=tmpfs
Mounting noexec /run/user/1000/dconf
3499 3495 0:39 /dconf /run/user/1000/dconf rw,nosuid,nodev,noexec,relatime master:239 - tmpfs tmpfs rw,size=805956k,nr_inodes=201489,mode=700,uid=1000,gid=1000
mountid=3499 fsname=/dconf dir=/run/user/1000/dconf fstype=tmpfs
Mounting noexec /run/user/1000/ICEauthority
3500 3496 0:39 /ICEauthority /run/user/1000/ICEauthority rw,nosuid,nodev,noexec,relatime master:239 - tmpfs tmpfs rw,size=805956k,nr_inodes=201489,mode=700,uid=1000,gid=1000
mountid=3500 fsname=/ICEauthority dir=/run/user/1000/ICEauthority fstype=tmpfs
Mounting noexec /run/user/1000/pulse/native
3501 3497 0:39 /pulse/native /run/user/1000/pulse/native rw,nosuid,nodev,noexec,relatime master:239 - tmpfs tmpfs rw,size=805956k,nr_inodes=201489,mode=700,uid=1000,gid=1000
mountid=3501 fsname=/pulse/native dir=/run/user/1000/pulse/native fstype=tmpfs
Mounting noexec /dev/shm
3502 3028 0:116 /shm /dev/shm rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755
mountid=3502 fsname=/shm dir=/dev/shm fstype=tmpfs
Mounting noexec /tmp
3504 3503 8:17 /tmp/.X11-unix /tmp/.X11-unix rw,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3504 fsname=/tmp/.X11-unix dir=/tmp/.X11-unix fstype=ext4
Mounting noexec /tmp/.X11-unix
3505 3504 8:17 /tmp/.X11-unix /tmp/.X11-unix rw,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3505 fsname=/tmp/.X11-unix dir=/tmp/.X11-unix fstype=ext4
Mounting noexec /var
3509 3506 0:90 / /var/tmp rw,nosuid,nodev,noexec - tmpfs tmpfs rw
mountid=3509 fsname=/ dir=/var/tmp fstype=tmpfs
Disable /usr/bin/luarocks
Disable /usr/bin/luarocks-admin
Disable /usr/bin/luajit
Disable /usr/bin/lua5.3
Disable /usr/bin/luajittex
Disable /usr/share/texlive/texmf-dist/scripts/luaotfload/luaotfload-tool.lua (requested /usr/bin/luaotfload-tool)
Disable /usr/bin/lua-any
Disable /usr/bin/luatex
Disable /usr/bin/luac5.1
Disable /usr/bin/luatools
Disable /usr/bin/lua5.1
Disable /usr/bin/luahbtex (requested /usr/bin/lualatex)
Disable /usr/bin/luac5.3
Disable /usr/bin/luahbtex
Disable /usr/bin/luajithbtex
Disable /usr/bin/luahbtex (requested /usr/bin/lualatex-dev)
Disable /usr/bin/luarocks (requested /bin/luarocks)
Disable /usr/bin/luarocks-admin (requested /bin/luarocks-admin)
Disable /usr/bin/luajit (requested /bin/luajit)
Disable /usr/bin/lua5.3 (requested /bin/lua5.3)
Disable /usr/bin/luajittex (requested /bin/luajittex)
Disable /usr/share/texlive/texmf-dist/scripts/luaotfload/luaotfload-tool.lua (requested /bin/luaotfload-tool)
Disable /usr/bin/lua-any (requested /bin/lua-any)
Disable /usr/bin/luatex (requested /bin/luatex)
Disable /usr/bin/luac5.1 (requested /bin/luac5.1)
Disable /usr/bin/luatools (requested /bin/luatools)
Disable /usr/bin/lua5.1 (requested /bin/lua5.1)
Disable /usr/bin/luahbtex (requested /bin/lualatex)
Disable /usr/bin/luac5.3 (requested /bin/luac5.3)
Disable /usr/bin/luahbtex (requested /bin/luahbtex)
Disable /usr/bin/luajithbtex (requested /bin/luajithbtex)
Disable /usr/bin/luahbtex (requested /bin/lualatex-dev)
Disable /usr/bin/node
Disable /usr/bin/node (requested /bin/node)
Disable /usr/bin/cpan
Disable /usr/bin/cpanel_json_xs
Disable /usr/bin/cpan5.30-x86_64-linux-gnu
Disable /usr/bin/cpan (requested /bin/cpan)
Disable /usr/bin/cpanel_json_xs (requested /bin/cpanel_json_xs)
Disable /usr/bin/cpan5.30-x86_64-linux-gnu (requested /bin/cpan5.30-x86_64-linux-gnu)
Disable /usr/bin/perl
Disable /usr/bin/perl (requested /bin/perl)
Disable /usr/share/perl5
Disable /usr/share/perl
Disable /usr/bin/php7.4
Disable /usr/bin/php7.4 (requested /bin/php7.4)
Disable /usr/lib/php
Disable /usr/bin/ruby2.7 (requested /usr/bin/ruby)
Disable /usr/bin/ruby2.7 (requested /bin/ruby)
Disable /usr/lib/ruby
Disable /usr/bin/python2.7
Disable /usr/bin/python2.7 (requested /usr/bin/python2)
Disable /usr/bin/python2.7 (requested /bin/python2.7)
Disable /usr/bin/python2.7 (requested /bin/python2)
Disable /usr/lib/python2.7
Disable /usr/local/lib/python2.7
Disable /usr/bin/python3.8
Disable /usr/bin/python3-wsdump
Disable /usr/bin/python3-qr
Disable /usr/bin/python3-pasteurize
Disable /usr/bin/python3-futurize
Disable /usr/bin/python3.9
Disable /usr/bin/python3.8 (requested /usr/bin/python3)
Disable /usr/bin/python3-tor-prompt
Disable /usr/bin/x86_64-linux-gnu-python3.8-config (requested /usr/bin/python3.8-config)
Disable /usr/bin/x86_64-linux-gnu-python3.8-config (requested /usr/bin/python3-config)
Disable /usr/bin/python3.8 (requested /bin/python3.8)
Disable /usr/bin/python3-wsdump (requested /bin/python3-wsdump)
Disable /usr/bin/python3-qr (requested /bin/python3-qr)
Disable /usr/bin/python3-pasteurize (requested /bin/python3-pasteurize)
Disable /usr/bin/python3-futurize (requested /bin/python3-futurize)
Disable /usr/bin/python3.9 (requested /bin/python3.9)
Disable /usr/bin/python3.8 (requested /bin/python3)
Disable /usr/bin/python3-tor-prompt (requested /bin/python3-tor-prompt)
Disable /usr/bin/x86_64-linux-gnu-python3.8-config (requested /bin/python3.8-config)
Disable /usr/bin/x86_64-linux-gnu-python3.8-config (requested /bin/python3-config)
Disable /usr/lib/python3.6
Disable /usr/lib/python3.8
Disable /usr/lib/python3.9
Disable /usr/lib/python3
Disable /usr/local/lib/python3.8
Disable /usr/local/lib/python3.7
Disable /usr/local/lib/python3.9
Not blacklist /home/hyiltiz/.config/zoomus.conf
Not blacklist /home/hyiltiz/.zoom
Drop privileges: pid 17, uid 1000, gid 1000, nogroups 0
Warning: cleaning all supplementary groups
Mounting read-only /tmp/.X11-unix
3593 3505 8:17 /tmp/.X11-unix /tmp/.X11-unix ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sdb1 rw,errors=remount-ro
mountid=3593 fsname=/tmp/.X11-unix dir=/tmp/.X11-unix fstype=ext4
Disable /sys/fs
Disable /sys/module
Disable /mnt
Disable /media
Disable /run/mount
/etc/pulse/client.conf not found
Create the new ld.so.preload file
Blacklist violations are logged to syslog
Mount the new ld.so.preload file
Current directory: /home/hyiltiz
DISPLAY=:0 parsed as 0
Install protocol filter: unix,inet,inet6,netlink
configuring 22 seccomp entries in /run/firejail/mnt/seccomp/seccomp.protocol
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.protocol 
Dropping all capabilities
Drop privileges: pid 18, uid 1000, gid 1000, nogroups 1
No supplementary groups
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 04 00 c000003e   jeq ARCH_64 0006 (false 0002)
 0002: 20 00 00 00000000   ld  data.syscall-number
 0003: 15 01 00 00000167   jeq unknown 0005 (false 0004)
 0004: 06 00 00 7fff0000   ret ALLOW
 0005: 05 00 00 00000006   jmp 000c
 0006: 20 00 00 00000004   ld  data.architecture
 0007: 15 01 00 c000003e   jeq ARCH_64 0009 (false 0008)
 0008: 06 00 00 7fff0000   ret ALLOW
 0009: 20 00 00 00000000   ld  data.syscall-number
 000a: 15 01 00 00000029   jeq socket 000c (false 000b)
 000b: 06 00 00 7fff0000   ret ALLOW
 000c: 20 00 00 00000010   ld  data.args[0]
 000d: 15 00 01 00000001   jeq 1 000e (false 000f)
 000e: 06 00 00 7fff0000   ret ALLOW
 000f: 15 00 01 00000002   jeq 2 0010 (false 0011)
 0010: 06 00 00 7fff0000   ret ALLOW
 0011: 15 00 01 0000000a   jeq a 0012 (false 0013)
 0012: 06 00 00 7fff0000   ret ALLOW
 0013: 15 00 01 00000010   jeq 10 0014 (false 0015)
 0014: 06 00 00 7fff0000   ret ALLOW
 0015: 06 00 00 0005005f   ret ERRNO(95)
configuring 101 seccomp entries in /run/firejail/mnt/seccomp/seccomp.32
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp.32 
Dropping all capabilities
Drop privileges: pid 19, uid 1000, gid 1000, nogroups 1
No supplementary groups
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 01 00 40000003   jeq ARCH_32 0003 (false 0002)
 0002: 06 00 00 7fff0000   ret ALLOW
 0003: 20 00 00 00000000   ld  data.syscall-number
 0004: 15 00 01 00000015   jeq 15 0005 (false 0006)
 0005: 06 00 00 00000001   ret KILL
 0006: 15 00 01 00000034   jeq 34 0007 (false 0008)
 0007: 06 00 00 00000001   ret KILL
 0008: 15 00 01 0000001a   jeq 1a 0009 (false 000a)
 0009: 06 00 00 00000001   ret KILL
 000a: 15 00 01 0000011b   jeq 11b 000b (false 000c)
 000b: 06 00 00 00000001   ret KILL
 000c: 15 00 01 00000155   jeq 155 000d (false 000e)
 000d: 06 00 00 00000001   ret KILL
 000e: 15 00 01 00000156   jeq 156 000f (false 0010)
 000f: 06 00 00 00000001   ret KILL
 0010: 15 00 01 0000007f   jeq 7f 0011 (false 0012)
 0011: 06 00 00 00000001   ret KILL
 0012: 15 00 01 00000080   jeq 80 0013 (false 0014)
 0013: 06 00 00 00000001   ret KILL
 0014: 15 00 01 0000015e   jeq 15e 0015 (false 0016)
 0015: 06 00 00 00000001   ret KILL
 0016: 15 00 01 00000081   jeq 81 0017 (false 0018)
 0017: 06 00 00 00000001   ret KILL
 0018: 15 00 01 0000006e   jeq 6e 0019 (false 001a)
 0019: 06 00 00 00000001   ret KILL
 001a: 15 00 01 00000065   jeq 65 001b (false 001c)
 001b: 06 00 00 00000001   ret KILL
 001c: 15 00 01 00000121   jeq 121 001d (false 001e)
 001d: 06 00 00 00000001   ret KILL
 001e: 15 00 01 00000057   jeq 57 001f (false 0020)
 001f: 06 00 00 00000001   ret KILL
 0020: 15 00 01 00000073   jeq 73 0021 (false 0022)
 0021: 06 00 00 00000001   ret KILL
 0022: 15 00 01 00000067   jeq 67 0023 (false 0024)
 0023: 06 00 00 00000001   ret KILL
 0024: 15 00 01 0000015b   jeq 15b 0025 (false 0026)
 0025: 06 00 00 00000001   ret KILL
 0026: 15 00 01 0000015c   jeq 15c 0027 (false 0028)
 0027: 06 00 00 00000001   ret KILL
 0028: 15 00 01 00000087   jeq 87 0029 (false 002a)
 0029: 06 00 00 00000001   ret KILL
 002a: 15 00 01 00000095   jeq 95 002b (false 002c)
 002b: 06 00 00 00000001   ret KILL
 002c: 15 00 01 0000007c   jeq 7c 002d (false 002e)
 002d: 06 00 00 00000001   ret KILL
 002e: 15 00 01 00000157   jeq 157 002f (false 0030)
 002f: 06 00 00 00000001   ret KILL
 0030: 15 00 01 000000fd   jeq fd 0031 (false 0032)
 0031: 06 00 00 00000001   ret KILL
 0032: 15 00 01 00000150   jeq 150 0033 (false 0034)
 0033: 06 00 00 00000001   ret KILL
 0034: 15 00 01 00000152   jeq 152 0035 (false 0036)
 0035: 06 00 00 00000001   ret KILL
 0036: 15 00 01 0000015d   jeq 15d 0037 (false 0038)
 0037: 06 00 00 00000001   ret KILL
 0038: 15 00 01 0000011e   jeq 11e 0039 (false 003a)
 0039: 06 00 00 00000001   ret KILL
 003a: 15 00 01 0000011f   jeq 11f 003b (false 003c)
 003b: 06 00 00 00000001   ret KILL
 003c: 15 00 01 00000120   jeq 120 003d (false 003e)
 003d: 06 00 00 00000001   ret KILL
 003e: 15 00 01 00000056   jeq 56 003f (false 0040)
 003f: 06 00 00 00000001   ret KILL
 0040: 15 00 01 00000033   jeq 33 0041 (false 0042)
 0041: 06 00 00 00000001   ret KILL
 0042: 15 00 01 0000007b   jeq 7b 0043 (false 0044)
 0043: 06 00 00 00000001   ret KILL
 0044: 15 00 01 000000d9   jeq d9 0045 (false 0046)
 0045: 06 00 00 00000001   ret KILL
 0046: 15 00 01 000000f5   jeq f5 0047 (false 0048)
 0047: 06 00 00 00000001   ret KILL
 0048: 15 00 01 000000f6   jeq f6 0049 (false 004a)
 0049: 06 00 00 00000001   ret KILL
 004a: 15 00 01 000000f7   jeq f7 004b (false 004c)
 004b: 06 00 00 00000001   ret KILL
 004c: 15 00 01 000000f8   jeq f8 004d (false 004e)
 004d: 06 00 00 00000001   ret KILL
 004e: 15 00 01 000000f9   jeq f9 004f (false 0050)
 004f: 06 00 00 00000001   ret KILL
 0050: 15 00 01 00000101   jeq 101 0051 (false 0052)
 0051: 06 00 00 00000001   ret KILL
 0052: 15 00 01 00000112   jeq 112 0053 (false 0054)
 0053: 06 00 00 00000001   ret KILL
 0054: 15 00 01 00000114   jeq 114 0055 (false 0056)
 0055: 06 00 00 00000001   ret KILL
 0056: 15 00 01 00000126   jeq 126 0057 (false 0058)
 0057: 06 00 00 00000001   ret KILL
 0058: 15 00 01 0000013d   jeq 13d 0059 (false 005a)
 0059: 06 00 00 00000001   ret KILL
 005a: 15 00 01 0000013c   jeq 13c 005b (false 005c)
 005b: 06 00 00 00000001   ret KILL
 005c: 15 00 01 0000003d   jeq 3d 005d (false 005e)
 005d: 06 00 00 00000001   ret KILL
 005e: 15 00 01 00000058   jeq 58 005f (false 0060)
 005f: 06 00 00 00000001   ret KILL
 0060: 15 00 01 000000a9   jeq a9 0061 (false 0062)
 0061: 06 00 00 00000001   ret KILL
 0062: 15 00 01 00000082   jeq 82 0063 (false 0064)
 0063: 06 00 00 00000001   ret KILL
 0064: 06 00 00 7fff0000   ret ALLOW
Dual 32/64 bit seccomp filter configured
Build default+drop seccomp filter
sbox run: /run/firejail/lib/fseccomp default drop /run/firejail/mnt/seccomp/seccomp /run/firejail/mnt/seccomp/seccomp.postexec !chroot 
Dropping all capabilities
Drop privileges: pid 20, uid 1000, gid 1000, nogroups 1
No supplementary groups
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
sbox run: /run/firejail/lib/fsec-optimize /run/firejail/mnt/seccomp/seccomp 
Dropping all capabilities
Drop privileges: pid 21, uid 1000, gid 1000, nogroups 1
No supplementary groups
configuring 136 seccomp entries in /run/firejail/mnt/seccomp/seccomp
sbox run: /usr/lib/x86_64-linux-gnu/firejail/fsec-print /run/firejail/mnt/seccomp/seccomp 
Dropping all capabilities
Drop privileges: pid 22, uid 1000, gid 1000, nogroups 1
No supplementary groups
 line  OP JT JF    K
=================================
 0000: 20 00 00 00000004   ld  data.architecture
 0001: 15 01 00 c000003e   jeq ARCH_64 0003 (false 0002)
 0002: 06 00 00 7fff0000   ret ALLOW
 0003: 20 00 00 00000000   ld  data.syscall-number
 0004: 35 01 00 40000000   jge X32_ABI 0006 (false 0005)
 0005: 35 01 00 00000000   jge read 0007 (false 0006)
 0006: 06 00 00 00050001   ret ERRNO(1)
 0007: 15 00 01 000000a1   jeq chroot 0008 (false 0009)
 0008: 06 00 00 7fff0000   ret ALLOW
 0009: 15 00 01 0000009f   jeq adjtimex 000a (false 000b)
 000a: 06 00 00 00050001   ret ERRNO(1)
 000b: 15 00 01 00000131   jeq clock_adjtime 000c (false 000d)
 000c: 06 00 00 00050001   ret ERRNO(1)
 000d: 15 00 01 000000e3   jeq clock_settime 000e (false 000f)
 000e: 06 00 00 00050001   ret ERRNO(1)
 000f: 15 00 01 000000a4   jeq settimeofday 0010 (false 0011)
 0010: 06 00 00 00050001   ret ERRNO(1)
 0011: 15 00 01 0000009a   jeq modify_ldt 0012 (false 0013)
 0012: 06 00 00 00050001   ret ERRNO(1)
 0013: 15 00 01 000000d4   jeq lookup_dcookie 0014 (false 0015)
 0014: 06 00 00 00050001   ret ERRNO(1)
 0015: 15 00 01 0000012a   jeq perf_event_open 0016 (false 0017)
 0016: 06 00 00 00050001   ret ERRNO(1)
 0017: 15 00 01 00000137   jeq process_vm_writev 0018 (false 0019)
 0018: 06 00 00 00050001   ret ERRNO(1)
 0019: 15 00 01 000000b0   jeq delete_module 001a (false 001b)
 001a: 06 00 00 00050001   ret ERRNO(1)
 001b: 15 00 01 00000139   jeq finit_module 001c (false 001d)
 001c: 06 00 00 00050001   ret ERRNO(1)
 001d: 15 00 01 000000af   jeq init_module 001e (false 001f)
 001e: 06 00 00 00050001   ret ERRNO(1)
 001f: 15 00 01 000000a1   jeq chroot 0020 (false 0021)
 0020: 06 00 00 00050001   ret ERRNO(1)
 0021: 15 00 01 000000a5   jeq mount 0022 (false 0023)
 0022: 06 00 00 00050001   ret ERRNO(1)
 0023: 15 00 01 0000009b   jeq pivot_root 0024 (false 0025)
 0024: 06 00 00 00050001   ret ERRNO(1)
 0025: 15 00 01 000000a6   jeq umount2 0026 (false 0027)
 0026: 06 00 00 00050001   ret ERRNO(1)
 0027: 15 00 01 0000009c   jeq _sysctl 0028 (false 0029)
 0028: 06 00 00 00050001   ret ERRNO(1)
 0029: 15 00 01 000000b7   jeq afs_syscall 002a (false 002b)
 002a: 06 00 00 00050001   ret ERRNO(1)
 002b: 15 00 01 000000ae   jeq create_module 002c (false 002d)
 002c: 06 00 00 00050001   ret ERRNO(1)
 002d: 15 00 01 000000b1   jeq get_kernel_syms 002e (false 002f)
 002e: 06 00 00 00050001   ret ERRNO(1)
 002f: 15 00 01 000000b5   jeq getpmsg 0030 (false 0031)
 0030: 06 00 00 00050001   ret ERRNO(1)
 0031: 15 00 01 000000b6   jeq putpmsg 0032 (false 0033)
 0032: 06 00 00 00050001   ret ERRNO(1)
 0033: 15 00 01 000000b2   jeq query_module 0034 (false 0035)
 0034: 06 00 00 00050001   ret ERRNO(1)
 0035: 15 00 01 000000b9   jeq security 0036 (false 0037)
 0036: 06 00 00 00050001   ret ERRNO(1)
 0037: 15 00 01 0000008b   jeq sysfs 0038 (false 0039)
 0038: 06 00 00 00050001   ret ERRNO(1)
 0039: 15 00 01 000000b8   jeq tuxcall 003a (false 003b)
 003a: 06 00 00 00050001   ret ERRNO(1)
 003b: 15 00 01 00000086   jeq uselib 003c (false 003d)
 003c: 06 00 00 00050001   ret ERRNO(1)
 003d: 15 00 01 00000088   jeq ustat 003e (false 003f)
 003e: 06 00 00 00050001   ret ERRNO(1)
 003f: 15 00 01 000000ec   jeq vserver 0040 (false 0041)
 0040: 06 00 00 00050001   ret ERRNO(1)
 0041: 15 00 01 000000ad   jeq ioperm 0042 (false 0043)
 0042: 06 00 00 00050001   ret ERRNO(1)
 0043: 15 00 01 000000ac   jeq iopl 0044 (false 0045)
 0044: 06 00 00 00050001   ret ERRNO(1)
 0045: 15 00 01 000000f6   jeq kexec_load 0046 (false 0047)
 0046: 06 00 00 00050001   ret ERRNO(1)
 0047: 15 00 01 00000140   jeq kexec_file_load 0048 (false 0049)
 0048: 06 00 00 00050001   ret ERRNO(1)
 0049: 15 00 01 000000a9   jeq reboot 004a (false 004b)
 004a: 06 00 00 00050001   ret ERRNO(1)
 004b: 15 00 01 000000a7   jeq swapon 004c (false 004d)
 004c: 06 00 00 00050001   ret ERRNO(1)
 004d: 15 00 01 000000a8   jeq swapoff 004e (false 004f)
 004e: 06 00 00 00050001   ret ERRNO(1)
 004f: 15 00 01 00000130   jeq open_by_handle_at 0050 (false 0051)
 0050: 06 00 00 00050001   ret ERRNO(1)
 0051: 15 00 01 0000012f   jeq name_to_handle_at 0052 (false 0053)
 0052: 06 00 00 00050001   ret ERRNO(1)
 0053: 15 00 01 000000fb   jeq ioprio_set 0054 (false 0055)
 0054: 06 00 00 00050001   ret ERRNO(1)
 0055: 15 00 01 00000067   jeq syslog 0056 (false 0057)
 0056: 06 00 00 00050001   ret ERRNO(1)
 0057: 15 00 01 0000012c   jeq fanotify_init 0058 (false 0059)
 0058: 06 00 00 00050001   ret ERRNO(1)
 0059: 15 00 01 00000138   jeq kcmp 005a (false 005b)
 005a: 06 00 00 00050001   ret ERRNO(1)
 005b: 15 00 01 000000f8   jeq add_key 005c (false 005d)
 005c: 06 00 00 00050001   ret ERRNO(1)
 005d: 15 00 01 000000f9   jeq request_key 005e (false 005f)
 005e: 06 00 00 00050001   ret ERRNO(1)
 005f: 15 00 01 000000ed   jeq mbind 0060 (false 0061)
 0060: 06 00 00 00050001   ret ERRNO(1)
 0061: 15 00 01 00000100   jeq migrate_pages 0062 (false 0063)
 0062: 06 00 00 00050001   ret ERRNO(1)
 0063: 15 00 01 00000117   jeq move_pages 0064 (false 0065)
 0064: 06 00 00 00050001   ret ERRNO(1)
 0065: 15 00 01 000000fa   jeq keyctl 0066 (false 0067)
 0066: 06 00 00 00050001   ret ERRNO(1)
 0067: 15 00 01 000000ce   jeq io_setup 0068 (false 0069)
 0068: 06 00 00 00050001   ret ERRNO(1)
 0069: 15 00 01 000000cf   jeq io_destroy 006a (false 006b)
 006a: 06 00 00 00050001   ret ERRNO(1)
 006b: 15 00 01 000000d0   jeq io_getevents 006c (false 006d)
 006c: 06 00 00 00050001   ret ERRNO(1)
 006d: 15 00 01 000000d1   jeq io_submit 006e (false 006f)
 006e: 06 00 00 00050001   ret ERRNO(1)
 006f: 15 00 01 000000d2   jeq io_cancel 0070 (false 0071)
 0070: 06 00 00 00050001   ret ERRNO(1)
 0071: 15 00 01 000000d8   jeq remap_file_pages 0072 (false 0073)
 0072: 06 00 00 00050001   ret ERRNO(1)
 0073: 15 00 01 00000143   jeq userfaultfd 0074 (false 0075)
 0074: 06 00 00 00050001   ret ERRNO(1)
 0075: 15 00 01 000000a3   jeq acct 0076 (false 0077)
 0076: 06 00 00 00050001   ret ERRNO(1)
 0077: 15 00 01 00000141   jeq bpf 0078 (false 0079)
 0078: 06 00 00 00050001   ret ERRNO(1)
 0079: 15 00 01 000000b4   jeq nfsservctl 007a (false 007b)
 007a: 06 00 00 00050001   ret ERRNO(1)
 007b: 15 00 01 000000ab   jeq setdomainname 007c (false 007d)
 007c: 06 00 00 00050001   ret ERRNO(1)
 007d: 15 00 01 000000aa   jeq sethostname 007e (false 007f)
 007e: 06 00 00 00050001   ret ERRNO(1)
 007f: 15 00 01 00000099   jeq vhangup 0080 (false 0081)
 0080: 06 00 00 00050001   ret ERRNO(1)
 0081: 15 00 01 00000065   jeq ptrace 0082 (false 0083)
 0082: 06 00 00 00050001   ret ERRNO(1)
 0083: 15 00 01 00000087   jeq personality 0084 (false 0085)
 0084: 06 00 00 00050001   ret ERRNO(1)
 0085: 15 00 01 00000136   jeq process_vm_readv 0086 (false 0087)
 0086: 06 00 00 00050001   ret ERRNO(1)
 0087: 06 00 00 7fff0000   ret ALLOW
seccomp filter configured
Mounting read-only /run/firejail/mnt/seccomp
3600 2987 0:87 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755
mountid=3600 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs
Seccomp directory:
ls /run/firejail/mnt/seccomp
drwxr-xr-x root     root             160 .
drwxr-xr-x root     root             420 ..
-rw-r--r-- 1000     1000            1088 seccomp
-rw-r--r-- 1000     1000             808 seccomp.32
-rw-r--r-- 1000     1000             114 seccomp.list
-rw-r--r-- 1000     1000               0 seccomp.postexec
-rw-r--r-- 1000     1000               0 seccomp.postexec32
-rw-r--r-- 1000     1000             176 seccomp.protocol
Active seccomp files:
cat /run/firejail/mnt/seccomp/seccomp.list
/run/firejail/mnt/seccomp/seccomp.protocol
/run/firejail/mnt/seccomp/seccomp.32
/run/firejail/mnt/seccomp/seccomp
Dropping all capabilities
noroot user namespace installed
Dropping all capabilities
NO_NEW_PRIVS set
Drop privileges: pid 1, uid 1000, gid 1000, nogroups 1
No supplementary groups
starting application
LD_PRELOAD=(null)
execvp argument 0: zoom
Child process initialized in 356.31 ms
Searching $PATH for zoom
trying #/Users/hormetyiltiz/.fzf/bin/zoom#
trying #/home/hyiltiz/.fzf/bin/zoom#
trying #/usr/lib/fsl/5.0/zoom#
trying #/usr/games//zoom#
trying #/home/hyiltiz/.cabal/bin//zoom#
trying #/home/hyiltiz/.local/bin//zoom#
trying #/home/hyiltiz/bin//zoom#
trying #/home/hyiltiz/bin/zoom#
trying #/usr/local/sbin/zoom#
trying #/usr/sbin/zoom#
trying #/sbin/zoom#
trying #/usr/local/bin/zoom#
Installing /run/firejail/mnt/seccomp/seccomp seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter
Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter
Error getpwuid: main.c:237 init_cfg: No such file or directory
monitoring pid 23

Sandbox monitor: waitpid 23 retval 23 status 256

Parent is shutting down, bye...``
@rusty-snake
Copy link
Collaborator

Can you try firejail --private-etc=passwd /opt/zoom/zoom.

@hyiltiz
Copy link
Author

hyiltiz commented Nov 7, 2020 

$ firejail --private-etc=passwd /opt/zoom/zoom
Reading profile /etc/firejail/zoom.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Parent pid 481412, child pid 481413
Warning fcopy: skipping /etc/alternatives/wine.fr.1.gz, cannot find inode
Error fcopy: size limit of 500 MB reached
Warning: skipping crypto-policies for private /etc
Private /etc installed in 63.95 ms
Blacklist violations are logged to syslog
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Child process initialized in 350.24 ms
/opt/zoom/zoom: error while loading shared libraries: libGL.so.1: cannot open shared object file: No such file or directory

Parent is shutting down, bye...

@rusty-snake
Copy link
Collaborator

No idea, maybe --ignore=private-etc helps. If not you need to comment the profile line for line.

@hyiltiz
Copy link
Author

hyiltiz commented Nov 8, 2020

--ignore=private-etc does allow zoom to start (no longer insta-crashes). Next step is to incrementally find which ones in the private-etc that is the culprit? Any guesses?

@rusty-snake
Copy link
Collaborator

It already contains ld.so.cache and the others. No Idea. Can you run firejail --build zoom.

@hyiltiz
Copy link
Author

hyiltiz commented Nov 8, 2020 

$ firejail --build zoom 
--- Built profile beings after this line ---
# Firejail profile for zoom
# Persistent local customizations
#include zoom.local
# Persistent global definitions
#include globals.local

### basic blacklisting
include disable-common.inc
# include disable-devel.inc
# include disable-exec.inc
# include disable-interpreters.inc
include disable-passwdmgr.inc
# include disable-programs.inc
# include disable-xdg.inc

### home directory whitelisting
whitelist ${HOME}/.config/Unknown Organization
whitelist ${HOME}/.cache/qtshadercache
whitelist ${HOME}/.pulse-cookie
whitelist ${HOME}/.Xdefaults-iPhone
whitelist ${HOME}/.cache/mesa_shader_cache
whitelist ${HOME}/.local/share/glib-2.0/schemas
whitelist ${HOME}/.local/share/flatpak/exports/share/glib-2.0/schemas
whitelist ${HOME}/.zoom/data
whitelist ${HOME}/.zoom/logs
include whitelist-common.inc

### filesystem
# /usr/share:
whitelist /usr/share/texmf
whitelist /usr/share/fonts
whitelist /usr/share/fontconfig
whitelist /usr/share/pixmaps
whitelist /usr/share/icons
whitelist /usr/share/X11
whitelist /usr/share/drirc.d
whitelist /usr/share/glib-2.0
whitelist /usr/share/misc
whitelist /usr/share/zoneinfo
include whitelist-usr-share-common.inc
# /var:
whitelist /var/lib/flatpak/exports/share/glib-2.0/schemas/gschemas.compiled
include whitelist-var-common.inc

# $PATH:
private-bin iwconfig,sed,iw,gawk,gconftool-2,gsettings,lspci,lscpu,killall5,cat,pacmd,grep,pactl,dash,bash,firejail,
# private-lib
# /dev:

# private-dev
# This is the list of devices accessed (on top of regular private-dev devices:
# /dev/video63,/dev/video62,/dev/video61,/dev/video60,/dev/video59,/dev/video58,/dev/video57,/dev/video56,/dev/video55,/dev/video54,/dev/video53,/dev/video52,/dev/video51,/dev/video50,/dev/video49,/dev/video48,/dev/video47,/dev/video46,/dev/video45,/dev/video44,/dev/video43,/dev/video42,/dev/video41,/dev/video40,/dev/video39,/dev/video38,/dev/video37,/dev/video36,/dev/video35,/dev/video34,/dev/video33,/dev/video32,/dev/video31,/dev/video30,/dev/video29,/dev/video28,/dev/video27,/dev/video26,/dev/video25,/dev/video24,/dev/video23,/dev/video22,/dev/video21,/dev/video20,/dev/video19,/dev/video18,/dev/video17,/dev/video16,/dev/video15,/dev/video14,/dev/video13,/dev/video12,/dev/video11,/dev/video10,/dev/dri/card0,/dev/mem,
# /etc:
private-etc machine-id,fonts,drirc,hosts,dconf,ssl,os-release,timezone,login.defs,passwd,selinux,
# /tmp:

# private-tmp
# File accessed in /tmp directory:
# /tmp/qtsingleapp-zoom-3e8-lockfile,/tmp/firejail-strace.pu102T,

### security filters
caps.drop all
nonewprivs
seccomp
# seccomp.keep poll,futex,wait4,clock_nanosleep,select,restart_syscall,read,clone,execve,mprotect,openat,mmap,ioctl,lseek,stat,getpid,write,close,times,ppoll,fstat,writev,brk,munlock,readlink,fsync,fcntl,recvmsg,gettid,munmap,access,getrandom,pipe2,getdents64,socket,connect,lstat,rename,madvise,unlink,sendto,mlock,rt_sigaction,sendmsg,prctl,fdatasync,set_robust_list,fstatfs,rt_sigprocmask,getcwd,sendmmsg,eventfd2,statfs,rt_sigreturn,mkdir,pread64,waitid,flock,getuid,arch_prctl,chmod,recvfrom,fadvise64,faccessat,getsockname,prlimit64,setsockopt,geteuid,pipe,chdir,set_tid_address,dup2,uname,socketpair,pwrite64,bind,sched_setattr,umask,getgid,sched_getattr,sched_get_priority_max,sigaltstack,ftruncate,getsockopt,setresuid,getegid,getppid,setresgid,getresuid,getpeername,rmdir,getresgid,inotify_rm_watch,fchmod,inotify_add_watch,clock_gettime,getpgrp,sched_get_priority_min,sysinfo,dup,getgroups,sched_setscheduler,shmat,shmget,shutdown,inotify_init,listen,shmctl,shmdt,sched_setaffinity,dup3
# 111 syscalls total
# Probably you will need to add more syscalls to seccomp.keep. Look for
# seccomp errors in /var/log/syslog or /var/log/audit/audit.log while
# running your sandbox.

### network
protocol unix,inet,inet6,netlink,
# net eth0
netfilter

### environment
shell none

@rusty-snake
Copy link
Collaborator

Maybe firejail --private-etc=passwd,drirc /opt/zoom/zoom. If not try the full line firejail --private-etc=machine-id,fonts,drirc,hosts,dconf,ssl,os-release,timezone,login.defs,passwd,selinux /opt/zoom/zoom.

@hyiltiz
Copy link
Author

hyiltiz commented Nov 8, 2020
edited
Loading

--private-etc=passwd,drirc quits with the same error. The full line:

 firejail --private-etc=machine-id,fonts,drirc,hosts,dconf,ssl,os-release,timezone,login.defs,passwd,selinux /opt/zoom/zoom 
Reading profile /etc/firejail/zoom.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Parent pid 647118, child pid 647119
Warning: skipping drirc for private /etc
Warning fcopy: skipping /etc/alternatives/wine.fr.1.gz, cannot find inode
Error fcopy: size limit of 500 MB reached
Warning: skipping crypto-policies for private /etc
Warning fcopy: skipping /etc/fonts/fonts.conf, file already present
Warning fcopy: skipping /etc/fonts/conf.avail, file already present
Warning fcopy: skipping /etc/fonts/conf.d, file already present
Warning fcopy: skipping /etc/fonts/conf.d/69-unifont.conf, file already present
...
Warning fcopy: skipping /etc/ssl/private, file already present
...
Warning fcopy: skipping /etc/ssl/certs/ACCVRAIZ1.pem, file already present
Warning fcopy: skipping /etc/ssl/openssl.cnf, file already present
Private /etc installed in 60.51 ms
Blacklist violations are logged to syslog
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Child process initialized in 343.25 ms
/opt/zoom/zoom: error while loading shared libraries: libGL.so.1: cannot open shared object file: No such file or directory

Parent is shutting down, bye...

Syslog says:

...
Nov  8 10:02:00 iPhone firejail[31554]: blacklist violation - sandbox 17915, name dolphin, exe kioslave5, syscall open64, path$
...

About that libGL file:

hyiltiz@iPhone ~ $ locate libGL.so.1
/etc/alternatives/glx--libGL.so.1-i386-linux-gnu
/etc/alternatives/glx--libGL.so.1-x86_64-linux-gnu
/usr/lib/i386-linux-gnu/libGL.so.1
/usr/lib/mesa-diverted/i386-linux-gnu/libGL.so.1
/usr/lib/mesa-diverted/i386-linux-gnu/libGL.so.1.7.0
/usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1
/usr/lib/mesa-diverted/x86_64-linux-gnu/libGL.so.1.7.0
/usr/lib/x86_64-linux-gnu/libGL.so.1
/var/lib/flatpak/runtime/org.kde.Platform/x86_64/5.12/8fe090f234667029b2d6c6fa7a97c4bba7708930f501d42943b0b9ae969e3818/files/lib/x86_64-linux-gnu/libGL.so.1
/var/lib/flatpak/runtime/org.kde.Platform/x86_64/5.12/8fe090f234667029b2d6c6fa7a97c4bba7708930f501d42943b0b9ae969e3818/files/lib/x86_64-linux-gnu/libGL.so.1.7.0
hyiltiz@iPhone ~ $ ls -la /usr/lib/x86_64-linux-gnu/libGL.so.1
lrwxrwxrwx 1 root root 50 Nov  3 00:26 /usr/lib/x86_64-linux-gnu/libGL.so.1 -> /etc/alternatives/glx--libGL.so.1-x86_64-linux-gnu
hyiltiz@iPhone ~ $ ls -la /usr/lib/i386-linux-gnu/libGL.so.1
lrwxrwxrwx 1 root root 48 Nov  3 00:26 /usr/lib/i386-linux-gnu/libGL.so.1 -> /etc/alternatives/glx--libGL.so.1-i386-linux-gnu

Adding ,alternatives to the private-etc list started(?) zoom, according to the text output, but crashed immediately with another error about libqsvg:

Reading profile /etc/firejail/zoom.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Parent pid 647298, child pid 647301
Warning fcopy: skipping /etc/alternatives/wine.fr.1.gz, cannot find inode
Error fcopy: size limit of 500 MB reached
Warning: skipping drirc for private /etc
Warning fcopy: skipping /etc/alternatives/UNLISTEN.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/cl.info.gz, file already present
Warning fcopy: skipping /etc/alternatives/ALTER_COLLATION.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/fakeroot, file already present
Warning fcopy: skipping /etc/alternatives/ROLLBACK.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/view.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/cssparse, file already present
Warning fcopy: skipping /etc/alternatives/vim, file already present
Warning fcopy: skipping /etc/alternatives/pg_basebackup.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/pftp.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/PREPARE_TRANSACTION.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/conjure.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/eintr.info.gz, file already present
Warning fcopy: skipping /etc/alternatives/www-browser.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/groovyConsole, file already present
Warning fcopy: skipping /etc/alternatives/start-here-48.png, file already present
Warning fcopy: skipping /etc/alternatives/ALTER_AGGREGATE.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/REVOKE.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/CREATE_STATISTICS.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/desktop-theme, file already present
Warning fcopy: skipping /etc/alternatives/default-GM.sf2, file already present
Warning fcopy: skipping /etc/alternatives/DROP_USER.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/lightdm-greeter, file already present
Warning fcopy: skipping /etc/alternatives/display-im6, file already present
Warning fcopy: skipping /etc/alternatives/org.info.gz, file already present
Warning fcopy: skipping /etc/alternatives/wine.fr.1.gz, cannot find inode
Warning fcopy: skipping /etc/alternatives/sasl.info.gz, file already present
Warning fcopy: skipping /etc/alternatives/EXECUTE.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/RESET.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/DROP_TEXT_SEARCH_CONFIGURATION.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/mogrify-im6.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/lzgrep.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/VACUUM.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/identify.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/wineconsole, file already present
Warning fcopy: skipping /etc/alternatives/rksh.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/CALL.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/pinentry-x11, file already present
Warning fcopy: skipping /etc/alternatives/proxychains, file already present
Warning fcopy: skipping /etc/alternatives/CREATE_SERVER.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/jconsole.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/csscapture.1.gz, file already present
Warning fcopy: skipping /etc/alternatives/rst2html, file already present
Warning fcopy: skipping /etc/alternatives/pdftkman, file already present
Warning fcopy: skipping /etc/alternatives/winepath, file already present
Warning fcopy: skipping /etc/alternatives/sar, file already present
Warning fcopy: skipping /etc/alternatives/COMMIT_PREPARED.7.gz, file already present
Warning fcopy: skipping /etc/alternatives/javadoc.1.gz, file already present
Error fcopy: size limit of 500 MB reached
Warning: skipping crypto-policies for private /etc
gWarning fcopy: skipping /etc/ssl/private, file already present
Warning fcopy: skipping /etc/ssl/private/localhost.key, file already present
Warning fcopy: skipping /etc/ssl/private/ssl-cert-snakeoil.key, file already present
gWarning fcopy: skipping /etc/ssl/openssl.cnf, file already present
Private /etc installed in 367.08 ms
Blacklist violations are logged to syslog
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Child process initialized in 635.14 ms
No PulseAudio daemon running, or not running as session daemon.
zoom started.
Client: Breakpad is using Single Client Mode! client fd = -1
/opt/zoom/zoom: symbol lookup error: /opt/zoom/imageformats/libqsvg.so: undefined symbol: _ZdlPvm, version Qt_5
Parent is shutting down, bye...

Now about that svg library:

$ ldd /opt/zoom/imageformats/libqsvg.so
        linux-vdso.so.1 (0x00007fffa9bfe000)
        libgtk3-nocsd.so.0 => /lib/x86_64-linux-gnu/libgtk3-nocsd.so.0 (0x00007f06c6497000)
        libQt5Svg.so.5 => /lib/x86_64-linux-gnu/libQt5Svg.so.5 (0x00007f06c6440000)
        libQt5Widgets.so.5 => /lib/x86_64-linux-gnu/libQt5Widgets.so.5 (0x00007f06c5db7000)
        libQt5Gui.so.5 => /lib/x86_64-linux-gnu/libQt5Gui.so.5 (0x00007f06c56f5000)
        libQt5Core.so.5 => /lib/x86_64-linux-gnu/libQt5Core.so.5 (0x00007f06c51ae000)
        libGL.so.1 => /lib/x86_64-linux-gnu/libGL.so.1 (0x00007f06c5127000)
        libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f06c5103000)
        libstdc++.so.6 => /lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f06c4f36000)
        libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f06c4df2000)
        libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f06c4dd8000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f06c4c13000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f06c4c0d000)
        libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f06c4bee000)
        libpng16.so.16 => /lib/x86_64-linux-gnu/libpng16.so.16 (0x00007f06c4bb4000)
        libharfbuzz.so.0 => /lib/x86_64-linux-gnu/libharfbuzz.so.0 (0x00007f06c4aaf000)
        libmd4c.so.0 => /lib/x86_64-linux-gnu/libmd4c.so.0 (0x00007f06c4a9d000)
        libdouble-conversion.so.3 => /lib/x86_64-linux-gnu/libdouble-conversion.so.3 (0x00007f06c4a86000)
        libicui18n.so.67 => /lib/x86_64-linux-gnu/libicui18n.so.67 (0x00007f06c477f000)
        libicuuc.so.67 => /lib/x86_64-linux-gnu/libicuuc.so.67 (0x00007f06c4597000)
        libpcre2-16.so.0 => /lib/x86_64-linux-gnu/libpcre2-16.so.0 (0x00007f06c4514000)
        libzstd.so.1 => /lib/x86_64-linux-gnu/libzstd.so.1 (0x00007f06c4444000)
        libglib-2.0.so.0 => /lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x00007f06c4315000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f06c66e6000)
        libGLdispatch.so.0 => /lib/x86_64-linux-gnu/libGLdispatch.so.0 (0x00007f06c425d000)
        libGLX.so.0 => /lib/x86_64-linux-gnu/libGLX.so.0 (0x00007f06c4229000)
        libfreetype.so.6 => /lib/x86_64-linux-gnu/libfreetype.so.6 (0x00007f06c4164000)
        libgraphite2.so.3 => /lib/x86_64-linux-gnu/libgraphite2.so.3 (0x00007f06c4138000)
        libicudata.so.67 => /lib/x86_64-linux-gnu/libicudata.so.67 (0x00007f06c261f000)
        libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007f06c25ac000)
        libX11.so.6 => /lib/x86_64-linux-gnu/libX11.so.6 (0x00007f06c2469000)
        libbrotlidec.so.1 => /lib/x86_64-linux-gnu/libbrotlidec.so.1 (0x00007f06c2459000)
        libxcb.so.1 => /lib/x86_64-linux-gnu/libxcb.so.1 (0x00007f06c242f000)
        libbrotlicommon.so.1 => /lib/x86_64-linux-gnu/libbrotlicommon.so.1 (0x00007f06c240c000)
        libXau.so.6 => /lib/x86_64-linux-gnu/libXau.so.6 (0x00007f06c2208000)
        libXdmcp.so.6 => /lib/x86_64-linux-gnu/libXdmcp.so.6 (0x00007f06c2002000)
        libbsd.so.0 => /lib/x86_64-linux-gnu/libbsd.so.0 (0x00007f06c1fe6000)

Not sure how to further pursue though.

@rusty-snake
Copy link
Collaborator

Actually we should disable private-etc now IMHO.

@hyiltiz
Copy link
Author

hyiltiz commented Nov 8, 2020

That does work. Can't there be a black listing based private-etc so we can disallow things like /etc/shadows and whatnot? Also, why the hell a program installed in /opt/zoom ever wants to visit anything in /etc/...

@rusty-snake
Copy link
Collaborator

rusty-snake commented Nov 9, 2020
edited
Loading

Can't there be a black listing based private-etc

I like that idea. I'll start a disable-etc-common.inc. UPDATE: all paths which are worth to blacklist are already blacklisted in disable-common.inc.

so we can disallow things like /etc/shadows

I hope /etc/shadow is not world readable on your system.

Also, why the hell a program installed in /opt/zoom ever wants to visit anything in /etc/...

  • /etc/resolv.conf (the alternative would be to hardcode dns-server which is almost always google-dns)
  • /etc/ld.so.cache, /etc/ld.so.preload
  • /etc/crypto-policies, /etc/pki, /etc/ssl, /etc/ca-certificates
  • /etc/passwd
  • /etc/localtime
  • /etc/machine-id
  • /etc/networks
  • /etc/fonts

@educanorama educanorama mentioned this issue Nov 12, 2020
Closed
@matu3ba matu3ba mentioned this issue Oct 7, 2021
Closed
@kmk3 kmk3 changed the title Zoom crashes with profile, but succeeds without zoom: program does not start (private-etc) Sep 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

luarocks matu3ba/firejail
2 participants
@hyiltiz @rusty-snake