firejail: can't chroot into jail and can't do "apt update"
I know this tutorial is 5 years old now, but I am trying to use it to install nginx inside a sandbox. I am using Ubuntu 18.04, and something important seems to have changed since 16.04, which keeps firejail from working as described in this tutorial. The trouble starts when I try to chroot into the db jail:
root@linux-box:~# firejail --chroot=/jails/db --name=db Warning: default profile disabled by --chroot option Parent pid 4464, child pid 4465 The new log directory is /proc/4465/root/var/log Warning: failed to unmount /sys Warning: whitelist feature is disabled in chroot Child process initialized in 25.87 ms root@linux-box:~#
“linux-box” is the host’s name. As you can see, firejail complains about /sys and it doesn’t seen to chroot 100% into the jail, because the command line still looks the same as before. In your tutorial, the command line looks very different to the one of the host.
When I try to run “apt-get update”, I get this errors:
root@linux-box:~# apt-get update Hit:1 http://cdn-fastly.deb.debian.org/debian stable InRelease Get:2 http://cdn-fastly.deb.debian.org/debian stable/main Translation-en [5967 kB] Fetched 5967 kB in 5s (1257 kB/s) Reading package lists... Done W: Problem unlinking the file /var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_InRelease - PrepareFiles (13: Permission denied) W: Problem unlinking the file /var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_main_i18n_Translation-en.bz2 - PrepareFiles (13: Permission denied) W: Problem unlinking the file /var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_main_i18n_Translation-en - PrepareFiles (13: Permission denied) E: Failed to fetch store:/var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_main_i18n_Translation-en.bz2 rename failed, Permission denied (/var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_main_i18n_Translation-en -> /var/lib/apt/lists/deb.debian.org_debian_dists_stable_main_i18n_Translation-en). E: Some index files failed to download. They have been ignored, or old ones used instead. root@linux-box:~#
Do you have any idea what in particular has changed that much between 16.04 and 18.04 that keeps firejail from working as you described it?
Many thanks in advance!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×