firejail: can't chroot into jail and can't do "apt update"
I know this tutorial is 5 years old now, but I am trying to use it to install nginx inside a sandbox. I am using Ubuntu 18.04, and something important seems to have changed since 16.04, which keeps firejail from working as described in this tutorial. The trouble starts when I try to chroot into the db jail:
root@linux-box:~# firejail --chroot=/jails/db --name=db Warning: default profile disabled by --chroot option Parent pid 4464, child pid 4465 The new log directory is /proc/4465/root/var/log Warning: failed to unmount /sys Warning: whitelist feature is disabled in chroot Child process initialized in 25.87 ms root@linux-box:~#
“linux-box” is the host’s name. As you can see, firejail complains about /sys and it doesn’t seen to chroot 100% into the jail, because the command line still looks the same as before. In your tutorial, the command line looks very different to the one of the host.
When I try to run “apt-get update”, I get this errors:
root@linux-box:~# apt-get update Hit:1 http://cdn-fastly.deb.debian.org/debian stable InRelease Get:2 http://cdn-fastly.deb.debian.org/debian stable/main Translation-en [5967 kB] Fetched 5967 kB in 5s (1257 kB/s) Reading package lists... Done W: Problem unlinking the file /var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_InRelease - PrepareFiles (13: Permission denied) W: Problem unlinking the file /var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_main_i18n_Translation-en.bz2 - PrepareFiles (13: Permission denied) W: Problem unlinking the file /var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_main_i18n_Translation-en - PrepareFiles (13: Permission denied) E: Failed to fetch store:/var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_main_i18n_Translation-en.bz2 rename failed, Permission denied (/var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_main_i18n_Translation-en -> /var/lib/apt/lists/deb.debian.org_debian_dists_stable_main_i18n_Translation-en). E: Some index files failed to download. They have been ignored, or old ones used instead. root@linux-box:~#
Do you have any idea what in particular has changed that much between 16.04 and 18.04 that keeps firejail from working as you described it?
Many thanks in advance!