How To Install & Configure Firejail on Linux

In this tutorial, you will learn how to install and configure Firejail on Linux systems.

What is Firejail?

Firejail is a SUID program which allows us to reduce the risk of security breaches by restricting the execution environment of untrusted applications thanks to the use of Linux namespaces and seccomp-bpf.

With Firejail we will be able to allow a specific process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, the process table, the assembly table and many more.

Firejail is written in C with virtually no dependency, and this software works on any computer with Linux that has a version of the 3.x or newer kernel.

The Firejail program is published under the GPL v2 license.

Firejail can test any type of process: servers, graphic applications and even user login sessions.

The software includes security profiles for a large number of Linux programs: Mozilla Firefox, Chromium, VLC, Transmission and many more.

Install Firejail on Linux

To install Firejail we will use one of the following commands:


sudo apt install firejail


sudo apt-get install firejail


sudo pacman - S firejail

For Fedora, it will be necessary that we install a repository for its optimal installation, in this case, we will execute the following commands:

sudo dnf copr enable ssabchew/firejail

sudo dnf install firejail

How To Use Firejail in Linux

Once installed Firejail its use is simple.

It is enough to put the term firejail before the application, for example:

firejail Firefox: Open Mozilla Firefox

firejail transmission-gtk: Open Transmission BitTorrent

firejail vlc: Open VideoLAN

sudo firejail /etc/init.d/nginx start: Open Web Server Nginx

Create White & Black Profile with Firejail

When using Firejail we will be able to create profiles for applications that will be or not allowed.

By default Firejail has multiple files already configured, but if we want to edit these black and white list profiles we will go to the /etc/ firejail directory:

cd /etc/firejail

Once in the directory, we will execute the ls command to see the content:

ls | more

There we will see the respective files already configured of Firejail. To edit a special profile, for example Mozilla Firefox, we will execute the following:

sudo nano /etc/firejail/firefox.profile

We can see that although the application is safe, or imprisoned, we still have the ~/Downloads directory and the system's add-on directories.

There we can add new white or black lists by merely entering the following:

whitelist ~/(directory)

blacklist ~/(directory)

Once these changes are defined, we can save the file using the following keys Ctrl + O.

This simple Firejail becomes a great alternative to open applications safely in Linux.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *