Chromium with --private=<dir> not preserving cookies, sessions
c0d3z3r0 opened this issue · comments
Description
Chromium does not preserve cookies, sessions.
Steps to Reproduce
- Run in bash
LC_ALL=C firejail --private=/tmp/work --ignore=private-cache --profile=chromium chromium
- Login to any service/website of your choice
- Check cookies (F12 -> Application -> Cookie/Session storage)
- Close browser
- Run 1. again
- Open website again
- See that you're not logged in anymore (and you probably get cookie banners again)
- Check previous session cookies are gone (F12 -> Application -> Cookie/Session storage)
Expected behavior
Cookies (and thus sesssions) should be preserved.
Actual behavior
Cookies (and thus sessions) get lost.
Behavior without a profile
Same.
Additional context
None.
Environment
- Linux distribution and version: Arch Linux
- Firejail version (
firejail --version
): 0.9.72
Checklist
- The issues is caused by firejail (i.e. running the program by path (e.g.
/usr/bin/vlc
) "fixes" it). - I can reproduce the issue without custom modifications (e.g. globals.local).
- The program has a profile. (If not, request one in
https://github.com/netblue30/firejail/issues/1139
) - The profile (and redirect profile if exists) hasn't already been fixed upstream.
- I have performed a short search for similar issues (to avoid opening a duplicate).
- I'm aware of
browser-allow-drm yes
/browser-disable-u2f no
infirejail.config
to allow DRM/U2F in browsers.
- I'm aware of
- I used
--profile=PROFILENAME
to set the right profile. (Only relevant for AppImages)
Log
Output of LC_ALL=C firejail --private=/tmp/work --ignore=private-cache --profile=chromium chromium
Reading profile /etc/firejail/chromium.profile
Reading profile /etc/firejail/chromium.local
Reading profile /etc/firejail/chromium-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-run-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Parent pid 4191504, child pid 4191505
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted
Warning: cleaning all supplementary groups
Warning: Cannot confine the application using AppArmor.
Maybe firejail-default AppArmor profile is not loaded into the kernel.
As root, run "aa-enforce firejail-default" to load it.
Child process initialized in 167.62 ms
cat: /home/c0d3/.config/chromium-flags.conf: No such file or directory
[6:20:0307/114850.742181:ERROR:bus.cc(406)] Failed to connect to the bus: Failed to connect to socket /run/firejail/mnt/dbus/system: Permission denied
(chromium:6): Gtk-WARNING **: 11:48:50.806: Theme parsing error: gtk.css:9228:21: Not using units is deprecated. Assuming 'px'.
[6:27:0307/114850.868273:ERROR:bus.cc(406)] Failed to connect to the bus: Failed to connect to socket /run/firejail/mnt/dbus/system: Permission denied
[6:27:0307/114850.868302:ERROR:bus.cc(406)] Failed to connect to the bus: Failed to connect to socket /run/firejail/mnt/dbus/system: Permission denied
[6:6:0307/114850.926580:ERROR:policy_logger.cc(154)] :components/enterprise/browser/controller/chrome_browser_cloud_management_controller.cc(163) Cloud management controller initialization aborted as CBCM is not enabled.
[6:6:0307/114851.072363:ERROR:object_proxy.cc(576)] Failed to call method: org.freedesktop.portal.Settings.Read: object_path= /org/freedesktop/portal/desktop: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.portal.Desktop was not provided by any .service files
Output of LC_ALL=C firejail --debug --private=/tmp/work --ignore=private-cache --profile=chromium chromium
https://gist.github.com/c0d3z3r0/504e70955bd848027538d9bbf8d8e426
So permanent cookies get lost when restarting with --private=<dir>
but other stuff like bookmarks are preserved, right?
So permanent cookies get lost when restarting with
--private=<dir>
but other stuff like bookmarks are preserved, right?
Yes, correct. Bookmarks, settings, history are all fine. Even the cache gets preserved (with --ignore=private-cache
).
Oof, I had Clear cookies on close
turned on per default... classic PEBCAK. Sorry for the noise!