Telegram desktop does not open links in browser
reagentoo opened this issue · comments
Hello :) fresh install of Gentoo with Firejail and noticed that clicking links in Telegram with Firejail does not open them in default browser.
Linux:
Gentoo Linux ~amd64
Configuration:
firejail-0.9.72
firefox-123.0.1
telegram-desktop-4.15.2
Console output on clicking links:
/usr/local/bin/xdg-open: line 665: grep: command not found
/usr/local/bin/xdg-open: line 659: grep: command not found
/usr/local/bin/xdg-open: line 688: grep: command not found
xdg-open: file 'https://some.link' does not exist
This is reopen #3031
Hello :) fresh install of Gentoo with Firejail and noticed that clicking
links in Telegram with Firejail does not open them in default browser.
/usr/local/bin/xdg-open: line 665: grep: command not found /usr/local/bin/xdg-open: line 659: grep: command not found /usr/local/bin/xdg-open: line 688: grep: command not found xdg-open: file 'https://some.link' does not exist
Hello, what happens with the following in ~/.config/firejail/telegram.local:
private-bin grep,sed,tr
If there are more similar errors try adding the commands to private-bin
.
Hello, what happens with the following in ~/.config/firejail/telegram.local:
private-bin grep,sed,trIf there are more similar errors try adding the commands to
private-bin
.
xdg-open: no method available for opening 'https://link'
If there are more similar errors try adding the commands to
private-bin
.xdg-open: no method available for opening 'https://link'
What happens with just ignore private-bin
?
Note that you can probably debug this with xdg-open directly:
firejail --profile=telegram /usr/bin/xdg-open 'https://link'
What happens with just
ignore private-bin
?Note that you can probably debug this with xdg-open directly:
firejail --profile=telegram /usr/bin/xdg-open 'https://link'
I've added the next lines:
noblacklist ${HOME}/.mozilla
whitelist ${HOME}/.mozilla
ignore private-bin
And got the next result:
Error: cannot read UID_MIN and/or GID_MIN from /etc/login.defs, using 1000 by default
Error: cannot read UID_MIN and/or GID_MIN from /etc/login.defs, using 1000 by default
Warning: an existing sandbox was detected. /usr/bin/firefox will run without any additional sandboxing features
Fixed by adding dbus related lines and all xdg-open dependencies:
dbus-user.own org.chromium.*
dbus-user.own org.mozilla.firefox.*
private-bin awk,basename,cut,env,grep,head,realpath,sed,tr,uname,xdg-mime
private-bin chromium,chromium-browser,elinks,epiphany,firefox,google-chrome,iceweasel,konqueror,links,links2,lynx,mozilla,seamonkey,w3m,www-browser,x-www-browser
(not tested with chromium)
Related issues:
#3290
I just came across this thread and I have a similar problem. By using the default profile what I get is xdg-open: no method available for opening 'https://link'
Adding ignore private-bin
opens a new Firefox instance and not the one that is already running:
Error: cannot read UID_MIN and/or GID_MIN from /etc/login.defs, using 1000 by default
Error: cannot read UID_MIN and/or GID_MIN from /etc/login.defs, using 1000 by default
Warning: an existing sandbox was detected. /usr/bin/firefox will run without any additional sandboxing features
I just came across this thread and I have a similar problem.
Try this (~/.config/firejail/telegram.local
):
noblacklist ${HOME}/Documents
noblacklist ${HOME}/Pictures
noblacklist ${HOME}/Public
noblacklist ${HOME}/Videos
whitelist ${HOME}/Documents
whitelist ${HOME}/Pictures
whitelist ${HOME}/Public
whitelist ${HOME}/Videos
# Fix video calls
# https://github.com/netblue30/firejail/issues/3872
dbus-user.talk org.freedesktop.portal.Desktop
ignore noroot
whitelist /usr/share/pipewire/client.conf
# Fix xdg-open
# https://github.com/netblue30/firejail/issues/6275
dbus-user.own org.chromium.*
dbus-user.own org.mozilla.firefox.*
private-bin awk,basename,cut,env,grep,head,realpath,sed,tr,uname,xdg-mime
private-bin chromium,chromium-browser,elinks,epiphany,firefox,google-chrome,iceweasel,konqueror,links,links2,lynx,mozilla,seamonkey,w3m,www-browser,x-www-browser
@reagentoo I've already tried the options in your last post, but unfortunately it doesn't work
Error: cannot read UID_MIN and/or GID_MIN from /etc/login.defs, using 1000 by default
@glu8716
This is fixed in git and will be in the next release. /etc/login.defs is now part of the default group in private-etc
refactoring. For 0.9.72 you can add login.defs
to private-etc in a telegram.local override. Unlikely this fixes your issue (unless your user != 1000), so just a FYI.
Error: cannot read UID_MIN and/or GID_MIN from /etc/login.defs, using 1000 by default
@glu8716 This is fixed in git and will be in the next release. /etc/login.defs is now part of the default group in
private-etc
refactoring. For 0.9.72 you can addlogin.defs
to private-etc in a telegram.local override. Unlikely this fixes your issue (unless your user != 1000), so just a FYI.
@glitsj16 Hi. Can you please give some comment for the telegram.local
in #6275 (comment) (in the context of the refactoring)? Are there any extra or missing rules to fix xdg-open? This config works for me with 0.9.72.
@reagentoo Hi. Your fix from #6275 (comment) looks fine. The mentioned private-etc refactoring doesn't affect it. That being said, there are (socket) alternatives being considered for using D-Bus to support URL handling. See #5364 and #5582 for context.
HTH
Error: cannot read UID_MIN and/or GID_MIN from /etc/login.defs, using 1000 by default
@glu8716 This is fixed in git and will be in the next release. /etc/login.defs is now part of the default group in
private-etc
refactoring. For 0.9.72 you can addlogin.defs
to private-etc in a telegram.local override. Unlikely this fixes your issue (unless your user != 1000), so just a FYI.
Can confirm that the error is fixed with the git version. However I'm still getting Warning: an existing sandbox was detected. /usr/bin/firefox will run without any additional sandboxing features
and the link is opened in a new instance of Firefox instead of the already running one.
However I'm still getting Warning: an existing sandbox was detected. /usr/bin/firefox will run without any additional sandboxing features and the link is opened in a new instance of Firefox instead of the already running one.
@glu8716
Have you tried exporting MOZ_DBUS_REMOTE=1
in your ~/.bashrc
(or similar if you happen to use a different shell)? It's a known environment variable that avoids the infamous Firefox is already running
dialog and should force opening the link in a running Firefox instance. You've got to close all running FF instances, export the env var and start using FF again afterwards.