Firejail problem

[PaulN]

I heard a lot of good things about Firejail, so I thought Id give it a go.
However despite my best efforts I cant seem to run pale moon through it.
I tried downloading it via the software manager, and then the latest LTS version linked from this page:

https://easylinuxtipsproject.blogspot.c ... html#ID2.1

I found it impossible to get a palemoon to run on either. It was a struggle just to get it on the launcher.
I have now installed Steve pusser version from here

https://software.opensuse.org//download ... =firetools

Again still cant get palemoon to launch.
I tried entering

Code: Select all

 firejail palemoon

into the terminal.
This was the resulting messaage.

Code: Select all

Reading profile /etc/firejail/palemoon.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Parent pid 12748, child pid 12749
TESTING warning: noblacklist /home/xxxxx/.moonchild productions/pale moon not matched by a proper blacklist command in disable*.inc
Blacklist violations are logged to syslog
Child process initialized in 51.19 ms

The testing seems to go on forever so I close the terminal to stop it..
The xxxx is my name
Any ideas?

Running the latest palemoon on linux mint 19.1 cinnamon

[vannilla]

Make sure the profile directory can be read and written to.

[New Tobin Paradigm]

This is unsupported for any UXP application.

[Moonchild]

You probably need to set firejail up explicitly to support Pale Moon and its profile locations.

[ron_1]

PaulN wrote:
Running the latest palemoon on linux mint 19.1 cinnamon

I believe the author of Firejail is active on Mint's forums. I'm also pretty sure there are threads there concerning running Firejail on Pale Moon.

[stevenpusser]

Firetools is a separate GUI for firejail.

What does

Code: Select all

apt policy firejail

report in the terminal? The version in the OBS repo is the current 0.9.58.2 release.

This seems to be critical line that's causing your problem:

TESTING warning: noblacklist /home/xxxxx/.moonchild productions/pale moon not matched by a proper blacklist command in disable*.inc

[PaulN]

Thanks for all the advice.

This is unsupported for any UXP application.

Where would I find that kind of info about an application. Quite happy to do my homework before hand.
This is the output Steve..

Code: Select all

firejail:
  Installed: 0.9.52-2
  Candidate: 0.9.52-2
  Version table:
 *** 0.9.52-2 500
        500 http://archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
        100 /var/lib/dpkg/status

Looks like I downloaded the wrong version..

Cheers

[stevenpusser]

Thanks for all the advice.

This is unsupported for any UXP application.

Where would I find that kind of info about an application. Quite happy to do my homework before hand.
This is the output Steve..

Code: Select all

firejail:
  Installed: 0.9.52-2
  Candidate: 0.9.52-2
  Version table:
 *** 0.9.52-2 500
        500 http://archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
        100 /var/lib/dpkg/status

Looks like I downloaded the wrong version..

Cheers

Your first post has a link to my firetools packages, not firejail. I take it you didn't add the repo, but are just getting the debs via direct downloads.

[PaulN]

Tbh, totally confused with installing software in linux.
I think the answer to your question is "yes"..

[stevenpusser]

Did you ever manage to download and install the correct firejail-0.9.58.2 deb package from my repository?

If you're somewhat confused about how the apt (Advanced Package Tool) system works, which Debian, Ubuntu, and their many derivatives like Mint use, the MX Linux manual has a pretty good explanation.

Though that can get more complicated by some distros' homebrewed "software stores" and Ubuntu's push for the bloated snap package format, plus equally bloated flatpak and appimage formats, not to mention the "Wild West" PPA scene for Ubuntu and derivatives.

[PaulN]

Hi
No, not yet. Feeling a bit foolish. I Decided I should try and do a little homework first, and then give it another go, so thanks for the link
If I run into problems I'll ask.
Thanks for your time and patience.
Regards

[0strodamus]

You might try commenting out nodbus in /etc/firejail/firefox-common.profile.

[mrtok]

PaulN

i hear ya, can get a bit confusing install stuff, setting user permissions
and all of that, i use firejail with palemoon with this config on arch linux
first to tell ya might be doin it wrong, bad config etc but think i got it
half way there, so this post is to give you something to reference,
for others to 'check' make sure i'm not messed up too bad and i do hope
this helps ya out

once you have palemoon downloaded and saved to your user's directory you want to

Code: Select all

chown -R palemoon yeruser:users etc

easiest way to figure out what that command is via terminal you will
cd to your download location, probably in your regular user's directory

so the command from terminal will be like "cd youruser"
you want to find out what who the files belong to via: "ls -l"

so if your output comes back "bobisawesome:users" there ya go

lets set the palemoon folder to that bob guy:

"chown -R palemoon bobisawesome:users"

ok, as ya know, firejail does its best to be universal for a lot of distros etc
but yeah, sometimes doesn't go to well even when the installation does,
it's like this on arch a lot simply because every arch box can be very unique in config

so first thing to do is backup whatever original firejail files ya got and are gonna use
for palemoon, that way if we make a mistake (seen me do it too) we can recover the edits
next thing is and this is way above my paygrade but different distros have different permission
configs, how or why i dunno but again keep that in mind, if a profile is not working you got it,
probably a permission deal or the files firejail was going for are not in their directory

as example on arch in order for me to even be able to launch firejail i have to at boot:
xhost local:myuser

that lets me launch palemoon since i have palemoon configd as a 'portable' app in my regular user
directory, and i have the files in the palemoon folder owned by that user via chown -R

i don't mean to repeat too much but treat what i'm posting here as 'entertainment'
someone else who knows what's up for real says something go with that

ok, next ya want say an example of a firejail profile, i combined everything into one file
and ran a command to get a list of my apps blah blah, probably diff command on your distro

Code: Select all

#--------------
# Firejail profile for palemoon/pmzport | 121418
# to list your apps out to a file:
# pacman -Qet | cut -f 1 -d " " > filename
# to add your switches to your filename list:
# sed -e 's#^#blacklist ${PATH}/#' filename > newfilename
#
noblacklist ${HOME}/.cache/moonchild productions
noblacklist ${HOME}/.moonchild productions
noblacklist ${HOME}/.mozilla
#
notv
nodvd
noroot
nodbus
nogroups
apparmor
netfilter
nonewprivs
private-tmp
disable-mnt
noexec /tmp
protocol unix,inet
#
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-xdg.inc
include /etc/firejail/disable-common.local
#
blacklist /home/youruser/downloads
blacklist /home/youruser/videos
blacklist /home/yourusers/.local
#
blacklist /root
blacklist /srv
blacklist ${PATH}/lua*
blacklist /usr/lib/lua
blacklist /usr/include/lua*
blacklist /usr/share/lua
blacklist ${PATH}/node
blacklist /usr/include/node
blacklist ${HOME}/.nvm
blacklist ${PATH}/cpan*
blacklist ${PATH}/core_perl
blacklist ${PATH}/perl
blacklist /usr/lib/perl*
blacklist /usr/share/perl*
blacklist ${PATH}/php*
blacklist /usr/lib/php*
blacklist /usr/share/php*
blacklist ${PATH}/ruby
blacklist /usr/lib/ruby
blacklist ${PATH}/python2*
blacklist /usr/include/python2*
blacklist /usr/lib/python2*
blacklist /usr/local/lib/python2*
blacklist /usr/share/python2*
blacklist ${PATH}/python3*
blacklist /usr/include/python3*
blacklist /usr/lib/python3*
blacklist /usr/local/lib/python3*
blacklist /usr/share/python3*
blacklist-nolog ${HOME}/.*_history
blacklist-nolog ${HOME}/.adobe
blacklist-nolog ${HOME}/.cache/greenclip*
blacklist-nolog ${HOME}/.history
blacklist-nolog ${HOME}/.kde/share/apps/klipper
blacklist-nolog ${HOME}/.kde4/share/apps/klipper
blacklist-nolog ${HOME}/.local/share/fish/fish_history
blacklist-nolog ${HOME}/.local/share/klipper
blacklist-nolog ${HOME}/.macromedia
blacklist-nolog /tmp/clipmenu*
blacklist ${HOME}/.Xsession
blacklist ${HOME}/.blackbox
blacklist ${HOME}/.config/autostart
blacklist ${HOME}/.config/autostart-scripts
blacklist ${HOME}/.config/awesome
blacklist ${HOME}/.config/i3
blacklist ${HOME}/.config/lxsession/LXDE/autostart
blacklist ${HOME}/.config/openbox
blacklist ${HOME}/.config/plasma-workspace
blacklist ${HOME}/.config/startupconfig
blacklist ${HOME}/.config/startupconfigkeys
blacklist ${HOME}/.fluxbox
blacklist ${HOME}/.gnomerc
blacklist ${HOME}/.kde/Autostart
blacklist ${HOME}/.kde/env
blacklist ${HOME}/.kde/share/autostart
blacklist ${HOME}/.kde/share/config/startupconfig
blacklist ${HOME}/.kde/share/config/startupconfigkeys
blacklist ${HOME}/.kde/shutdown
blacklist ${HOME}/.kde4/env
blacklist ${HOME}/.kde4/Autostart
blacklist ${HOME}/.kde4/share/autostart
blacklist ${HOME}/.kde4/shutdown
blacklist ${HOME}/.kde4/share/config/startupconfig
blacklist ${HOME}/.kde4/share/config/startupconfigkeys
blacklist ${HOME}/.local/share/autostart
blacklist ${HOME}/.xinitrc
blacklist ${HOME}/.xprofile
blacklist ${HOME}/.xserverrc
blacklist ${HOME}/.xsession
blacklist ${HOME}/.xsessionrc
blacklist /etc/X11/Xsession.d
blacklist /etc/xdg/autostart
blacklist ${HOME}/.config/khotkeysrc
blacklist ${HOME}/.config/krunnerrc
blacklist ${HOME}/.config/kscreenlockerrc
blacklist ${HOME}/.config/ksslcertificatemanager
blacklist ${HOME}/.config/kwinrc
blacklist ${HOME}/.config/kwinrulesrc
blacklist ${HOME}/.config/plasma-org.kde.plasma.desktop-appletsrc
blacklist ${HOME}/.config/plasmashellrc
blacklist ${HOME}/.config/plasmavaultrc
blacklist ${HOME}/.kde/share/apps/kwin
blacklist ${HOME}/.kde/share/apps/plasma
blacklist ${HOME}/.kde/share/apps/solid
blacklist ${HOME}/.kde/share/config/khotkeysrc
blacklist ${HOME}/.kde/share/config/krunnerrc
blacklist ${HOME}/.kde/share/config/kscreensaverrc
blacklist ${HOME}/.kde/share/config/ksslcertificatemanager
blacklist ${HOME}/.kde/share/config/kwinrc
blacklist ${HOME}/.kde/share/config/kwinrulesrc
blacklist ${HOME}/.kde/share/config/plasma-desktop-appletsrc
blacklist ${HOME}/.kde4/share/apps/kwin
blacklist ${HOME}/.kde4/share/apps/plasma
blacklist ${HOME}/.kde4/share/apps/solid
blacklist ${HOME}/.kde4/share/config/khotkeysrc
blacklist ${HOME}/.kde4/share/config/krunnerrc
blacklist ${HOME}/.kde4/share/config/kscreensaverrc
blacklist ${HOME}/.kde4/share/config/ksslcertificatemanager
blacklist ${HOME}/.kde4/share/config/kwinrc
blacklist ${HOME}/.kde4/share/config/kwinrulesrc
blacklist ${HOME}/.kde4/share/config/plasma-desktop-appletsrc
blacklist ${HOME}/.local/share/kglobalaccel
blacklist ${HOME}/.local/share/kwin
blacklist ${HOME}/.local/share/plasma
blacklist ${HOME}/.local/share/plasmashell
blacklist ${HOME}/.local/share/solid
read-only ${HOME}/.Xauthority
read-only ${HOME}/.cache/ksycoca5_*
read-only ${HOME}/.config/*notifyrc
read-only ${HOME}/.config/kdeglobals
read-only ${HOME}/.config/kio_httprc
read-only ${HOME}/.config/kiorc
read-only ${HOME}/.config/kioslaverc
read-only ${HOME}/.config/ksslcablacklist
read-only ${HOME}/.kde/share/apps/konsole
read-only ${HOME}/.kde/share/apps/kssl
read-only ${HOME}/.kde/share/config/*notifyrc
read-only ${HOME}/.kde/share/config/kdeglobals
read-only ${HOME}/.kde/share/config/kio_httprc
read-only ${HOME}/.kde/share/config/kioslaverc
read-only ${HOME}/.kde/share/config/ksslcablacklist
read-only ${HOME}/.kde/share/kde4/services
read-only ${HOME}/.kde4/share/apps/konsole
read-only ${HOME}/.kde4/share/apps/kssl
read-only ${HOME}/.kde4/share/config/*notifyrc
read-only ${HOME}/.kde4/share/config/kdeglobals
read-only ${HOME}/.kde4/share/config/kio_httprc
read-only ${HOME}/.kde4/share/config/kioslaverc
read-only ${HOME}/.kde4/share/config/ksslcablacklist
read-only ${HOME}/.kde4/share/kde4/services
read-only ${HOME}/.local/share/konsole
read-only ${HOME}/.local/share/kservices5
read-only ${HOME}/.local/share/kssl
blacklist /run/user/*/kdeinit5__*
blacklist /run/user/*/ksocket-*/kdeinit4__*
blacklist /tmp/ksocket-*/kdeinit4__*
blacklist ${HOME}/.local/share/gnome-shell
blacklist ${HOME}/.config/systemd
blacklist ${HOME}/.local/share/systemd
blacklist /var/lib/systemd
blacklist ${HOME}/.VirtualBox
blacklist ${HOME}/.config/VirtualBox
blacklist ${HOME}/VirtualBox VMs
blacklist ${HOME}/.VeraCrypt
blacklist ${PATH}/veracrypt
blacklist ${PATH}/veracrypt-uninstall.sh
blacklist /usr/share/applications/veracrypt.*
blacklist /usr/share/pixmaps/veracrypt.*
blacklist /usr/share/veracrypt
blacklist ${HOME}/.TrueCrypt
blacklist ${PATH}/truecrypt
blacklist ${PATH}/truecrypt-uninstall.sh
blacklist /usr/share/applications/truecrypt.*
blacklist /usr/share/pixmaps/truecrypt.*
blacklist /usr/share/truecrypt
blacklist ${HOME}/.zuluCrypt
blacklist ${HOME}/.zuluCrypt-socket
blacklist ${PATH}/zuluCrypt-cli
blacklist ${PATH}/zuluMount-cli
blacklist /var/cache/apt
blacklist /var/cache/pacman
blacklist /var/lib/apt
blacklist /var/lib/clamav
blacklist /var/lib/dkms
blacklist /var/lib/mysql/mysql.sock
blacklist /var/lib/mysqld/mysql.sock
blacklist /var/lib/pacman
blacklist /var/lib/upower
blacklist /var/mail
blacklist /var/opt
blacklist /var/run/acpid.socket
blacklist /var/run/docker.sock
blacklist /var/run/minissdpd.sock
blacklist /var/run/mysql/mysqld.sock
blacklist /var/run/mysqld/mysqld.sock
blacklist /var/run/rpcbind.sock
blacklist /var/run/screens
blacklist /var/spool/anacron
blacklist /var/spool/cron
blacklist /var/spool/mail
blacklist /etc/anacrontab
blacklist /etc/cron*
blacklist /etc/profile.d
blacklist /etc/rc.local
blacklist /etc/rc?.d
blacklist /etc/kernel*
blacklist /etc/grub*
blacklist /etc/dkms
blacklist /etc/apparmor*
blacklist /etc/selinux
blacklist /etc/modules*
blacklist /etc/logrotate*
blacklist /etc/adduser.conf
read-only ${HOME}/.antigen
read-only ${HOME}/.bash_aliases
read-only ${HOME}/.bash_login
read-only ${HOME}/.bash_logout
read-only ${HOME}/.bash_profile
read-only ${HOME}/.bashrc
read-only ${HOME}/.config/fish
read-only ${HOME}/.csh_files
read-only ${HOME}/.cshrc
read-only ${HOME}/.forward
read-only ${HOME}/.local/share/fish
read-only ${HOME}/.login
read-only ${HOME}/.logout
read-only ${HOME}/.oh-my-zsh
read-only ${HOME}/.pam_environment
read-only ${HOME}/.pgpkey
read-only ${HOME}/.plan
read-only ${HOME}/.profile
read-only ${HOME}/.project
read-only ${HOME}/.tcshrc
read-only ${HOME}/.zlogin
read-only ${HOME}/.zlogout
read-only ${HOME}/.zprofile
read-only ${HOME}/.zsh.d
read-only ${HOME}/.zsh_files
read-only ${HOME}/.zshenv
read-only ${HOME}/.zshrc
read-only ${HOME}/.zshrc.local
read-only ${HOME}/.ssh/authorized_keys
read-only ${HOME}/.caffrc
read-only ${HOME}/.dotfiles
read-only ${HOME}/.emacs
read-only ${HOME}/.emacs.d
read-only ${HOME}/.exrc
read-only ${HOME}/.gvimrc
read-only ${HOME}/.iscreenrc
read-only ${HOME}/.mailcap
read-only ${HOME}/.msmtprc
read-only ${HOME}/.mutt/muttrc
read-only ${HOME}/.muttrc
read-only ${HOME}/.nano
read-only ${HOME}/.reportbugrc
read-only ${HOME}/.tmux.conf
read-only ${HOME}/.vim
read-only ${HOME}/.viminfo
read-only ${HOME}/.vimrc
read-only ${HOME}/.xmonad
read-only ${HOME}/.xscreensaver
read-only ${HOME}/_exrc
read-only ${HOME}/_gvimrc
read-only ${HOME}/_vimrc
read-only ${HOME}/dotfiles
read-only ${HOME}/.homesick
read-only ${HOME}/.gem
read-only ${HOME}/.luarocks
read-only ${HOME}/.npm-packages
read-only ${HOME}/bin
blacklist ${HOME}/.local/share/Trash
read-only ${HOME}/.config/menus
read-only ${HOME}/.local/share/applications
blacklist ${HOME}/*.kdb
blacklist ${HOME}/*.kdbx
blacklist ${HOME}/*.key
blacklist ${HOME}/.Private
blacklist ${HOME}/.caff
blacklist ${HOME}/.cert
blacklist ${HOME}/.config/keybase
blacklist ${HOME}/.ecryptfs
blacklist ${HOME}/.fetchmailrc
blacklist ${HOME}/.gnome2/keyrings
blacklist ${HOME}/.gnupg
blacklist ${HOME}/.kde/share/apps/kwallet
blacklist ${HOME}/.kde4/share/apps/kwallet
blacklist ${HOME}/.local/share/keyrings
blacklist ${HOME}/.local/share/kwalletd
blacklist ${HOME}/.msmtprc
blacklist ${HOME}/.mutt
blacklist ${HOME}/.muttrc
blacklist ${HOME}/.netrc
blacklist ${HOME}/.pki
blacklist ${HOME}/.smbcredentials
blacklist ${HOME}/.ssh
blacklist ${HOME}/.vaults
blacklist /etc/group+
blacklist /etc/group-
blacklist /etc/gshadow
blacklist /etc/gshadow+
blacklist /etc/gshadow-
blacklist /etc/passwd+
blacklist /etc/passwd-
blacklist /etc/shadow+
blacklist /etc/shadow-
blacklist /etc/ssh
blacklist /home/.ecryptfs
blacklist /var/backup
blacklist ${HOME}/.aws
blacklist ${HOME}/.boto
blacklist /etc/boto.cfg
blacklist ${HOME}/.config/gcloud
blacklist ${HOME}/.kube
blacklist /sbin
blacklist /usr/local/sbin
blacklist /usr/sbin
blacklist ${PATH}/at
blacklist ${PATH}/chage
blacklist ${PATH}/chfn
blacklist ${PATH}/chsh
blacklist ${PATH}/crontab
blacklist ${PATH}/evtest
blacklist ${PATH}/expiry
blacklist ${PATH}/fusermount
blacklist ${PATH}/gpasswd
blacklist ${PATH}/ksu
blacklist ${PATH}/mount
blacklist ${PATH}/mount.ecryptfs_private
blacklist ${PATH}/nc
blacklist ${PATH}/ncat
blacklist ${PATH}/newgidmap
blacklist ${PATH}/newgrp
blacklist ${PATH}/newuidmap
blacklist ${PATH}/ntfs-3g
blacklist ${PATH}/pkexec
blacklist ${PATH}/procmail
blacklist ${PATH}/sg
blacklist ${PATH}/strace
blacklist ${PATH}/su
blacklist ${PATH}/umount
blacklist ${PATH}/unix_chkpwd
blacklist ${PATH}/xev
blacklist ${PATH}/xinput
blacklist /usr/lib/virtualbox
blacklist /usr/lib64/virtualbox
blacklist /tmp/.lxterminal-socket*
blacklist /tmp/tmux-*
blacklist ${PATH}/lxterminal
blacklist ${PATH}/gnome-terminal
blacklist ${PATH}/gnome-terminal.wrapper
blacklist ${PATH}/lilyterm
blacklist ${PATH}/mate-terminal
blacklist ${PATH}/mate-terminal.wrapper
blacklist ${PATH}/pantheon-terminal
blacklist ${PATH}/roxterm
blacklist ${PATH}/roxterm-config
blacklist ${PATH}/terminix
blacklist ${PATH}/tilix
blacklist ${PATH}/urxvtc
blacklist ${PATH}/urxvtcd
blacklist ${PATH}/xfce4-terminal
blacklist ${PATH}/xfce4-terminal.wrapper
blacklist /initrd*
blacklist /vmlinuz*
blacklist /.snapshots
blacklist ${HOME}/*.config/flatpak
blacklist ${HOME}/*.var
blacklist ${HOME}/*.local/share/flatpak
blacklist /var/lib/flatpak
blacklist /usr/share/flatpak
blacklist ${PATH}/bwrap

********* blacklist ${PATH}/PASTE YOUR APPS LIST BELOW ************
#
#--------------

so i took the smaller original firejail palemoon profile combined everything
that it was looking for, yeah alot of it is not on my computer's config but that's ok,
left them in there, then ran the command at the top to search for a recent copy of my
installed apps and added them manually via the commands above this way the profile is specific
to my config, not generic, now how much a diff does that make? i dunno, but it's a warm fuzzy

anytime you can't get your browser to start a way to 'troubleshoot' that is say for example:

Code: Select all

firejail --profile=/etc/firejail/pmzporttok.profile sudo -u youruser /home/youruser/pmz/app/./palemoon -profile /home/youruser/palemoon/data

now mod that command for your directory

here's a bash script you can modify so grabs latest version i use it to snag palemoon and config it as a 'portable':

Code: Select all

#################################################
#!/bin/sh
# 031819
# modify url when needed for latest version
# find latest: http://linux.palemoon dot org/download/mainline/
# SHA-256 checksum: 77222e60d09f9ea984bbea5589e7b12f0d459e89e722f0bc25c46527d71a6389
# sha256sum palemoon-28.4.0.linux-x86_64.tar.bz2
# wget -q --show-progress https://linux.palemoon.org/datastore/release/palemoon-28.4.0.linux-x86_64.tar.bz2.sig
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEQ59G9Cxq49I89S5whl5sh8ZShewFAlxq8sgACgkQhl5sh8ZS
heynbgf8DMCE/bT/Y5OtLex8ICXFAky8l07O2dEWzyOISua0BbJE6zWHKMUaxIKb
D2A7okOTX8rw2Esfq27i+EW0iuJNZIXGvYte0wtCqJLXZpJHMEwtAtzuJUM4rPD2
RuWwYMMTZpB7p6Xvv1aIfAYOL77rLJy1qk9GcD6hAiXdgdbSz7JgSx7f39gurYBX
NvtHT6XqoUNyYaIpYzDQHCITATPgcPiwedwRO/hbf343weFB/6icHkNcf9oSupw3
raI+cROg9fCHcjt74yx9d3pwAfXc9kYaAt5sDtvkaCyCM3Xj5t0i1pR3ZLUMJVwc
c33Ld3RndN++NeVjP5DFi29sI6BlRg==
=KKSe
-----END PGP SIGNATURE----- 
# list palemoon:
# https://pgp.key-server.io/pks/lookup?search=palemoon&fingerprint=on&op=vindex
# verify signature from here:
# http://pgp.key-server.io/pks/lookup?search=0x865E6C87C65285EC&fingerprint=on&op=vindex
# wget -q --show-progress https://pgp.key-server.io/download/0x865E6C87C65285EC && mv 0x865E6C87C65285EC 0x865E6C87C65285EC.asc
# gpg2 --import 0x865E6C87C65285EC.asc
# gpg2 --verify palemoon-28.4.0.linux-x86_64.tar.bz2.sig palemoon-28.4.0.linux-x86_64.tar.bz2
# gpg: Good signature from "sumbruh <xxxxxxxxx at sumemaildotcom>" [unknown]
url='https://linux.palemoon.org/datastore/release/palemoon-28.4.0.linux-x86_64.tar.bz2'  # change when needed
#
echo 'downloading palemoon....'
sleep 1
cd /home/yerusr
mkdir -p /home/yerusr/palez
cd /home/yerusr/palez
sleep 1
wget $url
echo 'creating directories...'
sleep 1
tar xfj palemoon-28.4.0.linux-x86_64.tar.bz2
sleep 1
mv palemoon-28.4.0.linux-x86_64.tar.bz2 palemoonbkup.tar.bz2
mv /home/yerusr/palez/palemoon /home/yerusr/palez/app
mkdir -p /home/yerusr/palez/data
sleep 1
echo 'stopping all instances...'
killall palemoon
rm -r /home/yerusr/.moonchild productions
rm -r /home/yerusr/.mozilla
rm -r /home/yerusr/.cache/moonchild productions
sleep 1
echo 'setting permissions...'
sleep 1
chown -R tok:users /home/yerusr/palez
echo 'yerusr given boss status'
sleep 1
echo 'palemoon portable installed'
sleep 2
echo 'fluxbox menu ex: [exec] (palz) {firejail --profile=/etc/firejail/palemoon.profile sudo -u yerusr /home/yerusr/palez/app/./palemoon -profile /home/yerusr/palez/data}'
sleep 2
#
#########################################################

as ya can see the directory in the script is 'palez' so yeah change what ya want for your configuration or needs
and change for your user's name

so if you copy the script to a text file, save it as palemoon.sh for example, chmod +x palemoon.sh then run it via ./palemoon.sh
change the download target from palemoon's site to the recent version if needed

sincerely, mrtok
--------
note: forgot to add some .bashrc aliases mod for your distro helps clear out palemoon when needed:

Code: Select all

alias pale1="pkill -9 palemoon"

#

Code: Select all

alias pale2="rm -r /home/yerusr/.mozilla"

#

Code: Select all

alias pale3="rm -r /home/yerusr/.cache/moonchild\ productions && rm -r /home/yerusr/.moonchild\ productions"

nuthr update: updated portable script for latest palemoon at this time plus added signature verfiy

[stevenpusser]

Could you edit that post to put that in code tags? Thanks!

[mrtok]

wasn't able to edit in time maybe they could extend the edit period to a few days
here's the post cleaned up in a single page html file with md5sum 07fb6c865d79acba67a8e11ac13c3c29

pastebin dot com/LreG3TKc

[Moonchild]

code'd the original for convenience.