I feel like I’ve tried absolutely everything; every option in the firefox.profile config, every suggestion on github & stack exchange, even a custom config directory in KeepassXC, but nothing I try seems to enable the KeepassXC extension in firejailed firefox to connect to my KeepassXC database. I am also using GTK_USE_PORTAL=1, if that matters.
I switched to EndeavourOS recently from Manjaro; my config there worked perfectly, but I managed to lose it while distro-hopping, and I’m sure I’ve tried everything contained in it anyway.
All suggestions are welcome; I’m truly at a loss here. This is my firefox.local:
# Enable KeepassXC plugin support
whitelist ${RUNUSER}/org.keepassxc.KeePassXC.BrowserServer
whitelist ${RUNUSER}/kpxc_server
mkfile ${HOME}/.config/mozilla/native-messaging-hosts/org.keepassxc.keepassxc_browser.json
whitelist ${HOME}/.config/mozilla/native-messaging-hosts/org.keepassxc.keepassxc_browser.json
noblacklist ${HOME}/.config/mozilla
whitelist ${HOME}/.config/mozilla
# Enable private bin on Arch
private-bin bash,dbus-launch,dbus-send,env,firefox,sh,which,keepassxc-proxy
# Enable private-etc support
private-etc firefox
# Enable native notifications
dbus-user.talk org.freedesktop.Notifications
# Allow inhibiting screensavers
dbus-user.talk org.freedesktop.ScreenSaver
# Enable plasma browser integration
dbus-user.own org.mpris.MediaPlayer2.plasma-browser-integration
dbus-user.talk org.kde.JobViewServer
dbus-user.talk org.kde.kuiserver
# Enable screen sharing under wayland
dbus-user.talk org.freedesktop.portal.Desktop
# Uncomment the following line if screensharing isn't working
# ignore noroot
# Enable saving to / uploading from desktop
noblacklist ${HOME}/Desktop
whitelist ${HOME}/Desktop
Also, echo $RUNUSER returns nothing, which I think may be related, but I don’t know what this environment variable is / does.
Why would you be running firejail? It shouldn’t be a problem without it. Ever thought of using apparmor instead?
The idea of firejail is strict sandboxing of apps, such as firefox. Wanting to open this sandbox seems a bit awkward to me in your use-case, and in general.
I just like to increase security where I can, so I’ve been running a sandboxed browser for some time now; it just seems like a a good idea. I haven’t looked into configuring apparmor, but firejail has settings in the default firefox profile that (usually) make this a fairly simple process, while preserving the integrity of the sandbox as much as possible.
If you’re interested in security, it may not be a good idea to share clipboard contents of passwords between apps in general. If a password managing app stores passwords (hopefully encrypted) on your local drive, there are multiple caveats and steps involved to enable your firefox firejail profile to let it communicate around the sandbox. This is named as “creating overrides”, and I guess your endeavour is more easily helped by creating an issue on the firejail-page, since the web seems to be full of questions, the same as yours.
This is a compromise between usability and security that I like, understand the implications of, and will continue to employ.
I am aware that others have asked similar questions; I have done a search myself, and gone through every solution I could find. I asked here because this set up worked well on Manjaro; I thought that perhaps there was something EOS-specific that someone might know about.
I had also heard about the friendly EOS community; had I known to expect to be given a lecture on my use-case and sent away with a LMGTFY, I may have reconsidered posting here.
Without any expectations, you can’t be disappointed, the wise ones keep saying. Your demeanor tells us quite a different story.
I tried to be friendly and helpful to you by responding to what you asked, the way you asked, considering the infos you gave.
If you want to appear unfriendly the way you clearly and openly do, just disregard my postings in response to your apparently flawed reasoning and have a nice one!