On several i686 systems I have sandbox -X firefox starting just fine (without net access). I haven't seen it start on any of the x86_64 systems I have tried. The Xephyr window shows up but remains black and with a spinning cursor. ps shows that firefox has a couple of defunct child processes. strace shows that the main process is kind of alive. Launching firefox outside the sandbox works fine on the x86_64 systems. Launching other apps such as filezilla or gedit in the sandbox works. There are no avc's and running permissive makes no difference. Trying to install i686 userspace on x86_64 makes no difference. I don't know what kind of bug can cause this behaviour. My best guess would be some kind of low level ABI incompatibility between i686 and x86_64 in some obscure place. policycoreutils-sandbox-2.1.4-10.fc16.x86_64 firefox-8.0-3.fc16.x86_64
Try sandbox -X -W metacity firefox For some reason firefox does not like the matchbox window manager.
I will check that. I kind of knew that but had ruled that out since it apparently dependended on the platform. I obviously have both metacity (required by gdm) and matchbox-window-manager (required by policycoreutils-sandbox), both on i686 and x86_64. That leaves the questions: Is it only on x86_64 that sandbox+firefox+matchbox is a problem? (And of course: What is the problem really.) Finally: Would it be possible for sandbox to use metacity by default when it already is a dependency of gdm and thus avoid the dependency to matchbox?
Well the benefit of matchbox versus metacity is it runs apps automatically in full screen mode. If we could get metacity to have a option to run apps this way, I would run away from matchbox very quickly. I am looking for the app to look like it is running as a local app rather then in a different desktop. Apps like openoffice and evince run real well in this environment. Only Firefox seems to blow up. You can also see this by executing sandbox -X xterm Then in the sandbox run firefox.
I filed a matchbox issue: Bug 758733 - Problems running firefox with matchbox under Xephyr
Sadly I am the matchbox maintainer, since we are the only user, and I have no idea how to debug the issue...
(In reply to comment #5) > Sadly I am the matchbox maintainer, since we are the only user, and I have > no idea how to debug the issue... This seems to be a 64 bit issue, but somehow also related to versions or possibly configure flags. On usdemo.thinlinc.com (64-bit RHEL6, provided package), Firefox works with Matchbox without problems. On eudemo.thinlinc.com (64-bit RHEL5, manual build), Firefox launch only worked occasionally. Very often no window was created at all. Sometimes a small and gray window was created. After rebuilding Matchbox as a 32-bit application using CFLAGS="-m32", it works correctly. If you want to investigate, you can create an account on http://www.cendio.com/testdrive/.
This message is a reminder that Fedora 16 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 16. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '16'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 16's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 16 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged to click on "Clone This Bug" and open it against that version of Fedora. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Are you still seeing this problem in F17 or F18?
We gave up on Matchbox. The upstream project is gone. We are using OpenBox instead.
Can you get openbox to run apps in full screen mode?
Created attachment 695232 [details] OpenBox config file This is the OpenBox config file we are using for the ThinLinc single application publishing. The last part of the file activates maximized mode for all normal windows. Fullscreen should be possible as well, but we haven't tested that. Please note that you have to remove the "V" from titleLayout in order to use it with upstream OpenBox.
Created attachment 696595 [details] /usr/share/sandbox/sandboxX.sh Please use this sandboxX.sh and try it out with openbox. My only problem with this is the application seems to be starting slow.
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed.
Changing to OpenBox in Fedora 19.
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle. Changing version to '19'. (As we did not run this process for some time, it could affect also pre-Fedora 19 development cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.) More information and reason for this action is here: https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19