Is Firejail necessary on Linux? --- No. Is Firejail really that necessary on Linux? --- It depends. In the past I've played with AppArmor and even made my own profile for Google Chrome. I also used Firejail for a while. I now don't do anything special re. AppArmor; I just use the defaults. I don't use Firejail.
Yes, but many use applications (like email clients, PDF- and image viewers, office suites etc.) are not (yet) confined by AppArmor (at least, not in all DE's - there is a profile for, e.g., Evince but not for Okular). The Firefox profile has been only enabled since Ubuntu 18.10. The big advantage of using sudo firecfg is that more than 700 applications are sandboxed by Firejail thus closing very many possible intrusion gateways. And normally Firejail does not cause problems as most participants in the Firejail thread can probably confirm. The problems with Firefox found in search engines by @Krusty were primarily caused by its changed architecture in v. 60 - so the old Firejail profile was no longer compatible. But that was fixed a long time ago. Yes, agreed. One should make onself familiar with the basics first. Having said that, I still cannot reproduce @Krusty's problem with the update manager as Firejail does not deal with them. Knowing the exact steps what he did would be helpful.
Well, again: Firejail does not touch update managers. I've been using Firejail on various distros like Manjaro. Arch, Fedora, Ubuntu, Debian, MX and never ran into your problems. They must be caused by something different.
If you look at the screenshot from #138 it mentions that there was a Chrome signature issue, but again, this only happened after using Firejail. Never mind. Currently burning new disks of Mate, Cinnamon and Xfce. I somehow lost the ISO and disk I used to install Mate last time so I had to re-download it / them fresh.
I still don't see how this is related to Firejail. It would also be helpful to see if Code: sudo apt update sudo apt full-upgrade works or shows errors as well. Besides, you haven't answered my question if the problem persists after a reboot.
Yes, but the point is moot now anyway. I restored a recent Windows image and am psyching myself up to try again. By the way, yes I did get the exact same error using the commands.
Well, I figured that Ubuntu is pretty safe in bog-standard configuration (plus some browser hardening). I think many people coming to Linux from Windows still have the general security fear and paranoia that goes with running Windows. It was hard enough for me to unlearn.
OK guys, I've freshly installed and configured Mint Mate and Firefox, the Update Manager is working so I think I'll give other experiments (like Firejail) a miss for a while. I may not even bother installing Chrome this time. Thanks again for all the assistance and encouragement. Yeah, I think that is my problem and I'm also going to have to unlearn that fear and paranoia.
Krusty, I must have no fear or paranoia as I don't use any extra security on Windows or Linux. I only use Windows Defender.
Good luck. Although I think MX Linux might be a better bet. Also I doubt, as @summerheat does, that Firejail broke your earlier attempt at mint. I notice you were asking about Apparmor. If for some reason you enabled a profile for Firefox, it's probably what broke the browser. Apparmor and firejail don't play well together.
I think you just have to adapt to a different mindset. I felt naked for a while without an AV, on-demand anti spyware/malware programs, CLisd filters and the like. All I have with Ubuntu is an up to date OS and browser hardening. Linux rocks, enjoy the freedom of it not being Microsoft.
Leaving "security" aside, I feel a lot of newcomers stumble over using root or sudo unnecessarily thus ending up with files and folders which can't be modified by the user as would normally be the case.
While I don't use WD, an antivirus is all I use for protection on all of my Windows computers and I also would not install any security software on Linux. My complete lack of paranoia means that I don't obsess over securing my systems.
Since Win8 was released over 6 years ago I've only used WD. If I'd used ten different security apps over this time I would have received nil malware. I received nil malware without the ten apps. My friends have the same approach. The last malware I recall was when I ran Win7.
I did not make any changes to Apparmor or any profiles so you can rule that out. Yeah, I kinda feel naked surfing without added security. My browser should be fairly secure though (NoScript etc). It's just the Windows mindset lingering. Never messed with any folders. I wouldn't really say fear or paranoia, Brian. I'm just a security software enthusiast.
As a matter of fact I tried to replicate what @Krusty might have done (in MX running in a VM). I executed sudo firecfg --clean, removed firejail and firejail-profiles, installed firejail only (i.e. without firejail-profiles), executed sudo firecfg - and did not run into any problems. I still don't know what happened on his system.
After a while you'll discover that it is quite a liberating experience. My only regret with Linux is that I didn't start using it earlier. I even stopped using NoScript a few years ago. On macOS and Ubuntu the only security extensions I have on Firefox are uBlock Origin, Decentraleyes and JavaScript Toggle On and Off. The last one is really just an option to stop JS running on some sites and a bit of a throwback to when I used KMeleon. Running a computer without an AV is the biggest liberation of all. In my experience antivirus programs only ever found false positives. I was more concerned that my AV would tank my hard drive than actually getting infected with malware. If I'd have believed what AV's and antimalware programs had reported they'd discovered over the years, and let them subsequently remove the 'malware', most of my computers would have ended up as paperweights or doorstops. After a while you'll lose the Windows mindset and actually start to enjoy using the internet.
I have no idea, but I know this; the machine was running flawlessly before installing Firejail, then Firefox opened a blank page. I installed Firejail-profiles and my Update Manger failed. I can't help that you can't reproduce, but I thank you for trying. One more time, the machine ran flawlessly before Firejail and with a fresh clean install is running flawlessly again. I will not bother with bloat again.
So be it. I understand your mindset. But please understand that - after using Firejail on various distros over several years and participating in a thread that is 27 pages long in which nobody except you reported such problems - I still think that something else must have caused your trouble and I would be interested in what exactly that could have been. However, that's no longer possible. I just find it a pity that you badmouth something as "bloat" which you are not familiar with.
Nevertheless, Firejail has had its problems. https://firejail.wordpress.com/support/#why https://github.com/netblue30/firejail/issues/1939 https://github.com/netblue30/firejail/issues Plus, if it isn't that necessary on Linux, technically it is bloatware.