Using policies.json to manage individual profiles on linux
I'm having trouble using the policies.json file to manage individual profiles on Linux. I've come across sources that suggest placing the distribution/policies.json file in the profile folder should work, but I can't seem to get it to function as expected.
My use case is to create a separate profile that can only connect to localhost.
I have a few questions:
- Is there a specific way to use policies.json for managing individual profiles on Linux? If so, what is the correct method?
- Can the location where Firefox looks for the policies.json file be overwritten for a new process? If yes, how can this be achieved?
Opaite Mbohovái (4)
distribution/policies.json
needs to be in the directory where the Firefox binary is. It could be anywhere but is often in /opt/firefox
so the full path would be /opt/firefox/distribution/policies.json
.
The easiest way to find it is in Firefox press Alt-H and then choose "More Troubleshooting Information" from the drop-down menu that appears. In the first block of information is a line starting with "Application Binary" with the path next to it. That's where to put distribution/policies.json
.
ThePillenwerfer said
distribution/policies.json
needs to be in the directory where the Firefox binary is. It could be anywhere but is often in/opt/firefox
so the full path would be/opt/firefox/distribution/policies.json
. The easiest way to find it is in Firefox press Alt-H and then choose "More Troubleshooting Information" from the drop-down menu that appears. In the first block of information is a line starting with "Application Binary" with the path next to it. That's where to putdistribution/policies.json
.
Appreciate the clarification.
However, if placed there, the policies apply to all profiles opened using that binary.
Yet I need a more fine grained control, so that I can have different policies for different profiles. E.g. profileA: no restrictions profileB: about config not allowed, no connections other than localhost allowed.
All I've ever done with Policies is stop Thunderbird up-dating so can't really help you further.
I would have thought that there'd be some way of saying in the Policy file which things to apply to which profiles. Also if it worked in the ~/.mozilla/firefox/profile directory a user could edit it whereas in /opt or /usr/bin they'd need root permissions.
policies.json works for all profiles, so you can't have different settings unless you would use multiple installations, each in its own installation folder.
You can however use an autoconfig.cfg file as this file supports JavaScript if you disable the sandbox and in such a case you can place pref settings in an 'if' block that detects the name of the profile.
Content of autoconfig.cfg:
// start autoconfig.cfg with a comment line let Services = globalThis.Services let profD = Services.dirsvc.get("ProfD", Ci.nsIFile).path;
Content of autoconfig.js:
//start autoconfig.js with a comment line pref("general.config.filename", "autoconfig.cfg"); pref("general.config.obscure_value", 0); pref("general.config.sandbox_enabled", false);