Electronplayer

From ArchWiki

Related articles

This article or section needs language, wiki syntax or style improvements. See Help:Style for reference.

Reason: Written like a blog post, should be adapted to respect Help:Style#Language register. (Discuss in Talk:Electronplayer)

electronplayer is an application using the electron app development framework. It is used for viewing Netflix, YouTube, Twitch, Floatplane, Hulu, Amazon Prime Video and more. Most notably to isolate the cookies from these websites from your main web browser.

Installation

Install the electronplayerAUR package.

Sandboxing

electronplayer seems to be resistant to being sandboxed with firejail, as it seems that it is installed by default in /usr/bin/electronplayer with a symlink to /opt/electronplayer/electronplayer --no-sandbox. Because of this, running: 

$ ln -s /usr/bin/firejail /usr/local/bin/electronplayer

and then running: 

$ /usr/local/bin/electronplayer

will NOT sandbox electronplayer, it will immediately break out of the sandbox and begin running unconfined as if it were not being run with firejail. A workaround I have found for this problem is as follows:

Create firejail profile for electronplayer

$ touch /etc/firejail/electronplayer.profile

then: 

$ chmod 644 /etc/firejail/electronplayer.profile

Then follow instructions in firejail for details on how to create a custom firejail profile. This is the one I use: 

# Firejail profile for electronplayer
include electronplayer.local
# Persistent global definitions
include globals.local


include disable-common.inc
include disable-passwdmgr.inc
include disable-programs.inc


noblacklist ${HOME}/.config/electronplayer
whitelist ${HOME}/.config/electronplayer


apparmor
caps.drop all
netfilter
nodbus
nodvd
nogroups
nonewprivs
noroot
notv
protocol unix,inet,inet6,netlink
seccomp

Create a soft link to electronplayer

Because /usr/bin/electronplayer already has a hard symlink to /opt/electronplayer/electronplayer --no-sandbox, the next step is to create a soft link to /usr/bin/firejail /opt/electronplayer/electronplayer in /usr/local/bin. First: 

$ touch /usr/local/bin/electronplayer

then: 

$ chmod 755 /usr/local/bin/electronplayer

then add the following text to /usr/local/bin/electronplayer, adding whatever arguments or options you like to either of the commands: 

#!/bin/sh
/usr/bin/firejail /opt/electronplayer/electronplayer

And that's it! Now you can watch videos isolated from you normal web browser from the safety of the firejail sandbox!