meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:prepare:firefox [2025/01/05 14:03] – removed - external edit (Unknown date) 127.0.0.1linux:prepare:firefox [2025/09/26 08:59] (current) niziak
Line 1: Line 1:
 +====== Firefox ======
 +
 +===== certificate problem, but option to accept anyway has gone =====
 +"accept certificate" "self-signed certificate"
 +
 +  * ''about:config''
 +  * ''browser.xul.error_pages.expert_bad_cert'' to true
 +  * ''security.certerrors.permanentOverride'' to true
 +
 +===== Disable Detachable Tabs in Mozilla Firefox =====
 +
 +  * ''about:config''
 +  * ''browser.tabs.allowTabDetach'' set to ''true''
 +  * ''config.trim_on_minimize''
 +    * write ''config.trim_on_minimize'' into search box
 +    * select ''Boolean'' and click ''+'' icon
 +    * set ot to ''true''
 +
 +
 +===== limit memory usage =====
 +
 +==== about:config ====
 +
 +  * ''browser.tabs.unloadOnLowMemory'' set to true
 +
 +
 +==== cgroups ====
 +
 +References:
 +  * [[https://gist.github.com/hrishikeshrt/dab05d42fc60144909cdbde2cc3f4d2c|Limit Memory Usage using cgroups]]
 +  * [[https://gist.github.com/hardfire/7e5d9e7ce218dcf2f510329c16517331]]
 +  * [[https://gist.github.com/avoidik/1c7c53f02461f716aabebf3372a6199d]]
 +
 +But now we have some modern systemd based tools.
 +
 +
 +==== systemd ====
 +
 +  * [[https://unix.stackexchange.com/questions/525740/how-do-i-create-a-systemd-scope-for-an-already-existing-process-from-the-command|How do I create a systemd scope for an already-existing process from the command line?]]
 +  * [[https://wiki.archlinux.org/title/cgroups]]
 +
 +<file bash /usr/local/bin/firefox>
 +#!/bin/bash
 +systemd-run --user -G --scope --unit=run-firefox -p OOMPolicy=continue -p MemoryMaxigh=4G -p MemoryMax=5G -p MemorySwapMax=2G -p "CPUQuota=200%" /usr/bin/firefox "$@"
 +</file>
 +
 +or
 +
 +<file bash /usr/local/bin/firefox>
 +#!/bin/bash
 +systemd-run --user -G --scope --unit=run-firefox -p OOMPolicy=continue -p MemoryHigh=50% -p MemoryMax=60% -p MemorySwapMax=2G -p "CPUQuota=200%" /usr/bin/firefox "$@"
 +</file>
 +
 +See [[https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html#MemoryMax=bytes|MemoryMax]]
 +
 +Verify limits:
 +<code bash>
 +systemctl list-units --user --type scope
 +systemctl status --user run-firefox.scope
 +
 + Memory: 201.3M (max: 2.0G swap max: 2.0G available: 1.8G)
 +</code>
 +
 +Modify limits without restarting firefox:
 +<code bash>
 +systemctl set-property --user run-firefox.scope MemoryMax=8G MemorySwapMax=10G
 +</code>
 +
 +==== put other firefox-esr under jail ====
 +
 +<code bash>
 +apt-get install cgroup-tools
 +
 +sudo cgclassify -g memory,cpu::/user.slice/user-1000.slice/user@1000.service/app.slice/run-firefox.scope 20975
 +</code>
 +
 +==== firejail ====
 +
 +<code bash>
 +sudo apt install firejail
 +
 +firejail --noprofile --rlimit-as=5g firefox
 +
 +</code>
 +
 +<code>
 +       --rlimit-as=number
 +              Set the maximum size of the process's virtual memory (address space) in bytes.  Use k(ilobyte), m(egabyte) or g(igabyte) for size suffix (base 1024).
 +</code>
 +
 +[[https://wiki.archlinux.org/title/Firejail#Using_Firejail_by_default|Using_Firejail_by_default]]
 +