From Gentoo Wiki
Jump to: navigation, search

Firefox is Mozilla's solution to the web browser. It is not the same thing as Firefox OS, which was a full operating system.

Aurora is the "unbranded" version of Mozilla's Firefox.


USE flags

USE flags for www-client/firefox Firefox Web Browser

bindist Disable official Firefox branding (icons, name) which are not binary-redistributable according to upstream. local
custom-cflags Build with user-specified CFLAGS (unsupported) global
custom-optimization Build with user-specified compiler optimizations (-Os, -O0, -O1, -O2, -O3) from CFLAGS (unsupported) local
eme-free Disable EME (DRM plugin) cabability at build time local
gmp-autoupdate Allow Gecko Media Plugins (binary blobs) to be automatically downloaded and kept up-to-date in user profiles local
hardened Activate default security enhancements for toolchain (gcc, glibc, binutils) global
hwaccel Force-enable hardware-accelerated rendering (Mozilla bug 594876) local
neon Enable optimization support for ARM NEON processors global
screenshot Allow to disable screenshot extension in global profile local
startup-notification Enable application startup event feedback mechanism global
system-harfbuzz Use the system-wide media-libs/harfbuzz and media-gfx/graphite2 instead of bundled. local
system-icu Use the system-wide dev-libs/icu instead of bundled. local
system-jpeg Use the system-wide media-libs/libjpeg-turbo instead of bundled. local
system-libevent Use the system-wide dev-libs/libevent instead of bundled. local
system-libvpx Use the system-wide media-libs/libvpx instead of bundled. local
system-sqlite Use the system-wide dev-db/sqlite installation with secure-delete enabled local
wifi Enable wireless network functions global

The above list of USE flag is not comprehensive. Use equery (part of app-portage/gentoolkit) for a full list:

user $equery uses www-client/firefox


To compile the source version of Firefox, issue:

root #emerge --ask www-client/firefox

Emerging the source version of Firefox can be a long process; a pre-compiled (binary) version does exist in the Gentoo repository, however users of the pre-built package should note the warning below. To emerge the Firefox binary, issue:

root #emerge --ask www-client/firefox-bin
The disadvantage of using pre-compiled www-client/firefox-bin package is that almost all of the USE flags in the list above cannot be set. Be aware that setting these flags while using this package will not alter the binary.


Enabling multitouch

Xinput2 scrolling

This brings touch scrolling and multitouch support for Firefox:

MOZ_USE_XINPUT2 environment variable has to be set to a value of 1 in /etc/env.d/80firefox, or just before launching firefox in a shell. for example:

user $MOZ_USE_XINPUT2="1" firefox

This also eliminates the predefined scroll step size for touchpad scrolling! All scrolling will be really smooth.

Wacom tablets/touchscreens may need extra configuration so they emit true touch events for X.

Multitouch zoom

This only works when the multitouch events reach Firefox, therefore the Xinput2 activation above has to be done first.

Description about:config option Value
Multitouch activation gestures.enable_single_finger_input False
Zoom in cmd_fullZoomReduce
Zoom out browser.gesture.pinch.out cmd_fullZoomEnlarge

Middle mouse scroll (autoscroll)

Traditionally in Linux, the middle mouse button is used to paste the currently selected (highlighted) text into a text field. On Windows systems, the middle mouse button in Firefox is used for click-and-drag scrolling up and down the page. This functionality can be enabled in Firefox by opening about:config and setting the following value[1]:

  • general.autoScroll = true

Middle click-and-drag scrolling should now be enabled.

Although not necessary, sometimes it is desirable to disable all other middle-click functionality within Firefox when using click-and-drap scrolling. Open about:config and set the following values to disable middle-click functionality:

  • middlemouse.contentLoadURL = false
  • middlemouse.openNewWindow = false
  • middlemouse.paste = false


Firefox >= 54 has 4 threads enabled by default. Theads can be adjusted by modifying the following in the about:config interface:

Description about:config option Value
Increase the threads dom.ipc.processCount N

Where N is a integer number.

Disabling percent-encoding

Normally, URLs that are copied from the address bar get percent-encoded. This may cause an annoyance when certain non-Latin symbols (such as Cyrillic) get encoded, as they become unreadable to humans.

To disable percent-encoding when copying from the address bar, set the about:config option network.standard-url.escape-utf8 to false.

Unfortunately Firefox does not support non-Latin symbols in anchors, those remain encoded (not percent-encoded, though).

Disable enforced digital signatures verification in Firefox >=48

This concerns mandatory add-ons signature in Firefox and can lead to security issues.

Method 1

Create this file:

FILE /usr/lib/firefox/config.js
try {
  Components.utils.import("resource://gre/modules/addons/XPIProvider.jsm", {})
catch(ex) {}

Then insert this:

FILE /usr/lib/firefox/defaults/pref/channel-prefs.js
pref("general.config.obscure_value", 0);
pref("general.config.filename", "config.js");

Method 2

Method 3

This patch works for both firefox 49 and firefox 51, and seems to be robust to changes.

FILE /etc/portage/patches/www-client/firefox/no-signature-force-check.patch
--- a/build/mozconfig.common.override 2017-02-06 14:26:05.891721140 +0900
+++ b/build/mozconfig.common.override 2017-02-06 14:25:41.115763755 +0900
@@ -9,3 +9,4 @@
 # to override anything done previously.
 # The common expected usage is for try builds with nondefault options.

The following patch also works for firefox 49.

FILE /etc/portage/patches/www-client/firefox-49.0/no-signature-force-check.patch
diff --git a/browser/ b/browser/
index 7637236..2264bf5 100755
--- a/browser/
+++ b/browser/
@@ -27,7 +27,16 @@ fi
 # Enable building ./signmar and running libmar signature tests
+# Disable 'safe' browsing
+# Disable checking that add-ons are signed by the trusted root
+# Disable enforcing that add-ons are signed by the trusted root

Then set xpinstall.signatures.required to false.

Special URLs

Firefox includes a few dozen special URLs that can be helpful in determining more information about various Firefox settings. These URLs can be entered into the Super Bar (via copy and paste) to view the special pages. A few of the more significant ones include:

  • about:addons
  • about:config
  • about:crashes
  • about:memory
  • about:networking
  • about:plugins
  • about:support
  • about:telemetry

Finally, about:about will display the whole list of Firefox' “about” pages.

See also Firefox chrome:// document URLs.

XDG integration

In order to make Firefox use XDG file associations set Content Type's Action to /usr/bin/xdg-open

To ensure Firefox is being used by other applications for handling HTTP and HTTPS links, run the following commands:

user $xdg-mime default firefox.desktop x-scheme-handler/http
user $xdg-mime default firefox.desktop x-scheme-handler/https
user $xdg-mime default firefox.desktop text/html


Running in sandbox

The Simple sandbox article explains why »Sandboxing Firefox is mandatory«.

SSL/TLS Security Enhancements

Some about:config SSL/TLS security options which are not defaults (as of Firefox 52.2.0) that increase the security of your https connections are listed below. Two of them rarely break access to websites.

Description about:config option Value
Minimal TLS version set to 1.1. Default is 1 meaning TLS 1.0, unsecure. May break access to some badly configured websites. security.tls.version.min 2
Avoiding old SSL/TLS version. May break access to some badly configured websites. security.ssl.require_safe_negotiation true
Inform user about insecure SSL/TLS negociation (broken padlock). security.ssl.treat_unsafe_negotiation_as_broken true
Require Online Certificate Status Protocol. Introduces some latency. security.OCSP.require true
Strict Certificate Pinning. security.cert_pinning.enforcement_level 2
Don't use DES. security.ssl3.rsa_des_ede3_sha false
Don't use RC4. security.ssl3.rsa_rc4_128_md5 (if present) false
Don't use RC4. security.ssl3.rsa_rc4_128_sha (if present) false
No Google SSL False Start. security.ssl.enable_false_start false

Safer browsing with Add-ons

Firefox has a massive community behind it and a result many Add-ons have been created to aid with specific interests of users. Many users are concerned about their privacy (tracking, bubbling, targeting, etc) while web browsing. Installing Add-ons can aid in adding an extra level of privacy to their browsing.

The Add-on menu can be accessed by navigating the following menus: Hamburger button (top right under the X) → Add-ons

uBlock Origin

A new ad blocker with lower resource usage, using same lists as Adblock. Very versatile and configurable.

Mozilla Add-ons page:




NoScript blocks JavaScript that is normally enabled by default. It can keep users safe and speed up web browsing.

Mozilla Add-ons page:



Point and click to forbid/allow any class of requests made by your browser. Use it to block scripts, iframes, ads, Facebook, etc. uMatrix can also be used for spoofing HTTP referrer, spoofing User Agent strings, blocking hyperlink auditing and forcing strict HTTPS. Note, uMatrix can break many websites and most websites need configuration changes to work correctly.

Mozilla Add-ons page:



gtk+:3 pulls in DBUS

Since version ≥53.0 Firefox has dropped gtk+:2 support urging Larry to use gtk+:3. This however by default pulls-in annoyances like DBUS. This can be avoided by using a patch from BSD available in mv overlay.


If Firefox crashes for no apparent reason every few minutes with an error message like ABORT: X_GLXDestroyContext: GLXBadContext; 15 requests ago it might help to add the Firefox user(s) to the video group:

root #gpasswd -a <username> video

Latest adobe-flash-23 does not work

It is possible to use PPAPI NPAPI plugin adapter. For more info read here

root #emerge freshplayerplugin

Lack of sound (www-client/firefox)

If Firefox built with the gstreamer USE flag does not play sounds, and some web sites tell you to install Flash to play music, make sure that the necessary codecs are installed:

root #emerge gst-plugins-meta:1.0

Lack of sound (www-client/firefox-bin)

www-client/firefox-bin expects PulseAudio. Alsa-only systems might work around this limitation by using media-sound/apulse. For this to work you'll need to modify Firefox sandbox settings by going to about:config and adding "/dev/snd/" (note the trailing slash) to "security.sandbox.content.write_path_whitelist" option.

If you're storing ALSA settings in /home, also, be sure to add "/home/<username>/.asoundrc" to the "security.sandbox.content.write_path_whitelist" option. Whitelist path could be separated by comma.

Since around Firefox 58 there is additional modification needed to work around seccomp sandbox: security.sandbox.content.syscall_whitelist = 16

Now you can go ahead and create alias for running firefox through apulse:

user $alias firefox='apulse firefox-bin'

See also

External resources