In a world where Google Chrome is, by a large margin, the most used web browser, Firefox represents the only relevant open source alternative. The Mozilla browser is installed by default (or at least available in the official repositories) of all the most used Linux distributions. In order to configure its behavior we can change settings interactively, or, more conveniently, we can create and deploy “policies”. In this tutorial we learn how to customize Firefox and easily replicate specific setups by configuring system-level policies via the policies.json file.
In this tutorial you will learn:
- How to configure Firefox policies
- How to include bookmarks in a policy
- How to disable telemetry in a policy
- How to include, lock or disable extensions as part of a policy
| Category | Requirements, Conventions or Software Version Used |
|---|---|
| System | Distribution-agnostic |
| Software | Firefox |
| Other | Administrative privileges |
| Conventions | # – requires given linux-commands to be executed with root privileges either directly as a root user or by use of sudo command $ – requires given linux-commands to be executed as a regular non-privileged user |
Introducing policies
Configuring Firefox interactively, by navigating in the settings page, or by using the more advanced “about:config” menu, which let us access “hidden” options, can be a time-consuming task, especially if we need to replicate setups on many workstations. In such scenarios, where automation is crucial, the most practical solution is to establish and deploy policies.
Firefox policies are implemented by using the JSON (JavaScript Object Notation) syntax, in the
policies.json file which can be created in two places:
- In the “distribution” directory under the Firefox installation root
- Inside the “/etc/firefox/policies” directory
The Firefox installation path varies depending on how the installation is performed and on the distribution we are using. On Fedora, for example, when installed via the dnf package manager, Firefox is installed under /usr/lib64/firefox. In the table below we can see how the path changes on some of the most used distributions:
| Distribution | Firefox installation path |
|---|---|
| Fedora | /usr/lib64/firefox |
| Debian (amd64) | /usr/lib/firefox-esr |
| Ubuntu | /snap/firefox/current/usr/lib/firefox |
| Archlinux | /usr/lib/firefox/distribution |
Notice that in recent versions of Ubuntu, Firefox is installed by default as a snap package, that is why its path is radically different from the others.
To avoid discrepancies between distributions, the recommended solution is to write our “policies.json” file under the /etc/firefox/policies directory. That is the approach we will use in this tutorial from now on, therefore we must ensure the directory exists:
$ sudo mkdir -p /etc/firefox/policies
Creating a policy
A policy consists in a series of options and the respective values. Via a policy we can manage practically every aspect of Firefox: among the other things, we can setup extensions, bookmarks and updates, but also various aspects of the browser interface.
The complete list of the keys which can be specified in a policy file and their documentation, can be found on the mozilla policy template page on github. Here we just see some examples.
All the setting specified in the policies.json file, must be specified as key/value pairs inside the main, “policies” section:
{
"policies":{
}
}
Adding bookmarks as part of a policy
To specify bookmarks as part of a Firefox policy, we have to use the Bookmarks key. This key takes an array of objects as value. Each object represents a bookmark, and is defined using a set of keys, as you can see in the example below:
{
"policies":{
"Bookmarks":[
{
"Title":"Linuxconfig.org",
"URL":"https://linuxconfig.org",
"Favicon":"https://linuxconfig.org/favicon.ico",
"Placement":"toolbar",
"Folder":"Linux"
}
]
}
}
In the example above we defined a bookmark for “Linuxconfig.org”, including a Title, a Url, and a Favicon. We also specified where the bookmark should be placed (“toolbar” vs “menu”) by using the Placement key . Finally, we that the bookmark should be contained in a Folder named “Linux”.
To see the result of the policy being applied we just close the current instance of the browser, and start a new one. In the screenshot below, you can see a the “Linux” folder containing the “Linuxconfig” bookmark created as result:
Disabling Firefox telemetry
By default Firefox is configured to send technical and data interaction information to Mozilla. This “feature” is called telemetry, and most of the time you want to disable it. In order to disable telemetry as part of our policy we need to use the DisableTelemetry key which accepts either true or false as values:
{
"policies":{
"DisableTelemetry":true
}
}
Specifying extensions as part of the policy
We can specify a set of extensions which should be installed, removed or locked, as part of our Firefox policy. To accomplish this task we use the Extensions key. In the example below, we specify that we want to install the “NoScript” extensions as part of our policy, and we want to lock it, so it cannot be removed by users:
{
"policies":{
"Extensions":{
"Install":[
"https://addons.mozilla.org/firefox/downloads/file/4067473/noscript-11.4.16.xpi"
],
"Locked":[
"{73a6fe31-595d-460b-a920-fcc0f8843232}"
]
}
}
}
To specify the extensions which should be installed, we include their URLs, which can be found on the Firefox addons site. Extensions to be locked or uninstalled, instead, are referenced by their ID. An easy way to retrieve extensions ID is to navigate on the
about:debugging page of the browser, and clicking on the “This Firefox” entry in the sidebar menu. In this case we can see the ID of the NoScript extension is “{73a6fe31-595d-460b-a920-fcc0f8843232}”:
Since we locked the extension as part of our policy, end users are not allowed to remove it. As you can see in the screenshot below, the “Remove Extension” entry is grayed out:
Conclusions
In this tutorial we saw some examples of defining Firefox system-level policies. Policies are very useful to automate and replicate predefined setups on multiple machines. In this article we saw how to disable telemetry and include bookmarks and extensions as part of a policy.
