Information is up to date, the design will be modernized at a later point - we are a small team and had to prioritize
Information is up to date, the design will be modernized at a later point - we are a small team and had to prioritize
This page covers how to install and uninstall the Portmaster on Linux.
We provide package installers for supported systems:
.deb for Debian/Ubuntu (how to).pkg.tar.xz for Arch (Testing, CI Build / how to)Please note that we only support the latest stable and LTS versions. We may be able to help out with other systems, but will not be able to invest a lot of time in order to keep focus.
The installers should take care of any needed dependencies. Please report back if they do not!
⚠️ Please note that the Portmaster updates itself and that the provided packages are only meant for an initial install. Uninstalling the package from your system will properly uninstall and remove the Portmaster.
| System | Version | Notes |
|---|---|---|
| Linux Kernel | >= 5.7 | 2.4-5.5 might also work, see issue core#82 |
| Gnome | >= 3? | |
| KDE | ? | |
| MATE | ? | |
| Cinnamon | ? | |
| Budgie | ? | Issues: ui#111 |
| LXDE | ? | |
| LXQt | ? | |
| XFCE | ? | Seen working. |
| Deepin DE | ? |
The Portmaster Core Service is compatible with the Linux Kernel as of version 2.4, but due to a breaking bug in at least v5.6, we recommend to use v5.7+.
Dependencies:
libnetfilter_queue - for network stack integrationlibappindicator3 - for sending desktop notifications (optional, but recommended)Debian/Ubuntu
sudo apt install libnetfilter-queue1 libappindicator3-1
⚠️ You may need to enable the universe or multiverse repositories sources on Ubuntu.
Fedora
sudo yum install libnetfilter_queue
Arch
sudo pacman -S libnetfilter_queue libappindicator-gtk3
0. Install dependencies.
1. Download the latest portmaster-start utility and initialize all resources:
# Download portmaster-start utility
wget -O /tmp/portmaster-start https://updates.safing.io/latest/linux_amd64/start/portmaster-start
sudo mv /tmp/portmaster-start /var/lib/portmaster/portmaster-start
sudo chmod a+x /var/lib/portmaster/portmaster-start
# Download resources
sudo /var/lib/portmaster/portmaster-start --data /var/lib/portmaster update
All data is saved in /var/lib/portmaster. The portmaster-start utility always needs to know where this data directory is.
2. Start the Portmaster Core Service
sudo /var/lib/portmaster/portmaster-start core
3. Start the Portmaster UI
/var/lib/portmaster/portmaster-start app
4. Start the Portmaster Notifier
/var/lib/portmaster/portmaster-start notifier
⚠️ Your Desktop environment may not (yet) be compatible.
5. Start it on boot
In order to get the Portmaster Core Service to automatically start when booting, you need to create a systemd service unit at /etc/systemd/system/portmaster.service.
The following unit file works but excludes most of the security relevant settings. For a more restricted version use this portmaster.service file.
[Unit]
Description=Portmaster Privacy App
[Service]
Type=simple
ExecStart=/usr/local/bin/portmaster-start core --data=/var/lib/portmaster/
ExecStopPost=-/sbin/iptables -F C17
ExecStopPost=-/sbin/iptables -t mangle -F C170
ExecStopPost=-/sbin/iptables -t mangle -F 171
[Install]
WantedBy=multi-user.target
Finally, reload the systemd daemon and enable/start the Portmaster:
sudo systemctl daemon-reload
sudo systemctl enable --now portmaster
6. Enjoy!
Uninstalling the package from your system will properly uninstall and remove the Portmaster.