The problem here is that Firefox does not have a 'central' location where it looks for certificates. It just looks into the current profile. That's why modifying /usr/share/ca-certificates
or other similar directories won't work with Firefox. This is something that has been requested for years; see issues 620373, 449498 and 454036 (and probably there are many others).
So you are left with just two kind of solutions: either modify each profile, or modify the behaviour of Firefox. I know this is not what you are looking for, but there are no ways because Firefox only looks at users' profiles.
Having said that, the solution I would choose is using hard or symbolic links, specifically I'd go with hardlinks. This solution is surely the easiest and probably the better, though I don't have enough information to judge.
What you have to do is basically removing each cert8.db
and key3.db
files for each profile and replace them with links to the "most complete" cert8.db
and key3.db
. If you go with hardlinks, the original cert8.db
and key3.db
will be indistinguishable from the new ones.
Remember to adjust permissions to fit your needs. Most likely, you will need to chmod a+rw
so that everybody will be able to add/remove a certificate. If you want only certain users to be able to add/remove certificates, you can create a group, assign the two databases to that group and give +w
permission just to the group.
[This doesn't provide what you've asked for but is a different way to achieve the same result.]
First, about the warning... You can make sure you never see it again (on a per profile basis) as shown below:
Now, as regards the preferences you desire. In general, you can create a simple text file called user.js
. This file has to be placed in the relevant profile folder such as /home/username/.mozilla/firefox/random.default
(where random
is something unique to each user).
The structure and syntax of user.js
is described in User.js file for example.
So in your case, you would have a line such as:
user_pref("set browser.urlbar.trimURLs","false");
or, to use your other example (but see further down):
user_pref("browser.search.defaulturl","https://duckduckgo.com/");
However, I suggest that you first ensure that the preferences you set are valid for the browser version you're using. I say this because I don't see browser.search.defaulturl
at all in my about:config
. I'm using Firefox 22 beta. Instead, I see:
browser.search.defaultenginename;Google
So, taking the example of using Bing instead of Google, the other line in your user.js
if you're using Firefox 22, would be:
user_pref("browser.search.defaultenginename","Bing");
As the image indicates, you can search for additional engines.
So, in short, you can put your preferences in user.js
and you can remove the nag screen by unticking in the first image.
Also, as indicated in the resource I linked to, you must restart the browser for the code in user.js
to take effect.
Best Answer
Firefox generally reads its settings from
~/.mozilla/firefox
, so if you have the settings in a shared location, once that folder has been created, Firefox will ignore your shared settings. What you could do however is take a look at the addon xulet-ubufox used by Ubuntu to modify Firefox settings (it is installed by default), and see how that gets it done.Another option, if the systems do not yet have user accounts set up (or if you can recreate the accounts), is to put a customized
~/.mozilla/firefox
folder in/etc/skel
. This will be copied to all new accounts.A third, possibly easier option, is to create the customized defaults, package them in a deb that points to some shared location like
/usr/share/firefox-defaults
, and then copy these settings on startup (of the user profiles) to~/.mozilla/firefox
. I don't know the full technical details of accomplishing this, but I believe it should be possible to do it by adding something to/etc/rc.local
Another way to get this
~/.mozilla/firefox
re-initialised on every login could be by making a 'login-script', activated by the pam-script module. See here for more info on how to use it.