I’m using firejail to sandbox firefox. When I use

lsof -i
, there are no connections shown. Firejail does namespace isolation on the process, so i do this

ps aux | grep firefox  | awk ' { print 2} ' | while read p ; do nsenter -tp lsof -i ; done 

to enter each namespace and to lsof -i. I’ve tried

nsenter -t <pid> -n lsof -i
as well but nothing appears. But this works when I lsof as root. Shouldn’t a user be able to list open socket connections?