New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ubuntu 24.04: No usable sandbox! #2804
Comments
OS Ubuntu 24.04, latest. |
Did you just tick all the boxes or did you actually test that? In which case the problem would be with your default profile. |
Of course I test all of this boxes. Chrome downloaded from official site, Chromium installed with 'chromium' package, and UC ungoogled-chromium_123.0.6312.122-1.AppImage |
Try running this.....
For the sandbox to work the command should return a value of 1. If it's zero then run.....
|
cat /proc/sys/kernel/unprivileged_userns_clone Yes, it returns 1. |
The only other problems I can think of is with the chrome-sandbox binary. You could try seeing if it's named properly (with a hypen '-', not an underscore '_'). Also see if it's got the correct permissions.....
This should return 4755. If it doesn't then you could try.....
|
stat -c %a /usr/lib/chromium/chrome-sandbox But appimage version shouldn't depend from system chromium sandbox. Btw, on previous ubuntu release (mantic) everything working well. You better try by yourself - install daily kubuntu noble build in VM and try to run UC. |
I think this is related to the restrictions enabled in Ubuntu 24.04. See: It seems Ubuntu 24.04 already provides configuration profiles for some applications, including Chrome, that could be used as reference to create a profile for UC. |
Yeah, it works with an AppArmor profile. I created a /etc/apparmor.d/usr.local.bin.ungoogled-chromium file with the following content:
I used the AppImage executable, renamed to /usr/local/bin/ungoogled-chromium. Then reloaded the profile with:
And now UC works. Note: I'm using Ubuntu Mate 24.04, but this should work with all Ubuntu "flavors". |
An alternative is to disable the restriction for all applications with:
or permanently by adding to /etc/sysctl.d/local.conf or similar configuration file:
|
Great, it works! Thanks! |
OS/Platform
Debian, Ubuntu, and derivatives
Installed
https://ungoogled-software.github.io/ungoogled-chromium-binaries/
Version
123.0.6312.122-1
Have you tested that this is not an upstream issue or an issue with your configuration?
--user-data-dir
command line argument and it could not be reproduced thereDescription
Ungoogled Chromium won't launch
How to Reproduce?
Try to run UC and see error:
[110483:110483:0415/143659.359212:FATAL:zygote_host_impl_linux.cc(127)] No usable sandbox! Update your kernel or see https://chromium.9oo91esource.qjz9zk/chromium/src/+/main/docs/linux/suid_sandbox_development.md for more information on developing with the SUID sandbox. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.
Trace/breakpoint trap (core dumped)
Actual behaviour
Expected behaviour
Relevant log output
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: