Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Packaging Electron v5 with sandbox (linux)
See original GitHub issueWith electron 5 the sandbox is enabled by default. The sandbox requires elevated rights to run.
This can be achieved if the kernel has kernel.unprivileged_userns_clone enabled or a SUID flag is set on chrome-sandbox.
If unprivileged_userns_clone is disabled (default for Arch) the SUID-flag is required.
To disable / enable said kernel feature:
sudo sysctl kernel.unprivileged_userns_clone=0
Snaps cannot use the SUID flag (automatic app review) and seem to prevent access to the kernel feature.
One can disable the sandbox by running electron with the --no-sandbox argument.
As a workaround, I currently use an after-pack hook to wrap the electron binary and append the --no-sandbox argument, which seemed to be to be the only way to add the sandbox argument. (app.commandLine.appendSwitch does not work since electron has already launched)
https://github.com/thomasnordquist/MQTT-Explorer/blob/master/scripts/afterPack.ts
Electron issue concerning this: https://github.com/electron/electron/issues/17972
Issue Analytics
- State:
- Created 4 years ago
- Reactions:9
- Comments:95 (35 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@develar I think this issue should be re-opened. It’s great that #4364 resolves this for the
.debdistribution, but this problem remains unsolved on AppImage (and maybe Snap?).@develar please can you reopen this issue so it can be resolved for AppImage/deb/etc or would you prefer a new issue is opened? Happy to do so if needed.