- Notifications
You must be signed in to change notification settings - Fork329
Disable AppArmor in CI to allow chrome sandbox#511
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Conversation
The CI is currently failing with this error when trying to launch`TestWasm` with wasmbrowsertest:No usable sandbox! If you are running on Ubuntu 23.10+ or another Linuxdistro that has disabled unprivileged user namespaces with AppArmor, seehttps://chromium.googlesource.com/chromium/src/+/main/docs/security/apparmor-userns-restrictions.md.Otherwise seehttps://chromium.googlesource.com/chromium/src/+/main/docs/linux/suid_sandbox_development.mdfor more information on developing with the (older) SUID sandbox. If youwant to live dangerously and need an immediate workaround, you can tryusing --no-sandbox.This change disables AppArmor in the CI to allow the sandbox to work.
I got the idea to disable AppArmor from the following pull request in the wasmbrowsertest project:agnivade/wasmbrowsertest#72. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Thanks for investigating, nice solution!
@igolaizola I think this approach is fine, can we close#512 and#510 or would you like for them to remain open? |
igolaizola commentedJan 29, 2025 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
I agree. Feel free to merge this solution to fix the issue#512. Then we can also close#510. |
3e183a9 intocoder:masterUh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
The CI is currently failing with this error when trying to launch
TestWasmwith wasmbrowsertest:No usable sandbox! If you are running on Ubuntu 23.10+ or another Linux distro that has disabled unprivileged user namespaces with AppArmor, seehttps://chromium.googlesource.com/chromium/src/+/main/docs/security/apparmor-userns-restrictions.md. Otherwise seehttps://chromium.googlesource.com/chromium/src/+/main/docs/linux/suid_sandbox_development.md for more information on developing with the (older) SUID sandbox. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.
This change disables AppArmor in the CI to allow the sandbox to work.
Fixes#512
Closes#510