-
-
Notifications
You must be signed in to change notification settings - Fork 246
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
firejail teams-for-linux
requires /opt/teams-for-linux/chrome-sandbox
owned by root and has mode 4755
#1527
Comments
can you check in https://codeberg.org/lars_uffmann/teams-for-linux-jailed and create an issue in there? There might be an equivalent to the apparmour for firejail but I have no idea/experience on this. Thanks for reporting |
Happens also to me without using
|
@woernsn, the chmod issue can be sorted using an apparmour profile as explained in #1426 (comment) . I wonder if that change from Ubuntu has just broke firejail or something. |
Wow, thanks @IsmaelMartinez. |
@leukimi , I don't know much about Apparmour and firejail but I suspect what you are seeing is a bit of a conflict between the two. https://github.com/netblue30/firejail/wiki/Frequently-Asked-Questions#how-does-it-compare-with-apparmor Check the AppArmor profile provided by Firejail. Probably worth asking at https://github.com/netblue30/firejail/ , as they seem to have similar issues in other packages like chromium netblue30/firejail#6368 . Sorry but I don't think I can't help much more than this. Good luck and do report back if you find anything, otherwise I will close this ticket as it is not related to our app, but Ubuntu and firejail configuration. |
firejail teams-for-linux
requires/opt/teams-for-linux/chrome-sandbox
owned by root and has mode 4755To Reproduce
firejail teams-for-linux
The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/teams-for-linux/chrome-sandbox is owned by root and has mode 4755. Parent is shutting down, bye...
Tried the proposed solution to add apparmour file. It didn't solve the issue.
Proposed solution(s)
To fix this, the debian install script needs to make a
chmod 4755 $(pkgdir_buildroot_debian)/opt/teams-for-linux/chrome-sandbox
or have adebian/postinst
file which doeschmod 4755 /opt/teams-for-linux/chrome-sandbox
after install. Probably needed for all distributions, such as Fedora/openSUSE/Archlinux/Manjaro.System
Reference(s)
Maybe similar root cause as in issue #1426 but there is no concrete solution in the thread mentioning
firejail
and the choice to force changed permissions on the affected directory when the DEB package is created or include apostinst
file to fix the issue after install.The text was updated successfully, but these errors were encountered: