Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 700758 - net-im/signal-desktop-bin-1.29.6: incorrectly configured suit sandbox helper binary
Summary: net-im/signal-desktop-bin-1.29.6: incorrectly configured suit sandbox helper ...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Robert G. Siebeck
URL:
Whiteboard:
Keywords: PullRequest
Depends on:
Blocks:
 
Reported: 2019-11-20 10:10 UTC by Marek Szuba (RETIRED)
Modified: 2020-01-21 05:38 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marek Szuba (RETIRED) archtester gentoo-dev 2019-11-20 10:10:46 UTC
Recent Gentoo ebuilds of Signal Desktop strip the setuid bit from the sandbox helper binary installed into /opt/Signal. As a result, launching signal-desktop fails with the error

[FATAL:setuid_sandbox_host.cc(157)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/Signal/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap (core dumped)
Comment 1 Larry the Git Cow gentoo-dev 2019-11-26 14:59:22 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb47a5a96a5cddd4b5ae98288e7025fe9799ea2b

commit eb47a5a96a5cddd4b5ae98288e7025fe9799ea2b
Author:     Robert Siebeck <gentoo.2019@r123.de>
AuthorDate: 2019-11-25 20:49:32 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2019-11-26 14:59:05 +0000

    net-im/signal-desktop-bin: fix permissions for installed files
    
    Closes: https://bugs.gentoo.org/700758
    
    Signed-off-by: Robert Siebeck <gentoo.2019@r123.de>
    Closes: https://github.com/gentoo/gentoo/pull/13761
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 net-im/signal-desktop-bin/signal-desktop-bin-1.28.0.ebuild | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
Comment 2 Marek Szuba (RETIRED) archtester gentoo-dev 2020-01-20 11:24:12 UTC
Still not fixed, sorry:

$ ls -l /opt/Signal/chrome-sandbox 
-rwxr-xr-x 1 root root 235728 2020-01-20 00:18 /opt/Signal/chrome-sandbox
Comment 3 Larry the Git Cow gentoo-dev 2020-01-21 05:38:15 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9aa7dfe14c6d3c8b9d8d307e91892fb8ba44d470

commit 9aa7dfe14c6d3c8b9d8d307e91892fb8ba44d470
Author:     Robert Siebeck <gentoo.2019@r123.de>
AuthorDate: 2020-01-21 05:28:07 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2020-01-21 05:28:07 +0000

    net-im/signal-desktop-bin: set suid bit for chrome-sandbox
    
    Closes: https://bugs.gentoo.org/700758
    Signed-off-by: Robert Siebeck <gentoo.2019@r123.de>
    Closes: https://github.com/gentoo/gentoo/pull/14398
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 ...nal-desktop-bin-1.29.6.ebuild => signal-desktop-bin-1.29.6-r1.ebuild} | 1 +
 1 file changed, 1 insertion(+)