Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 711094

Summary: net-im/discord-bin-0.0.10: Discord fails to start due to missing SUID bit on /opt/discord/chrome-sandbox
Product: Gentoo Linux Reporter: seraph <seraph>
Component: Current packagesAssignee: Johannes Huber (RETIRED) <johu>
Status: RESOLVED FIXED    
Severity: minor CC: andrewammerlaan, chris, jstein, redblade7
Priority: Normal    
Version: unspecified   
Hardware: AMD64   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description seraph@xs4all.nl 2020-02-29 13:31:52 UTC 
After upgrading Discord to 0.0.10, Discord fails to start with:

[72376:0229/142504.857021:FATAL:setuid_sandbox_host.cc(157)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/discord/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap (core dumped)

Reproducible: Always

Steps to Reproduce:
1. Install/upgrade net-im/discord-bin to 0.0.10
2. Attempt to start Discord

Actual Results:  
[72376:0229/142504.857021:FATAL:setuid_sandbox_host.cc(157)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/discord/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap (core dumped)

Expected Results:  
Discord should work normally after installation/upgrade and not require an extra step.

As the error suggests, running "chmod 4755 /opt/discord/chrome-sandbox" as root fixes the issue.
Comment 1 Fab 2020-02-29 17:08:23 UTC 
Works fine here without this SUID bit.

Do you have CAP_SYS_USER_NS on in your kernel ?

From ⁽¹⁾ :
> CONFIG_USER_NS=y enables the user namespaces feature, but they're still
> restricted to privileged users by default. This suggests sysctl
> kernel.unprivileged_userns_clone=1

1. https://github.com/electron/electron/issues/17972#issuecomment-486927073
Comment 2 ascendant512+gentoo 2020-02-29 18:20:57 UTC 
Had this error.  Enabled CONFIG_USER_NS, rebooted.  Discord runs now.
Comment 3 seraph@xs4all.nl 2020-02-29 18:28:07 UTC 
I will try this solution as soon as I have some spare time to recompile my kernel.  If this is the solution though, there should be a check and warning about this.  It's also new to this version, all previous versions worked fine.
Comment 4 Chris Henhawke 2020-02-29 20:14:57 UTC 
For what it's worth, Chrome browser says it needs this kernel option enabled, but it runs just fine without it, discord just straight up says "no".
Comment 5 Andrew Ammerlaan gentoo-dev 2020-08-07 08:03:24 UTC 
Encountered this problem in the 0.0.11 ebuild as well, fixed by enabling the kernel config option as suggested above.

Might I suggest adding the variable:
CONFIG_CHECK="CONFIG_USER_NS" from the linux-info eclass to the ebuild.
That should alert users if the config option is missing from the kernel configuration file.
Comment 6 Larry the Git Cow gentoo-dev 2020-09-12 01:05:45 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=47f6a0a6e1e53b0a9dae028cb65a90ae78168e85

commit 47f6a0a6e1e53b0a9dae028cb65a90ae78168e85
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2020-09-12 01:05:36 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2020-09-12 01:05:36 +0000

    net-im/discord-bin: add CONFIG_USER_NS check
    
    Closes: https://bugs.gentoo.org/711094
    Package-Manager: Portage-3.0.4, Repoman-3.0.1
    Signed-off-by: Sam James <sam@gentoo.org>

 net-im/discord-bin/discord-bin-0.0.12.ebuild | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)