No usable sandbox Linux Mint


#1

Installed on Debian Mint. In the terminal I get this error…

FATAL:zygote_host_impl_linux.cc(124)] No usable sandbox! Update your kernel or see https://chromium.googlesource.com/chromium/src/+/master/docs/linux_suid_sandbox_development.md for more information on developing with the SUID sandbox. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.

Does this mean I have to modify the system kernel to get your browser to work? Seems a bit much to me.


#2

@vajra, did you use the linux install instructions found on our git? Specifically the second note at the top of the instructions regarding the sandbox error (here’s the link address).

Hope this helps!


#3

@Mattches thanks for your reply.
On that link I can see the option to make a temporary change using
echo 1 > /proc/sys/kernel/unprivileged_userns_clone
I’m slightly concerned about what this change in my system implies. I have never come across this before.


#4

I tried both options for enabling the sandboxing but i get permission denied even with sudo

$ sudo echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf
bash: /etc/sysctl.d/00-local-userns.conf: Permission denied

#5

Then I tried creating the file using sudo and the text editor but then I got

$ service procps restart
[....] Setting kernel variables ...sysctl: permission denied on key 'kernel.unprivileged_userns_clone'
failed.

Not easy to use this browser!


#6

No problem, happy to help!

So very breifly, Sandboxing keeps programs running in a contained environment so that they can be tinkered with without harming or having unintended consequences for your system. Namespaces are used in Linux systems to isolate different system resource aspects. Enabling this on your machine essentially allows Brave to be run in a sandbox (inside your user namespace).

We’ve had this issue reported several times. You can see the official issue/fix on github here

If you’d like to read more about sandboxing and Namespaces in Linux, here’s a couple links you may find useful:



Hope this helps! Please let me know if you have any further questions or issues.


#7

Hi thanks for those links. Everything I read about the namespaces says it is contentious, but i don’t understand much about why. I finally found a way of enabling them with this command

sysctl -w kernel.unprivileged_userns_clone=1

Is that safe?

Which worked for me. But now I can’t get a tor tab to work. I get the error "unable to connect to the tor network"


#8

Now it is working! I can finally open tor tabs and see pages censored by the government here.


#9

:tada::tada:
So glad you got it worked out!! I’ll go ahead and close this topic now. Enjoy your privacy :slight_smile:


#10