Fix Linux sandbox crash and add installation docs#384
Open
antonlobanovskiy wants to merge 1 commit into
Open
Conversation
…lation - Add afterPack hook that wraps Electron binary with --no-sandbox flag and removes chrome-sandbox, fixing the SUID sandbox crash on Linux (Ubuntu 24.04+, Fedora, etc.) - Remove rpm from default Linux targets (requires rpmbuild) - Update README to mention Linux support and add installation instructions including FUSE2 dependency for AppImage users Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
afterPackhook (build/linux-sandbox-fix.js) that wraps the Electron binary in a shell script passing--no-sandbox, and removeschrome-sandbox. This fixes the fatalsetuid_sandbox_host.ccerror on Ubuntu 24.04+, Fedora 41, and other modern distros where AppArmor restricts unprivileged user namespaces.rpmfrom default Linux build targets — Building RPM requiresrpmbuildwhich most contributors/users won't have installed, causing the build to fail. AppImage and deb cover the vast majority of Linux users.libfuse2t64on Ubuntu 24.04+), extraction alternative, and updates the features list to reflect Linux picker support.Context
Tested on Ubuntu 24.04 (kernel 6.17, AppArmor restricting unprivileged userns). The AppImage builds and launches without any
--no-sandboxworkaround needed from the user.Related issues: #87, #362
Test plan
npx electron-builder --linux AppImagedist/linux-unpacked/ccais the wrapper script andcca.binis the real binarychrome-sandboxis removed from the unpacked directoryelectronPlatformName)🤖 Generated with Claude Code