Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

run Chromium as user #374

Open
umumax opened this issue Jun 8, 2023 · 0 comments
Open

run Chromium as user #374

umumax opened this issue Jun 8, 2023 · 0 comments
Labels
question Further information is requested

Comments

@umumax
Copy link

umumax commented Jun 8, 2023

I'm having issue with running Chromium as user in RootlessKit's namespace. Or should I say nested namespace, because I'm creating netns within it.
Chromium doesn't like to be run as root. It requires sandboxing disabled to run as root.

Below are commands I'm running to set everything up:

./rootlesskit --copy-up=/etc --copy-up=/run  --net=slirp4netns --disable-host-loopback --state-dir=${XDG_RUNTIME_DIR}/rootlesskit bash

/usr/sbin/openvpn --writepid "/var/run/openvpn-netns-$$.pid" --config /home/user/fr.conf &

ip netns add vpn
ip netns exec vpn ip link set dev lo up
ip link set dev "$1" up netns vpn mtu "$2"
ip netns exec vpn ip addr add dev "$1" "$4/24" ${ifconfig_broadcast:+broadcast "$ifconfig_broadcast"}
route_vpn_gateway=$(ip netns exec vpn ip route list table main | awk -v tun="$1" '/tun/ { print $9}')
ip netns exec vpn ip route add default via "$route_vpn_gateway"
ip netns exec vpn ip link set lo up

Chromium's error is not informative but firefox's one gives some clues:

ip netns exec vpn /sbin/runuser -u user -- chromium
[27842:27842:0608/065854.467030:ERROR:(-1)] Check failed: false.
Trace/breakpoint trap

ip netns exec vpn /sbin/runuser -u user -- firefox
(Firefox-esr:27927): dconf-CRITICAL **: 07:00:17.176: unable to create directory '/run/user/1000/dconf': Permission denied.  dconf will not work properly.

Could someone let me know what should be done to make this work?

Thank you

@AkihiroSuda AkihiroSuda added the question Further information is requested label Jun 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants