mirror of
https://github.com/laurent22/joplin.git
synced 2024-12-21 09:38:01 +02:00
Desktop: Resolves #10332: Ubuntu 24.04: Work around unprivileged user namespace restrictions by adding the --no-sandbox flag to the launcher (#10338)
This commit is contained in:
parent
6358c39810
commit
7fe98e9dc9
@ -202,16 +202,28 @@ if command -v lsb_release &> /dev/null; then
|
|||||||
DISTVER=$(lsb_release -is) && DISTVER=$DISTVER$(lsb_release -rs)
|
DISTVER=$(lsb_release -is) && DISTVER=$DISTVER$(lsb_release -rs)
|
||||||
DISTCODENAME=$(lsb_release -cs)
|
DISTCODENAME=$(lsb_release -cs)
|
||||||
DISTMAJOR=$(lsb_release -rs|cut -d. -f1)
|
DISTMAJOR=$(lsb_release -rs|cut -d. -f1)
|
||||||
|
|
||||||
#-----------------------------------------------------
|
#-----------------------------------------------------
|
||||||
# Check for "The SUID sandbox helper binary was found, but is not configured correctly" problem.
|
# Check for "The SUID sandbox helper binary was found, but is not configured correctly" problem.
|
||||||
# It is present in Debian 1X. A (temporary) patch will be applied at .desktop file
|
# It is present in Debian 1X. A (temporary) patch will be applied at .desktop file
|
||||||
# Linux Mint 4 Debbie is based on Debian 10 and requires the same param handling.
|
# Linux Mint 4 Debbie is based on Debian 10 and requires the same param handling.
|
||||||
#
|
#
|
||||||
# This also works around Ubuntu 23.10+'s restrictions on unprivileged user namespaces. Electron
|
# TODO: Remove: This is likely no longer an issue. See https://issues.chromium.org/issues/40462640.
|
||||||
|
BAD_HELPER_BINARY=false
|
||||||
|
if [[ $DISTVER =~ Debian1. || ( "$DISTVER" = "Linuxmint4" && "$DISTCODENAME" = "debbie" ) || ( "$DISTVER" = "CentOS" && "$DISTMAJOR" =~ 6|7 ) ]]; then
|
||||||
|
BAD_HELPER_BINARY=true
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Work around Ubuntu 23.10+'s restrictions on unprivileged user namespaces. Electron
|
||||||
# uses these to sandbox processes. Unfortunately, it doesn't look like we can get around this
|
# uses these to sandbox processes. Unfortunately, it doesn't look like we can get around this
|
||||||
# without writing the AppImage to a non-user-writable location (without invalidating other security
|
# without writing the AppImage to a non-user-writable location (without invalidating other security
|
||||||
# controls). See https://discourse.joplinapp.org/t/possible-future-requirement-for-no-sandbox-flag-for-ubuntu-23-10/.
|
# controls). See https://discourse.joplinapp.org/t/possible-future-requirement-for-no-sandbox-flag-for-ubuntu-23-10/.
|
||||||
if [[ $DISTVER = "Ubuntu23.10" || $DISTVER =~ Debian1. || ( "$DISTVER" = "Linuxmint4" && "$DISTCODENAME" = "debbie" ) || ( "$DISTVER" = "CentOS" && "$DISTMAJOR" =~ 6|7 ) ]]; then
|
HAS_USERNS_RESTRICTIONS=false
|
||||||
|
if [[ "$DISTVER" =~ ^Ubuntu && $DISTMAJOR -ge 23 ]]; then
|
||||||
|
HAS_USERNS_RESTRICTIONS=true
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ $HAS_USERNS_RESTRICTIONS = true || $BAD_HELPER_BINARY = true ]]; then
|
||||||
SANDBOXPARAM="--no-sandbox"
|
SANDBOXPARAM="--no-sandbox"
|
||||||
print "${COLOR_YELLOW}WARNING${COLOR_RESET} Electron sandboxing disabled."
|
print "${COLOR_YELLOW}WARNING${COLOR_RESET} Electron sandboxing disabled."
|
||||||
print " See https://discourse.joplinapp.org/t/32160/5 for details."
|
print " See https://discourse.joplinapp.org/t/32160/5 for details."
|
||||||
|
Loading…
Reference in New Issue
Block a user