Chrome Headless doesn't launch on Debian #290
Comments
|
This is working fine here on Elementary OS. I'm downloading a Debian installer now to try this out in a VM. |
|
That's interesting. Could you please:
const puppeteer = require('puppeteer');
(async() => {
const browser = await puppeteer.launch({dumpio: true});
const page = await browser.newPage();
await page.goto('https://example.com');
await page.screenshot({path: 'example.png'});
browser.close();
})(); |
|
Can't launch the local chrome: I should have mentioned that this is a headless machine that I'm ssh'd into. Given that this is for headless Chrome, I assume that scenario is still supported? |
|
I think in the case of Debian systems you still need https://packages.debian.org/sid/libx11-xcb1 to run headless. That way the system has some of the API calls it needs to to do the rendering calculations. |
|
The action to resolve this (which I'm working on now) is getting a list of all the required dependencies to run Chromium. Straight from the Debian the requirements are below. Documenting this for a PR shortly. Dependencies for debian |
|
Already have that installed, perhaps a different package is needed? |
|
@fortes so do dependencies from #290 (comment) help? |
|
I've installed those and can now run |
|
Check the sandbox docs linked to in that error and see if they can help you get it working. Either the security sandbox is messed up on Debian right now or something funky is happening to trigger it to need a non-kernel one. I'm looking into this once this VM server gets installed. |
|
This should be solved with the '--no-sandbox' flag: const puppeteer = require('puppeteer');
(async() => {
const browser = await puppeteer.launch({args: ['--no-sandbox']});
const page = await browser.newPage();
await page.goto('https://example.com');
await page.screenshot({path: 'example.png'});
browser.close();
})(); |
|
It's worth considering adding both In chrome-launcher/lighthouse we're already including |
|
I have always strongly urged people to never turn off the sandbox without a good cause, even in tests. It is a major part of the security system from what I understand. I'm setting up a squeaky clean and fresh Debian VM to run some install steps in. We should be able to have it well documented how to get it operating without compromising system security. I recall PHPStorm for example having an issue where it was serving on localhost, so a remote code execution exploit was opened up for any site including code that would look for the port in use and take advantage of a flaw in that server. Let's not open people up to security issues by disabling the sandbox here. Where they could be visiting any number of sites including code that looks for exploits to abuse. |
aslushnikov
changed the title
|
Still no luck w/ those two flags: Same warning when just with |
|
Just as a quick update, I'm like 20-40ish minutes out from starting on testing the install procedure. Downloading packages now for a fresh net install of Debian 9. So, I should get back to you shortly with exact steps to reproduce. It just won't be as fast as something that doesn't require a full OS install. 😄 |
|
Thanks for going through effort @Garbee! Will you be testing a headless Debian install, or using via ssh? |
|
SSH is not relevant to the problem. Only a Debian server without any X/wayland system pre-installed (like any remote web server) will be enough to fully recreate the problem and steps to reproduce. So, that's what I'll be working with locally in a VM. |
|
This may or may not be helpful... I run Electron in a Docker instance on Docker Cloud. I run this command: and my Dockerfile contains the following commands to install dependencies: |
|
headless exists to not need |
|
@Garbee awesome. This stuff isn't my strong suit. I'm going to attempt to replace the Electron usage with puppeteer, so hopefully this will simplify our environment. |
|
@fortes Are you running this as root by chance? |
|
If you're running as root (after having all the required deps installed as listed earlier) you need to run without a sandbox since Chromium requires that (no clue why exactly yet.) If running as a normal user, then it should run just fine on a fresh debian install with the required dependencies. |
|
Not running as root |
|
That's interesting. I setup a fresh Linode box on Debian 9. Installed the packages listed above, then setup nodesource to install node 8. Then the yarn repository. New folder, Is the box you're running on under you complete control or is it someone else's like a VPS/shared host? If it is a remote host could you share the provider so I can look into if they do anything funny with their kernel configurations. |
|
Ah yea, that's it. Your box host is messing you up. It has a very old Kernel. Debian 9 ships with Although, in all honesty... Upgrade the kernel or get a host that doesn't keep you back. It's very important that the kernel gets updated for the best security and you're being left vulnerable. |
|
@fortes If you could, please try running this script on your server to see if you have user namespacing enabled. https://gist.githubusercontent.com/Garbee/dfd33ba0a62f1cbc023b8d57de18efca/raw/f82ed513014062554a3536980a67390b57f1f858/user-namespace-check-linux.sh |
|
for the dockerisers amongst us - i've launched successfully with this setup: |
|
PR #311 is open to start looking at expanding the install script to make it much more interactive and friendly to help catch installation problems. You can check the code out from that PR and give it a spin. Please report on the PR of any problems you face or things you think could improve the flow. |
|
Shoot @earshinov you were right, I missed the 1 when trying to install it. I ran |
|
For some reason I was missing the Fixed by adding the libxcb-dri3-0 package. sudo apt install libxcb-dri3-0I don't know if it an isolated issue, if future readers have the same problem, it may be added to the packages list. |
|
In addition to libxcb-dri3-0, as @rigwild pointed out, I had to also: |
|
Getting this error: electron 9.1.0 I have tried all the option mentioned above... My app works perfectly in dev mode and even on x64 build |
|
@AtiqGauri I have also got some shared library missing error on CI. Installing all fonts, libraries explicitly helped resolve the issue. I have used this as a reference. https://github.com/puppeteer/puppeteer/blob/main/.ci/node10/Dockerfile.linux |
Hi, when I try to run it, in my debian, I have this: Do you have any idea on how to solve it? Thank you |
You are the best dude. Thank you ! |
A few issues show up -
1. Chrome's security notifications show up, and need to be resolved.
Possible solutions -
- puppeteer/puppeteer#290
- https://github.com/Zenika/alpine-chrome#-the-best-with-seccomp
- https://security.stackexchange.com/questions/219577/how-to-securely-run-puppeteer-chromium-in-a-docker-container
- https://github.com/puppeteer/puppeteer/blob/main/docs/troubleshooting.md#setting-up-chrome-linux-sandbox
2. The choppiness still remains. This is a major problem. This tells me that it's possibly either Chrome-on-Linux or ffmpeg based screencasting, which is broken. Either ways, no point trying to fix this.
3. Color schema was fine, but getting high quality was a pain. This is a problem, though solved.
This worked even for node 14.17. Thank you so much for the help @mrbar42 . This did not, however, work for node 16.8 |
works for me |
As per discussion: puppeteer/puppeteer#290 snappdf needs to use headless chrome which has dependencies not satisfied in the current build.
|
/app/node_modules/puppeteer/lib/cjs/puppeteer/node/BrowserRunner.js:241 |
Any update on this? I just got this by myself ... (I start from a python slim image) |
|
on debian 8.5 I get this error: TimeoutError: Timed out after 30000 ms while waiting for the WS endpoint URL to appear in stdout! when executing chromium 57 that has been installed with apt install. When using the chromium inside puppeteer, I get this error: error while loading shared libraries: libatk-2.0 cannot open shared object file: No such file or directory |
|
any updates on this? cant get pass this |
I'm getting the same error |
Omitted in 0180a88, despite prior 5c839f5. See also puppeteer#290
Omitted in 0180a88, despite prior 5c839f5. See also puppeteer#290
Omitted in 0180a88, despite prior 5c839f5. See also puppeteer#290
|
Im getting Error: Failed to launch the browser process!
/root/bot/node_modules/puppeteer/.local-chromium/linux-1036745/chrome-linux/chrome: error while loading shared libraries: libcups.so.2: cannot open shared object file: No such file or directory |
and others
Running this example code from the README:
I get the following error output:
Platform info:
The text was updated successfully, but these errors were encountered: