Fix chrome-sandbox file permissions

[Descear]

Fixes: #20756

[Descear]

I was hoping that the Azure Pipeline check would run automatically so that I could figure out what to do.

Can someone please manually trigger that check for this PR?

[lkashef]

Hey @Descear, thanks for your contribution.

The PR normally triggers the CI but I think being a fork + draft status blocked the CI, I marked the PR as "Ready to Review" and the CI got triggered.

[Descear]

I marked the PR as "Ready to Review" and the CI got triggered.

Thanks, @lkashef.

As of the last commit, this PR is now actually ready for review.

[darangi]

Hi @Descear, can you add your branch name to this file? script/vsts/release-branch-build.yml ? e.g

atom/script/vsts/release-branch-build.yml

Line 5 in 33ac859

- fix-crash-on-linux

so we get to download .deb and .rpm artifacts that will be uploaded to the pipeline? This particular change will be reverted if we all confirm it works as expected.

[Descear]

The latest commit appears to have fixed the issue.

Checking the artefacts:

$ dpkg -c atom-amd64.deb | grep chrome-sandbox
-rwsr-xr-x root/root   5185424 2020-05-29 01:12 ./usr/share/atom-dev/chrome-sandbox

$ rpm -qlv atom.x86_64.rpm | grep chrome-sandbox
-rwsr-xr-x    1 root   root   5185424 May 28 20:17 /usr/share/atom-dev/chrome-sandbox

Atom launches fine on these distros after their respective package artefact is installed:

• Debian 10
• Fedora 32 (forced to use chrome-sandbox, see #20756 (comment))

Both distros:

$ stat /usr/share/atom-dev/chrome-sandbox
[...]
Access: (4755/-rwsr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
[...]

These commits should be reverted before this PR is merged:

• 73bd087
• 368f790

[darangi]

Great work! 🥳 @Descear, can we revert commits 73bd087 and 368f790? So we can merge this in?

[Descear]

I've made the reverts. Please proceed.

[Jackfritt]

There are still problems I wrote here
With 1.46.0 this was possible:
sudo atom /root/.bashrc

Also writing files to directory without direct write access a Policy-Kit Window popped up
and asked for sudo password. Then it wrote the file to this directory.
atom /home/some.user/test.file

Thx for reading :) and support.

[lkashef]

Hey @Jackfritt, thanks for your report 🙇‍♂️

The fix is available in Nightly and will be patched in the next release.

[Jackfritt]

Hey @Jackfritt, thanks for your report bowing_man

The fix is available in Nightly and will be patched in the next release.

I tried 1.48.0 on latest patched Debian Buster
still not functional.

LC_ALL=C sudo atom /root/.bashrc

kvm@j-esser:~/src/m2m_sql$ /usr/bin/atom: line 190: 18834 Trace/breakpoint trap nohup "$ATOM_PATH" --executed-from="$(pwd)" --pid=$$ "$@" > "$ATOM_HOME/nohup.out" 2>&1
[18834:0612/141736.319903:FATAL:atom_main_delegate.cc(194)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.

atom /home/some.other.users_home_dir/new_test.file

Saving file gives error message
"Unable to save file: Permission denied '/home/some.other.users_home_dir'"
instead of Policy-Kit Window popped up and asked for sudo password.

[morrisjallah]

https://stackoverflow.com/jobs/developer-jobs-using-typescript