cannot touch '/.local/share/applications/mimeapps.list': Permission denied after volume change

[AndrewGosling]

Our application is hosted on AWS, after expanding the storage volume used for the instance we receive the following error from the library

[2022-08-02 13:43:07] DEBUG process: initializing [2022-08-02 13:43:07] DEBUG process: using directory: /tmp/chromium-php-alFho7 
[2022-08-02 13:43:07] DEBUG process: starting process: '/usr/bin/google-chrome' '--remote-debugging-port=0' '--disable-background-networking' '--disable-background-timer-throttling' '--disable-client-side-phishing-detection' '--disable-default-apps' '--disable-extensions' '--disable-hang-monitor' '--disable-popup-blocking' '--disable-prompt-on-repost' '--disable-sync' '--disable-translate' '--metrics-recording-only' '--no-first-run' '--safebrowsing-disable-auto-update' '--enable-automation' '--password-store=basic' '--use-mock-keychain' '--headless' '--disable-gpu' '--font-render-hinting=none' '--hide-scrollbars' '--mute-audio' '--user-data-dir=/tmp/chromium-php-alFho7' 
[2022-08-02 13:43:07] DEBUG process: waiting for 30 seconds for startup 
[2022-08-02 13:43:07] DEBUG process: chrome output:touch: cannot touch '/.local/share/applications/mimeapps.list': Permission denied 
[2022-08-02 13:43:07] DEBUG process: ignoring output:touch: cannot touch '/.local/share/applications/mimeapps.list': Permission denied 
[2022-08-02 13:43:07] DEBUG process: chrome output:Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted [2022-08-02 13:43:07] DEBUG process: ignoring output:Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted 
[2022-08-02 13:43:07] DEBUG process: ✗ chrome process stopped

Fatal error: Uncaught RuntimeException: Chrome process stopped before startup completed. Additional info: touch: cannot touch '/.local/share/applications/mimeapps.list': Permission denied Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted [0802/134307.281828:ERROR:scoped_ptrace_attach.cc(27)] ptrace: Permission denied (13) in /var/www/html/vendor/chrome-php/chrome/src/Browser/BrowserProcess.php:400 Stack trace: #0 /var/www/html/vendor/chrome-php/chrome/src/Utils.php(57): HeadlessChromium\Browser\BrowserProcess->HeadlessChromium\Browser\{closure}(Object(Symfony\Component\Process\Process)) #1 /var/www/html/vendor/chrome-php/chrome/src/Browser/BrowserProcess.php(437): HeadlessChromium\Utils::tryWithTimeout(30000000, Object(Generator)) #2 /var/www/html/vendor/chrome-php/chrome/src/Browser/BrowserProcess.php(139): HeadlessChromium\Browser\BrowserProcess->waitForStartup(Object(Symfony\Component\Process\Process), 30000000) #3 /var/www/html/vendor/ch in /var/www/html/vendor/chrome-php/chrome/src/Browser/BrowserProcess.php on line 400

[2022-08-02 13:43:07] DEBUG process: killing chrome [2022-08-02 13:43:07] DEBUG process: cleaning temporary resources:/tmp/chromium-php-alFho7

Code used

require_once('../vendor/autoload.php');
use HeadlessChromium\BrowserFactory;
use HeadlessChromium\Page;

ini_set('memory_limit', '1024M');
set_time_limit(1800); //seconds
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
$browserFactory = new BrowserFactory('/usr/bin/google-chrome');
// starts headless chrome
$browser = $browserFactory->createBrowser([
    'debugLogger'     => 'php://output',
    'headless' => true]);
die("test");
?>

Code worked before the move. ENV settings

printenv CHROME_PATH
/usr/bin/google-chrome

reinstalling google-chrome and chrome-php does not resolve the issue.

[enricodias]

The user executing chrome doesn't have permission to access /.local/share/applications/mimeapps.list. Fix the permissions on that file.

Related to #106

[AndrewGosling]

added noSandbox property, error has changed but still throwing.

[2022-08-02 14:45:00] DEBUG process: initializing 
[2022-08-02 14:45:00] DEBUG process: using directory: /tmp/chromium-php-GSfNVQ 
[2022-08-02 14:45:00] DEBUG process: starting process: '/usr/bin/google-chrome' '--remote-debugging-port=0' '--disable-background-networking' '--disable-background-timer-throttling' '--disable-client-side-phishing-detection' '--disable-default-apps' '--disable-extensions' '--disable-hang-monitor' '--disable-popup-blocking' '--disable-prompt-on-repost' '--disable-sync' '--disable-translate' '--metrics-recording-only' '--no-first-run' '--safebrowsing-disable-auto-update' '--enable-automation' '--password-store=basic' '--use-mock-keychain' '--headless' '--disable-gpu' '--font-render-hinting=none' '--hide-scrollbars' '--mute-audio' '--no-sandbox' '--user-data-dir=/tmp/chromium-php-GSfNVQ' 
[2022-08-02 14:45:00] DEBUG process: waiting for 30 seconds for startup 
[2022-08-02 14:45:00] DEBUG process: chrome output:touch: cannot touch '/.local/share/applications/mimeapps.list': Permission denied 
[2022-08-02 14:45:00] DEBUG process: ignoring output:touch: cannot touch '/.local/share/applications/mimeapps.list': Permission denied 
[2022-08-02 14:45:00] DEBUG process: chrome output:[0802/144500.342808:ERROR:file_path_watcher_inotify.cc(86)] Failed to read /proc/sys/fs/inotify/max_user_watches 
[2022-08-02 14:45:00] DEBUG process: ignoring output:[0802/144500.342808:ERROR:file_path_watcher_inotify.cc(86)] Failed to read /proc/sys/fs/inotify/max_user_watches 
[2022-08-02 14:45:00] DEBUG process: chrome output:[0802/144500.347681:WARNING:bluez_dbus_manager.cc(247)] Floss manager not present, cannot set Floss enable/disable. [0802/144500.348582:ERROR:udev_watcher.cc(52)] Failed to initialize a udev monitor. 
[2022-08-02 14:45:00] DEBUG process: ignoring output:[0802/144500.347681:WARNING:bluez_dbus_manager.cc(247)] Floss manager not present, cannot set Floss enable/disable. 
[2022-08-02 14:45:00] DEBUG process: ignoring output:[0802/144500.348582:ERROR:udev_watcher.cc(52)] Failed to initialize a udev monitor. 
[2022-08-02 14:45:00] DEBUG process: chrome output:DevTools listening on ws://127.0.0.1:34990/devtools/browser/c61954a5-ce55-4c50-9f9b-a452efc67dd6 
[2022-08-02 14:45:00] DEBUG process: ✓ accepted output [2022-08-02 14:45:00] DEBUG process: connecting using ws://127.0.0.1:34990/devtools/browser/c61954a5-ce55-4c50-9f9b-a452efc67dd6 [2022-08-02 14:45:00] DEBUG socket(1): connecting 
[2022-08-02 14:45:00] DEBUG socket(1): ✗ could not connect 
[2022-08-02 14:45:00] DEBUG socket(1): → sending data:{"id":1,"method":"Target.setDiscoverTargets","params":{"discover":true}}

Fatal error: Uncaught HeadlessChromium\Exception\CommunicationException: Message could not be sent. Reason: the connection is closed. in /var/www/html/vendor/chrome-php/chrome/src/Communication/Connection.php:230 Stack trace: #0 /var/www/html/vendor/chrome-php/chrome/src/Communication/Connection.php(246): HeadlessChromium\Communication\Connection->sendMessage('Message could n...') #1 /var/www/html/vendor/chrome-php/chrome/src/Browser.php(77): HeadlessChromium\Communication\Connection->sendMessageSync(Object(HeadlessChromium\Communication\Message)) #2 /var/www/html/vendor/chrome-php/chrome/src/Browser/ProcessAwareBrowser.php(26): HeadlessChromium\Browser->__construct(Object(HeadlessChromium\Communication\Connection)) #3 /var/www/html/vendor/chrome-php/chrome/src/Browser/BrowserProcess.php(157): HeadlessChromium\Browser\ProcessAwareBrowser->__construct(Object(HeadlessChromium\Communication\Connection), Object(HeadlessChromium\Browser\BrowserProcess)) #4 /var/www/html/vendor/chrome-php/chrome/src/BrowserFactory.php(67): Head in /var/www/html/vendor/chrome-php/chrome/src/Communication/Connection.php on line 230

[2022-08-02 14:45:00] DEBUG process: killing chrome 
[2022-08-02 14:45:00] DEBUG process: stopping process 
[2022-08-02 14:45:00] DEBUG process: process stopped with exit code 143 
[2022-08-02 14:45:00] DEBUG process: cleaning temporary resources:/tmp/chromium-php-GSfNVQ

[enricodias]

The user executing chrome doesn't have permission to access /.local/share/applications/mimeapps.list. Fix the permissions on that file.

[AndrewGosling]

set 777 permissions on file:

-rwxrwxrwx. 1 centos centos 0 Aug 2 13:42 mimeapps.list

Error persists:

get_current_user() = centos
[2022-08-02 15:12:13] DEBUG process: initializing 
[2022-08-02 15:12:13] DEBUG process: using directory: /tmp/chromium-php-WHFB4Q 
[2022-08-02 15:12:13] DEBUG process: starting process: '/usr/bin/google-chrome' '--remote-debugging-port=0' '--disable-background-networking' '--disable-background-timer-throttling' '--disable-client-side-phishing-detection' '--disable-default-apps' '--disable-extensions' '--disable-hang-monitor' '--disable-popup-blocking' '--disable-prompt-on-repost' '--disable-sync' '--disable-translate' '--metrics-recording-only' '--no-first-run' '--safebrowsing-disable-auto-update' '--enable-automation' '--password-store=basic' '--use-mock-keychain' '--headless' '--disable-gpu' '--font-render-hinting=none' '--hide-scrollbars' '--mute-audio' '--no-sandbox' '--user-data-dir=/tmp/chromium-php-WHFB4Q' 
[2022-08-02 15:12:13] DEBUG process: waiting for 30 seconds for startup 
[2022-08-02 15:12:13] DEBUG process: chrome output:touch: cannot touch '/.local/share/applications/mimeapps.list': Permission denied 
[2022-08-02 15:12:13] DEBUG process: ignoring output:touch: cannot touch '/.local/share/applications/mimeapps.list': Permission denied 
[2022-08-02 15:12:13] DEBUG process: chrome output:[0802/151213.399964:ERROR:file_path_watcher_inotify.cc(86)] Failed to read /proc/sys/fs/inotify/max_user_watches [0802/151213.402202:ERROR:udev_watcher.cc(52)] Failed to initialize a udev monitor. [0802/151213.408222:WARNING:bluez_dbus_manager.cc(247)] Floss manager not present, cannot set Floss enable/disable. 
[2022-08-02 15:12:13] DEBUG process: ignoring output:[0802/151213.399964:ERROR:file_path_watcher_inotify.cc(86)] Failed to read /proc/sys/fs/inotify/max_user_watches 
[2022-08-02 15:12:13] DEBUG process: ignoring output:[0802/151213.402202:ERROR:udev_watcher.cc(52)] Failed to initialize a udev monitor. 
[2022-08-02 15:12:13] DEBUG process: ignoring output:[0802/151213.408222:WARNING:bluez_dbus_manager.cc(247)] Floss manager not present, cannot set Floss enable/disable. 
[2022-08-02 15:12:13] DEBUG process: chrome output:[0802/151213.428320:WARNING:sandbox_linux.cc(376)] InitializeSandbox() called with multiple threads in process gpu-process. 
[2022-08-02 15:12:13] DEBUG process: ignoring output:[0802/151213.428320:WARNING:sandbox_linux.cc(376)] InitializeSandbox() called with multiple threads in process gpu-process. 
[2022-08-02 15:12:13] DEBUG process: chrome output:DevTools listening on ws://127.0.0.1:40278/devtools/browser/b7870575-ca3d-444d-92c8-1e43951a9ef7 <--- Last few GCs ---> <--- JS stacktrace ---> [0802/151213.435452:ERROR:v8_initializer.cc(688)] V8 javascript OOM: (MemoryChunk allocation failed during deserialization.). [0802/151213.436126:ERROR:scoped_ptrace_attach.cc(27)] ptrace: Permission denied (13) [0802/151213.439771:INFO:render_frame_host_impl.cc(11505)] RenderFrameHostImpl::MaybeGenerateCrashReport url = , status = 3, exit_code = 5 
[2022-08-02 15:12:13] DEBUG process: ✓ accepted output 
[2022-08-02 15:12:13] DEBUG process: connecting using ws://127.0.0.1:40278/devtools/browser/b7870575-ca3d-444d-92c8-1e43951a9ef7 
[2022-08-02 15:12:13] DEBUG socket(1): connecting 
[2022-08-02 15:12:13] DEBUG socket(1): ✗ could not connect 
[2022-08-02 15:12:13] DEBUG socket(1): → sending data:{"id":1,"method":"Target.setDiscoverTargets","params":{"discover":true}}

Fatal error: Uncaught HeadlessChromium\Exception\CommunicationException: Message could not be sent. Reason: the connection is closed. in /var/www/html/vendor/chrome-php/chrome/src/Communication/Connection.php:230 Stack trace: #0 /var/www/html/vendor/chrome-php/chrome/src/Communication/Connection.php(246): HeadlessChromium\Communication\Connection->sendMessage('Message could n...') #1 /var/www/html/vendor/chrome-php/chrome/src/Browser.php(77): HeadlessChromium\Communication\Connection->sendMessageSync(Object(HeadlessChromium\Communication\Message)) #2 /var/www/html/vendor/chrome-php/chrome/src/Browser/ProcessAwareBrowser.php(26): HeadlessChromium\Browser->__construct(Object(HeadlessChromium\Communication\Connection)) #3 /var/www/html/vendor/chrome-php/chrome/src/Browser/BrowserProcess.php(157): HeadlessChromium\Browser\ProcessAwareBrowser->__construct(Object(HeadlessChromium\Communication\Connection), Object(HeadlessChromium\Browser\BrowserProcess)) #4 /var/www/html/vendor/chrome-php/chrome/src/BrowserFactory.php(67): Head in /var/www/html/vendor/chrome-php/chrome/src/Communication/Connection.php on line 230

[2022-08-02 15:12:13] DEBUG process: killing chrome 
[2022-08-02 15:12:13] DEBUG process: stopping process 
[2022-08-02 15:12:13] DEBUG process: process stopped with exit code 143 
[2022-08-02 15:12:13] DEBUG process: cleaning temporary resources:/tmp/chromium-php-WHFB4Q

[enricodias]

It still can't touch the file. It's an issue with chrome, not the lib. There are several results on Google of people reporting this same issue, some of them solved it by changing the permissions of that file and folder with either chmod or chown.

[AndrewGosling]

as stated I have given full 777 permissions on that file. All google searches for phrases in these errors directs to this git, if you have a useful source please post it.

[enricodias]

https://askubuntu.com/questions/67428/permission-denied-error-when-changing-the-default-applications

https://bugs.chromium.org/p/chromium/issues/detail?id=421399

https://bugs.chromium.org/p/chromium/issues/detail?id=81493

[AndrewGosling]

php reports that it is either operating under the centos or apache user. setting chown to either of those users does not fix the problem.

Is there anyway to determine what user chrome is trying to run under?

[enricodias]

It will probably run under the same user as the php is running.

[AndrewGosling]

I have set chown to apache. The error still occurs
I have set chown to centos. The error still occurs
I have set chown to root. The error still occurs
Is there a way to find out definitively? Some kind of config file? Anything that can tell what user context this library is trying to run chrome from?

[enricodias]

The chrome process is created using symfony/process. The new process should use the same user as the php.

use Symfony\Component\Process\Process;

$return = exec('whoami');
echo $return."\n";
$process = new Process('whoami');
$process->run();
echo $process->getOutput();

I'm not even sure that the permission error on mimeapps.list is causing chrome to fail. There are other failures in the log.

[AndrewGosling]

Running your suggested code yields the following results

apache
apache

However

I have set chown to apache. The error still occurs

I'm not even sure that the permission error on mimeapps.list is causing chrome to fail. There are other failures in the log.

What is the problem then?

[enricodias]

There are failures to read /proc/sys/fs/inotify/max_user_watches and failure to initialize a udev monitor in your last log.

[AndrewGosling]

In attempting to identify the udev problems I stumbled across the following
https://stackoverflow.com/a/65666118

This gives me alot more detail on all the problems and how to address them

Issues seem to be caused by SELinux having lost alot of config during the volume expansion. Playing whack-a-mole with sudo sealert -a /var/log/audit/audit.log has resolved the above issues

[romeritovp]

After months of trying, I finally managed to resolve the issue. The permissions issue was caused by the permissions of the Linux user running the PHP script. On the server, it was necessary to guarantee full shell access to the user running the script. Tjis is not root level access neither sudo. Must be normal access to server shell (I tried jailed shell without success). This solved my problem.