Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chrome won't work without --no-sandbox option #149

Closed
mosajjal opened this issue Jun 13, 2016 · 8 comments
Closed

Chrome won't work without --no-sandbox option #149

mosajjal opened this issue Jun 13, 2016 · 8 comments

Comments

@mosajjal
Copy link
Contributor

Hi !

I'm using Arch as host, with 4.6.2-1 kernel and 1.11.2 is my Docker version.

This doesn't work for me:

 docker run -it \
    --net host \ # may as well YOLO
    --cpuset-cpus 0 \ # control the cpu
    --memory 512mb \ # max memory it can use
    -v /tmp/.X11-unix:/tmp/.X11-unix \ # mount the X11 socket
    -e DISPLAY=unix$DISPLAY \
    -v $HOME/Downloads:/root/Downloads \
    -v $HOME/.config/google-chrome/:/data \ # if you want to save state
    --device /dev/snd \ # so we have sound
    -v /dev/shm:/dev/shm \
    --name chrome \
    jess/chrome

this doesn't open the chrome window for me. but when I add--no-sandbox or --disable-setuid-sandbox, it works.

Also, with 512mb ram, it crashes tabs multiple times, also "HTTPS everywhere" and "uBlock" will crash multiple times. adding --disable-appcontainer won't help either.

is there any way to run Chrome container with sand-boxing in Arch ?

best regards.
@jessfraz
Copy link
Owner

Oh it's because you don't have userns enabled in your kernel

@jessfraz
Copy link
Owner

See #65

@mosajjal
Copy link
Contributor Author

I can confirm after enabling User Namespace and re-compiling the kernel (4.7RC3), it works flawlessly. Also, VLC on docker seems to be working better and i3 shows the logo at the bottom.

@diracdeltas diracdeltas mentioned this issue Mar 5, 2017
Closed
@creatist
Copy link

I got the same problem ,so i disable sandbox ,but it still cann't works!

@koep
Copy link
Collaborator

koep commented Sep 1, 2017

@creatist You need to enable user namespaces in your kernel for this to work.

@quldude
Copy link

quldude commented Feb 16, 2019

I can confirm after enabling User Namespace and re-compiling the kernel (4.7RC3), it works flawlessly. Also, VLC on docker seems to be working better and i3 shows the logo at the bottom.

Could you tell me what command you ran to do this? I'm new to docker.

@pranav083
Copy link

I can confirm after enabling User Namespace and re-compiling the kernel (4.7RC3), it works flawlessly. Also, VLC on docker seems to be working better and i3 shows the logo at the bottom.

Could you tell me what command you ran to do this? I'm new to docker.

did you get any resources for how to disable sandbox and run chrome in docker.

@dbolser
Copy link

dbolser commented Nov 8, 2021

I can confirm after enabling User Namespace and re-compiling the kernel (4.7RC3), it works flawlessly. Also, VLC on docker seems to be working better and i3 shows the logo at the bottom.

Could you tell me what command you ran to do this? I'm new to docker.

did you get any resources for how to disable sandbox and run chrome in docker.

Yes, please help! I'm totally lost reading pages like this:
https://docs.docker.com/engine/security/userns-remap/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@dbolser @jessfraz @koep @creatist @mosajjal @quldude @pranav083