Fix CI/CD runtime checks failing on Ubuntu 24.04

GitHub runners now use Ubuntu 24.04, which introduces new restrictions on unprivileged user namespaces affecting AppImages. This causes runtime checks to fail when running Electron applications, producing errors like: ``` [5475:1011/121711.489417:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /tmp/.mount_privacv1kcOj/chrome-sandbox is owned by root and has mode 4755. ``` This commit modifies CI workflow to disable the restrictions during runtime checks. This allows the runtime checks to pass by permitting unprivileged user namespaces. This works around the issue without requiring changes to the AppImage itself. A more permanent solution may be needed in the future. Related key Electron issues: - electron/electron#41066 - electron/electron#42510 - electron-userland/electron-builder#844
undergroundwires · Oct 11, 2024 · a372874 · a372874
1 parent 69e7e0a
commit a372874
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/.github/workflows/checks.desktop-runtime-errors.yaml b/.github/workflows/checks.desktop-runtime-errors.yaml
@@ -61,6 +61,11 @@ jobs:
 
           # Install xdotool and xprop (from x11-utils) for window title capturing
           sudo apt install -y xdotool x11-utils
+
+          # Workaround for Electron apps failing to initialize on Ubuntu 24.04 due to AppArmor restrictions
+          # Disables unprivileged user namespaces restriction to allow Electron apps to run
+          # Reference: https://github.com/electron/electron/issues/42510
+          sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
       -
         name: Test
         shell: bash