Can't start the GUI version on Ubuntu #1198
Comments
|
I installed 2.0.1 via the debian on Ubuntu 24.04 LTS, and when launching via gnome under Wayland, I get a similar error: |
|
There is also logs being generated I guess here: |
|
Could it be that it is resulting from Ubuntus AppArmor configuration (see: https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces)? You would probably need to configure your system to be able to run the software. You can try the commands mentioned in the linked blog article to verify if it works if you disable the feature temporarily. |
|
This is on my work laptop, so I don't feel comfortable disabling security features even temporarily, sorry. I'm on Ubuntu 24.04, using the XFCE desktop environment and window manager, if that's important. Like @phiro69, I see logs generated in that directory, but they don't indicate any obvious problems: |
|
I'm 99% sure this is an overzealous apparmor issue, I'm working on a unconfined profile for devtoys but I can't quite get it to work. Mixing the case (DevToys vs devtoys) seems - no offense DevToys devs - really stupid. |
|
The answer was right in front of me, it's not DevToys.Linux that's being denied, it's when it invokes bubblewrap. This "fixes" the issue: A reference here: https://etbe.coker.com.au/2024/04/24/ubuntu-24-04-bubblewrap/ |
|
Hi @phiro69 , I have to admit I'm pretty newbie to Linux. Is this issue something that should be fixed in DevToys, or is it some magic going-on on some people's machine, in which case I can't do much? Thanks |
|
I'm no linux expert haha ;) AppArmor is part of Ubuntu, and it keeps getting ratcheted up each release. In 23.10 they enabled the restriction of unprivileged user namespaces, which broke alot of apps. The announcement is here: One of their sorta-temporary mitigations if you need an unprivileged user namespace as part of your app is to create a profile in apparmor's daemon config folder for your app, and you can even submit it to be included in Ubuntu automatically. 24.04 shipped with ~117 pre-canned exceptions/profiles for apps like steam, discord, slack, opera, firefox, chrome, 1password, and many others. To answer your question, I don't know if the best solution is to:
Skipping to # 5 is what generative ai would suggest. edit: PPS supplying a debian is chef's kiss, tyvm. I would suggest you add a snap to your build output and put it in the Ubuntu store; your core audience isn't arch users sitting in their mom's basement bemoaning systemd's tentacles taking over the world, despite 90% of the comments on r/linux. |
thank you, using your instructions I successfully launched devtoys on ubuntu 24.04 |
|
Hi, Did you try installing DevToys through the deb package? I downloaded the deb file and installed it using GDebi. I am able to start and use DevToys after installing it like that. |
|
Please use this workaround for now: |
Thank you so much! This is the only workaround that allows me to run bwrap-enabled apps on my LTS24. I even disabled apparmor as a test (stopped it, disabled it, rebooted), with no results. Your solution worked immediately. |
|
Please don't create an "unconfined" profile for bwrap. This completely bypasses the unprivileged user namespace creation restriction and makes your machine exploitable by attacks that use it. You should instead create a profile for DevToys instead. Please contact the AppArmor community if you need any assistance. AppArmor upstream has created a profile for bwrap that does not make your machine vulnerable. You can find the profile here. It is not enabled by default on Ubuntu, but you can enable it by either copying the file from gitlab, installing it on /etc/apparmor.d/, and load it using You can also use the version shipped by the apparmor-profile package, and create a symbolic link from the extra-profiles directory to /etc/apparmor.d/ |
|
I'm having the same issue, but with Nix: |
|
Was having the same issue, but noticed that it only happens from the terminal. As a work-around, I'm using VS Code's built-in terminal to run a GTK app. Would guess that VS Code has been added to the list mentioned above, and any processes it creates run with the same privileges as VS Code? Anyways, it works 😃 |
|
@gegarcia For those using Ubuntu 24.04, I found that installing the |
|
Just for information, I think that #if you want to disable it, run the following two commands:
sudo sysctl -w kernel.apparmor_restrict_unprivileged_unconfined=0
sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
--- # To re-enable the default
sudo sysctl -w kernel.apparmor_restrict_unprivileged_unconfined=1
sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=1@simaotwx you may find this useful :) |
Current behavior
I downloaded the CLI for x86 Linux, and it works great. I tried downloading the GUI for x86 Linux, and get the following output:
How to reproduce it (as minimally and precisely as possible)
./DevToys.LinuxExpected behavior
The program starts up
Screenshots
Workaround
Use the CLI instead. 🤷
Affected platforms
Linux
Affected DevToys kind
DevToys (app with GUI)
DevToys Version
v2.0.1.0
Relevant Assets/Logs
The text was updated successfully, but these errors were encountered: