[Bug]: Ubuntu The SUID sandbox helper binary was found, but is not configured correctly.

[andreas-bulling]

Guidelines

• [X] I have encountered this bug in the latest release of FreeTube.
• [X] I have encountered this bug in the official downloads of FreeTube.
• [X] I have searched the issue tracker for open and closed issues that are similar to the bug report I want to file, without success.
• [X] I have searched the documentation for information that matches the description of the bug I want to file, without success.
• [X] This issue contains only one bug.

Describe the bug

1. Installed the latest version 0.22
2. Run on the console and look at output

2328249:1027/054053.089778:FATAL:setuid_sandbox_host.cc(163)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/FreeTube/chrome-sandbox is owned by root and has mode 4755.
[1]    2328249 trace trap (core dumped)  freetube

Expected Behavior

freetube should start up as it did in previous versions

Issue Labels

causes crash, feature stopped working, usability issue

FreeTube Version

0.22

Operating System Version

Ubuntu 24.10

Installation Method

.deb

Primary API used

Local API

Last Known Working FreeTube Version (If Any)

0.21

Additional Information

No response

Nightly Build

• [ ] I have encountered this bug in the latest nightly build.

[ChunkyProgrammer]

There are some workarounds in the replies to this issue: https://github.com/FreeTubeApp/FreeTube/issues/5199

[CrazzzzyChipmunk]

DISCLAMER: I don't understand what exactly I did. May be some steps below are stupid and/or actually unneccessary and/or unsafe. Please, report here, if I did something wrong!

---

I encountered the same bug. Then I've done the following (instead of changing "kernel.apparmor_restrict_unprivileged_userns"):

1. I created apparmor profile for "/usr/bin/freetube": I made a copy of "/etc/apparmor.d/chromium", named it as "/etc/apparmor.d/freetube" and edited that file (I replaced "chromium" with "freetube" everywhere in that file and specified the correct path to freetube binary).

2. I reproduced the Step 1 above for "/opt/FreeTube/chrome-sandbox" in the same way.

3. sudo systemctl restart apparmor.service

4. sudo chmod 4755 "/opt/FreeTube/chrome-sandbox"

Now I have freetube 0.22.0 Beta working!

---

My freetube apparmor profile file (example):

# This profile allows everything and only exists to give the
# application a name instead of having the label "unconfined"

abi <abi/4.0>,
include <tunables/global>

@{freetube} = freetube

profile freetube /usr/bin/freetube flags=(unconfined) {
  userns,

  # Site-specific additions and overrides. See local/README for details.
  include if exists <local/freetube>
}

[SoenkeGraf]

4. sudo chmod 4755 "/opt/FreeTube/chrome-sandbox"

Next to: sudo chmod 4755 /opt/FreeTube/chrome-sandbox I added an additional: sudo chown root:root /opt/FreeTube/chrome-sandbox

To fully satisfy the requirements of the error message:

[9892:1027/095614.385039:FATAL:setuid_sandbox_host.cc(163)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/FreeTube/chrome-sandbox is owned by root and has mode 4755.

[efb4f5ff-1298-471a-8973-3d47447115dc]

Let move this to https://github.com/FreeTubeApp/FreeTube/issues/5199

As this is definitely a duplicate of https://github.com/FreeTubeApp/FreeTube/issues/5199

[efb4f5ff-1298-471a-8973-3d47447115dc]

Upstream issue that should be solved by https://github.com/electron-userland/electron-builder/pull/8636

[darkstarfish1337]

I first thought I had this problem https://github.com/FreeTubeApp/FreeTube/issues/5963 on 24.04. When trying the workaround I received the problem stated in this thread. The suggested chmod/chown fix didn't work for me. The only way I got going again is to install the previous version again.

[absidue]

@darkstarfish1337 Because of Ubuntu's strict security settings, you need to create an AppArmor profile for FreeTube. Ubuntu comes with preinstalled AppArmor profiles for popular apps like Chromium and Visual Studio code but understandably they don't include any for smaller apps like FreeTube.

Please follow the steps in CrazzzzyChipmunk's comment above.

[darkstarfish1337]

Woa, super quick reply!

Forgot to mention, that the profile didn't help, + also removing apparmor completely.

[CrazzzzyChipmunk]

@darkstarfish1337,

I first thought I had this problem #5963 on 24.04. When trying the workaround I received the problem stated in this thread. The suggested chmod/chown fix didn't work for me. The only way I got going again is to install the previous version again.

Hi! The workaround I proposed here https://github.com/FreeTubeApp/FreeTube/issues/5952#issuecomment-2439904647 is intended for one purpose only: to avoid using the global setting kernel.apparmor_restrict_unprivileged_userns=0, as it (I assume) may make the system more vulnerable.

I suspect there are some another reasons in your system (and/or environment) that prevent freetube to start. Try another old known workaround: https://github.com/FreeTubeApp/FreeTube/issues/5199#issuecomment-2439818583 . And if my assumption is correct, this workaround will not work for you too.

[plutocrat]

This happened to me after upgrade from .21 to .22 on Ubuntu 24. App wouldn't start, when launching from an icon. I tried launching it from the command line, and got this error. [15575:1101/104500.344527:FATAL:setuid_sandbox_host.cc(163)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/FreeTube/chrome-sandbox is owned by root and has mode 4755. Trace/breakpoint trap (core dumped) Following that advice allowed me to launch the app correctly: chmod 4755 chrome-sandbox

[333csx]

sudo chown root /opt/FreeTube/chrome-sandbox sudo chmod 4755 /opt/FreeTube/chrome-sandbox

also solved the problem for me.