[chromium] running chromium fails because of missing SETUID sandbox

[jankeromnes]

When building and running Chromium with the commands provided in janitor.json, the browser crashes because of a missing sandbox:

$ ninja -C out/Default chrome
[...]
$ out/Default/chrome
[1377:1377:0920/115903.612452:FATAL:zygote_host_impl_linux.cc(123)] No usable sandbox! Update your kernel or see https://chromium.googlesource.com/chromium/src/+/master/docs/linux_suid_sandbox_development.md for more information on developing with the SUID sandbox. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.
[...]
Calling _exit(1). Core file will not be generated.
Process exited with code: 1

@beaufortfrancois it looks like the sandbox is now required for non-Debug builds. Should we switch the janitor.json commands to Debug builds, or somehow install a sandbox instead?

EDIT: A third option would be to simply add the --no-sandbox argument to the out/Default/chrome command.

[beaufortfrancois]

I'm not sure to be honest what's best in that situation. https://chromium.googlesource.com/chromium/src/+/lkcr/docs/linux_sandboxing.md