Steam on ChromeOS throws error about user namespaces

[sillyguy28093214]

Your system information

• Steam client version 1:1.0.0.79
• Distribution (e.g. Ubuntu): I think bookworm but I'm not sure
• Opted into Steam client beta?: [Yes/No] no
• Have you checked for system updates?: [Yes/No] yes
• Steam Logs: [generate by running this command in a terminal ``] log file is empty?
• CPU: 11th Gen Intel(R) Core(TM) i3-1115G4
• GPU: I don't know

it gives an error about "Steam on Linux now requires the ability to create new user namespaces." and that If the file /proc/sys/kernel/unprivileged_userns_clone exists, check that it contains value 1." I don't have any reason why and I don't have the right privilege to change this im on chromeos so i think thats why. so I can't use steam I can't use the chromeos ver because it lags a lot for some reason.

Steps for reproducing this issue:

step 1 try to launch steam (my screen is pitch black so I use lutris) step 2 try to open a game step 3 error appears heres the error ![Uploading silly1.png…]()

[EliteSkull7]

facing the same issue after today's steam update os: Ubuntu 23.10

[Cobradabest]

Facing the same issue on Ubuntu 22.02. I need to run games from the Steam client to start them, but it won't let me use any shortcuts.

[Fromstream]

Same issue here. It looks like Lutris is now launching the Steam client in a container (namespace), but doesn't have the system prerequisites for this. But my /proc/sys/kernel/unprivileged_userns_clone is already set to 1 and /proc/sys/user/max_user_namespaces looks "high enough" (tens of thousands). So I'm puzzled! I fixed it using this command line: "sudo chmod u+s /usr/bin/bwrap" But since it is not appropriate regarding the security, I'd rather have a better solution. I'm digging.

[smcv]

In the original report here, Steam is running inside a Debian container (or a Debian VM?) on ChromeOS, which is not an ordinary Linux distribution and comes with its own unique compatibility issues. I think it might be best if we reserve this issue report for ChromeOS specifically, and use a separate issue report for any similar situations on other distributions, because on non-ChromeOS systems you're more likely to be seeing the same symptom for a different reason.

@EliteSkull7, @Cobradabest: @Fromstream: If you are experiencing a similar problem on an ordinary desktop Linux distribution (without ChromeOS being involved), please report a separate issue with details of your distribution/setup.

Some information that will make it more likely that a solution can be found:

• Are you running Steam from the unofficial Flatpak app, or from the unofficial Snap app, or as an ordinary OS package like a .deb?

• Are you running Steam inside any sort of special environment like a container or chroot?

• If you run Steam from a terminal (GNOME Terminal, Konsole, xterm or similar), what output does it produce?

• If you run SRT_LOG=verbose ~/.steam/root/ubuntu12_32/steam-runtime/run.sh steam-runtime-check-requirements in the same environment where you would normally be running Steam, what output does it produce?

• If you have Flatpak installed (or if you can install it), does it work? (I am not asking you to install Steam as a Flatpak app: the information I'm interested in is whether a simple Flatpak app like https://flathub.org/apps/org.gnome.Recipes works. This is relevant because Steam now uses some of the same container technology as Flatpak, so Flatpak is a useful way to get a second opinion.)

[smcv]

@Fromstream, since you provided more information, I can ask you some more specific questions that might lead to a solution for you more quickly. If you are not using ChromeOS, it's best if you open a separate issue report and answer these questions there, to keep all of your information together (and to keep it separate from any ChromeOS-specific issues).

It looks like Lutris is now launching the Steam client in a container (namespace), but doesn't have the system prerequisites for this

What I would expect to be happening is that the Steam client is launching normally (with no special containers or namespaces), but then Steam launches part of itself in a container (namespace).

If Lutris is also launching the Steam client in a container, then that is something that could interfere. Please try launching Steam directly, without using Lutris, and compare?

But my /proc/sys/kernel/unprivileged_userns_clone is already set to 1 and /proc/sys/user/max_user_namespaces looks "high enough" (tens of thousands). So I'm puzzled! I fixed it using this command line: "sudo chmod u+s /usr/bin/bwrap"

This implies that there is some new factor that is preventing bwrap from doing its job while unprivileged. The error message suggests the two most common reasons for this to go wrong, but it's entirely possible that there are others that we don't yet know about.

Unfortunately, when the Linux kernel rejects an attempt to create a new user namespace it gives us a very minimal amount of information, which can include misleading error messages. If you are not using ChromeOS, we should discuss this on a separate issue report with as much information as you can gather (see my previous comment).

I'm actually surprised that the code path with a setuid bwrap is working, because that's affected by https://github.com/ValveSoftware/steam-runtime/issues/650 - but maybe you have been lucky.

But since it is not appropriate regarding the security, I'd rather have a better solution

To clarify that, /usr/bin/bwrap is designed to be safe to make setuid root, but making it setuid carries a higher risk of security vulnerabilities, and will disable some features (in particular it will break some Flatpak apps). It's OK to do this as a workaround, but ideally it would not be necessary.

[EliteSkull7]

Hi, steam appears to be working for me on Ubuntu 23.10 since yesterday, after launching it from terminal, it started unpacking steam linux runtime and worked fine, I was using --forcedesktopscaling=2 to adjust the scaling but removing this fixed the issue, also steam appears to auto adjust the scaling now without having to use the --forcedesktopscaling=2.

Also, to mention in addition to @smcv 's above comment, I was using lutris for steam and I did disable the lutris runtime from configuration, so that could have fixed the issue for all I know.

[Cobradabest]

I also received an update to the client, but it didn't fix the issue for me... I'm also using Lutris.

[EliteSkull7]

@Cobradabest have you disabled lutris runtime from the config or tried launching steam from terminal?

[Cobradabest]

@Cobradabest have you disabled lutris runtime from the config or tried launching steam from terminal?

I have, no difference.

[smcv]

Based on information from Valve developers, Valve cannot provide support for running the Steam desktop app (which is intended for ordinary desktop Linux) on ChromeOS. This is because the environment used to run desktop Linux apps on ChromeOS is not completely compatible with ordinary desktop Linux distributions - it's superficially similar to ordinary Debian, but it has extra restrictions.

@kisak-valve, please could you change the title of this issue to mention ChromeOS prominently, and mark the non-ChromeOS comments (everything except this one and https://github.com/ValveSoftware/steam-for-linux/issues/10617#issuecomment-2006948633) as off-topic?

@Fromstream, @Cobradabest, @EliteSkull7: Please take any further discussion of a similar error while running Steam under Lutris to https://github.com/ValveSoftware/steam-runtime/issues/658.

[Cobradabest]

I managed to fix this issue by running sudo chmod u+s /usr/bin/wrap in a terminal. It's been working perfectly since, even after reboots!