Dangerzone 0.7.0 on Linux Mint 21.3 does not work

[DeltaEpsilon19498]

I am experiencing a problem with dangerzone on Linux Mint 21.3 Cinnamon. This issue is a problem with version 0.7.0, but I was also having this problem with 0.6.1. Although the operating system is the same, I am doing this on a different computer than the computer for which I made previous issues/discussions for (see https://github.com/freedomofpress/dangerzone/issues/661 and https://github.com/freedomofpress/dangerzone/discussions/766). I state this in order to avoid confusion with previous problems that I had.

I updated to version 0.7.0 from 0.6.1 on this computer. I tried using dangerzone, but I kept getting errors about it not working. If I tried launching the gui from the command line, I got the following terminal output. See https://gist.github.com/DeltaEpsilon19498/f439750a17e8a8e17398448a9d21e22e . It said that it failed to install the container image.

In order to try to fix the issue, I uninstalled dangerzone and reinstalled it. See the terminal output for that at https://gist.github.com/DeltaEpsilon19498/12a7b24ecb04d86d755a8cc152bab981 . Line 74 says "Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 142." Is that the cause of the problem, and if so, how do I solve it?

If I tried to run dangerzone after reinstalling it, I would get the following output at https://gist.github.com/DeltaEpsilon19498/90a197347b0aa14d6a98eeb50dfff17f . In the GUI window, it would say, "Dangerzone requires docker desktop. Docker is installed but isn't running. Open Docker and make sure it's running in the background." But the documentation says that we use podman, not docker, for linux systems.

Frustrated, I booted up my other Linux Mint 21.3 computer, took the 0.6.0 version of dangerzone that I compiled from source on that computer (see https://github.com/freedomofpress/dangerzone/discussions/766), moved it to this one, and tried installing it here. But version 0.6.0 was not working either.

The issue is not urgent, because I can still convert documents on my other computer. Dangerzone 0.6.0 still works perfectly fine on my other computer. I do not want to mess with trying to install version 0.7.0 on that computer, however, in case I end up with 2 computers which cannot use dangerzone at all.

What can I do to fix the issue? Thank you for your help.

[apyrgio]

Hey, sorry for the delay. I think we need to improve our Linux Mint situation overall. We're referring to Linux Mint in our https://dangerzone.rocks page, but it's not part of our installation instructions, nor is it tested by our CI. At this point, it's fair to say that in theory it should work (since it's an Ubuntu derivative), but it's not tested.

Now, I fired up a Linux Mint installation, and noticed something weird. The installed Debian package provides a container image whose hash does not correspond with our checksums. This may be an indication of a larger problem. Looking into it...

[apyrgio]

In our published checksums, the SHA-256 hash for the container image is:

611ea2cf8d0fb9d60463ae4993a155f39eafd29b3a05d38de7c7b7e3dc88f722

In our dangerzone_0.7.0-1_all.deb Debian package on the other hand, the SHA-256 hash for the container image is:

fdcfcce5be58d145c55986a359ab2f9b9d986cf9fbd55e71eaf4d540e1d20258

Sorry to everyone for this slip-up. This is probably an artifact of how we build Debian packages, and I'll open an issue for it.

Still, this container image can be opened by Podman on Ubuntu Jammy, which is the base for Linux Mint 21.3. So, I have another theory. For Ubuntu Jammy specifically, we ship our own package for conmon (see https://github.com/freedomofpress/dangerzone/issues/685 for more details). This package may not be compatible with the system libraries, and hence it may not work. I'll give it a check soon and let you know.

[apyrgio]

Update: I had originally tested Linux Mint 21.3 on a live CD, and I saw the issue you had encountered as well. However, once I installed Linux Mint in a VM, the Dangerzone application started correctly, and I could convert a file.

Could it be that you don't have enough space in your file system to install the Dangerzone image? It requires a few GiB, that's why I'm asking.

[DeltaEpsilon19498]

Thank you for your help. My system has over 30 GB of free space on it.

Today I ran dangerzone-cli instead of just dangerzone in the terminal or the gui (see my previous gists). This is the error I got. It looks different than previous outputs. See this gist. https://gist.github.com/DeltaEpsilon19498/1b90499be3b2b7a829b147e441973f5d

It says: ERRO[0000] User-selected graph driver "overlay" overwritten by graph driver "vfs" from database - delete libpod local files to resolve Error: vfs driver does not support overlay.mount_program options

How do I delete libpod local files?

Linux Mint 22 (Wilma) is coming out anyways. The iso is already released. I am running version 21.3, but in a few days, they will presumably post instructions on how to transition to 22 from 21.3. I believe that version 22 is based on Ubuntu 24.04 instead of Ubuntu 22.04. It might work better after I upgraded.

[DeltaEpsilon19498]

I have upgraded Linux Mint 22 from Linux Mint 21.3. It is based on Ubuntu 24.04 (Noble) instead of Jammy. I have installed the corresponding dangerzone version to Linux Mint 22. Unfortunately, it does not work. When I do dangerzone-cli, I get the following error.

Error: payload does not match any of the supported image formats:
 * oci: open /var/tmp/podman900157048/index.json: not a directory
 * oci-archive: loading index: open /var/tmp/container_images_oci95605400/index.json: no such file or directory
 * docker-archive: writing blob: adding layer with blob "sha256:dbbcc85c9d2a8550f6b1814efbe909358db7db9a9a0173fd8f65a27dbac111ef": creating read-only layer with ID "b90207da6b788b45f053df1fc14c5bb91862eed2a5eeb04e0db11ec3424a95cb": invalid argument
 * dir: open /var/tmp/podman900157048/manifest.json: not a directory
ERROR Failed to install the container image

Converting document to safe PDF
> /usr/bin/podman run --log-driver none --security-opt no-new-privileges --cap-drop all --cap-add SYS_CHROOT --network=none -u dangerzone --rm -i --name dangerzone-doc-to-pixels-fzJBde --userns nomap dangerzone.rocks/dangerzone /usr/bin/python3 -m dangerzone.conversion.doc_to_pixels
ERROR [doc fzJBde] 0% Unknown error code '125'

Full terminal output is at https://gist.github.com/DeltaEpsilon19498/1ed1ee5425ea8cb33b7973c30a37ed84

[apyrgio]

Sigh, the above don't give much information unfortunately. If you don't mind, I'll try to ask more info about your system. Feel free to censor answers if you feel something is sensitive.

So, can you give me the output of the following commands, in the provided order?

$ sha256sum /usr/share/dangerzone/container.tar.gz
$ gunzip --keep -c /usr/share/dangerzone/container.tar.gz | podman load
$ df -h
$ podman system df
$ podman info | grep 'store:' -A 30

As for:

How do I delete libpod local files?

You can do so with podman system reset, but that's a destructive operation, if you use Podman for other things as well. I'd suggest waiting a bit so I can get as much info from your installation as possible, and then we can try it.

[DeltaEpsilon19498]

Thank you. Here is a gist with that terminal output. https://gist.github.com/DeltaEpsilon19498/f2d0d6c53cc93909fcb1f99b2c78f82f

[apyrgio]

I see. I don't see a particular red flag in your output, other than vfs being used (see podman info output). I see that you have two container images that are loaded in Podman. Can you give them a check with podman images, and see if you need them? If not, you can go ahead and run podman system reset. Then, make sure that the overlay storage driver is enabled:

$ podman info | grep overlay
  graphDriverName: overlay

Then, check again if Dangerzone works.

[DeltaEpsilon19498]

I did podman system reset and podman info | grep overlay. dangerzone works perfectly now! Thank you!

The only issue remaining is a minor ux issue with the gui. When I click to add files, the box to add files is longer than the actual screen, and I am unable to shrink it smaller. But I can deal with this. The important thing is that the program works. Thank you!

[apyrgio]

I did podman system reset and podman info | grep overlay. dangerzone works perfectly now! Thank you!

Yay, I'm glad to hear that it works! Thanks for your persistence and for running these commands on your system. I still don't know how your machine reached that state, but we'll have it in mind for the next troubleshooting issues.

The only issue remaining is a minor ux issue with the gui. When I click to add files, the box to add files is longer than the actual screen, and I am unable to shrink it smaller.

As for that UX issue, I'm afraid that this particular file browser window is outside Dangerzone's control. It's actually part of the window manager that you use (I guess Cinammon?). See for example how Gnome handles it:

Hopefully the new drag-and-drop interface will help a bit here.

I'll now close this issue, but I'll make sure to improve the wording on Linux Mint on our site, as I mentioned in the first post. Cheers!