flameshot: MESA: error: Failed to query drm device (intel/no3d)

Dieterbe commented 2 months ago

Description

flameshot doesn't seem to start under firejail. although i think it may create an invisible task applet icon which doesn't respond to clicks.

Steps to Reproduce

~ ❯❯❯ LC_ALL=C firejail /usr/bin/flameshot
Could not create AF_NETLINK socket (Operation not supported)
Could not create AF_NETLINK socket (Operation not supported)
Could not create AF_NETLINK socket (Operation not supported)
Could not create AF_NETLINK socket (Operation not supported)
Could not create AF_NETLINK socket (Operation not supported)
MESA: error: Failed to query drm device.
glx: failed to create dri3 screen
failed to load driver: iris
failed to open /dev/dri/card1: No such file or directory
failed to load driver: iris
Could not create AF_NETLINK socket (Operation not supported)
Could not create AF_NETLINK socket (Operation not supported)

Behavior without a profile

~ ❯❯❯ LC_ALL=C firejail --noprofile /usr/bin/flameshot
firejail version 0.9.73

Parent pid 22504, child pid 22505
Base filesystem installed in 0.03 ms
Child process initialized in 11.18 ms

now the app works fine. applet icon shows and responds and the app takes screenshots

Environment

I use arch, btw

~ ❯❯❯ uname -a
Linux xps17 6.10.6-arch1-1 #1 SMP PREEMPT_DYNAMIC Mon, 19 Aug 2024 17:02:39 +0000 x86_64 GNU/Linux
~ ❯❯❯ firejail --version
firejail version 0.9.73

Compile time support:
    - always force nonewprivs support is disabled
    - AppArmor support is enabled
    - AppImage support is enabled
    - chroot support is enabled
    - D-BUS proxy support is enabled
    - file transfer support is enabled
    - IDS support is disabled
    - Landlock support is enabled
    - networking support is enabled
    - output logging is enabled
    - overlayfs support is disabled
    - private-home support is enabled
    - private-lib support is disabled
    - private-cache and tmpfs as user enabled
    - SELinux support is disabled
    - user namespace support is enabled
    - X11 sandboxing support is enabled

Linux distribution and version (e.g. "Ubuntu 20.04" or "Arch Linux")
Firejail version (firejail --version).
If you use a development version of firejail, also the commit from which it was compiled (git rev-parse HEAD).

Checklist

[x] The issues is caused by firejail (i.e. running the program by path (e.g. /usr/bin/vlc) "fixes" it).
[x] I can reproduce the issue without custom modifications (e.g. globals.local).
[x] The program has a profile. (If not, request one in https://github.com/netblue30/firejail/issues/1139)
[x] The profile (and redirect profile if exists) hasn't already been fixed upstream.
[x] I have performed a short search for similar issues (to avoid opening a duplicate).
- [ ] I'm aware of browser-allow-drm yes/browser-disable-u2f no in firejail.config to allow DRM/U2F in browsers.
[ ] I used --profile=PROFILENAME to set the right profile. (Only relevant for AppImages)

Log

Output of LC_ALL=C firejail --debug /path/to/program

``` hmm this shows a lot of stuff from my system. is this necessary? ```

rusty-snake commented 2 months ago

Related/Duplicated:

6464

TL;DR: ignore no3d

I guess there was some recent mesa update breaking software fallback on iris systems.

Dieterbe commented 2 months ago

bingo, added that in a new .config/firejail/flameshot.local file and that fixes it.

kmk3 commented 2 months ago

@Dieterbe

As mentioned, this issue seems to affect multiple programs.

I'd expect most programs to just fallback to CPU rendering and work normally when a GPU is not available.

Please consider reporting this to mesa and linking it here.

netblue30 / firejail