Compilation issue with Ubuntu 24.04

[rpstew]

I am trying to compile ungoogled chromium from the source code on Ubuntu 23.04 by following: https://github.com/ungoogled-software/ungoogled-chromium-debian

root@iwplayer:/home/iwplayer# cat /etc/os-release | grep NAME PRETTY_NAME="Ubuntu 23.04" NAME="Ubuntu" VERSION_CODENAME=lunar UBUNTU_CODENAME=lunar

# Install initial packages sudo apt install -y devscripts equivs # Clone repository and switch to it (optional if are already in it) git clone https://github.com/ungoogled-software/ungoogled-chromium-debian.git cd ungoogled-chromium-debian # Initiate the submodules (optional if they are already initiated) git submodule update --init --recursive pre-setup.log

# Prepare the local source debian/rules setup setup.log

# Install missing packages sudo mk-build-deps -i debian/control **rm ungoogled-chromium-build-deps_*** after-setup.log

# Build the package dpkg-buildpackage -b -uc dpkg-buildpackage.log

**/usr/include/stdlib.h:32:10: fatal error: 'stddef.h' file not found

include **

[rpstew]

The hardware being used it a Seneca VWC-MINI with 16 GB of RAM: https://www.senecadata.com/industry-solutions/video-wall-controllers/seneca-vwc-mini-video-wall-controller/

[iskunk]

Hello @rpstew,

There are a couple of issues here:

1. The process you're running through is the "classic" ungoogled-chromium Debian build, which I'm afraid has suffered from lack of maintenance. I have put together an alternate process that supports the current Chromium version, and that I will gladly vouch for.
2. But that is intended for Debian. You're building on Ubuntu, so in addition to converting regular Chromium to ungoogled-chromium, you'll also need to convert Debian Chromium to Ubuntu Chromium.

I maintain a set of pre-compiled ungoogled-chromium packages for the various Ubuntu releases in the XtraDeb Apps PPA, so if you are just looking for a build, that may be a convenient option. (Source packages are available as well.) If you would rather build it by your own hand, I'll be happy to describe the process, but do note that it is a bit involved the first couple times. Please let me know which route you would prefer.

As an aside, 23.04/lunar is no longer supported by Ubuntu proper. Is installing 24.04 not an option? It released just a few days ago, and it is an LTS version, so you'll be able to use it safely for a long time.

[rpstew]

Greetings @iskunk,

Thanks for the quick response! I had actually tried Ubuntu 24.04, but assumed it wasn't supported based on the info in the unmaintained url. I will move back to Ubuntu 24.04. Are the instructions you gave for 23.04 also good for 24.04?

Also I do need to build from sources.

[rpstew]

Hello @iskunk,

I got through the step 7 (make) of the alternate process you mentioned with out issue. I just need to install ungoogled chromium now. Do I need to follow step 8 and use dpkg-build-package in order to install ungoogled chromium? I've never used the dpkg-buildpackage command. Where and how do I used that command?

[iskunk]

Are the instructions you gave for 23.04 also good for 24.04?

All the more so for 24.04, since I haven't worked on 23.04 for some time.

Also I do need to build from sources.

You can if you wish to do so. Many users prefer to compile from source themselves, rather than rely on a binary package built by a third party. (But if you don't care either way, then why go to the trouble?)

I got through the step 7 (make) of the alternate process you mentioned with out issue. I just need to install ungoogled chromium now. Do I need to follow step 8 and use dpkg-build-package in order to install ungoogled chromium? I've never used the dpkg-buildpackage command. Where and how do I used that command?

Okay, a few points to cover here:

• After step 7, you have Debian source packages. These packages only contain source code. They must be [unpacked and] compiled to produce the binary packages (.deb files) that can then be installed on the system.

• You can use dpkg-buildpackage or debuild to build the source package. It seemed like you already had experience with the former, from your first post on this thread. But if you've never compiled Debian source packages before... then I'm afraid you've chosen a poor example to learn with!

• Even then, the package will not build, because it has not been adapted to the Ubuntu environment. For that, you'll need the scripts in the xtradeb-convert repo. Before you run through the ungoogled-chromium-debian process, do this:

  $ /path/to/xtradeb-convert/pkg/chromium.sh /path/to/chromium-source/debian noble

  That will make the necessary adjustments for 24.04.

To reiterate, building from source is not necessary to get ungoogled-chromium on Ubuntu. I'm assuming that building from source (in and of itself) is important to you, and so am giving you the information above on that basis.

[rpstew]

Hello @iskunk ,

I tried your instructions today from scratch and ran into a compilation issue in step 7:

make
dpkg-parsechangelog: error: takes no non-option arguments

Use --help for program usage information.
dpkg-parsechangelog: error: takes no non-option arguments

Use --help for program usage information.
make: *** No rule to make target '/debian/source/format', needed by 'stage-1.stamp'.  Stop.

I believe the only difference is the chromium version. When it worked last week I was using 123.0.6312.105-1 and today I ended up with version 124.0.6367.118-1

[rpstew]

@iskunk

I went back to using version 123.0.6312.105-1 so I did the following steps after a successful step 7:

• tar xvf ungoogled-chromium_123.0.6312.105.orig.tar.xz
• tar xvf ungoogled-chromium_123.0.6312.105-1~deb13u1.debian.tar.xz
• git clone https://rpstewart@bitbucket.org/xtradeb/xtradeb-convert.git
• ./xtradeb-convert/pkg/chromium.sh /home/iwplayer/ungoogled-chromium-debian/convert3/after-step-7/debian/
• dpkg-buildpackage -b -uc

I had unmet dependencies:

dpkg-buildpackage -b -uc
dpkg-buildpackage: info: source package ungoogled-chromium
dpkg-buildpackage: info: source version 123.0.6312.105-1~deb13u1xtradeb1.2404.1
dpkg-buildpackage: info: source distribution noble
dpkg-buildpackage: info: source changed by XtraDeb User <xtradeb.user@example.com>
dpkg-buildpackage: info: host architecture amd64
 dpkg-source --before-build .
dpkg-checkbuilddeps: error: Unmet build dependencies: lld-16 clang-16 clang-format-16 libclang-rt-16-dev rustc (>= 1.70.0+dfsg1-5) ninja-build elfutils flex yasm xvfb gperf bison nodejs rollup valgrind xcb-proto libx11-xcb-dev libxshmfence-dev libgl-dev libglu1-mesa-dev libegl1-mesa-dev libgles2-mesa-dev libopenh264-dev generate-ninja mesa-common-dev rapidjson-dev libva-dev libxt-dev libgbm-dev libpng-dev libxss-dev libelf-dev libpci-dev libcap-dev libdrm-dev libffi-dev libkrb5-dev libexif-dev libflac-dev libudev-dev libpipewire-0.3-dev libopus-dev libwebp-dev libxtst-dev libjpeg-dev libxml2-dev libgtk-3-dev libxslt1-dev liblcms2-dev libpulse-dev libpam0g-dev libdouble-conversion-dev libxnvctrl-dev libwoff-dev libsnappy-dev libglib2.0-dev libasound2-dev libjsoncpp-dev libsecret-1-dev libspeechd-dev libminizip-dev libhunspell-dev libxcb-dri3-dev libusb-1.0-0-dev libopenjp2-7-dev libmodpbase64-dev libnss3-dev libnspr4-dev libcups2-dev libevent-dev libevdev-dev libgcrypt20-dev libcurl4-openssl-dev fonts-ipafont-gothic fonts-ipafont-mincho
dpkg-buildpackage: warning: build dependencies/conflicts unsatisfied; aborting
dpkg-buildpackage: warning: (Use -d flag to override.)

After installing all of those dependencies I get:

dpkg-buildpackage -b -uc
dpkg-buildpackage: info: source package ungoogled-chromium
dpkg-buildpackage: info: source version 123.0.6312.105-1~deb13u1xtradeb1.2404.1
dpkg-buildpackage: info: source distribution noble
dpkg-buildpackage: info: source changed by XtraDeb User <xtradeb.user@example.com>
dpkg-buildpackage: info: host architecture amd64
 dpkg-source --before-build .
 debian/rules clean
dh clean
   debian/rules override_dh_auto_clean
make[1]: Entering directory '/home/iwplayer/ungoogled-chromium-debian/convert3/after-step-7'
test ! -f ungoogled-domain-substitution.orig.tar \
|| tar xf ungoogled-domain-substitution.orig.tar
rm -f     ungoogled-domain-substitution.orig.tar
rm -rf third_party/node/linux/node-linux-x64
rm -rf out
rm -rf third_party/node/node_modules/rollup

rm -rf third_party/node/node_modules/acorn
rm -rf third_party/node/node_modules/walk
find . -name \*.pyc -execdir rm -f {} \;
dh_auto_clean
make[1]: Leaving directory '/home/iwplayer/ungoogled-chromium-debian/convert3/after-step-7'
   dh_clean
        rm -f debian/debhelper-build-stamp
        rm -rf debian/.debhelper/
        rm -f -- debian/ungoogled-chromium.substvars debian/ungoogled-chromium-l10n.substvars debian/ungoogled-chromium-shell.substvars debian/ungoogled-chromium-driver.substvars debian/ungoogled-chromium-common.substvars debian/ungoogled-chromium-sandbox.substvars debian/files
        rm -fr -- debian/ungoogled-chromium/ debian/tmp/ debian/ungoogled-chromium-l10n/ debian/ungoogled-chromium-shell/ debian/ungoogled-chromium-driver/ debian/ungoogled-chromium-common/ debian/ungoogled-chromium-sandbox/
        find .  \( \( \
                \( -path .\*/.git -o -path .\*/.svn -o -path .\*/.bzr -o -path .\*/.hg -o -path .\*/CVS -o -path .\*/.pc -o -path .\*/_darcs \) -prune -o -type f -a \
                \( -name '#*#' -o -name '.*~' -o -name '*~' -o -name DEADJOE \
                 -o -name '*.orig' -o -name '*.rej' -o -name '*.bak' \
                 -o -name '.*.orig' -o -name .*.rej -o -name '.SUMS' \
                 -o -name TAGS -o \( -path '*/.deps/*' -a -name '*.P' \) \
                \) -exec rm -f {} + \) -o \
                \( -type d -a \( -name autom4te.cache -o -name __pycache__ \) -prune -exec rm -rf {} + \) \)
 debian/rules binary
dh binary
   dh_update_autotools_config
   dh_autoreconf
   debian/rules override_dh_auto_configure
make[1]: Entering directory '/home/iwplayer/ungoogled-chromium-debian/convert3/after-step-7'
uname -m
x86_64
if [ `uname -m` = "armv7l" ]; then \
        grep -q 'neon\|asimd' /proc/cpuinfo || { \
                echo "No NEON extension detected on armhf, refusing to build" 1>&2; \
                false; \
        }; \
fi
\# verify that we're not accidentally uploading to stable-security without CVEs
\# use system node w/out patching source; upstream hardcodes x64 in path
mkdir -p third_party/node/linux/node-linux-x64/bin
cp /usr/bin/node third_party/node/linux/node-linux-x64/bin
\# use system rollup
cp -ra /usr/share/nodejs/rollup third_party/node/node_modules/
\# output compiler information
clang++-16 --version
Ubuntu clang version 16.0.6 (23ubuntu4)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
\# prefer unbundled (system) libraries
./debian/scripts/unbundle
Traceback (most recent call last):
  File "/home/iwplayer/ungoogled-chromium-debian/convert3/after-step-7/./debian/scripts/unbundle", line 9, in <module>
    import replace_gn_files
ModuleNotFoundError: No module named 'replace_gn_files'
make[1]: *** [debian/rules:161: override_dh_auto_configure] Error 1
make[1]: Leaving directory '/home/iwplayer/ungoogled-chromium-debian/convert3/after-step-7'
make: *** [debian/rules:137: binary] Error 2
dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2

I do see the python script:

• chromium-123.0.6312.105/build/linux/unbundle/replace_gn_files.py

[iskunk]

I tried your instructions today from scratch and ran into a compilation issue in step 7:

Make sure that your ORIG_SOURCE variable is pointing to an unpacked source tree of (Debian) Chromium of the specified version. The variable appears to be unset in your run.

I went back to using version 123.0.6312.105-1

The latest (.201) should work. As usual, the previous version has significant security vulnerabilities...

I had unmet dependencies:

You always have to install a source package's build dependencies before building the package.

After installing all of those dependencies I get:

I... have never seen the build fail that way before :-] I don't know what would have caused that to happen.

It's not clear to me exactly what operations have been made on the source tree that you are attempting to build, but I think you may want to try building regular old google-ful Chromium first. (Run the xtradeb-convert step, and skip the ungoogled ones.) That will take quite a bit of variability out of the process, and confirm that you can build Chromium before going for the variant.

[rpstew]

I started again from scratch. I got past step 7 this time with version 124.0.6367.118. I'm at the step now to run:

• /path/to/xtradeb-convert/pkg/chromium.sh /path/to/chromium-source/debian noble

I see several debian directories in my convert directory:

• chromium-124.0.6367.118/debian
• debian
• ungoogled-chromium-src/debian

Which one should I use when running chromium.sh?

[iskunk]

This is a question of workflow. I can't tell you exactly what to do, because it depends on what you want to do, but I'll clarify what you have there:

• chromium-124.0.6367.118/debian: This is the original, probably unmodified Debian source tree. If you just wanted to build regular Chromium on Ubuntu, you'd convert this one.

• debian: Not sure where this came from. Because it is not inside a Chromium source tree, however, it is probably not useful.

• ungoogled-chromium-src/debian: Note that ungoogled-chromium-src is a work tree for the conversion process. You could modify this tree, but the tree has already been packed into a source package (the trio of .dsc, .debian.tar.xz, and .orig.tar.xz). Either modify the tree and get rid of the source package, or unpack the source package separately and run the conversion on that tree (and get rid of the work tree). The latter is the expected process, but the former will save you quite a bit of disk churn.

You might prefer passing the INPLACE=1 argument to convert/Makefile, so that it will convert your starting source tree instead of making a copy and modifying that. (If you are going to run through this process regularly, as with each successive Chromium update, then you'll assuredly want to do this.)

[rpstew]

I will use INPLACE=1 as we do intend to modify the source code. So the first two times I ran the chromium.sh script I ran it on the first two debian directories in your previous message which I assume was incorrect. So do I run it on the ungoogled-chromium-src/debian directory assuming INPLACE is set to 1?

[iskunk]

If you use INPLACE=1, then no ungoogled-chromium-src tree is created, because all the modifications are made to the original source tree (presumably the unpacked Debian sources that you started with).

[rpstew]

So after step 7 I am left with the three files mentioned in step 8 although one of them is symbolic link:

• lrwxrwxrwx 1 root root 35 May 13 17:12 ungoogled-chromium_124.0.6367.118.orig.tar.xz -> chromium_124.0.6367.118.orig.tar.xz
• -rw-r--r-- 1 root root 662004 May 13 17:14 ungoogled-chromium_124.0.6367.118-1.debian.tar.xz
• -rw-r--r-- 1 root root 2995 May 13 17:14 ungoogled-chromium_124.0.6367.118-1.dsc

I'm assuming I need to unpack the debian.tar.xz file. Do I also need to unpack the orig.tar.xz file? Do I need to run xtradeb-convert/pkg/chromium.sh on one of the unpacked tar files?

[iskunk]

If you are working with a single tree, then you don't need to create that source package. You can skip its creation by invoking the convert target in the makefile instead of the default/implicit all.

Once the conversion is done, you can run chromium.sh on the converted source tree.

[rpstew]

I followed the steps through step 7, but ran "make convert" instead of "make". When I run

• xtradeb-convert/pkg/ /home/iwplayer/ungoogled-chromium-debian/convert/chromium-124.0.6367.118/debian

I get the following:

• xtradeb/clang-match-rust-target.patch (new)
• xtradeb/fortify-level-3.patch (new)
• xtradeb/lld-options.patch (new)

Warning: Patch series has changed, please run

$ cd /home/iwplayer/ungoogled-chromium-debian/convert/chromium-124.0.6367.118 $ quilt pop -afq && quilt push -afq

in the top-level source directory of the package.

Chromium package conversion for Ubuntu 24.04/noble complete.

I'm assuming I should follow those instructions to run the quilt command. Please confirm.

[iskunk]

Yes, the problem is that your unpacked source tree already has the Debian patches applied, and the conversion process changes the set of patches that should be applied. So you have to back out all the applied patches, and reapply the series. That is what the quoted quilt commands do.

You can streamline your process by passing --skip-patches to dpkg-source when unpacking the tree. Then there won't be a need to pop/push all the patches after the conversion. (The patches will be applied when you run dpkg-buildpackage.)

[rpstew]

I tried --skip-patches, but still get the patch warning:

• dpkg-source --skip-patches -x chromium_124.0.6367.118-1.dsc
• Modified Makefile (VERSION = 124.0.6367.118, INPLACE = 1, DISTRIBUTION = noble)
• make convert
• git clone https://rpstewart@bitbucket.org/xtradeb/xtradeb-convert.git

• xtradeb-convert/pkg/chromium.sh chromium-124.0.6367.118/debian

• xtradeb/clang-match-rust-target.patch (new)
  • xtradeb/fortify-level-3.patch (new)
  • xtradeb/lld-options.patch (new)

Warning: Patch series has changed, please run

$ cd /home/iwplayer/ungoogled-chromium-debian/convert/chromium-124.0.6367.118 $ quilt pop -afq && quilt push -afq

in the top-level source directory of the package.

Chromium package conversion for Ubuntu 24.04/noble complete.

[iskunk]

Ah yes, the conversion process applies its own patches as well. You'd have to do quilt pop -afq in the tree before running chromium.sh to avoid the warning.

[rpstew]

Hello @iskunk,

Thanks for all of your help! I successfully ran "dpkg-buildpackage -b -uc". It took about 10 hours to complete, but I ended up with the following files outside of the chromium-124.0.6367.118 directory:

ungoogled-chromium-sandbox-dbgsym_124.0.6367.118-1xtradeb1.2404.1_amd64.ddeb
ungoogled-chromium-common-dbgsym_124.0.6367.118-1xtradeb1.2404.1_amd64.ddeb
ungoogled-chromium-sandbox_124.0.6367.118-1xtradeb1.2404.1_amd64.deb
ungoogled-chromium-l10n_124.0.6367.118-1xtradeb1.2404.1_all.deb
ungoogled-chromium-driver-dbgsym_124.0.6367.118-1xtradeb1.2404.1_amd64.ddeb
ungoogled-chromium-common_124.0.6367.118-1xtradeb1.2404.1_amd64.deb
ungoogled-chromium-shell-dbgsym_124.0.6367.118-1xtradeb1.2404.1_amd64.ddeb
ungoogled-chromium-shell_124.0.6367.118-1xtradeb1.2404.1_amd64.deb
ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.deb
ungoogled-chromium-driver_124.0.6367.118-1xtradeb1.2404.1_amd64.deb
ungoogled-chromium-dbgsym_124.0.6367.118-1xtradeb1.2404.1_amd64.ddeb
ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.buildinfo
ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.changes

Am I building parts of Ungoogled Chromium that I don't need? I see six .deb files and five .ddeb files.

Do I need to install all six *.deb files in order to use Ungoogled Chromium built from sources on Ubuntu 24.04?

[iskunk]

All right, you made it!

All those .deb files are part of the normal build; there isn't really a way to leave them out. In a typical installation, you will only need the *chromium and *chromium-common packages. The rest are for more specific use cases.

[rpstew]

I'm seeing a note or warning when trying to install the common package:

apt install ./ungoogled-chromium-common_124.0.6367.118-1xtradeb1.2404.1_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'ungoogled-chromium-common' instead of './ungoogled-chromium-common_124.0.6367.118-1xtradeb1.2404.1_amd64.deb'
The following additional packages will be installed:
  avahi-utils system-config-printer
Suggested packages:
  gnome-software
Recommended packages:
  ungoogled-chromium-sandbox
The following NEW packages will be installed:
  avahi-utils system-config-printer ungoogled-chromium-common
0 upgraded, 3 newly installed, 0 to remove and 8 not upgraded.
Need to get 106 kB/5,655 kB of archives.
After this operation, 18.7 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 /home/iwplayer/ungoogled-chromium-debian/convert/ungoogled-chromium-common_124.0.6367.118-1xtradeb1.2404.1_amd64.deb ungoogled-chromium-common amd64 124.0.6367.118-1xtradeb1.2404.1 [5,548 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu noble/main amd64 avahi-utils amd64 0.8-13ubuntu6 [25.8 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu noble/universe amd64 system-config-printer all 1.5.18-1ubuntu9 [80.6 kB]
Fetched 106 kB in 0s (381 kB/s)
Selecting previously unselected package avahi-utils.
(Reading database ... 175163 files and directories currently installed.)
Preparing to unpack .../avahi-utils_0.8-13ubuntu6_amd64.deb ...
Unpacking avahi-utils (0.8-13ubuntu6) ...
Selecting previously unselected package system-config-printer.
Preparing to unpack .../system-config-printer_1.5.18-1ubuntu9_all.deb ...
Unpacking system-config-printer (1.5.18-1ubuntu9) ...
Selecting previously unselected package ungoogled-chromium-common.
Preparing to unpack .../ungoogled-chromium-common_124.0.6367.118-1xtradeb1.2404.1_amd64.deb ...
Unpacking ungoogled-chromium-common (124.0.6367.118-1xtradeb1.2404.1) ...
Setting up avahi-utils (0.8-13ubuntu6) ...
Setting up system-config-printer (1.5.18-1ubuntu9) ...
Setting up ungoogled-chromium-common (124.0.6367.118-1xtradeb1.2404.1) ...
Processing triggers for gnome-menus (3.36.0-1.1ubuntu3) ...
Processing triggers for man-db (2.12.0-4build2) ...
Processing triggers for desktop-file-utils (0.27-2build1) ...
N: Download is performed unsandboxed as root as file '/home/iwplayer/ungoogled-chromium-debian/convert/ungoogled-chromium-common_124.0.6367.118-1xtradeb1.2404.1_amd64.deb' couldn't be accessed by user '_apt'. - pkgAc           quire::Run (13: Permission denied)

Also when I try to install the chromium package:

apt install ./ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'ungoogled-chromium' instead of './ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.deb'
Suggested packages:
  ungoogled-chromium-l10n ungoogled-chromium-shell ungoogled-chromium-driver
Recommended packages:
  ungoogled-chromium-sandbox
The following NEW packages will be installed:
  ungoogled-chromium
0 upgraded, 1 newly installed, 0 to remove and 8 not upgraded.
Need to get 0 B/84.6 MB of archives.
After this operation, 265 MB of additional disk space will be used.
Get:1 /home/iwplayer/ungoogled-chromium-debian/convert/ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.deb ungoogled-chromium amd64 124.0.6367.118-1xtradeb1.2404.1 [84.6 MB]
Selecting previously unselected package ungoogled-chromium.
(Reading database ... 175265 files and directories currently installed.)
Preparing to unpack .../ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.deb ...
Unpacking ungoogled-chromium (124.0.6367.118-1xtradeb1.2404.1) ...
Setting up ungoogled-chromium (124.0.6367.118-1xtradeb1.2404.1) ...
Processing triggers for hicolor-icon-theme (0.17-2) ...
Processing triggers for gnome-menus (3.36.0-1.1ubuntu3) ...
Processing triggers for man-db (2.12.0-4build2) ...
Processing triggers for desktop-file-utils (0.27-2build1) ...
N: Download is performed unsandboxed as root as file '/home/iwplayer/ungoogled-chromium-debian/convert/ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::           Run (13: Permission denied)

When I try to start ungoogled-chromium then I get an error about no usable sandbox:

ungoogled-chromium
[2826:2826:0515/152829.385016:ERROR:zygote_host_impl_linux.cc(126)] No usable sandbox! If this is a Debian system, please install the chromium-sandbox package to solve this problem. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.

I assume this means I need to install the sandbox package also. After I installed the sandbox package and run ungoogled-chromium it does seem to work although I see some errors and warnings:

ungoogled-chromium
[3321:3321:0515/153045.204996:ERROR:chrome_browser_cloud_management_controller.cc(161)] Cloud management controller initialization aborted as CBCM is not enabled. Please use the `--enable-chrome-browser-cloud-management` command line flag to enable it if you are not using the official Google Chrome build.
[3321:3321:0515/153045.495042:ERROR:object_proxy.cc(576)] Failed to call method: org.freedesktop.ScreenSaver.GetActive: object_path= /org/freedesktop/ScreenSaver: org.freedesktop.DBus.Error.NotSupported: This method is not part of the idle inhibition specification: https://specifications.freedesktop.org/idle-inhibit-spec/latest/
[3321:3358:0515/153240.877762:ERROR:ev_root_ca_metadata.cc(162)] Failed to decode OID: 0
libpng warning: iCCP: known incorrect sRGB profile
libpng warning: iCCP: known incorrect sRGB profile

[rpstew]

If I install in the following order I only see the permission denied issue for each package installed:

apt install -y ./ungoogled-chromium-sandbox_124.0.6367.118-1xtradeb1.2404.1_amd64.deb apt install -y ./ungoogled-chromium-common_124.0.6367.118-1xtradeb1.2404.1_amd64.deb apt install -y ./ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.deb

N: Download is performed unsandboxed as root as file '/home/iwplayer/ungoogled-chromium-sandbox_124.0.6367.118-1xtradeb1.2404.1_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)

[iskunk]

The "Download is performed unsandboxed" warning is an unrelated APT issue.

The "No usable sandbox" error implies that your system does not have user namespaces enabled, which is not the norm for Ubuntu. User namespaces are what Chromium normally uses, on modern systems, for sandboxing. The *chromium-sandbox package provides sandboxing via a setuid binary, which should be considered an "only use it if you have to" option. Here is one recent-ish posting addressing the subject on Ubuntu.

Lastly, note that you can pass multiple packages at a time to apt for installation. It is typical to install a set of packages that are related (or otherwise depend on each other) in a single invocation.

[rpstew]

I started from scratch and ran the following command as root to do the install: apt install -y ./ungoogled-chromium-common_124.0.6367.118-1xtradeb1.2404.1_amd64.deb ./ungoogled-chromium_124.0.6367.118-1xtradeb1.2404.1_amd64.deb

I'm still seeing:

ungoogled-chromium
[2383:2383:0523/151517.347270:ERROR:zygote_host_impl_linux.cc(126)] No usable sandbox! If this is a Debian system, please install the chromium-sandbox package to solve this problem. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.

I then ran the commands from the url you sent above:

sysctl kernel.unprivileged_userns_clone
kernel.unprivileged_userns_clone = 1
root@iwplayer:/home/iwplayer# lsns -o ns,pid,type,command | grep 'ungoogled-chromium'
root@iwplayer:/home/iwplayer#

I next ran the ungoogled-chromium-debian/convert/chromium-124.0.6367.118/out/Release/chrome-wrapper command then I see:

lsns -o ns,pid,type,command | grep 'ungoogled-chromium'
4026532462  2683 pid    /home/iwplayer/ungoogled-chromium-debian/convert/chromium-124.0.6367.118/out/Release/chrome --type=zygote --change-stack-guard-on-fork=enable
4026532463  2683 net    /home/iwplayer/ungoogled-chromium-debian/convert/chromium-124.0.6367.118/out/Release/chrome --type=zygote --change-stack-guard-on-fork=enable

I am still seeing the same issue:

ungoogled-chromium
[2894:2894:0523/152511.311373:ERROR:zygote_host_impl_linux.cc(126)] No usable sandbox! If this is a Debian system, please install the chromium-sandbox package to solve this problem. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.

[iskunk]

Thanks for looking further into this. Not only have I successfully reproduced the issue on a 24.04 system here, I've found that recent changes in AppArmor are in fact interfering with the program's operation, despite the latter not being covered by an AppArmor profile. I have filed a bug report in their tracker detailing the issue.

As for how you can get up and running in the meantime, without installing the -sandbox package, I've confirmed that the following process will do the trick:

1. Get a copy of an AppArmor profile for Chromium here. (FYI, I regularly contribute updates to this profile, and use it myself.)
2. Place the file on your system at /etc/apparmor.d/chromium_browser. Make sure it's owned by root:root, of course.
3. Make the following edit to the profile (this line is close to the top):

   -@{chromium} = chromium{,-browser}
   +@{chromium} = {,ungoogled-}chromium{,-browser}

4. Reboot. You should now be able to start ungoogled-chromium normally.

You'll have the additional benefit of running under AppArmor confinement (e.g. if you try to navigate to /home/username/.ssh/ in the browser, you'll get an error), but of course, this should not be a necessary measure just to get things working.

[rpstew]

Thanks! That is working for me.

[rpstew]

I made my first source code change to ungoogled chromium. I tried to just recompile, but must have made a mistake. I ended up redoing the entire process from scratch. It takes almost 10 hours to do the final build step. What steps should I follow when modifying source code and running a rebuild? Thanks.

[iskunk]

You can't rebuild Debian source packages incrementally---not without hacking up the build process, anyway---because the first thing it does is clear out any existing build tree.

If you just want to experiment with modifying the source, then start with a full package build, make your changes, and then run just the main ninja command. You'll see it near the beginning of your build log; it looks like this:

ninja -j4 -C out/Release chrome chrome_sandbox content_shell chromedriver

That command is equivalent to running make in makefile-based projects. Note that this will not rebuild the .deb package files; there are several steps after this command that cannot be reproduced easily outside of the context of a package build.

Once the rebuild is complete, you may want to copy over the binaries of an existing ungoogled-chromium installation (note that the binaries are renamed from what is produced in the build tree), or even try running ungoogled-chromium directly from the build tree.

[rpstew]

@iskunk

I'm running inside a docker container and see the following issue today:

Step 27/31 : RUN xtradeb-convert/pkg/chromium.sh chromium-125.0.6422.60/debian noble
 ---> Running in 4b8b8a64c279
 * bookworm/libxml-parseerr.patch  (new)
cp: cannot stat 'xtradeb-convert/pkg/_chromium/bookworm_libxml-parseerr.patch': No such file or directory
The command '/bin/sh -c xtradeb-convert/pkg/chromium.sh chromium-125.0.6422.60/debian noble' returned a non-zero code: 1

I verified that I don't see that patch file.

[iskunk]

Note that the current xtradeb-convert release will generally require a current Chromium package in order to work. In this case, the bookworm/libxml-parseerr.patch file was newly added to 125.0.6422.141. You'll need to either update your Chromium package, or use a previous revision of xtradeb-convert.

[rpstew]

I was just using the version at the bottom of this url you gave me: https://packages.debian.org/source/testing/chromium I can checkout a different tag/branch in xtradeb-convert. Which one do you recommend? Thanks!

[iskunk]

There are no tags/branches in the xtradeb-convert repo; just look at the commit messages.

For the Chromium source package, use the one in the unstable suite: https://packages.debian.org/source/unstable/chromium

[rpstew]

I'll use the Chromium package in the unstable suite instead of the testing suite. What is the difference?

I used the newer unstable Chromium package and looks like it is working. Just kicked off a 10 hour build. Thanks!

[rpstew]

I don't use the debug packages (*.ddeb). I've been google searching and I don't see a way to disable those packages from being built. Just looking for a way to speed up the building process.

[iskunk]

I'll use the Chromium package in the unstable suite instead of the testing suite. What is the difference?

There is no difference in kind. The testing version is just an earlier unstable version that has passed a certain amount of time without any showstopper bugs.

I don't use the debug packages (*.ddeb). I've been google searching and I don't see a way to disable those packages from being built. Just looking for a way to speed up the building process.

You can try setting DEB_BUILD_OPTIONS=noddebs in your build environment. I don't think this will significantly reduce the build time, however.

[rpstew]

@iskunk Today I tried to checkout version 126.0.6478.56 from a cloned ungoolged-chromium source tree based on https://packages.debian.org/source/unstable/chromium and am getting:

$ git checkout 126.0.6478.56
error: pathspec '126.0.6478.56' did not match any file(s) known to git
$ git checkout 126.0.6478.56-1
error: pathspec '126.0.6478.56-1' did not match any file(s) known to git
$ git checkout 126.0.6478.56-2
error: pathspec '126.0.6478.56-2' did not match any file(s) known to git

I see tags in the ungoogled-chromium repo of 126.0.6478.55-1 and 126.0.6478.61-1, but not 126.0.6478.56-1.

[iskunk]

The maintainer of the Debian chromium package goofed; the packaged version should have been .55. (.56 is actually the Windows/Mac version.) You can build u-c using source package .56 and u-c tag .55.

[rpstew]

@iskunk

Are there any special steps needed to use CEF with Ungoogled Chromium sources?

[iskunk]

I'm afraid I have not done that myself, and cannot give any guidance there, beyond pointing out the different names and directories of the installed files.

[rpstew]

@iskunk

I am dockerizing the linux steps in https://bitbucket.org/chromiumembedded/cef/wiki/MasterBuildQuickStart.md. According to https://www.magpcss.org/ceforum/viewtopic.php?f=6&t=19804# I should be able to apply the ungooggled chromium patches to CEF.

Below are my current steps for building ungoogled chromium. I'm trying to figure out which steps are needed and which are not needed when applying the ungoogled chromium patches to CEF. Any advise you can give would be greatly appreciated. Thanks.

# Install Ubuntu 24.04 on desired hardware
# Install dependencies
git clone https://github.com/ungoogled-software/ungoogled-chromium-debian.git
cd ungoogled-chromium-debian/convert
# Download a chromium source package.  This involves downloading three required files (.dsc, .debian.tar.xz, .orig.tar.xz) using the links near the bottom of the page.
git clone https://github.com/ungoogled-software/ungoogled-chromium.git
cd ungoogled-chromium
git checkout <VERSION>
cd ..
dpkg-source --skip-patches -x chromium_<VERSION>.dsc
# Edit the Makefile (VERSION = <VERSION>, INPLACE = 1, DISTRIBUTION = noble)
make convert
cd chromium-<VERSION>
quilt pop -afq
cd ..
git clone https://bitbucket.org/xtradeb/xtradeb-convert.git
xtradeb-convert/pkg/chromium.sh chromium-<VERSION>/debian noble
cd chromium-<VERSION>
dpkg-buildpackage -b -uc

[iskunk]

CEF appears to be using a completely different build process, more like that of the upstream's, that is not compatible with the Debian build process you've been following so far. (Your summary of the Debian process looks fine to me.)

I can't help you with the the CEF stuff. I would, however, question the wisdom of embedding Chromium into your application. You've already seen how frequently Chromium updates, and by incorporating it directly into your application, you are putting your application on the hook to update on a similar schedule to remain clear of known security issues. Is that kind of tight coupling, and the associated maintenance overhead, really necessary?

From your early posts, I gathered that you are building u-c for use in a video wall controller. Could your application needs be handled by something like python3-selenium? That would allow your application to integrate Web browser functionality, without embedding it directly. You can then focus on keeping the browser package up-to-date, and only touch your application when it has a meaningful change.

[rpstew]

@iskunk

We have custom display software that currently runs on Xubuntu 20.04. The software is written in Qt C++ with QtWebkit embedded in it to display custom html. We are looking to replace QtWebkit with Ungooled Chromium on Xubuntu 24.04 using mostly the same Qt C++ code. Seemed like CEF would be a good solution, but we also need the Ungoogled Chromium patches. Perhaps we don't need CEF. Your suggestions are much appreciated.

[iskunk]

Have you looked at QtWebEngine? That seems to be the direction you're wanting to go...