ungoogled-chromium的启动

原创
2021/02/08 17:20
阅读数 596

官方说明是如下的:

Thanks for using ungoogled-chromium! You have downloaded a Portable Linux build.

SANDBOXING

Before you run, you must setup your system so the browser's sandboxing will work. There are two options:
* Use the user namespace sandbox. This is the preferred option.
* Use the SUID sandbox. This should be used on systems that do not have support for user namespaces.

How to set up the user namespace sandbox:
If there is no user namespace sandbox, the kernel may be able to be configured to allow user namespaces. The method to enable it varies per system. Sometimes it's enabled by default. If it's not, sometimes sysctl can be used to set kernel.unprivileged_userns_clone to 1. There may also be a way to set it via the /sys partition. Specific instructions should be found online.

How to set up the SUID sandbox:
1. Rename "chrome_sandbox" to "chrome-sandbox"
2. Set the file mode to 4755
3. Set the group to root

RUNNING THE BROWSER

Once the sandbox is set up, the browser can be run by using the "chrome-wrapper" script.

我在启动时,缺少特定的库,因此执行定向的安装:

sudo apt install libatomic1

之后,执行“在Debian内核中启用用户名称空间”的相关操作。

要启用它(直到下次重新启动),

sudo sysctl -w kernel.unprivileged_userns_clone=1 

对于永久配置,可以/etc/sysctl.d在启动时添加新条目以启用该功能:

 echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf
  service procps restart

实际上,ubuntu20.04该开关是默认开着的。可以通过下列命名查看。

cat /proc/sys/kernel/unprivileged_userns_clone

 

展开阅读全文
加载中
点击引领话题📣 发布并加入讨论🔥
0 评论
0 收藏
0
分享
返回顶部
顶部