I am trying to use Brave Browser on my CentOS machine, but when I try running it, it gives me the following error.
[19576:19576:0208/180128.818448:FATAL:zygote_host_impl_linux.cc(126)] No usable sandbox! Update your kernel or see https://chromium.googlesource.com/chromium/src/+/master/docs/linux_suid_sandbox_development.md for more information on developing with the SUID sandbox. If you want to live dangerously and need an immediate workaround, you can try using –no-sandbox.
fish: “./brave” terminated by signal SIGABRT (Abort)
The git page of the project said that I could get an error about sandboxing, and suggested a solution to it.
Here is what it says:
NOTE: If Brave does not start and shows an error about sandboxing, you may need to enable userns in your kernel. Running with the –no-sandbox flag is NOT recommended!
Now, I have three main questions:
1) What exactly does the userns do? I have tried reading the man page on user namespaces, but things got a bit complicated for me, so I would appreciate some explanation.
2) Is it okay if I enable userns, or could it cause some problems?
3) If it is okay, how do I do that? This is the method I found, but I am not sure if that would be the best way to do it.
https://luppeng.wordpress.com/2016/07/08/user-namespaces-with-cent-os-7-rhel/
Best Answer
Namespaces is a kernel feature used by containers like LXC or docker. You have several kinds, PID namespaces, user namespaces,... And you're right, it's quite complicated at first. I find this old blogpost has a good explanation of why it's useful for containers: https://rhelblog.redhat.com/2015/07/07/whats-next-for-containers-user-namespaces/
On RHEL 7.4 it should be included the kernel but disabled by configuration ( number of available namespaces is set to zero by default). Simply execute: