Linux install issues

Ok, you guys are not going to make this easy are you...lol

System info, Debian 10, intel, 64bit

Downloaded the linked Linux file:
arduino-ide_2.0.0-beta.7_Linux_64bit.zip

Unzipped without error and created directory:
/arduino-ide_2.0.0-beta.7_Linux_64bit

Tried to execute and got the following error:

robert@mountain-cabin:~/Arduino/arduino-ide_2.0.0-beta.7_Linux_64bit$ ./arduino-ide 
[21911:0629/223712.977840:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /home/robert/Arduino/arduino-ide_2.0.0-beta.7_Linux_64bit/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap

sudo chown root chrome-sandbox
sudo chmod 4755 chrome-sandbox

try again:

obert@mountain-cabin:~/Arduino/arduino-ide_2.0.0-beta.7_Linux_64bit$ ./arduino-ide 
[22317:0629/223916.996186:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /home/robert/Arduino/arduino-ide_2.0.0-beta.7_Linux_64bit/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap

So try the following:

robert@mountain-cabin:~/Arduino/arduino-ide_2.0.0-beta.7_Linux_64bit$ **sudo ./arduino-ide** 
[22508:0629/224550.633720:FATAL:electron_main_delegate.cc(254)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.
Trace/breakpoint trap

This works however:

/sudo ./arduino-ide --no-sandbox

So am I running with no sandbox, am I creating a vulnerability?

Also since I am a heavy user of the cli should I be looking into the Arduino cli toolkit?
I have heard about it but have not looked into it yet??

Oh ya, one more issue I just found out. When every it tries to open a web browser it fails
Example: Click Help/Reference

Failed to execute default web browser.
Input/Output Error

Added note: I know it has network connectivity because I was able to download the latest boards manager.
Example:

Tool arduino:avr-gcc@7.3.0-atmel3.6.1-arduino5 already installed
Tool arduino:avrdude@6.3.0-arduino17 already installed
Tool arduino:arduinoOTA@1.3.0 already installed
Downloading packages
Upgrading arduino:megaavr@1.8.7 with arduino:megaavr@1.8.6
Configuring platform
arduino:megaavr@1.8.6 installed

Oh ya another issue, lol
I went into preferences and you have it set to save sketches to /root/arduino?
You should not be doing anything in root. User sketches go in the user directory.
Really don't get the feeling security is a top priority in Arduino land.

Thanks,
Robert

I recommend against running the Arduino IDE with sudo. This should not be necessary. You should investigate what is the cause of the original error.

It's because you ran it with sudo.

It's because you ran it with sudo.

The default sketchbook location is the Arduino subfolder of the user directory. If you run it as root, then that's where it's going to be. If you run it as a normal user then it will be where you want it.

Good advice! Please don't run the IDE as root.

1 Like

Thank you for responding.

I don't want to run the ide as root using sudo. That is not how you typically run applications as your know.

if I try to run it with the standard script as a standard user without the --no-sandbox flag I get an error:

 ./arduino-ide 
[25146:0630/071310.956170:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /home/robert/Arduino/arduino-ide/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap

Update: (showing file permission for chrome-sandbox)
The file chrome-sandbox is in fact configured correctly as I mentioned in the above post:

-rwxr-xr-x 1 root robert 6.1M May 17 10:15 chrome-sandbox

I can however run it with the
./arduino-ide --no-sandbox

This in fact now works as expected and the web browser also works as expected. I also changed the sketch location to my local home user folder so that is handled as well.

So again, I ask "Is running the program with the --no-sandbox create a vulnerability?

Ok, I think I found my error,

I ran chown and changed the group but not the owner, so lets try again...

Previously:

-rwxr-xr-x 1 root robert 6.1M May 17 10:15 chrome-sandbox

sudo chown root:root chrome-sandbox
sudo chmod 4755 chrome-sandbox

-rwsr-xr-x 1 root root 6.1M May 17 10:15 chrome-sandbox

But now chrome-sandbox is highlighted in red indicating.......See Update Below....

Update:
This flips the setuid bit, basically the script is running as its owner and not the user who executed it.

The program now starts with the standard ./arduino-ide without issue.

Unfortunately, I'm not familiar with this "chrome-sandbox" issue. I run all the versions of Arduino IDE 2.0.0 regularly on Linux and haven't had anything like this and I also follow this forum category and the IDE's issue tracker closely and haven't seen any reports. I did find one mention of it in passing though:
https://github.com/arduino/arduino-ide/issues/259

Go to this directory and change owner/group and mode of chrome-sandbox accordingly:
-rwsr-xr-x 1 root root 6322128 Mär 18 12:56 chrome-sandbox

That issue report was about a completely different issue which has been fixed already.

These warnings are all normal. I don't think they indicate any real problem.

These errors are not normal. Unfortunately, I'm also coming up short on an explanation for this.

Arduino IDE 2.x uses a gRPC interface over TCP/IP to communicate with Arduino CLI, which handles all the non-GUI operations. So it might be somehow related to that communication channel. One of the more common problems is collisions between the default port used for this communication and some other application on the user's computer. However, the symptom of that issue is a different error message from the one you shared.

I definitely recommend it. Arduino CLI provides a much nicer command line interface than the classic Arduino IDE did and Arduino IDE 2.x doesn't provide one at all since it is no longer needed.

I don't use the command line directly as much as I do GUIs, but I do a lot of automation and for that application Arduino CLI is an absolute game changer when compared to the old days of making do with what the classic Arduino IDE provided.

Hello Pert,

Thanks for the quick responses.

I found out the chrome-sandbox being highlighted in red means the file is executed as the owner and not the user that initiated its execution. Basically the setuid bit has been flipped. I am pretty sure this would be expected behavior as we are turning control of the file chrome-sandbox over to root, even though the program running under standard user robert is executing the script/program.

I will keep an eye on the errors and in the meantime I will look into the Arduino CLI.

I am going to close this as solved...

Thanks for your assistance, it is appreciated.

I just wanted to update on this portion:

These appear on shutdown of the application, more specifically..Lets say I open a example, blink...but then I got to open another example...it creates another instance of the IDE. When I click on file/exit... It closes both instances of the IDE and leaves behind the error code I originally qouted.

Not sure if that is helpful. I did read somewhere there was a bug in which it would open multiple instances of the IDE when opening new sketches..So I will just accept this as a minor bug issue.

Thanks..

Having multiple sketch windows of the same instance open is definitely supported. However, having multiple instances of the IDE open is not. I haven't found a case where this limitation harmed the usability though because, unlike the classic Arduino IDE, the board/port/Serial Monitor settings of windows of a single instance are independent from each other, so you can work with different boards in different windows at the same time without updating the settings over and over again, and with a Serial Monitor connected to each board.

I ran into an error caused by opening multiple instances of Arduino IDE 2.x a few times while using earlier versions. I didn't manage to accomplish it this time though. No matter what I tried, I either just got a new window or else it switches to the already open window.

You're absolutely right, this "improved" IDE does not make things easy.
I installed the latest version arduino-ide_2.0.0-beta.10_Linux_64bit. I changed the owner of the sandbox (whhhhhy?) to root, chmod'd it to 04755 and ran it.
It croaked!
arduino2@corv:~$ ./arduino-ide_2.0.0-beta.10_Linux_64bit/arduino-ide
./arduino-ide_2.0.0-beta.10_Linux_64bit/arduino-ide: error while loading shared libraries: libffmpeg.so: cannot open shared object file: No such file or directory

EVEN THOUGH that library is included in the distribution (though why Arduino development needs MPEGs is beyond me):
arduino2@corv:~$ find | grep libffmpeg
./arduino-ide_2.0.0-beta.10_Linux_64bit/resources/app/node_modules/electron/dist/libffmpeg.so
./arduino-ide_2.0.0-beta.10_Linux_64bit/libffmpeg.so

I have now given up on this. I am staying with the original IDE 1.8.15 that does everything I need.