You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In order to run chromote in Posit Workbench, I needed to manually specify --no-sandbox.
Is this expected?
If not, any ideas on what could be wrong with my setup (using a version of Posit's Docker images)?
If so, can that be automated via the package (e.g., flags here)?
Reprex:
chromote::set_chrome_args(chromote:::default_chrome_args())
b<-chromote::ChromoteSession$new()
#> Error in `with_random_port()`:#> ! Cannot find an available port. Please try again.#> Caused by error in `startup()`:#> ! Failed to start chrome. Error: Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted#> [0703/000005.639233:FATAL:zygote_host_impl_linux.cc(201)] Check failed: . : No space left on device (28)#> [0703/000005.649603:ERROR:file_io_posix.cc(145)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq: No such file or directory (2)#> [0703/000005.649699:ERROR:file_io_posix.cc(145)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq: No such file or directory (2)#> [0100/000000.668105:ERROR:zygote_linux.cc(673)] write: Broken pipe (32)chromote:::default_chrome_args()
#> [1] "--force-color-profile=srgb" "--disable-extensions" #> [3] "--mute-audio"
Solution: specify --no-sandbox (not a default arg, likely intentionally given security considerations)
# > Note: --no-sandbox is not needed if you properly setup a user in the container.
# https://developers.google.com/web/updates/2017/04/headless-chrome
It's unclear whether there is additional Docker-level setup to create user profile in Workbench. Of note, there is almost surely always an id available in user sessions, as referenced by is_missing_linux_user(). Illustrative (redacted):
For users, this typically shows up indirectly via calls like:
library(gt)
library(dplyr)
gt(mtcars) %>%
gtsave("mtcars.png")
#> Error in `with_random_port()`:
#> ! Cannot find an available port. Please try again.
#> Caused by error in `startup()`:
#> ! Failed to start chrome. Error:
#> Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted
#> [1028/162339.112286:FATAL:zygote_host_impl_linux.cc(201)] Check failed: . : No space left on device (28)
#> [1028/162339.122671:ERROR:file_io_posix.cc(145)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq: No such file or directory (2)
#> [1028/162339.122762:ERROR:file_io_posix.cc(145)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq: No such file or directory (2)
#> [0100/000000.141627:ERROR:zygote_linux.cc(678)] write: Broken pipe (32)
Separating out from rstudio/rstudio#12960 (comment)
In order to run
chromote
in Posit Workbench, I needed to manually specify--no-sandbox
.Is this expected?
Reprex:
--no-sandbox
(not a default arg, likely intentionally given security considerations)More detail
--no-sandbox
is seemingly bypassed, since each of the cases are FALSE on Workbench (reference)While there's a comment in the function here
It's unclear whether there is additional Docker-level setup to create user profile in Workbench. Of note, there is almost surely always an
id
available in user sessions, as referenced byis_missing_linux_user()
. Illustrative (redacted):In the same Docker image, built locally:
The text was updated successfully, but these errors were encountered: