Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Puppeter cannot start on CentOS 7 #2857

Closed
apichery opened this issue Jul 9, 2018 · 16 comments
Closed

Puppeter cannot start on CentOS 7 #2857

apichery opened this issue Jul 9, 2018 · 16 comments

Comments

@apichery
Copy link

apichery commented Jul 9, 2018
edited
Loading

Steps to reproduce

Environment:

  • Puppeteer version: Latest
  • Platform / OS version: CentOS 7
  • Node.js version: 8 or 10, it does not matter.

What steps will reproduce the problem?

Step 1: Install & run CentOS 7

$uname -a
Linux centos 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Step 2: install node, puppeteer and chromium missing dependencies

curl -sL https://rpm.nodesource.com/setup_8.x | sudo -E bash -
yum install nodejs

Install missing Chromium dependencies:

pango.x86_64
libXcomposite.x86_64
libXcursor.x86_64
libXdamage.x86_64
libXext.x86_64
libXi.x86_64
libXtst.x86_64
cups-libs.x86_64
libXScrnSaver.x86_64
libXrandr.x86_64
GConf2.x86_64
alsa-lib.x86_64
atk.x86_64
gtk3.x86_64
ipa-gothic-fonts
xorg-x11-fonts-100dpi
xorg-x11-fonts-75dpi
xorg-x11-utils
xorg-x11-fonts-cyrillic
xorg-x11-fonts-Type1
xorg-x11-fonts-misc

Step 3 - Create test.js

'use strict';
const puppeteer = require('puppeteer');
const fs = require('fs');
(async () => {
  console.info("Starting browser");
  let browser;
  try {
    browser = await puppeteer.launch({});
  } catch (e) {
    console.info("Unable to launch browser mode in sandbox mode. Lauching Chrome without sandbox.");
    browser = await puppeteer.launch({args:['--no-sandbox']});
  }
  console.info("Browser successfully started");
  console.info("Closing browser");
  await browser.close();
  console.info("Done");
})();

Step 4: Execute test.

$ node test.js

Starting browser
Unable to launch browser mode in sandbox mode. Lauching Chrome without sandbox.
Browser successfully started
Closing browser
Done

See that the browser cannot be launched without --no-sandbox

Analysis

Install "standard" Chromium on same linux box and see that Chromium can be successfully launched.
Navigate to about:sandbox in "standard" Chromium and see that SUID sandboxing is used (because user namespace sandboxing is not available).

For SUID sandboxing to work, "standard" chromium uses a process called "chrome-sandbox".

If you navigate to node_modules/puppeteer/.local-chromium/linux-549031, you notice that for puppeteer there is a file named chrome_sandbox (with an underscore).

Renaming this file to chrome-sandbox, making it owned by root and with attributes 4755 does the trick...

sudo mv chrome_sandbox chrome-sandbox
sudo chown root chrome-sandbox
sudo chmod 4755 chrome-sandbox

Now, run the test again

$ node test.js

Starting browser
Browser successfully started
Closing browser
Done

Alternatively, one can enable user namespaces in the kernel, but that's not always possible, so I think Puppeteer should gracefully degrade the sandboxing as Google Chrome and Chromium do.
@aslushnikov aslushnikov mentioned this issue Jul 11, 2018
Closed
@aslushnikov
Copy link
Contributor

@apichery thank you for the well written report.

Renaming this file to chrome-sandbox, making it owned by root and with attributes 4755 does the trick...

I don't know much about sandboxing, but this looks like a hack to me. I wonder if it just pretends to work rather then working as intended.

Do you mind asking on chromium-dev regarding this approach?

@aslushnikov aslushnikov mentioned this issue Jul 19, 2018
Closed
@zhoujingchao
Copy link

@apichery maybe you can try
yum install pango.x86_64 libXcomposite.x86_64 libXcursor.x86_64 libXdamage.x86_64 libXext.x86_64 libXi.x86_64 libXtst.x86_64 cups-libs.x86_64 libXScrnSaver.x86_64 libXrandr.x86_64 GConf2.x86_64 alsa-lib.x86_64 atk.x86_64 gtk3.x86_64 ipa-gothic-fonts xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc

const browser = await puppeteer.launch({
headless: true,
args: ['--no-sandbox']
})

@willemevenwel
Copy link

yum install pango libXcomposite libXcursor libXdamage libXext libXi libXtst cups-libs libXScrnSaver libXrandr GConf2 alsa-lib atk gtk3 ipa-gothic-fonts xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc

@Salketer
Copy link

The problem with this kind of fix is when the user cannot use sudo... There has to be another way than giving the file to root?!

@apichery
Copy link
Author

@Salketer If user cannot sudo and the other sandboxing options are not available, there is no way to install a sandbox. So you are left with calling pupeteer with --no-sandbox option.

@Salketer
Copy link

Salketer commented Nov 29, 2018 via email

@sebaplaza
Copy link

This is a problem of fonts.

Try installing:

yum -y install  liberation-mono-fonts liberation-narrow-fonts liberation-sans-fonts liberation-serif-fonts

@jinggoing
Copy link

Starting browser
Unable to launch browser mode in sandbox mode. Lauching Chrome without sandbox.
(node:27544) UnhandledPromiseRejectionWarning: Error: Failed to launch chrome!
/usr/local/nginx/works_list/screenShootService/node_modules/puppeteer/.local-chromium/linux-609904/chrome-linux/chrome: symbol lookup error: /lib64/libpango-1.0.so.0: undefined symbol: g_log_structured_standard

TROUBLESHOOTING: https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md

at onClose (/usr/local/nginx/works_list/screenShootService/node_modules/puppeteer/lib/Launcher.js:342:14)
at Interface.helper.addEventListener (/usr/local/nginx/works_list/screenShootService/node_modules/puppeteer/lib/Launcher.js:331:50)
at Interface.emit (events.js:187:15)
at Interface.close (readline.js:379:8)
at Socket.onend (readline.js:157:10)
at Socket.emit (events.js:187:15)
at endReadableNT (_stream_readable.js:1092:12)
at process._tickCallback (internal/process/next_tick.js:63:19)

(node:27544) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:27544) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

how can i fix it

@yowkah
Copy link

yowkah commented Dec 13, 2018

@jinggoing Had the same issue on Centos 7.5.1804, fixed by updating the glib2 package. ( yum update glib2). this is unrelated to the issue mentioned above...

@yowkah
Copy link

yowkah commented Dec 13, 2018
edited
Loading

I think it just pretends to work when renaming.

After changing the ownership to root:root and chmodding but not renaming, i get the error. After disabling SEL, the problem goes away. Seems like starting sandbox is blocked by SELinux.

to reproduce, follow every step in the original issue, including analysis, except for renaming the sandbox file. then disable SELinux temporarily by running sudo setenforce 0. check if the SELinux mode is permissive by runing sudo sestatus.

now try running the test.js again and it works.

just a disclaimer: this is not a permanent fix. You need to create an exception within SELinux to permit this, instead of enabling SELinux all together!

Final edit:
The problem for me was solved by this article written by dan walsh:
https://danwalsh.livejournal.com/75282.html

For future reference. setting the following boolean fixes the issue caused by SELinux:
# setsebool -P unconfined_chrome_sandbox_transition 0

@kennylbj
Copy link

Fix this issue by:

yum update glib2

@sirajalam049
Copy link

I'm using CentOS Linux release 7.7.1908 (Core) And none of the above solutions worked for me.

@Sanjay007
Copy link

I was able to run puppeteer on CentOS 7 , We required to install some additional Chromium dependencies and did som hack to run in sandbox mode .
I have followed the following articke to do this
https://frugalisminds.com/javascript/how-to-setup-puppeteer-in-centos-7

@jtswartz
Copy link

jtswartz commented Mar 7, 2020

Experiencing the same with Linux version 4.14.165-103.209.amzn1.x86_64 (mockbuild@koji-pdx-corp-builder-60005) (gcc version 7.2.1 20170915 (Red Hat 7.2.1-2) (GCC)) #1 SMP Sun Feb 9 00:23:26 UTC 2020 after installing all the above deps. Stuck at error while loading shared libraries: libXss.so.1

@ghost
Copy link

ghost commented Aug 2, 2020

This installation steps saved me from a big trouble.
although i had to install puppeteer using --unsafe-perm=true

sudo npm install -g puppeteer --unsafe-perm=true

@co2nut co2nut mentioned this issue Oct 9, 2020
Closed
@abhidev54 abhidev54 mentioned this issue Mar 12, 2021
Closed
@akintomiwaopemipo
Copy link

@apichery maybe you can try
yum install pango.x86_64 libXcomposite.x86_64 libXcursor.x86_64 libXdamage.x86_64 libXext.x86_64 libXi.x86_64 libXtst.x86_64 cups-libs.x86_64 libXScrnSaver.x86_64 libXrandr.x86_64 GConf2.x86_64 alsa-lib.x86_64 atk.x86_64 gtk3.x86_64 ipa-gothic-fonts xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc

const browser = await puppeteer.launch({
headless: true,
args: ['--no-sandbox']
})

Worked for me

@MaikoTan MaikoTan mentioned this issue Apr 28, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests