Problem runing AppImage files without "--no-sandbox"

awesomeclutter · March 12, 2026, 12:10pm

Ubuntu Version:
Example: 24.04

Problem Description:
An increasing number of Linux software for Ubuntu gets published as an AppImage file, many *only* as AppImage.

In my experience, almost none of these files actually run without the –no-sanbox flag and honestly, having to add that flag sounds scary. Why is that? Is there a documented way how to make such files run with sandboxing?

Here a few examples:

cursor (from cursor.com) shows:

The setuid sandbox is not running as root. Common causes:
  * An unprivileged process using ptrace on it, like a debugger.
  * A parent process set prctl(PR_SET_NO_NEW_PRIVS, ...)
Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted
[131820:0312/130148.876913:FATAL:zygote_host_impl_linux.cc(201)] Check failed: . : Invalid argument (22)
Trace/breakpoint trap (core dumped)

Obsidian (from https://obsidian.md/):

[132237:0312/130301.756999:FATAL:sandbox/linux/suid/client/setuid_sandbox_host.cc:166] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /tmp/.mount_Obsidilhxk2l/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap (core dumped)

LM-Studio (from https://lmstudio.ai/):

[135066:0312/131104.403017:FATAL:sandbox/linux/suid/client/setuid_sandbox_host.cc:166] The SUID sandbox helper binary was found,  but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /tmp/.mount_LM-StuOXFRvj/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap (core dumped)

I must have encountered dozens of such programs which fail to run without using –no-sandbox
The error messages are completely unhelpful to end users and often do not even mention the –no-sandbox argument as a work-around and there is link or other information about what to actually do to make this work properly.

Related dmesg output:

[20004.013503] audit: type=1400 audit(1773316908.859:260): apparmor="AUDIT" operation="userns_create" class="namespace" info="Userns create - transitioning profile" profile="unconfined" pid=131820 comm="cursor" requested="userns_create" target="unprivileged_userns" execpath="/tmp/.mount_cursorNU56lX/usr/share/cursor/cursor"
[20004.014402] audit: type=1400 audit(1773316908.860:261): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=131834 comm="cursor" capability=21  capname="sys_admin"
[20004.033283] traps: cursor[131820] trap int3 ip:59fdf4f8926c sp:7fffceea28d0 error:0 in cursor[601426c,59fdf0ffc000+8974000]
[20076.897711] audit: type=1400 audit(1773316981.743:262): apparmor="AUDIT" operation="userns_create" class="namespace" info="Userns create - transitioning profile" profile="unconfined" pid=132237 comm="obsidian" requested="userns_create" target="unprivileged_userns" execpath="/tmp/.mount_Obsidilhxk2l/obsidian"
[20076.898527] audit: type=1400 audit(1773316981.744:263): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=132244 comm="obsidian" capability=21  capname="sys_admin"
[20076.912417] traps: obsidian[132237] trap int3 ip:6223436ad33e sp:7ffe9bbb91d0 error:0 in obsidian[6c1433e,62233f070000+923e000]
[20151.081880] audit: type=1400 audit(1773317055.928:264): apparmor="AUDIT" operation="userns_create" class="namespace" info="Userns create - transitioning profile" profile="unconfined" pid=133046 comm="lm-studio" requested="userns_create" target="unprivileged_userns" execpath="/tmp/.mount_LM-StuOXFRvj/lm-studio"
[20151.082670] audit: type=1400 audit(1773317055.928:265): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=133055 comm="lm-studio" capability=21  capname="sys_admin"
[20151.098097] traps: lm-studio[133046] trap int3 ip:61a0ab953b9e sp:7ffd6a74a6b0 error:0 in lm-studio[6d0cb9e,61a0a72b8000+9322000]

I think I have seen some advice in the past that suggested to copy/paste cryptic config data for apparmor, but I think doing that without understand what one does is as bad as using –no-sandbox

Can anyone provide information how to make running trusted AppImages properly and in the sandbox on Ubuntu?

graymech · March 12, 2026, 2:42pm

You have identified one of the features missing in the AppImage concept. In this they are similar to the Debian and Red Hat packaged applications. And it is not limited to AppImage applications running on Ubuntu. In other words it is not a Ubuntu problem, in my opinion.

I have just now seen suggestions on the internet as to how to sandbox AppImage applications. But no information on doing that on the AppImage web site. If the official method is recorded on that web site it is not easy to find.

I have also seen information on the internet that some Electron applications cannot run without the - -no-sandbox flag. If this information is on the AppImage web site it is also, not easily found.

It seems that with AppImage as with Debian packaged applications if we do not trust the developers we should not install the application. If security is important only install from trusted software developers.

Regards