[SOLVED] Chromium extension installation issue

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Moderators: spender, PaX Team

[SOLVED] Chromium extension installation issue

Postby HellKnight » Thu Jan 05, 2017 9:08 am

Hello,

I am unable to install any extension in chromium while already installed ones work well. I receive the following error each time when I try to install a new one via Chrome web store:
Could not install package: 'UTILITY_PROCESS_CRASHED_WHILE_TRYING_TO_INSTALL'. Could not install package because a utility process crashed. Try restarting Chrome and trying again.


Console output

Dmesg output

It seems that grsec generates a lot of following errors:
grsec: denied following symlink /proc/5251/exe since symlink owner 1000 does not match target owner 0, by /usr/lib64/chromium-browser/chrome[Chrome_ProcessL:5251] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/lib64/chromium-browser/chrome[Chrome_ProcessL:5008] uid/euid:1000/1000 gid/egid:1000/1000


Version of chromium is 55.0.2883.75.

Could anyone please advise?
Last edited by HellKnight on Sat Jan 07, 2017 7:09 pm, edited 1 time in total.
HellKnight
 
Posts: 2
Joined: Thu Jan 05, 2017 8:50 am

Re: Chromium extension installation issue

Postby spender » Thu Jan 05, 2017 9:50 am

Either you set CONFIG_GRKERNSEC_SYMLINKOWN_GID or the equivalent value via sysctl at runtime to some group which your user is running with. The symlinkown group is for specific use-cases only, like Apache, as described in its configuration help. It shouldn't be used for your desktop account.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Location: VA, USA

Re: Chromium extension installation issue

Postby HellKnight » Sat Jan 07, 2017 6:45 pm

Thanks Brad!

I have disabled CONFIG_GRKERNSEC_SYMLINKOWN in my kernel's config and then rebuilt it. The issue is resolved now. I really appreciate your prompt reply.
HellKnight
 
Posts: 2
Joined: Thu Jan 05, 2017 8:50 am


Return to grsecurity support

cron