AppImage fails on Ubuntu 24.04+ (requires manual apt install and use of --no-sandbox) #1482
Description
Ubuntu 24.04+ requires both manual installation of FUSE v2 and the use of --no-sandbox for the AppImage to run.
While these are two separate issues, they appear together in practice on Ubuntu 24.04 (and likely later versions) and effectively prevent the AppImage from running out-of-the-box.
The FUSE issue is due to AppImage/Electron builds depending on FUSE v2, while Ubuntu 24.04 only ships FUSE v3 by default.
The sandbox issue appears related to Electron/Chromium behavior interacting with Ubuntu’s AppArmor restrictions.
I noticed issue #1341, which suggests an installer. While this is helpful and could automate FUSE installation and improve overall setup, it does not resolve the sandbox issue and --no-sandbox would still be required.
Both issues are avoided by shipping either a Flatpak or native package.
Below is a structured breakdown of the issue (partially AI-assisted for clarity):
## Summary
On a clean Ubuntu 24.04 system, the AppImage fails to launch normally and requires both:
- installing legacy FUSE (`libfuse2t64`)
- launching with `--no-sandbox`
This appears to be a broader issue affecting Electron AppImages on modern Ubuntu versions.
---
## Steps to reproduce
chmod +x T3-Code-*.AppImage
./T3-Code-*.AppImage
---
## Actual behavior
### 1. Missing FUSE
dlopen(): error loading libfuse.so.2
Fix:
sudo apt install libfuse2t64
---
### 2. Sandbox failure
FATAL: The SUID sandbox helper binary was found, but is not configured correctly.
.../tmp/.mount_*/chrome-sandbox must be owned by root and have mode 4755
---
### 3. Works only with
./T3-Code-*.AppImage --no-sandbox
---
## Root cause
Ubuntu 24.04 introduced stricter AppArmor restrictions on unprivileged user namespaces.
This prevents Electron/Chromium from initializing its sandbox for apps distributed outside system packaging (including AppImages), especially due to the `/tmp/.mount_*` runtime path.
---
## Why this matters
- Ubuntu 24.04 is the current LTS
- App does not run out-of-the-box
- `--no-sandbox` disables Chromium sandboxing (not ideal)
- Likely to persist in future Ubuntu releases
---
## Relation to #1341
The installer proposed in #1341 improves AppImage UX (desktop integration, updates, FUSE fallback), but does not resolve this sandbox issue.
Even with an installer, the app still fails unless `--no-sandbox` is used.
---
## Suggested solutions
### Best long-term options
- Provide a **Flatpak** build (recommended for Electron apps)
- Provide native packages:
- `.deb`
- `.rpm`
---
### Short-term
- Detect Ubuntu 24.04+ and pass `--no-sandbox`, or document it clearly
---
**Note:**
Rebuilding the AppImage alone likely won’t fix this, as it is caused by OS-level sandbox restrictions.
---
## Additional context
This issue affects many Electron AppImages on Ubuntu 24.04+ due to the same underlying sandbox/AppArmor changes.