This is working fine here on Elementary OS. I'm downloading a Debian installer now to try this out in a VM.

That's interesting. Could you please:

1. try launching chromium manually (chromium is downloaded at node_modules/puppeteer/.local-chromium)
2. if chromium launches for you, run the following (notice the added dumpio flag to the puppeteer.launch) and check what's in the stderr:

const puppeteer = require('puppeteer');
(async() => {
  const browser = await puppeteer.launch({dumpio: true});
  const page = await browser.newPage();
  await page.goto('https://example.com');
  await page.screenshot({path: 'example.png'});
  browser.close();
})();

Can't launch the local chrome:

% ~/p /home/fortes/p/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome --help
/home/fortes/p/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome: error while loading shared libraries: libX11-xcb.so.1: cannot open shared object file: No such file or directory

I should have mentioned that this is a headless machine that I'm ssh'd into. Given that this is for headless Chrome, I assume that scenario is still supported?

I think in the case of Debian systems you still need https://packages.debian.org/sid/libx11-xcb1 to run headless. That way the system has some of the API calls it needs to to do the rendering calculations.

The action to resolve this (which I'm working on now) is getting a list of all the required dependencies to run Chromium. Straight from the Debian the requirements are below. Documenting this for a PR shortly.

libasound2
libatk1.0-0
libc6
libcairo2
libcups2
libdbus-1-3
libexpat1
libfontconfig1
libgcc1
libgconf-2-4
libgdk-pixbuf2.0-0
libglib2.0-0
libgtk-3-0
libnspr4
libpango-1.0-0
libpangocairo-1.0-0
libstdc++6
libx11-6
libx11-xcb1
libxcb1
libxcomposite1
libxcursor1
libxdamage1
libxext6
libxfixes3
libxi6
libxrandr2
libxrender1
libxss1
libxtst6
ca-certificates
fonts-liberation
libappindicator1
libnss3
lsb-release
xdg-utils
wget

Already have that installed, perhaps a different package is needed?

% ~/p sudo apt-get install libx11-xcb1
Reading package lists... Done
Building dependency tree
Reading state information... Done
libx11-xcb1 is already the newest version (2:1.6.4-3).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

@fortes so do dependencies from https://github.com/GoogleChrome/puppeteer/issues/290#issuecomment-322838700 help?

I've installed those and can now run chrome --help. However, if I try to run chrome -v, I get the following:

febian:~/p /home/fortes/p/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome -v
[11104:11104:0816/105455.434188:FATAL:zygote_host_impl_linux.cc(123)] No usable sandbox! Update your kernel or see https://chromium.googlesource.com/chromium/src/+/master/docs/linux_suid_sandbox_development.md for more information on developing with the SUID sandbox. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.
#0 0x556f97804657 base::debug::StackTrace::StackTrace()
#1 0x556f97818311 logging::LogMessage::~LogMessage()
#2 0x556f96a091f1 content::ZygoteHostImpl::Init()
#3 0x556f966a3da0 content::BrowserMainLoop::EarlyInitialization()
#4 0x556f966aa4c3 content::BrowserMainRunnerImpl::Initialize()
#5 0x556f966a3532 content::BrowserMain()
#6 0x556f9750f7fd content::ContentMainRunnerImpl::Run()
#7 0x556f97517314 service_manager::Main()
#8 0x556f9750e462 content::ContentMain()
#9 0x556f9614eb74 ChromeMain
#10 0x7fa1f27c92b1 __libc_start_main
#11 0x556f9614e9d0 <unknown>

Received signal 6
#0 0x556f97804657 base::debug::StackTrace::StackTrace()
#1 0x556f978041cf base::debug::(anonymous namespace)::StackDumpSignalHandler()
#2 0x7fa1f8b690c0 <unknown>
#3 0x7fa1f27dbfcf gsignal
#4 0x7fa1f27dd3fa abort
#5 0x556f97803202 base::debug::BreakDebugger()
#6 0x556f978187cc logging::LogMessage::~LogMessage()
#7 0x556f96a091f1 content::ZygoteHostImpl::Init()
#8 0x556f966a3da0 content::BrowserMainLoop::EarlyInitialization()
#9 0x556f966aa4c3 content::BrowserMainRunnerImpl::Initialize()
#10 0x556f966a3532 content::BrowserMain()
#11 0x556f9750f7fd content::ContentMainRunnerImpl::Run()
#12 0x556f97517314 service_manager::Main()
#13 0x556f9750e462 content::ContentMain()
#14 0x556f9614eb74 ChromeMain
#15 0x7fa1f27c92b1 __libc_start_main
#16 0x556f9614e9d0 <unknown>
  r8: 0000000000000000  r9: 00007fff8e2bda50 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007fff8e2be160 r13: 000000000000016d r14: 00007fff8e2be158 r15: 00007fff8e2be150
  di: 0000000000000002  si: 00007fff8e2bda50  bp: 00007fff8e2bdd00  bx: 0000000000000006
  dx: 0000000000000000  ax: 0000000000000000  cx: 00007fa1f27dbfcf  sp: 00007fff8e2bdac8
  ip: 00007fa1f27dbfcf efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Check the sandbox docs linked to in that error and see if they can help you get it working. Either the security sandbox is messed up on Debian right now or something funky is happening to trigger it to need a non-kernel one. I'm looking into this once this VM server gets installed.

This should be solved with the '--no-sandbox' flag:

const puppeteer = require('puppeteer');
(async() => {
  const browser = await puppeteer.launch({args: ['--no-sandbox']});
  const page = await browser.newPage();
  await page.goto('https://example.com');
  await page.screenshot({path: 'example.png'});
  browser.close();
})();

It's worth considering adding both --no-sandbox --disable-setuid-sandbox to the default flags on linux.

In chrome-launcher/lighthouse we're already including --disable-setuid-sandbox and plan to add --no-sandbox soon for this reason.

I have always strongly urged people to never turn off the sandbox without a good cause, even in tests. It is a major part of the security system from what I understand.

I'm setting up a squeaky clean and fresh Debian VM to run some install steps in. We should be able to have it well documented how to get it operating without compromising system security.

I recall PHPStorm for example having an issue where it was serving on localhost, so a remote code execution exploit was opened up for any site including code that would look for the port in use and take advantage of a flaw in that server. Let's not open people up to security issues by disabling the sandbox here. Where they could be visiting any number of sites including code that looks for exploits to abuse.

Still no luck w/ those two flags:

febian:~/p /home/fortes/p/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome --no-sandbox --disable-setuid-sandbox

(chrome:12521): Gtk-WARNING **: cannot open display:
[0816/111850.260959:ERROR:nacl_helper_linux.cc(310)] NaCl helper process running without a sandbox!
Most likely you need to configure your SUID sandbox correctly

Same warning when just with --no-sandbox

Just as a quick update, I'm like 20-40ish minutes out from starting on testing the install procedure. Downloading packages now for a fresh net install of Debian 9. So, I should get back to you shortly with exact steps to reproduce. It just won't be as fast as something that doesn't require a full OS install. 😄

Thanks for going through effort @Garbee! Will you be testing a headless Debian install, or using via ssh?

SSH is not relevant to the problem. Only a Debian server without any X/wayland system pre-installed (like any remote web server) will be enough to fully recreate the problem and steps to reproduce. So, that's what I'll be working with locally in a VM.

This may or may not be helpful...

I run Electron in a Docker instance on Docker Cloud.

I run this command:

xvfb-run -a --server-args="-screen 0 1024x1024x24" ./node_modules/.bin/electron ./index.js

and my Dockerfile contains the following commands to install dependencies:

RUN apt-get update -y -q
RUN apt-get install -y -q xvfb libgtk2.0-0 libxtst6 libxss1 libgconf-2-4 libnss3 libasound2

headless exists to not need xvfb to virtualize the X instance for Chrome. Since it is all done in software internally.

@Garbee awesome. This stuff isn't my strong suit.

I'm going to attempt to replace the Electron usage with puppeteer, so hopefully this will simplify our environment.

@fortes Are you running this as root by chance?

If you're running as root (after having all the required deps installed as listed earlier) you need to run without a sandbox since Chromium requires that (no clue why exactly yet.) If running as a normal user, then it should run just fine on a fresh debian install with the required dependencies.

Not running as root

That's interesting. I setup a fresh Linode box on Debian 9. Installed the packages listed above, then setup nodesource to install node 8. Then the yarn repository. New folder, yarn add puppeteer and then created the index.js and ran it. Everything works perfectly fine without a sandbox error.

Is the box you're running on under you complete control or is it someone else's like a VPS/shared host? If it is a remote host could you share the provider so I can look into if they do anything funny with their kernel configurations.

Ah yea, that's it. Your box host is messing you up. It has a very old Kernel. Debian 9 ships with 4.9.0-3 and you're running 3.14.0. So the security features of the kernel are extremely different. So, you may be in a case where you need to fallback to using the older file-based sandbox to have some level of security.

Although, in all honesty... Upgrade the kernel or get a host that doesn't keep you back. It's very important that the kernel gets updated for the best security and you're being left vulnerable.

@fortes If you could, please try running this script on your server to see if you have user namespacing enabled. https://gist.githubusercontent.com/Garbee/dfd33ba0a62f1cbc023b8d57de18efca/raw/f82ed513014062554a3536980a67390b57f1f858/user-namespace-check-linux.sh

for the dockerisers amongst us - i've launched successfully with this setup:

FROM node:8

RUN apt-get update && \
apt-get install -yq gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 \
libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 \
libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 \
libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 \
ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget

RUN npm i puppeteer

RUN echo "\
const puppeteer = require('puppeteer');\n\
(async () => {\n\
  const browser = await puppeteer.launch({args: ['--no-sandbox', '--disable-setuid-sandbox']});\n\
  const page = await browser.newPage();\n\
  await page.goto('https://example.com');\n\
  await page.screenshot({path: 'example.png'});\n\
  browser.close();\n\
})();\
" > index.js

CMD ["node", "index.js"]

PR #311 is open to start looking at expanding the install script to make it much more interactive and friendly to help catch installation problems. You can check the code out from that PR and give it a spin. Please report on the PR of any problems you face or things you think could improve the flow.

Running into the problem using Windows Subsystem for Linux (WSL), as the "emulated" kernel doesn't support namespacing, and its not possible to upgrade the kernel. No combination of flags seemed to work, I switched to native Node.js on Windows and everything works fine.

I run into this problem trying to use puppeteer in Heroku

Don't use untrusted, prebuilt binaries. Use the trusted package from your distro:
https://packages.debian.org/stretch/chromium

Install it and then you can run chromium --headless. Puppeteer should also use it instead of bloating your home directory.

@orangecms currently puppeteer only runs with bleeding edge Chromium. Running against stable won't work at the moment.

Hmm that is unfortunate. 🤔

How about providing a Docker image or something like that with the correct libs preinstalled? Would that be feasible?

Addendum: Thanks a lot for the info @JoelEinbinder - I couldn't run it on my machine, either, so I installed =www-client/google-chrome-unstable-62.0.3178.0 (on Gentoo GNU/Linux). I am running a grsec kernel, which is known to break the Chrome sandbox.

So I pass options to launch():

const options = { executablePath: '/usr/bin/google-chrome-unstable' };
const browser = await puppeteer.launch(options);

I would add this to the docs, but I'm unsure where to put it. I just signed up for the CLA. Can anyone guide me there?

Using an external build is already detailed in the api docs and in the main README under Default Runtime Settings. I don't think we need to go adding that anywhere else for the time being.

How about providing a Docker image or something like that with the correct libs preinstalled? Would that be feasible?

IMO a Docker image while nice, should be something internally waited on until after a stable tag. Right now we should focus on the issues with getting it running directly on machines. Improve this experience. And then once we are stable, we can assess how to best provide a docker image for people to use.

currently puppeteer only runs with bleeding edge Chromium. Running against stable won't work at the moment.

@JoelEinbinder Do you plan to switch to stable builds once Chrome 62 lands?

Ah yea, that's it. Your box host is messing you up. It has a very old Kernel. Debian 9 ships with 4.9.0-3 and you're running 3.14.0. So the security features of the kernel are extremely different. So, you may be in a case where you need to fallback to using the older file-based sandbox to have some level of security.

On the latest kernel:

febian:~/p uname -a
Linux febian 4.9.0-3-amd64 #1 SMP Debian 4.9.30-2+deb9u2 (2017-06-26) x86_64 GNU/Linux

febian:~/p node --version
v8.1.1

febian:~/p lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 9.1 (stretch)
Release:        9.1
Codename:       stretch

Still get this warning:

febian:~/p /home/fortes/p/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome --no-sandbox --disable-setuid-sandbox

(chrome:23907): Gtk-WARNING **: cannot open display:
[0817/080600.484767:ERROR:nacl_helper_linux.cc(310)] NaCl helper process running without a sandbox!
Most likely you need to configure your SUID sandbox correctly

@Garbee I ran your bash script and got the following:

febian:~/p ./test.sh
You have user namespacing in the kernel. You should be good to go.

FYI, I ran this script: https://raw.githubusercontent.com/Garbee/puppeteer/cd00f7d936c942f8f378a332401024e501b186ce/utils/linux/debian-check.sh -- there are no missing dependencies.

So this is a different system than earlier. The original system in question from the post had different system information.

Do not turn off the sandbox and you also are not starting it as headless. Which means it will fail anyways since you don't have a window system. When testing, continue to run the example script in the original issue. Don't start changing how to test now, it only makes debugging more difficult.

Same problem on Arch Linux / Manjaro Linux.
Arch Linux / Manjaro default kernel doesn't have the USER_NS feature enabled.
see: https://bugs.archlinux.org/task/36969
I think that's the problem, but i have no time to check it. 🙈
Dockerfile also doesn't work on my system. No wonder, if the kernel feature on the host system is missing.

Update
Using chromium 60 with executablePath: "/usr/bin/chromium", headless: false shows the chromium instance but socket connection doesn't show up and it runs endless
Compiling chromium-dev version 62 and will try again ...

Using Wercker CI, on a Docker Node 8.4 box I am getting similar error. I launched with options:
{ dumpio: true, args: ['--no-sandbox', '--disable-setuid-sandbox'] }

export WERCKER_STEP_ROOT="/pipeline/script-d4cfb19f-79aa-4afa-922d-3ce406cf42f6"
export WERCKER_STEP_ID="script-d4cfb19f-79aa-4afa-922d-3ce406cf42f6"
export WERCKER_STEP_OWNER="wercker"
export WERCKER_STEP_NAME="script"
export WERCKER_REPORT_NUMBERS_FILE="/report/script-d4cfb19f-79aa-4afa-922d-3ce406cf42f6/numbers.ini"
export WERCKER_REPORT_MESSAGE_FILE="/report/script-d4cfb19f-79aa-4afa-922d-3ce406cf42f6/message.txt"
export WERCKER_REPORT_ARTIFACTS_DIR="/report/script-d4cfb19f-79aa-4afa-922d-3ce406cf42f6/artifacts"
source "/pipeline/script-d4cfb19f-79aa-4afa-922d-3ce406cf42f6/run.sh" < /dev/null
/pipeline/source/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome: error while loading shared libraries: libX11-xcb.so.1: cannot open shared object file: No such file or directory
Unhandled rejection Error: Failed to connect to chrome!
    at Function.launch (/pipeline/source/node_modules/puppeteer/lib/Launcher.js:96:13)
    at <anonymous>
    at process._tickCallback (internal/process/next_tick.js:188:7)
From previous event:
    at Object.<anonymous> (/pipeline/source/build/prerender.js:8:9)
    at Module._compile (module.js:573:30)
    at Object.Module._extensions..js (module.js:584:10)
    at Module.load (module.js:507:32)
    at tryModuleLoad (module.js:470:12)
    at Function.Module._load (module.js:462:3)
    at Function.Module.runMain (module.js:609:10)
    at startup (bootstrap_node.js:158:16)
    at bootstrap_node.js:598:3

@AndrewBarba You're missing a dependency there.

/pipeline/source/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome: error while loading shared libraries: libX11-xcb.so.1: cannot open shared object file: No such file or directory

Please reference the full list I posted earlier and make sure they are installed.

Also, do not disable the sandbox. Do not disable the sandbox. We need to debug why things are happening with the sandbox and address those via documentation so you have a secure system to run tests on. Disabling the sandbox will leave your applications vulnerable to exploit the host machines if any malicious code ever makes it inside of them.

So this is a different system than earlier. The original system in question from the post had different system information.

Yes, I switched machines in order to use one that had the latest kernel, as suggested.

Running w/o the sandbox flags gives the following (same output with or without --headless):

febian:~ /home/fortes/p/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome --headless
[0817/085628.462576:FATAL:zygote_host_impl_linux.cc(123)] No usable sandbox! Update your kernel or see https://chromium.googlesource.com/chromium/src/+/master/docs/linux_suid_sandbox_development.md for more information on developing with the SUID sandbox. If you want to live dangerously and need an immediate workaround, you can try using --no-sandbox.
#0 0x55719ffd5657 base::debug::StackTrace::StackTrace()
#1 0x55719ffe9311 logging::LogMessage::~LogMessage()
#2 0x55719f1da1f1 content::ZygoteHostImpl::Init()
#3 0x55719ee74da0 content::BrowserMainLoop::EarlyInitialization()
#4 0x55719ee7b4c3 content::BrowserMainRunnerImpl::Initialize()
#5 0x5571a39d87a5 headless::HeadlessContentMainDelegate::RunProcess()
#6 0x55719fcdfec7 content::RunNamedProcessTypeMain()
#7 0x55719fce07fd content::ContentMainRunnerImpl::Run()
#8 0x55719fce8314 service_manager::Main()
#9 0x55719fcdf462 content::ContentMain()
#10 0x5571a2786325 headless::(anonymous namespace)::RunContentMain()
#11 0x5571a278639c headless::HeadlessBrowserMain()
#12 0x55719fce60e2 headless::HeadlessShellMain()
#13 0x55719e91fb6d ChromeMain
#14 0x7f3bce5832b1 __libc_start_main
#15 0x55719e91f9d0 <unknown>

Received signal 6
#0 0x55719ffd5657 base::debug::StackTrace::StackTrace()
#1 0x55719ffd51cf base::debug::(anonymous namespace)::StackDumpSignalHandler()
#2 0x7f3bd49230c0 <unknown>
#3 0x7f3bce595fcf gsignal
#4 0x7f3bce5973fa abort
#5 0x55719ffd4202 base::debug::BreakDebugger()
#6 0x55719ffe97cc logging::LogMessage::~LogMessage()
#7 0x55719f1da1f1 content::ZygoteHostImpl::Init()
#8 0x55719ee74da0 content::BrowserMainLoop::EarlyInitialization()
#9 0x55719ee7b4c3 content::BrowserMainRunnerImpl::Initialize()
#10 0x5571a39d87a5 headless::HeadlessContentMainDelegate::RunProcess()
#11 0x55719fcdfec7 content::RunNamedProcessTypeMain()
#12 0x55719fce07fd content::ContentMainRunnerImpl::Run()
#13 0x55719fce8314 service_manager::Main()
#14 0x55719fcdf462 content::ContentMain()
#15 0x5571a2786325 headless::(anonymous namespace)::RunContentMain()
#16 0x5571a278639c headless::HeadlessBrowserMain()
#17 0x55719fce60e2 headless::HeadlessShellMain()
#18 0x55719e91fb6d ChromeMain
#19 0x7f3bce5832b1 __libc_start_main
#20 0x55719e91f9d0 <unknown>
  r8: 0000000000000000  r9: 00007ffc9d9eeb00 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffc9d9ef210 r13: 0000000000000161 r14: 00007ffc9d9ef208 r15: 00007ffc9d9ef200
  di: 0000000000000002  si: 00007ffc9d9eeb00  bp: 00007ffc9d9eedb0  bx: 0000000000000006
  dx: 0000000000000000  ax: 0000000000000000  cx: 00007f3bce595fcf  sp: 00007ffc9d9eeb78
  ip: 00007f3bce595fcf efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Running the original example code still gives this:

febian:~/p cat test.js
const puppeteer = require('puppeteer');

(async() => {

const browser = await puppeteer.launch({args: []});
const page = await browser.newPage();
await page.goto('https://example.com');
await page.screenshot({path: 'example.png'});

browser.close();
})();

febian:~/p node test.js
(node:27072) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: Failed to connect to chrome!
(node:27072) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

@fortes Is there a certain set of VPS providers you're trying this on? Any of this done with a local debian install using an official ISO?

This is a physical machine, not a VM or cloud host. Was a normal install of Debian 8 that got upgraded to 9 once it was released.

Hmm, perhaps the upgrade is the issue. Debian 8 didn't ship with the SECCOMP support for the kernel sandboxing. It was backported later.

I'm going to download a copy of Jessie for testing this theory...

I've tried to run Puppeteer scripts on Docker based CI service(e.g. Wercker CI or Circle CI 2.x). And
thanks to @Garbee 's adding dependencies shell, I've launch it successfully. See https://github.com/Quramy/puppeteer-example/blob/master/wercker.yml

@Garbee

We need to debug why things are happening with the sandbox and address those via documentation so you have a secure system to run tests on.

That's what I meant; I couldn't find something like a "known issues" section - how about that? 🙂

Seems to be the same problem trying to run this on Heroku. Any recommendations for cloud hosts that this will work on easily?

@campbecf For the dependencies, just make sure the whole list is installed. For the sandbox problems, we need to figure out why in different environments the sandbox stuff isn't detecting support properly or it isn't available. Then the thread is to figure out how to make what is needed available. At the very least, following the Chromium guide to setup the legacy SUID sandbox file. While it isn't the best protection it is at least something on systems without the proper kernel modules for namespacing execution.

@Garbee For reference, installing all of the dependencies fixed this problem for me.
Ubuntu 16.04
Kernel: 4.9.7-x86_64-linode80
Node v8.2.1
Not running as root.

When running as root, I have to disable sandbox to get it to work.

You probably know all of this, but I figured it might be useful to add another data point.

@campbecf @danielsantiago I've hacked together a fork of Heroku's Chrome buildpack that appears to work with Puppeteer. heroku buildpacks:add https://github.com/mikeraimondi/heroku-buildpack-google-chrome. { args: ['--no-sandbox'] } is required in the call to launch()

Yea @JoelEinbinder root requires no sandbox. No idea why. So if anyone is running in an environment where root is the operation user (like a Docker container) that's where it is necessary.

The difficult part here is not knowing the context of operations with any given system. So it's hard to track down why the sandboxes aren't operating when the details of the kernel at boot says they should.

@mikeraimondi I try using your method without succeed. Now I get the following error:

Unhandled promise rejection (rejection id: 1): Error: socket hang up

and sometimes:

Unhandled promise rejection (rejection id: 1): Error: Protocol error (Network.enable): Target closed.

instead of:

Unhandled promise rejection (rejection id: 1): Error: Failed to connect to chrome!

This is my scenario:

• Heroku
• Puppeteer: 0.9.0
• Node: 7.10.1
• Buildpack: https://github.com/mikeraimondi/heroku-buildpack-google-chrome
• Code:

#!/usr/bin/env node
const puppeteer = require('puppeteer');

const input = process.argv[2];
const output = process.argv[3];

(async() => {

  const browser = await puppeteer.launch({args: ['--no-sandbox']});
  const page = await browser.newPage();
  await page.goto(input, {waitUntil: 'networkidle'});
  await page.pdf({path: output, format: 'Letter', displayHeaderFooter: false, printBackground: true});

  browser.close();
})();

• Heroku Build Info for Chrome buildpack:

remote: -----> Google Chrome app detected
remote: -----> Updating apt caches
remote:        Hit http://apt.postgresql.org trusty-pgdg InRelease
remote:        Ign http://archive.ubuntu.com trusty InRelease
remote:        Hit http://archive.ubuntu.com trusty-security InRelease
remote:        Hit http://archive.ubuntu.com trusty-updates InRelease
remote:        Hit http://archive.ubuntu.com trusty Release.gpg
remote:        Hit http://archive.ubuntu.com trusty Release
remote:        Hit http://apt.postgresql.org trusty-pgdg/main amd64 Packages
remote:        Hit http://archive.ubuntu.com trusty-security/main amd64 Packages
remote:        Ign http://apt.postgresql.org trusty-pgdg/main Translation-en_US
remote:        Ign http://apt.postgresql.org trusty-pgdg/main Translation-en
remote:        Hit http://archive.ubuntu.com trusty-security/main Translation-en
remote:        Hit http://archive.ubuntu.com trusty-updates/main amd64 Packages
remote:        Hit http://archive.ubuntu.com trusty-updates/main Translation-en
remote:        Hit http://archive.ubuntu.com trusty/main amd64 Packages
remote:        Hit http://archive.ubuntu.com trusty/universe amd64 Packages
remote:        Hit http://archive.ubuntu.com trusty/main Translation-en
remote:        Hit http://archive.ubuntu.com trusty/universe Translation-en
remote:        Ign http://archive.ubuntu.com trusty/main Translation-en_US
remote:        Ign http://archive.ubuntu.com trusty/universe Translation-en_US
remote:        Reading package lists...
remote: -----> Fetching .debs for libxss1
remote:        Reading package lists...
remote:        Building dependency tree...
remote:        The following NEW packages will be installed:
remote:          libxss1
remote:        0 upgraded, 1 newly installed, 0 to remove and 145 not upgraded.
remote:        Need to get 0 B/8,582 B of archives.
remote:        After this operation, 60.4 kB of additional disk space will be used.
remote:        Download complete and in download only mode
remote: -----> Installing google-chrome-stable_current_amd64.deb
remote: -----> Installing libxss1_1%3a1.2.2-1_amd64.deb
remote: -----> Writing profile script
remote: -----> Rewrite package-config files
remote: -----> Discovering process types

@danielsantiago we should probably take this off-thread, but based on your logs it looks like you may need to clear your build cache

@mikeraimondi I ran on heroku (using heroku ps:exec):

/app/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome --headless --disable-gpu --no-sandbox --remote-debugging-port=0

And get the following error:

[0818/171943.586886:FATAL:nss_util.cc(627)] NSS_VersionCheck("3.26") failed. NSS >= 3.26 is required. Please upgrade to the latest NSS, and if you still get this error, contact your distribution maintainer.

I clear the heroku cache everytime I try a new buildpack. Also I add the buildpack first with

heroku buildpacks:add -i 1 https://github.com/mikeraimondi/heroku-buildpack-google-chrome

I try to create a issue on your repository but I couldn't find the option there. Any other suggetion to keep this off-thread?

Thanks for the help!

@danielsantiago I turned issues on for my repo. Try again? Thanks.

After adding flags (see further) it started to work on Ubuntu 16 LTS (on GCP Compute engine).

const browser = await puppeteer.launch({
      args: [
        '--no-sandbox',
        '--disable-setuid-sandbox',
      ],
    })

But still not working on Netlify CI docker image (there: https://github.com/netlify/build-image). Here's their Dockerfile: https://github.com/netlify/build-image/blob/master/Dockerfile

Would be really nice to have it fixed..

Same promise on Centos6, but --no-sandbox does not work for me.

There is no "fixing this" internally. The problem on the host machines needs to be traced down and documented for people how to get the sandboxes working right. In the cases (such as running root on Docker) where you in fact need to disable the sandboxes, the flags will need to be added by end users. The sandbox should not be disabled internally by default since it is a critical security component that protects machines from malicious code on the internet. It should be manually opted-into when a known situation requires it, and only then.

https://github.com/GoogleChrome/puppeteer/issues/390 same
ubuntu 16.04 DO VPS

Now using node v7.10.1 (npm v4.2.0)

On Heroku, Ubuntu 16.04, Node 8.4.0, Yarn 0.27.5, having installed the required deps for Debian, and '--no-sandbox', '--disable-setuid-sandbox' I am getting:

/app/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome: error while loading shared libraries: libcairo-gobject.so.2: cannot open shared object file: No such file or directory 
Error: Failed to connect to chrome! 
    at Function.launch (/app/node_modules/puppeteer/lib/Launcher.js:96:13)

I also tried downgrading to Ubuntu 14.04 and got a different error:

/app/node_modules/puppeteer/.local-chromium/linux-494755/chrome-linux/chrome: error while loading shared libraries: libgnutls.so.30: cannot open shared object file: No such file or directory
Error: Failed to connect to chrome! 
    at Function.launch (/app/node_modules/puppeteer/lib/Launcher.js:96:13)

Any ideas how to solve either of these?

@jasondonnette I just got it running on Heroku an hour ago or so.

I used the google chrome buildpack even though it downloads Chrome in addition to just installing the dependencies. It's probably a little more bloat than the absolute bare minimum (since puppeteer downloads it's own chromium...) but it works without any extra effort on my part.

EDIT: I am using the two flags also...

await puppeteer.launch({
  args: ['--no-sandbox', '--disable-setuid-sandbox']
})

@maxschmeling As mentioned repeatedly in the thread, you need to make sure the right dependencies for debian are installed. That is the source of both of your original errors.

@Garbee that list of dependencies wasn't sufficient. It was missing libcairo-gobject2 at the very least.

Adding libcairo-gobject2 to the list may have solved it, but I found the buildpack to be a more palatable solution that required less configuration on my end.

Works perfectly on ubuntu xenial - no gtk - remote - ssh - non root
Linux ip---- 4.4.0-1022-aws #31-Ubuntu SMP Tue Jun 27 11:27:55 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Ubuntu Xenial

update
sudp apt-get update
node v8.4.0
curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash - sudo apt-get install -y nodejs

Install npm
sudo apt-get install npm

Install puppeteer
npm i puppeteer

Installed all the dependencies
sudo apt-get install gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget

pass this to launch
({args: ['--no-sandbox', '--disable-setuid-sandbox']}

running as non root

Works perfectly.

Same on Debian GNU/Linux 8.
node.js v6.11.2
Works without sandbox...

thats resolve my problem.
OS -Linux 4.9.0-3-amd64 #1 SMP Debian 4.9.30-2+deb9u3 (2017-08-06) x86_64 GNU/Linux
npm - 5.3.0
node - v8.4.0

1. set packages
2. Run with root echo 1 > /proc/sys/kernel/unprivileged_userns_clone (work untill reboot, i guess)
3. run example node example.js

const puppeteer = require( 'puppeteer' );

(async () =>{

    const browser = await puppeteer.launch( ) // , '--no-sandbox', '--disable-setuid-sandbox'
    const page    = await browser.newPage()
    await page.goto( 'https://google.com', {waitUntil :'networkidle'} )
// Type our query into the search bar
    await page.type( 'puppeteer' )

    await page.click( 'input[type="submit"]' )

// Wait for the results to show up
    await page.waitForSelector( 'h3 a' )

// Extract the results from the page
    const links = await page.evaluate( () =>{
        const anchors = Array.from( document.querySelectorAll( 'h3 a' ) )
        return anchors.map( anchor => anchor.textContent )
    } )
    console.log( links.join( '\n' ) )
    browser.close()

})()

description

P.S. for ubuntu kernel:

It is turned on by default, but can be turned off if admins prefer or,
more importantly, if a security vulnerability is found.

The intent is to use this as mitigation so long as Ubuntu is on the
cutting edge of enablement for things like unprivileged filesystem
mounting.

(This patch is tweaked from the one currently still in Debian sid, which
in turn came from the patch we had in saucy)

source

@sh00tingStar this worked for me. Same environmet here (Debian 9, node 8.4.0 and npm 5.3.0)

Worked for me on Circle CI with following pre-sets(Ubuntu 14.04, v8.4.0 (npm v5.3.0)):

circle.yml

machine:
  node:
    version: 8

test:
  pre:
    - sudo apt-get update

part of the test includes:

const browser = await puppeteer.launch({
   args: ["--no-sandbox", "--disable-setuid-sandbox"]
});

Tests are executed using jest and running in parallel in Chromium without any issues.

Run with root echo 1 > /proc/sys/kernel/unprivileged_userns_clone (work untill reboot, i guess)

This fixed it for me, running the Debian Jessie AWS image, --no-sandbox and --disable-setuid-sandbox is not required. I updated the kernel from 3.something to 4.9 via backports earlier, so maybe this is required, too.

To persist this setting, add kernel.unprivileged_userns_clone=1 to /etc/sysctl.conf.

thanks, it work perfectly @girishpatil

doesn't seem to work on nixos even with all the solutions above. dumpio shows no output :(

I'm disappointed that installing X-related dependencies are the most upvoted answers. Chrome Headless is made to avoid that dependency so it sounds like a terrible workaround.

It's not a work around. Chrome requires these things to operate. The API calls to them still need to be made even to emulate the environment.

It looks like the permissions on the bundled executables were lost. Most things are 0700 (only readable by the owner) and the root setuid on the chrome_sandbox binary is missing.

@stefanor That depends on your host machine configuration. Simply unzipping the files should leave all of them as packaged. On the note of permissions on the sandbox file, that is expected. You need to follow the setup instructions. You can't simply unzip a file as a normal user and let it have root permissions, that is a major security vulnerability.

I don't see anything in the README for puppeteer that tell you about this. npm install puppeteer does not leave you with a working chrome, as you'd expect it to (and as the README implies it will).

I finally get it work on centos 7.3.

1. install all dependencies:

yum install pango.x86_64 libXcomposite.x86_64 libXcursor.x86_64 libXdamage.x86_64 libXext.x86_64 libXi.x86_64 libXtst.x86_64 cups-libs.x86_64 libXScrnSaver.x86_64 libXrandr.x86_64 GConf2.x86_64 alsa-lib.x86_64 atk.x86_64 gtk3.x86_64 -y

yum install ipa-gothic-fonts xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc -y

1. modify the example script as follow:

const puppeteer = require('puppeteer');

(async () => {
  const browser = await puppeteer.launch({args: ['--no-sandbox', '--disable-setuid-sandbox']});
  const page = await browser.newPage();
  await page.goto('https://example.com');
  await page.screenshot({path: 'example.png'});

  await browser.close();
})();

To run chromium from command line, you should add --headless to prevent GUI related error, like this:

node_modules/puppeteer/.local-chromium/linux-499413/chrome-linux/chrome -v --headless --no-sandbox --disable-setuid-sandbox

Unable to launch chromium on Ubuntu Linux Server 14.04.5 LTS. I even tried to launch the chromium manually. But it doesn't start or launch. It just throws me the prompt back. node_modules/puppeteer/.local-chromium/linux-499413/chrome-linux/chrome -v --headless --no-sandbox --disable-setuid-sandbox

Times out every time with the following:

25 09 2017 13:56:19.075:INFO [karma]: Karma v1.5.0 server started at http://0.0.0.0:9876/build/
25 09 2017 13:56:19.076:INFO [launcher]: Launching browser ChromeHeadless with unlimited concurrency
25 09 2017 13:56:19.080:INFO [launcher]: Starting browser Chrome
25 09 2017 13:56:19.263:INFO [HeadlessChrome 0.0.0 (Linux 0.0.0)]: Connected on socket zDM7md2A7Je8kqsPAAAA with id 1679961
25 09 2017 13:58:19.552:WARN [HeadlessChrome 0.0.0 (Linux 0.0.0)]: Disconnected (1 times), because no message in 120000 ms.
HeadlessChrome 0.0.0 (Linux 0.0.0) ERROR
  Disconnected, because no message in 120000 ms.

Note: The same exact configuration works and runs all the tests perfectly on OSX without any problems. But unable to make it work on Ubuntu.

Here are the related packages in my package.json:

```
"karma": "1.7.1",
"karma-chrome-launcher": "2.2.0",
"karma-htmlfile-reporter": "0.3.5",
"karma-jasmine": "1.1.0",
"karma-junit-reporter": "1.2.0",
"puppeteer": "0.11.0"

Here's my configuration:

const ChromiumRevision = require('puppeteer/package.json').puppeteer.chromium_revision;
const Downloader = require('puppeteer/utils/ChromiumDownloader');
const revisionInfo = Downloader.revisionInfo(Downloader.currentPlatform(), ChromiumRevision);

process.env.CHROME_BIN = revisionInfo.executablePath;
module.exports = function (config) {
config.set({
basePath: 'build/',
frameworks: ['jasmine'],
plugins: [
require('karma-jasmine'),
require('karma-chrome-launcher'),
],
customLaunchers: {
'ChromeHeadless': {
base: 'Chrome',
flags: [
'--headless',
'--disable-gpu',
// Without a remote debugging port, Google Chrome exits immediately.
'--remote-debugging-port=9222',
'--no-sandbox',
'--disable-setuid-sandbox'
],
debug: true
}
},
autoWatch: false,
browsers: ['ChromeHeadless'],
singleRun: true,
browserNoActivityTimeout: 120000,
urlRoot: '/build/'
})
}
```
I have installed all the debian/linux dependencies which have been mentioned across all the other related issues. Does anyone think that the Ubuntu Server [headless] OS version is causing any problems? I am not sure. Looking for some suggestions and workarounds. Thank you. ✌️

We really need this documentation for required options to run added to the README in an "Ubuntu/Debian/Linux" section:

await puppeteer.launch({
  args: ['--no-sandbox', '--disable-setuid-sandbox']
})

I anticipate a lot of users don't know to search GitHub issues for this issue, therefore can't find this thread, and are then not using this package because "it doesn't work".

Edit: I didn't even see https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#chrome-headless-fails-due-to-sandbox-issues at first despite it being in the warning error message:

  Error {
    message: `Failed to launch chrome!␊
    /var/www/foobar/source/node_modules/puppeteer/.local-chromium/linux-499413/chrome-linux/chrome: error while loading shared libraries: libX11-xcb.so.1: cannot open shared object file: No such file or directory␊
    ␊
    ␊
    TROUBLESHOOTING: https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md␊
    `,
  }

I think putting this in the Install section would be appropriate to prevent people from wasting so much time here with this.

Edit: These options didn't work, see my comment below https://github.com/GoogleChrome/puppeteer/issues/290#issuecomment-335793154

We really need this documentation for required options

The options aren't required. They are optional if you chose to not setup a proper security sandbox.

It doesn't work out of the box, that's the issue. And there's zero decent documentation that's straight forward in the Install instructions in the README. Also, these options didn't even work and this thread has 100's of comments. I think it'd be appropriate to post a comment here and lock the issue/thread.

@niftylettuce how about a clear link to https://github.com/GoogleChrome/puppeteer#installation and possibly this thread in the readme install section? I'd hate clutter the readme with growing details in https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#chrome-headless-fails-due-to-sandbox-issues.

The _only_ thing I could get to work is by outright disabling the sandbox. I tried everything in the other links to avoid this but the only feasible way is to disable the sandbox when using Docker.

Ugh.

Aren't these tools supposed to solve problems? :P

Docker runs everything as root, which causes problems with the sandbox. I think our repo has an example docker setup somewhere. You essentially need to make a standard user in the container to operate as. Running as root is the ultimate "security failure" on Linux. That is why even if the sandbox works, it wouldn't be nearly as effective. Since if an attack existed, you'd just have full box privileges to bypass the sandbox.

Ha, I checked my notifications at the right time ;)

I tried pretty much everything else. I was downloading unstable chrome, creating groups and users and then shifting my new users. I tried pretty much everything and the only thing that did wind up working was running everything as root and disabling the sandbox.

Normally this is bad but in this instance, each container runs in its own separate kernel space so if something did begin arbitrarily executing code, it'd be somewhat self-contained.

I'm trying to read up more and more on the sandbox and it might only be valuable for non-containerized instances.

@LeonineKing1199 there's a Docker example in https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#running-puppeteer-in-docker that shows how to setup a user and keep the sandbox :)

If you remove pupeteer as a en explicit dependency, then it just works O_o

Alright, thanks, guys!

But yeah, you _really_ have to follow that thing verbatim. I'm glad it's working no though.

each container runs in its own separate kernel space so if something did begin arbitrarily executing code, it'd be somewhat self-contained.

Until you learn to break out of that kernel space. Then you have full root against the host!

It's worth considering adding both --no-sandbox --disable-setuid-sandbox to the default flags on linux.

Is this still the recommended solution as a lib author where I can't control the actual Linux setup of my clients?

Is this still the recommended solution as a lib author where I can't control the actual Linux setup of my clients?

No, this would be wrong and a security risk. The proper solution is to enable the sandboxing in your OS:

Run echo 1 > /proc/sys/kernel/unprivileged_userns_clone as root and add kernel.unprivileged_userns_clone=1 to /etc/sysctl.conf. This works on debian, may be different on other distributions.

Thank you. I'll try this.

For CentOS 7.4, kernel 3.10.0-693.5.2 (I'm running on VirtualBox):

yum install pango.x86_64 libXcomposite.x86_64 libXcursor.x86_64 libXdamage.x86_64 libXext.x86_64 libXi.x86_64 libXtst.x86_64 cups-libs.x86_64 libXScrnSaver-1.2.2-6.1.el7.x86_64 libXrandr.x86_64 GConf2 alsa-lib.x86_64 atk.x86_64 gtk3.x86_64 -y

yum install ipa-gothic-fonts xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc -y

const browser = await puppeteer.launch({args: ['--no-sandbox', '--disable-setuid-sandbox']});

FWIW I’m working on a web service that handles most of the issues involved in running Chrom in a production like environment. Comes with preset versions that are directly compatible with certain puppeteer versions.

Launches tomorrow 🚀 https://browserless.io

@joelgriffith looks really interesting! Let us know when that goes out.

One word of caution are the Chrome logos on the site. Distorting, changing it's orientation, etc. is technically against the brand trademark usage. The colored line versions are probably ok if you made those, but I'd be cautious about the altering the official logo.

Thanks @ebidel, I've cleaned up the images in question. Let me know if there's anything else that looks like a violation.

The service is live, I'd be more then happy to answer any questions folks might have here about launching in a linux environment or about the service itself. Not exactly an easy task...

@ebidel

@LeonineKing1199 there's a Docker example in https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#running-puppeteer-in-docker that shows how to setup a user and keep the sandbox :)

Except, your advice still relies on running with --cap-add=SYS_ADMIN, which is arguably worse than --no-sandbox and it does not work in Kubernetes. Without --cap-add=SYS_ADMIN, the container will fail with an error:

Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted

On systems like App Engine, that's not needed in production. Just locally.

If there's a better flag to use, we can recommend that. Feel free to send a PR suggestion.

I'm using ubuntu in virtualbox, this is the result after a basic npm install puppeteer:
bash: node_modules/puppeteer/.local-chromium/linux-515411/chrome-linux/chrome: cannot execute binary file: Exec format error
uname -a returns: Linux R 4.9.0-4-686 #1 SMP Debian 4.9.51-1 (2017-09-28) i686 GNU/Linux
file: node_modules/puppeteer/.local-chromium/linux-515411/chrome-linux/chrome: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, not stripped

Considering the comment https://github.com/GoogleChrome/puppeteer/issues/290#issuecomment-322833937 in my case I'm blocked at the point 1.

I think you have a mismatched architecture, vecna.

You're likely trying to run a 64 bit executable on a 32 bit machine.

I agree @LeonineKing1199, but I can't control that from the command npm install puppeteer, the condition has to be managed in the install script

Update, reading in install.js seems that Linux has not a 32bit version anymore. Is that correct?

Instead, use a 64 bit virtualbox'd Ubuntu. i686 implies a 32 bit architecture so no 64 bit executables will run on it.

Not sure if either of you can/want to use docker to do the provisioning, but I've open-sourced all the work to running on linux here.

I encountered this on Ubuntu Server 16.0.4.3. I just installed LXDE so that I won't need to bother hunting down all the dependencies. Turns out that the solution to this problem is to run puppeteer/headless Chrome as a normal user instead of root.

On travis and on my Ubuntu 17.10 it's failing with

node_modules/puppeteer/.local-chromium/linux-515411/chrome-linux/chrome: error while loading shared libraries: libX11-xcb.so.1: cannot open shared object file: No such file or directory

Update: I tried this with a minimal setup using xorg and fluxbox, but I experienced some dependency issues. The easiest, albeit bloated way of running headless Chrome is to install LXDE.

On travis and on my Ubuntu 17.10 it's failing

@alippai we successfully run puppeteer tests on travis, please check out our .travis.yml.

@aslushnikov https://github.com/asmcrypto/asmcrypto.js/commits/master here you can see, that the build broke with no changes to thavis.yml. It's caused by either an OS update or a Chrome binary update.

@alippai this might be related to this travis issue: https://github.com/travis-ci/travis-ci/issues/8836#issuecomment-356362524

@aslushnikov awesome, thanks a lot!

sudo apt-get install gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget

Why is @coldner's comment not in the docs? Thanks

@zackify It is You just have to expand the list of packages out since we don't always want them cluttering up the doc page.

I have also an issue with Ubuntu

(node:10215) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: Failed to launch chrome!

Now when I run it manually:

/srv/app/puppeteer/linux-515411/chrome-linux$ ./chrome --no-sandbox --disable-setuid-sandbox
avalon@dev:/srv/app/puppeteer/linux-515411/chrome-linux$ [0227/104848.849621:ERROR:nacl_helper_linux.cc(310)] NaCl helper process running without a sandbox!
Most likely you need to configure your SUID sandbox correctly

Now when I run it just 'as is' there is no output in the terminal:

/srv/app/puppeteer/linux-515411/chrome-linux$ ./chrome 
< no output >

Im using chromium with puppeteer and PKG ( https://github.com/zeit/pkg ) to pack all the modules and node into a single binary. Using latest versions as of now.

Initialization code in my nodejs application is :

        const browser = await puppeteer.launch({
            args: ['--no-sandbox','--disable-setuid-sandbox'],
            ignoreHTTPSErrors: true,
            headless: true
        });

System version:

Distributor ID: Ubuntu
Description:    Ubuntu 16.04.3 LTS
Release:    16.04
Codename:   xenial

Cannot get the headless to run, it seems that the chromium is not starting at all, when adding the no sandbox flags it throws the errors above.

I tried to install all the required apt-get packages like listed in the several issues. To no resolve, most of them where already installed

I got this while setting up basic CI support on my code sample repo: https://github.com/kaycebasques/puppeteer-by-example/tree/16c7f2bd0d2a79d062a6d8e3d022e75c47897733

Setting os: osx in my .travis.yml seemed to fix it.

Hello there,

I'm still struggling in trying to make things work on Ubuntu 16.04 Server. I have installed all @coldner 's dependencies and here's the result:

Running as root:

google-chrome --headless --dump-dom http://www.perdu.com/

[0313/102503.396335:ERROR:zygote_host_impl_linux.cc(90)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.

google-chrome --headless --dump-dom --no-sandbox http://www.perdu.com/

[0313/102635.889632:ERROR:gpu_process_transport_factory.cc(1019)] Lost UI shared context.

Perdu sur l'Internet ?

Pas de panique, on va vous aider

    * <----- vous êtes ici

Running as non-root:

google-chrome --headless --dump-dom http://www.perdu.com/

[0313/102832.114783:ERROR:gpu_process_transport_factory.cc(1019)] Lost UI shared context.

google-chrome --headless --dump-dom --no-sandbox http://www.perdu.com/

[0313/102914.693612:ERROR:gpu_process_transport_factory.cc(1019)] Lost UI shared context.

As you can see, it will only work as root, with the --no-sandbox flag. I have also tried with chromium-browser, same result.

Any ideas?

Thank you,
Ben

If you're using lighthouse to run headless chrome, add --no-sandbox in --chrome-flags parameter may fix your error, e.g.

lighthouse ... --chrome-flags='--headless --no-sandbox' ...

Hi guys,

I have this error when using puppeteer.

:Cannot start Chrome
node_modules/puppeteer/.local-chromium/linux-549031/chrome-linux/chrome: error while loading shared libraries: libatk-bridge-2.0.so.0: cannot open shared object file: No such file or directory

Any ideas?
Thanks

Here's a neat alternative to copy-pasting the dependency list:

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

apt-get install $( \
  dpkg -I google-chrome-stable_current_amd64.deb | \
  awk '/^ Depends: / { gsub(/Depends:|,|\([^\)]*\)/, ""); print }' \
)

Probably doesn't cover all edge cases, but at least removes the hardcoding. Tested on node:10 image.

Just in case, Chromium's dependencies don't cut it, unfortunately, so can't get by with apt-cache.

i did this as a workaround
ln -s /mnt/c/Program\ Files\ \(x86\)/Google/Chrome/Application/chrome.exe node_modules/puppeteer/.local-chromium/linux-515411/chrome-linux/chrome to get it working on windows linux subsystem (wsl)

If it helps, I followed the advice found in the URL given in the error message (https://chromium.googlesource.com/chromium/src/+/master/docs/linux_suid_sandbox_development.md) and changed the file "chrome_sandbox" so that it was owned by root and had setuid set. Now the sandbox error is gone and chrome launches. To summarize:

chown root:root chrome_sandbox
chmod 4755 chrome_sandbox
setenv CHROME_DEVEL_SANDBOX <path>/node_modules/puppeteer/.local-chromium/linux-555668/chrome-linux/chrome_sandbox
# Or use export CHROME_DEVEL_SANDBOX=... if bash

I am deploying to a Cloud Foundry environment that is running debian. I believe this is a CF linux distro. My app runs fine locally and in the CF env but not when I hit an end point that uses Puppeteer. I am pretty sure my issue is the missing libs in this issue but I do not have root access to install them all. I would have to use a buildpack.

Is there anywhere these missing packages are bundled up in a way that I could use to install them into my environment?

@mrbar42 for president!!

If docker is an option (and I'd highly recommend it), I maintain a repo here that adds a lot of features over "just running Chrome" located: here.

@joelgriffith I actually did see that earlier. Thanks though. I actually ran it earlier today and was thinking of trying to use it. I am currently using a Nuxt.js application and I am not really sure how I would convert your repo into my application. I tried copying the Docker file only and ran that in my project but it would not load the home screen.

If you could tell me what it would take to put my project into your repo, I would be grateful to use it.

This is my current situation,

https://stackoverflow.com/questions/50662388/running-headless-chrome-puppeteer-with-no-sandbox

I have the application running in Docker. But, when I try and Docker run with the suggested Docker config I found on line, it throws a few different errors depending on if I run as root or not.

https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md

Error message:
Screenshot failed Error: Failed to launch chrome!
puppeteer/.local-chromium/linux-
/chrome-linux/chrome: error while loading shared libraries: libX11 : cannot open shared object file: No such file or directory

Solution:
To get Chromium screenshots working on Ubuntu 16.04 I had to install the missing libx11 package plus several others which I determined by trail and error. Ultimately installed all these:
(command line: sudo apt install <name>)

• libx11-xcb1
• libx11composite1
• libx11cursor1
• libx11damage1
• libcups2
• libxss1
• libxrandr2
• libpangocairo-1.0-0
• libatk1.0-0
• libatk-bridge2.0-0
• libgtk-3-0

No need for "trial and error" here, the required dependencies were listed a while back in this thread and are in the troubleshooting guide.

@wuno were you able to fix the issue in cloud foundry environment. I am also facing the same issue. I tried --no-sandbox --disable-setuid-sandbox and no luck.

@dkommineni Yes, I have the issue resolved.

Basically you are missing dependencies when you are using CF. Then you will face a second issue once you install the dependencies. That issue is that Puppeteer needs to be ran with options passed to it.

There is a solution you could use if you have control over the CF environment you are deploying to. I was deploying to a large company and did not have control.

If you have control, you could install the missing dependencies into your CF environment with this,

https://github.com/cloudfoundry/apt-buildpack

If you are like me and do not have control, you can take 3 steps to solve this issue.

1. Put the project in a Docker image.

2. Update the code to pass options to Puppeteer

3. Deploy the Docker image to CF

You will find 100 examples of Dockerfiles on line and none of them worked for me. The way I finally got the Dockerfile right was using this,

FROM node:8
ENV HOST 0.0.0.0
EXPOSE 8080
RUN apt-get update

# for https
RUN apt-get install -yyq ca-certificates
# install libraries
RUN apt-get install -yyq libappindicator1 libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libnss3 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6
# tools
RUN apt-get install -yyq gconf-service lsb-release wget xdg-utils
# and fonts
RUN apt-get install -yyq fonts-liberation

RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app
COPY . /usr/src/app
RUN mkdir -p /usr/src/app/views

# install the necessary packages
RUN npm install

CMD npm run start

You will need to make sure you update the Dockerfile to have the correct values for port, host and start command. That is up to you and your deployment.

The second thing I had to do was change puppeteer to launch like this,

const browser = await puppeteer.launch({ args: ['--no-sandbox', '--disable-setuid-sandbox'], ignoreHTTPSErrors: true, dumpio: false });

Originally I was launching it like this which will not work on Debian using the Dockerfile mentioned above,

const browser = await puppeteer.launch();

At that point I was able to create the Docker Image and test that Puppeteer was working on my localhost inside of the Docker Image. Once I could see that it was working, I deployed the Docker Image to CF and it worked like a charm on my first try.

This took me 3 or 4 days to figure out AFTER I had failed for a week to get it to work in CF without Docker. I truly hope this helps a ton of people.

Thanks @wuno , I ended up using cloud foundry multi buildpack (https://github.com/cloudfoundry/multi-buildpack), as my organization API is not allowing to use main and supplement build pack (https://github.com/cloudfoundry/apt-buildpack) with cf push. With this multi build pack, we can mention all required buildpacks in a file. One drawback is I have to use buildpacks with URL based and not local buildpacks with this approach.

@dkommineni I also like to use multi-buildpack. But, I do not see how that solves your problem of having missing dependencies when you try to run the application. That is the reason I had to use Docker but suggested the alternative of using apt-buildpack.

apt-buildpack allows you to add a bunch of dependencies that need to be installed with apt-get. If you were able to find a way around that, than that is great. But, if you are still having problems I assume it is for the reason mentioned above.

If you do have a working build file for CF not using Docker but can run Puppeteer, I would be grateful to see it.

@wuno my apology for mis communication. I still use apt-buildpack, as one of the buildpacks configured in (https://github.com/cloudfoundry/multi-buildpack)

To resolve sandbox security issue, the server sysctl needs to have kernel.unprivileged_userns_clone=1 flag enabled.

For other issues, make sure all required dependencies are installed from this list.

For anyone experiencing the same NaCl helper process running without a sandbox error with the sandbox flags and all of the proper dependencies - make sure you aren't accidentally running with headless: false. Running with that parameter gave me the same error (totally didn't take me an hour to figure it out :upside_down_face:)

Just add this to your Dockerfile

RUN apt-get update && apt-get install -y chromium-browser

ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD true

This will install Chromium with all the necessary dependencies and then we let Puppeteer know that it doesn't need to re-download Chromium.

Then in your code, launch Puppeteer like so

puppeteer.launch({executablePath: '/usr/bin/chromium-browser'})

@Aetheryx Thanks, it works in headless mode. But, what if I want to run it in headful mode. Do you have any suggestion?

@jsanjay63 Well, I assume the error would be happening because there is no desktop environment to display Chrome in. Do you have a DE set up on your machine?

Maybe it can help someone , but for me on debian 9 I had to enable namespace in kernel :
Enable user namespaces in Debian kernel
echo 1 > /proc/sys/kernel/unprivileged_userns_clone

try this code on ubuntu server. i'm ok.

 sudo apt-get install -y gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget

Has anyone with Debian 9 solved " UnhandledPromiseRejectionWarning: Error: Failed to launch chrome!"?

I did what @slominskir did and it solved my problem:

cd <project-dir-path>/node_modules/puppeteer/.local-chromium/linux-579032/chrome-linux/
sudo chown root:root chrome_sandbox
sudo chmod 4755 chrome_sandbox
sudo ln -s chrome_sandbox /usr/local/sbin/chrome_sandbox

Then I added this line to my .bash_profile:

export CHROME_DEVEL_SANDBOX=/usr/local/sbin/chrome_sandbox

Could someone explain to me why this works or what it does? Is it allowing chrome_sandbox to run as root? I thought that it's bad to run things as root?

Hi. Puppeteer works fine if I install all the required library files to the system(eg.libX11-xcb.so). Is there anyway can I use the puppeteer without installing any dependencies library in the system? BTW I'm using ubuntu 16.

Hi,

I've this error despite all your help:

pirmax@debian:~/tests/Puppeteer$ node index.js 
(node:19783) UnhandledPromiseRejectionWarning: Error: Failed to launch chrome!

(chrome:19793): Gtk-WARNING **: cannot open display: 
[0829/111428.811826:ERROR:nacl_helper_linux.cc(310)] NaCl helper process running without a sandbox!
Most likely you need to configure your SUID sandbox correctly


TROUBLESHOOTING: https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md

    at onClose (/home/pirmax/tests/Puppeteer/node_modules/puppeteer/lib/Launcher.js:299:14)
    at Interface.helper.addEventListener (/home/pirmax/tests/Puppeteer/node_modules/puppeteer/lib/Launcher.js:288:50)
    at Interface.emit (events.js:185:15)
    at Interface.close (readline.js:379:8)
    at Socket.onend (readline.js:152:10)
    at Socket.emit (events.js:185:15)
    at endReadableNT (_stream_readable.js:1101:12)
    at process._tickCallback (internal/process/next_tick.js:114:19)
(node:19783) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:19783) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
pirmax@debian:~/tests/Puppeteer$

Hopefully this helps everyone running Debian.

The following works for me on Debian Jessie (without disabling sandbox!).

1) Dependencies.

• Check for missing dependencies with
  ldd /path/to/puppeteer/chrome | grep not

• For me on Debian Jessie I had to install this:
  sudo apt-get install -y libatk-bridge2.0-0 libgtk-3-0
  See full list of documented dependencies here:
  https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#chrome-headless-doesnt-launch

2) Puppeteer needs the following kernel feature enabled "user namespacing" (if you want to run without disabling sandbox).

• Check your kernel supports the feature (it does if this shows CONFIG_USER_NS=y)
  cat /boot/config-$(uname -r) | grep CONFIG_USER_NS
• Command to permanently enable:
  sudo su; echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf; service procps restart
• Note: it is disabled by default in Debian Jessie because of a local security issue.
  This is safely patched as of 3.16.51-3+deb8u1 (see https://security-tracker.debian.org/tracker/CVE-2017-17448)

@bamarch
This worked for me on a machine running Debian Stretch with 4.9.110-3+deb9u5.
Thank you very much for sharing this.

Doing both of the following fix it for me

Installing following dependencies (thanks @zhaopengme )
sudo apt-get install -y gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget

launching in no sandbox mode

const browser = await puppeteer.launch({args: ['--no-sandbox', '--disable-setuid-sandbox']});

this solution work for me techoverflow

Looks like this is generally solved. If you ended up here from google / github search, checkout our troubleshooting.md on how to get missing dependencies and setup a sandbox.

In my opinion this isn't solved - the libraries should be delivered with puppeteer and work out of the box.

I agree with @egoroof. If this was an edge case OS, I'd say close it - but this affects Windows users with WSL and Ubuntu (and other Debian) users. That's a huge base of users that need to troubleshoot.

It took me days to get this to work on a CENTOS Cloud Foundry server which is extremely common for most companies I have worked for. I would agree with the above comments.

libraries should be delivered with puppeteer and work out of the box.

There are a few Docker images available around if you want it to "just work". Otherwise, Puppeteer is doing what it can within the limitations of package management. All puppeteer does is grab the archive from Chromium. It expects you as a user to have the proper packages installed that allow it to operate. These are documented in the troubleshooting docs. While I do believe it should be more prominent in the installation steps to get running that this should be checked; I don't believe the responsibility falls on Puppeteer directly to ensure a pure npm install alone will get things working.

I have supported providing a postinstall script to prompt users if they'd like to go through the install steps for their distros. However, the inclusion of that has been rejected in favor of the static documentation externally to the install pipeline.

@Garbee I personally had to use a Docker image for my application to work and after trying many of the images I found on the internet none of them simply "just work" without installing extra dependencies to the system libs.

If someone knows of a Docker image that runs Puppeteer out of the box, I would be thrilled to know what it is.

@wuno I found this one though it's on alpine and doesn't ship with node.

I'm able to copy some of the stuff from their Dockerfile but not all of it. :/

I was able to get it to work like this,

FROM node:8
ENV HOST 0.0.0.0
EXPOSE 8080
RUN apt-get update

# for https
RUN apt-get install -yyq ca-certificates
# install libraries
RUN apt-get install -yyq libappindicator1 libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libnss3 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6
# tools
RUN apt-get install -yyq gconf-service lsb-release wget xdg-utils
# and fonts
RUN apt-get install -yyq fonts-liberation

RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app
COPY . /usr/src/app
RUN mkdir -p /usr/src/app/views

# install the necessary packages
RUN npm install

CMD npm run dev

Then create it like this,

 const browser = await puppeteer.launch({
          args: ['--no-sandbox', '--disable-setuid-sandbox'],
          ignoreHTTPSErrors: true,
          dumpio: false
        });

This seems to work on a debian instance.

Works fine on Ubuntu 18.10 after manual installation of the following packages:

1. libx11-xcb1
2. libxcomposite
3. libxcursor1
4. libxdamage1
5. libxss1
6. libxrandr2
7. libasound2
8. libpangocairo-1.0-0
9. libatk1.0-0
10. libatk-bridge2.0-0
11. libgtk-3-0

Has anyone worked around this problem in the CircleCI pre-build Docker images? I can use --no-sandbox but would prefer a proper fix.

On Ubuntu 18.04 we had to install these:

sudo apt-get install -y libx11-xcb1 libxrandr2 libasound2 libpangocairo-1.0-0 libatk1.0-0 libatk-bridge2.0-0 libgtk-3-0 libnss3 libxss1

Strangely enough, on CentOS 7.4.1708 we just had to install:

# yum provides '*/libXss.so.1'
sudo yum install libXScrnSaver

I've managed to get libx11 installed on Ubuntu 18 via Docker but for some reason Puppeteer doesn't seem to be utilizing it. When I initialize my node app do I need to run it within x11 or is it sufficient to just install the live and run the node app that's depending on Puppeteer?

Also I have no-sandbox enabled. Matter of fact these are the arguments I'm passing in:

    '--no-sandbox',
    '--disable-setuid-sandbox',
    '--disable-gpu',
    `--window-size=${resolution[0]}x${resolution[1]}`,
    `--user-agent=${agent}`

Anyone have a similar issue? PS I'm running this on a microdevice (Odroid XU-4 which has no video out ability).

@ddibiase ARM platforms are not supported by default. You may be able to install Chromium from the repositories and point puppeteer to use that. But there is no specific guarantee still that it will run.

I’ve actually managed to get Chromium and Puppeteer going on both Alpine
and Ubuntu ARM7 builds.

Now I’d like to use libx11 to receive the video output buffer because my
devices don’t have video out. So really the question is do I need to add an
extra command in front of my Node start script to trigger output to x11 or
does puppeteer need to have a setting set to flag virtual buffering?
On Sun, Jan 20, 2019 at 6:57 AM Jonathan Garbee notifications@github.com
wrote:

@ddibiase https://github.com/ddibiase ARM platforms are not supported
by default. You may be able to install Chromium from the repositories
and point puppeteer to use that. But there is no specific guarantee still
that it will run.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/GoogleChrome/puppeteer/issues/290#issuecomment-455860141,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABHUDY-o_PrrUYsNjRie0sBnPqn0RgODks5vFFmNgaJpZM4O5LhC
.

--
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager.
This message contains confidential information and is intended only for the
individual named. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. If you are not the intended recipient
you are notified that disclosing, copying, distributing or taking any
action in reliance on the contents of this information is strictly
prohibited.

Hopefully this helps everyone running Debian.

The following works for me on Debian Jessie (without disabling sandbox!).

1. Dependencies.

• Check for missing dependencies with
  ldd /path/to/puppeteer/chrome | grep not
• For me on Debian Jessie I had to install this:
  sudo apt-get install -y libatk-bridge2.0-0 libgtk-3-0
  See full list of documented dependencies here:
  https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#chrome-headless-doesnt-launch

1. Puppeteer needs the following kernel feature enabled "user namespacing" (if you want to run without disabling sandbox).

• Check your kernel supports the feature (it does if this shows CONFIG_USER_NS=y)
  cat /boot/config-$(uname -r) | grep CONFIG_USER_NS
• Command to permanently enable:
  sudo su; echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf; service procps restart
• Note: it is disabled by default in Debian Jessie because of a local security issue.
  This is safely patched as of 3.16.51-3+deb8u1 (see https://security-tracker.debian.org/tracker/CVE-2017-17448)

Thank you so much @bamarch i've checked my kernel setting and user namespace is enabled but is masked by the security patch you mentioned. It is also mentioned it is a permanent way of enabling the user namespace. I wonder whether there is a more "temporal" way of fixing it, which is compatible with both this patch as well as enabling the user namespace while running chrome?

Why create things so difficult to install ?????
Impossible to install within Amazon Linux AMI release 2018.03.

@rudyhadoux Did you try using a container like Docker? I posted a Docker file config above a few comments and that is working for us in production to this day.

I use AWS Amplify Console CI and it is Amazon Linux AMI release 2018.03 by default and unchangeable.
Thanks.

@wuno Furthermore I use a karma.conf.js in an Angular 7 app.

mark

It works for me. If it helps, my amplify.yml :

version: 0.1
frontend:
phases:
install:
commands:
- npm i

preBuild:
  commands:
    - curl https://intoli.com/install-google-chrome.sh | bash
    - npm i -g @angular/cli
    - npm i --save-dev @angular-devkit/build-angular
    - npm i @angular-devkit/build-angular
    - ng t
    - ng e2e

build:
  commands:
    - npm i -g @angular/cli
    - ng build --prod --build-optimizer

artifacts:
baseDirectory: dist
files:
- '*/'

apt-get install gconf-service libasound2 libatk1.0-0 libatk-bridge2.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget

Please try above command for installing all dependencies.

The command to install deps has been posted at least half a dozen times now.

Please DO NOT post the packages to install again. They are located in the troubleshooting guide and are here plenty. If you find an error in the package list, please submit a pull request to address that issue.

this works but the console prints lots of "connect /tmp/.X11-unix/X0: No such file or directory" and other stuff.

Am I seriously supposed to copy every one of those packages by hand ?!?!?! Is there no smarter way ?

@CoVoCre If you use the list in the troubleshooting guide (or most of them here that are a single line.) They'll all install with just copy and pasting the command. So no, you don't need to copy every single one manually to install. A simple apt-get install {pack1} {pack2} ... works just fine.

Haha, but how do I write the list if I can't copy and paste ? That was my question ;)
In fact, I ended up using an ssh server and connecting to it from another machine just to copy and paste things more easily !

Hi folks, I'm running an AWS EC2 instance with Ubuntu and I can't get it to work with or without sandboxing.

With args: ['--no-sandbox', '--disable-setuid-sandbox'],:

Error: Failed to launch chrome!
[0813/115451.196200:ERROR:nacl_helper_linux.cc(310)] NaCl helper process running without a sandbox!
Most likely you need to configure your SUID sandbox correctly

Without args: ['--no-sandbox', '--disable-setuid-sandbox'],

Error: Failed to launch chrome!

...And that's it.

I've confirmed that all my dependencies are installed and Chrome appears to work from the command line. The configuration of Chrome itself came from yarn install puppeteer.

Tried running node_modules/puppeteer/.local-chromium/linux-674921/chrome-linux/chrome -v as @fortes did above, but this produced no console output. The same with --help instead of -v produced: "No manual entry for chrome".

It is now 5 in the morning so I think I'd better tap out, but any direction as to what I can test would be deeply appreciated.

Hi folks, I'm running an AWS EC2 instance with Ubuntu and I can't get it to work with or without sandboxing.

With args: ['--no-sandbox', '--disable-setuid-sandbox'],:

Error: Failed to launch chrome!
[0813/115451.196200:ERROR:nacl_helper_linux.cc(310)] NaCl helper process running without a sandbox!
Most likely you need to configure your SUID sandbox correctly

Without args: ['--no-sandbox', '--disable-setuid-sandbox'],

Error: Failed to launch chrome!

...And that's it.

I've confirmed that all my dependencies are installed and Chrome appears to work from the command line. The configuration of Chrome itself came from yarn install puppeteer.

Tried running node_modules/puppeteer/.local-chromium/linux-674921/chrome-linux/chrome -v as @fortes did above, but this produced no console output. The same with --help instead of -v produced: "No manual entry for chrome".

It is now 5 in the morning so I think I'd better tap out, but any direction as to what I can test would be deeply appreciated.

Hi,

I am on Debian 10 (Buster) and I have followed this recommended solution to make it : sudo sysctl -w kernel.unprivileged_userns_clone=1

Hi,

I am on Debian 10 (Buster) and I have followed this recommended solution to make it : sudo sysctl -w kernel.unprivileged_userns_clone=1

You saved my life! I tried to run pageres-cli and I had this error:
No usable sandbox! Update your kernel
even with --no-sandbox --disable-setuid-sandbox parameters

It was also not working for me on Debian.

This is what solved the problem for me:
https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#setting-up-chrome-linux-sandbox

I had to enable the user namespace cloning:
sudo sysctl -w kernel.unprivileged_userns_clone=1

This helped me test pdf generation with non-english fonts.

```FROM node:8

RUN wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add -
&& sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list'
&& apt-get update
&& apt-get install -y google-chrome-unstable fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf
--no-install-recommends
&& rm -rf /var/lib/apt/lists/*

RUN npm i puppeteer

RUN echo "
const puppeteer = require('puppeteer');n
(async () => {n
const browser = await puppeteer.launch({args: ['--no-sandbox', '--disable-setuid-sandbox']});n
const page = await browser.newPage();n
await page.goto('https://www.baidu.com/');n
const pdf = await page.pdf({path: 'example.pdf'});n
console.log(pdf.toString('base64'));n
browser.close();n
})();
" > index.js

CMD ["node", "index.js"]```

I arrived here from the troubleshooting.md page, recommended due to the ELF: not found puppeteer startup error, on Raspbian Buster.
In the end I found a good-enough solution in using puppeteer-core with chromium(as described here):

sudo apt install chromium-browser chromium-codecs-ffmpeg
npm i puppeteer-core

const puppeteer = require('puppeteer-core');
const browser = await puppeteer.launch({executablePath: '/usr/bin/chromium-browser'});

if you get Failed to launch the browser process
it possible that you didn't install chromium
sudo apt-get install chromium-browser
and then setting up

I ended up here because of a similar issue, but nothing has worked so far. Here is my Ubuntu information...

NAME="Ubuntu"
VERSION="18.04.1 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.1 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic

If I install puppeteer-core I get the following error...

(node:28215) UnhandledPromiseRejectionWarning: Error: Could not find browser revision 737027. Run "npm install" or "yarn install" to download a browser binary.
    at ChromeLauncher.launch (/home/ubuntu/test/node_modules/puppeteer-core/lib/Launcher.js:200:23)
    at async PuppeteerExtra.launch (/home/ubuntu/test/node_modules/puppeteer-extra/dist/index.cjs.js:129:25)
    at async /home/ubuntu/test/index.js:8:18
(node:28215) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:28215) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

And if I uninstall puppeteer-core I get the following error.

(node:28237) UnhandledPromiseRejectionWarning: Error: Failed to launch the browser process!
/home/ubuntu/test/node_modules/puppeteer/.local-chromium/linux-737027/chrome-linux/chrome: error while loading shared libraries: libgbm.so.1: cannot open shared object file: No such file or directory


TROUBLESHOOTING: https://github.com/puppeteer/puppeteer/blob/master/docs/troubleshooting.md

    at onClose (/home/ubuntu/test/node_modules/puppeteer/lib/Launcher.js:615:20)
    at Interface.<anonymous> (/home/ubuntu/test/node_modules/puppeteer/lib/Launcher.js:605:56)
    at Interface.emit (events.js:327:22)
    at Interface.close (readline.js:424:8)
    at Socket.onend (readline.js:202:10)
    at Socket.emit (events.js:327:22)
    at endReadableNT (_stream_readable.js:1201:12)
    at processTicksAndRejections (internal/process/task_queues.js:84:21)
(node:28237) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:28237) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

Based on the conversation, I assumed that I was missing the libgbm.so.1 dependency so I ran the following command...
sudo apt-get install libgbm.so.1

But that gave me the following output...

Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Unable to locate package libgbm.so.1
E: Couldn't find any package by glob 'libgbm.so.1'
E: Couldn't find any package by regex 'libgbm.so.1'

Any suggestions?

@aymather , try installing libgbm instead of libgbm.so.1. It takes 1 minute to google: https://packages.ubuntu.com/search?lang=hu&suite=bionic&arch=any&mode=filename&searchon=contents&keywords=libgbm.so.1

Hey @earshinov sorry I left that out on accident. I already tried that with sudo apt-get install libgbm and got this same response:

Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Unable to locate package libgbm

The package is actually named libgbm1 (I made a typo). Did you try installing that as well (and apt-get update before installing just in case)?

Shoot @earshinov you were right, I missed the 1 when trying to install it. I ran sudo apt-get update
sudo apt-get install libgbm1
and now everything works. Thanks for the help!

For some reason I was missing the libxcb-dri3.so.0 shared lib (I installed every packages mentioned in the troubleshooting guide previously). On Puppeteer 3.0.1.

Fixed by adding the libxcb-dri3-0 package.

sudo apt install libxcb-dri3-0

I don't know if it an isolated issue, if future readers have the same problem, it may be added to the packages list.

In addition to libxcb-dri3-0, as @rigwild pointed out, I had to also:
apt-get install libgbm1

Getting this error:

error while loading shared libraries: libX11-xcb.so.1: cannot open shared object file: No such file or directory

electron 9.1.0
node js 12.x
electron builder 22.7.0

I have tried all the option mentioned above...
Sand boxing and installing libraries nothing seems to work

My app works perfectly in dev mode and even on x64 build
This error pops only after build for ia32...

@AtiqGauri I have also got some shared library missing error on CI. Installing all fonts, libraries explicitly helped resolve the issue.

I have used this as a reference.

https://github.com/puppeteer/puppeteer/blob/main/.ci/node10/Dockerfile.linux

const puppeteer = require('puppeteer');
(async() => {
  const browser = await puppeteer.launch({dumpio: true});
  const page = await browser.newPage();
  await page.goto('https://example.com');
  await page.screenshot({path: 'example.png'});
  browser.close();
})();

Hi, when I try to run it, in my debian, I have this:

[1003/225046.733084:ERROR:bus.cc(393)] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory

DevTools listening on ws://127.0.0.1:45019/devtools/browser/e1e75c8d-c24a-454e-b4ca-83b1fdb42941

Do you have any idea on how to solve it?

Thank you

RUN apt-get update -y -q
RUN apt-get install -y -q xvfb libgtk2.0-0 libxtst6 libxss1 libgconf-2-4 libnss3 libasound2

You are the best dude. Thank you !