Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google Chrome login cookie persistence breaks on Silverblue when the Network Service Sandbox is enabled #603

Open
RoyalOughtness opened this issue Oct 9, 2024 · 1 comment
Open

Google Chrome login cookie persistence breaks on Silverblue when the Network Service Sandbox is enabled #603

RoyalOughtness opened this issue Oct 9, 2024 · 1 comment
Labels
bug Something isn't working external Issue related to external project not part of Fedora f40 Related to Fedora 40

Comments

@RoyalOughtness
Copy link

RoyalOughtness commented Oct 9, 2024
edited
Loading

Describe the bug
Reproduces with any chromium based browser, flatpak or layered rpm. When run with network service sandbox enabled (can be set via chrome://flags or via --enable-features="NetworkServiceSandbox"), chrome will fail to persist logins. So for example if you log in to github, exit the browser, and visit github again, you will have to log in again.

This behavior does not reproduce on workstation under the same conditions (NetworkServiceSandbox enabled).

To Reproduce
Please describe the steps needed to reproduce the bug:

  1. Install Silverblue
  2. Install Google Chrome via flatpak or layered rpm
  3. Run chrome with the network service sandbox enabled (chrome://flags/#enable-network-service-sandbox or via --enable-features="NetworkServiceSandbox")
  4. Login to github.com or another site
  5. Close the browser
  6. Reopen chrome with the same configuration
  7. Observe that you need to login again

Expected behavior
All of the above steps are expected except step 7. You should not need to login again. This is the case on workstation.

OS version:

State: idle
BootedDeployment:
\u25cf fedora:fedora/40/x86_64/silverblue
                  Version: 40.20241009.0 (2024-10-09T01:04:28Z)
               BaseCommit: 6c331c1042f2352a39ed3f8e53819c5d640b5500963a240c0cfd583be74a8070
             GPGSignature: Valid signature by 115DF9AEF857853EE8445D0A0727707EA15B79CC
          LayeredPackages: google-chrome-stable

Additional context

Two things to note:

  1. This issue is not caused by the cookies being deleted. If you toggle the network service sandbox back off, you will be automatically logged in using the stored login cookies.
  2. My hunch is that this is something to do with the keyring configuration on silverblue and how it relates to chrome's network service. The reason for this is that on silverblue (but crucially, not on workstation) I'm getting popups like this when initially opening chrome:

image

Keep in mind though that this is a hunch and could very well be a red herring.
@RoyalOughtness RoyalOughtness added the bug Something isn't working label Oct 9, 2024
@RoyalOughtness RoyalOughtness mentioned this issue Oct 9, 2024
Closed
@RoyalOughtness
Copy link
Author

RoyalOughtness commented Oct 9, 2024
edited
Loading

It also should be noted that eventually the network service sandbox will likely be enabled by default (or enabled in flight via variations) on linux. Meaning that once that happens, all chromium based browsers will break by default on silverblue if this bug still exists.

@travier travier added f40 Related to Fedora 40 external Issue related to external project not part of Fedora labels Oct 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working external Issue related to external project not part of Fedora f40 Related to Fedora 40
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@travier @RoyalOughtness