Failed to open KeePassXC: amdgpu: amdgpu_device_initialize failed.
marek22k opened this issue · comments
Description
KeePassXC no longer starts.
Steps to Reproduce
- Be on a amd computer
- Run in bash
LC_ALL=C firejail PROGRAM
Expected behavior
KeePassXC starts.
Actual behavior
$LC_ALL=C firejail --profile=keepassxc /usr/bin/keepassxc
Reading profile /etc/firejail/keepassxc.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-shell.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-run-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Seccomp list in: !name_to_handle_at, check list: @default-keep, prelist: unknown,
Parent pid 8116, child pid 8120
3 programs installed in 11.99 ms
Warning: skipping alternatives for private /etc
Private /etc installed in 5.92 ms
Private /usr/etc installed in 0.00 ms
Warning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted
Warning: not remounting /home/marek/.ssh/config
Warning: not remounting /run/user/1000/doc
Seccomp list in: !name_to_handle_at, check list: @default-keep, prelist: unknown,
Warning: cleaning all supplementary groups
Child process initialized in 98.67 ms
Qt: Session management error: Could not open network socket
amdgpu_device_initialize: amdgpu_get_auth (1) failed (-1)
amdgpu: amdgpu_device_initialize failed.
glx: failed to create dri3 screen
failed to load driver: radeonsi
failed to open /dev/dri/card0: No such file or directory
failed to load driver: radeonsi
Parent is shutting down, bye...
Behavior without a profile
What changed calling LC_ALL=C firejail --noprofile /path/to/program in a
terminal?
$LC_ALL=C firejail --noprofile /usr/bin/keepassxc
Parent pid 8150, child pid 8151
Child process initialized in 4.98 ms
Parent is shutting down, bye...
KeePassXC starts.
Additional context
$lspci -k | grep -A 3 -E "(VGA|3D)"
pcilib: Error reading /sys/bus/pci/devices/0000:00:08.3/label: Operation not permitted
64:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Phoenix1 (rev dd)
Subsystem: Lenovo Phoenix1
Kernel driver in use: amdgpu
Kernel modules: amdgpu
Environment
- Linux distribution and version: Arch Linux
- Firejail version (
firejail --version).
$firejail --version
firejail version 0.9.72
Compile time support:
- always force nonewprivs support is disabled
- AppArmor support is enabled
- AppImage support is enabled
- chroot support is enabled
- D-BUS proxy support is enabled
- file transfer support is enabled
- firetunnel support is disabled
- IDS support is disabled
- networking support is enabled
- output logging is enabled
- overlayfs support is disabled
- private-home support is enabled
- private-cache and tmpfs as user enabled
- SELinux support is disabled
- user namespace support is enabled
- X11 sandboxing support is enabled
Checklist
- The issues is caused by firejail (i.e. running the program by path (e.g.
/usr/bin/vlc) "fixes" it). - I can reproduce the issue without custom modifications (e.g. globals.local).
- The program has a profile. (If not, request one in
https://github.com/netblue30/firejail/issues/1139) - The profile (and redirect profile if exists) hasn't already been fixed upstream.
- I have performed a short search for similar issues (to avoid opening a duplicate).
Log
Output of LC_ALL=C firejail /path/to/program
$LC_ALL=C firejail /usr/bin/keepassxc
Reading profile /etc/firejail/keepassxc.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-shell.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-run-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Seccomp list in: !name_to_handle_at, check list: @default-keep, prelist: unknown,
Parent pid 9516, child pid 9520
3 programs installed in 11.01 ms
Warning: skipping alternatives for private /etc
Private /etc installed in 4.93 ms
Private /usr/etc installed in 0.00 ms
Warning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted
Warning: not remounting /home/marek/.ssh/config
Warning: not remounting /run/user/1000/doc
Seccomp list in: !name_to_handle_at, check list: @default-keep, prelist: unknown,
Warning: cleaning all supplementary groups
Child process initialized in 102.41 ms
Qt: Session management error: Could not open network socket
amdgpu_device_initialize: amdgpu_get_auth (1) failed (-1)
amdgpu: amdgpu_device_initialize failed.
glx: failed to create dri3 screen
failed to load driver: radeonsi
failed to open /dev/dri/card0: No such file or directory
failed to load driver: radeonsi
Parent is shutting down, bye...
Output of LC_ALL=C firejail --debug /path/to/program
https://gist.github.com/marek22k/3e81a432d66fc3a519f2ad66141f60fe
I am having the exact same problem with an intel Arc A380.
$ LC_ALL=C firejail --profile=keepassxc /usr/bin/keepassxc
Reading profile /etc/firejail/keepassxc.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-shell.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-run-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Seccomp list in: !name_to_handle_at, check list: @default-keep, prelist: unknown,
Parent pid 7019, child pid 7023
3 programs installed in 20.43 ms
Warning: skipping alternatives for private /etc
Warning: skipping ld.so.preload for private /etc
Private /etc installed in 7.63 ms
Private /usr/etc installed in 0.00 ms
Warning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted
Warning: not remounting /home/s/.ssh/config
Warning: not remounting /run/user/1000/doc
Warning: not remounting /run/user/1000/gvfs
Seccomp list in: !name_to_handle_at, check list: @default-keep, prelist: unknown,
Warning: cleaning all supplementary groups
Child process initialized in 172.75 ms
MESA: error: Failed to query drm device.
glx: failed to create dri3 screen
failed to load driver: iris
failed to open /dev/dri/card1: No such file or directory
failed to load driver: iris
Parent is shutting down, bye...
Keepassxc does start when running LC_ALL=C firejail --noprofile /usr/bin/keepassxc, as well as when running /usr/bin/keepassxc
$ lspci -k | grep -A 3 -E "(VGA|3D)"
03:00.0 VGA compatible controller: Intel Corporation DG2 [Arc A380] (rev 05)
Subsystem: ASRock Incorporation DG2 [Arc A380]
Kernel driver in use: i915
Kernel modules: i915
Also running fully up to date Arch Linux. This started occurring after a recent update to Mesa.
$ firejail --version
firejail version 0.9.72
Compile time support:
- always force nonewprivs support is disabled
- AppArmor support is enabled
- AppImage support is enabled
- chroot support is enabled
- D-BUS proxy support is enabled
- file transfer support is enabled
- firetunnel support is disabled
- IDS support is disabled
- networking support is enabled
- output logging is enabled
- overlayfs support is disabled
- private-home support is enabled
- private-cache and tmpfs as user enabled
- SELinux support is disabled
- user namespace support is enabled
- X11 sandboxing support is enabled
Also running fully up to date Arch Linux. This started occurring after a recent update to Mesa.
Any improvement when adding ignore no3d in ~/.config/firejail/keepassxc.local?
Any improvement when adding
ignore no3din ~/.config/firejail/keepassxc.local?
That fixes it!
@Absolutely-Free Thanks for testing. This might be a Mesa bug, so I guess we'll better wait a bit and check the Arch bugtracker. Glad to read there's a workaround for now though!
Possibly related Arch Linux forum thread:
https://bbs.archlinux.org/viewtopic.php?id=291519.
UPDATE
Arch Linux Mesa package manager reverted a commit to fix https://gitlab.archlinux.org/archlinux/packaging/packages/mesa/-/issues/5 in mesa 1:23.3.2-2. Personally I don't use keepassxc, so I'm asking @marek22k and @Absolutely-Free to check if the proposed workaround is still needed with the latest mesa on Arch Linux.
I updated my system, deleted ~/.config/firejail/keepassxc.local, and was able to start keepassxc as normal. All seems to be well on my end.
I updated my system, deleted ~/.config/firejail/keepassxc.local, and was able to start keepassxc as normal. All seems to be well on my end.
@Absolutely-Free That's promising, thanks for testing and reporting back!
Works for me again.