Installing daedalus-5.3.1-66691-mainnet-f14275aa5-x86_64-linux.bin with permission denied (ubuntu 24.04)

I’m getting the errors:

./daedalus-5.3.1-66691-mainnet-f14275aa5-x86_64-linux.bin 
Cannot bind mount /dev to /tmp/nixxdqYmx/dev: Permission denied
Cannot bind mount /proc to /tmp/nixxdqYmx/proc: Permission denied
Cannot bind mount /sys to /tmp/nixxdqYmx/sys: Permission denied
Cannot bind mount /run to /tmp/nixxdqYmx/run: Permission denied
Cannot bind mount /tmp to /tmp/nixxdqYmx/tmp: Permission denied
Cannot bind mount /var to /tmp/nixxdqYmx/var: Permission denied
Cannot bind mount /etc to /tmp/nixxdqYmx/etc: Permission denied
Cannot bind mount /usr to /tmp/nixxdqYmx/usr: Permission denied
Cannot bind mount /home to /tmp/nixxdqYmx/home: Permission denied
Cannot bind mount /home to /tmp/nixxdqYmx//home: Permission denied
mount(/tmp/tmpx-20240516T000407Z-dbb8da50/dat/nix, /tmp/nixxdqYmx/nix): Permission denied

I try to follow the solution from the post

with no success

This is a fresh installation before, I was using Manjaro with no problem.
Can you help me solve this?

Getting the same on Ubuntu 24.04, haven’t been able to figure out how to fix it yet.

What are the permissions and ownership on your /tmp directory?

On my Debian system they are:

> ls -l / | grep tmp
drwxrwxrwt  59 root root   319488 May 23 11:56 tmp

Does Ubuntu 24.04 enable AppArmor automatically? Does disabling it during install and then re-enabling it help?

I did all of this and still have the same issue

image

ls -l / | grep tmp

is not a fix, it is a debugging procedure to provide me more information about your system.

From what you posted it is as I expected.

You next step is to investigate the AppArmor issue (sorry, I know nothing about AppArmor).

What is the AppArmos issue … I have no idea what it is.

Does Ubuntu 24.04 enable AppArmor automatically? Does disabling it during install and then re-enabling it help?

The first line of my screenshot disables the AppArmor and still, cannot install …

I just upgraded my laptop to Ubuntu 24.04 and ran into this exact problem. For me, just stopping apparmor service did not help. If you search /var/log/syslog for DENIED you can find the apparmor profile that is causing the issue. This was in my log:

2024-05-29T02:01:20.263473-04:00 laptop-2 kernel: audit: type=1400 audit(1716962480.261:1073): apparmor="DENIED" operation="mount" class="mount" info="failed mntpnt match" error=-13 profile="unprivileged_userns" name="/tmp/nixkeav2t/usr/" pid=22425 comm="nix-user-chroot" srcname="/usr/" flags="rw, rbind"

I found this URL related to unpriviledged_userns profile:
https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces

Once I ran the 2 commands at the end of that document, daedalus started working:

sudo sysctl -w kernel.apparmor_restrict_unprivileged_unconfined=0
sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0

I do not yet know enough about apparmor to know if this causes some sort of security issue, but for now at least I can run daedalus.

I did try setting the daedalus program to just “complain” mode but received a python error. So it appears maybe the utility has some bugs in it. This is why I opted to just disable the problematic profile for now.
sudo aa-complain <path-to-daedalus>

I feel like this is not likely a good solution but just a temporary workaround until somebody more knowledgeable of apparmor can suggest a better approach. I hope this helps somebody.

1 Like

Having the same issue described here since few months after upgrading to Ubuntu 24.04.

It would be nice to have an official update on what step to follow on this to be able to run and launch Daedalus Wallet securely.

My understanding is that the latest version (6.0.0) fixes this.

1 Like

Oh there’s a new version indeed thank you for the information : https://iohk.zendesk.com/hc/en-us/articles/36568246873241-Daedalus-6-0-0-release-notes

But without launching Daedalus launcher i can’t update it ?
Is there a way to update it with a command line or something ?

Yes, it can be installed from the command line.