I can confirm that for me, on X11, --disable-seccomp-filter-sandbox works better than --no-sandbox. No sandbox presents a random behaviour in my system, allowing the application to start on only a fraction of the attempts.
Search Criteria
Package Details: teams 1.5.00.23861-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/teams.git (read-only, click to copy) |
|---|---|
| Package Base: | teams |
| Description: | Microsoft Teams for Linux is your chat-centered workspace in Office 365 |
| Upstream URL: | https://teams.microsoft.com/downloads |
| Licenses: | custom |
| Conflicts: | ms-teams |
| Replaces: | ms-teams |
| Submitter: | ogarcia |
| Maintainer: | ogarcia (jvybihal) |
| Last Packager: | ogarcia |
| Votes: | 315 |
| Popularity: | 0.91 |
| First Submitted: | 2019-12-10 18:41 (UTC) |
| Last Updated: | 2023-03-04 10:15 (UTC) |
Dependencies (10)
- alsa-lib
- glibc (glibc-gitAUR, glibc-linux4AUR, glibc-eacAUR)
- gtk3 (gtk3-no_deadkeys_underlineAUR, gtk3-classic-xfceAUR, gtk3-classicAUR, gtk3-patched-filechooser-icon-viewAUR)
- libsecret
- libxss
- libxtst
- nss (nss-hgAUR)
- libappindicator-gtk3 (optional) – Systray indicator support
- org.freedesktop.secrets (gnome-keyring-gitAUR, pass-secrets-gitAUR, keepassxc-allow-aur-extension-originAUR, keepassxc-allow-aur-extension-origin-binAUR, bitw-gitAUR, keepassxc-qt6AUR, pass-secret-service-binAUR, keepassxc-gitAUR, dssdAUR, pass-secret-service-gitAUR, gnome-keyring, keepassxc, kwallet, kwallet5) (optional) – Keyring password store support
- pulseaudio (pulseaudio-dummyAUR, pulseaudio-gitAUR) (optional) – Video and voice call support
Required by (0)
Sources (1)
luistp commented on 2022-03-02 08:20 (UTC) (edited on 2022-03-02 12:50 (UTC) by luistp)
nyanpasu64 commented on 2022-02-28 23:09 (UTC)
I don't use Teams, but betterdiscord-installer runs into a similar issue. There's a bit of technical detail at https://github.com/BetterDiscord/Installer/issues/247#issuecomment-1042433008 (in short, glibc 2.35 enables rseq which makes syscalls, and older Electron uses seccomp to block syscalls and SIGSYS the process making them). I'm not sure what the real fix is though, possibly https://github.com/electron/electron/pull/31091.
karabaja4 commented on 2022-02-28 14:08 (UTC) (edited on 2022-02-28 14:10 (UTC) by karabaja4)
I can also confirm that on X11. With --disable-seccomp-filter-sandbox teams is working exactly the same with glibc 2.35 as it worked with glibc 2.34 (calls, camera, screen sharing, chat).
rlees85 commented on 2022-02-28 13:34 (UTC)
Not seeing the same as iyanmv comment. I'm using Wayland and the --disable-seccomp-filter-sandbox workaround (recommended as it disables slightly less security than --no-sandbox). Calls work fine, desktop sharing has not ever worked on Wayland anyway.
If teams has been crashing in calls its probably just normal behaviour for teams ;)
I 100% agree with the packager that we should not be adding flags that reduce security and are hacky at best to the package. If ogarcia changes their mind at least use --disable-seccomp-filter-sandbox
iyanmv commented on 2022-02-28 08:51 (UTC)
Those suggesting using --no-sandbox or --disable-seccomp-filter-sandbox maybe they just open the app and see that it starts as before, but is still completely broken. Video calls, sharing screen, etc. are completely broken and crash/freeze the app. So if you need Teams to join meetings DO NOT use this app until Microsoft releases a new version compatible with glibc>=2.34. Just use the web version (with Chromium, unfortunately video and screen sharing also does not work with Firefox) or the Flatpack app.
DarkXylese commented on 2022-02-28 08:49 (UTC)
Thanks @karabaja4, --disable-seccomp-filter-sandbox works much better than --no-sandbox. No sandbox fully broke the app for me, but this one seems to be working just like before. No need to use a browser now
AUR_user commented on 2022-02-28 08:46 (UTC)
@ogarcia I think it would be good, if you also attach the link for the voting to the pinned comment, so it doesn't get lost over all the messages.
karabaja4 commented on 2022-02-27 19:59 (UTC)
Also, as already mentioned using --disable-seccomp-filter-sandbox instead of --no-sandbox might have a lesser impact on weakened security, but it works just as well.
jvybihal commented on 2022-02-27 19:49 (UTC) (edited on 2022-02-27 19:51 (UTC) by jvybihal)
I am 100 % with @ogarcia on this one. It's upstream issue. When google-chrome-dev had almost exact same issue, it was not a job of packager to put potencialy insecure workarouds in place, it has to be done in upstream. That's the correct way. If it would be distro specific issue, I would agree in putting workarounds in place, but it's not. Please, go to Microsoft, report it, and let them know they need to react properly. If they officially do not support Arch, fedora, etc., it shows how they care about their customers, and maybe customers should look for another (potentially) better product.
@linuxninja If you dont want teams rewriting YOUR .desktop file, again, bitch at MS for putting such shitty practise in place. Or make it read only, and maybe add immunitable flag on it.
That's my 2 cents.
linuxninja commented on 2022-02-27 19:10 (UTC)
IMHO, adding --no-sandbox is the right thing to do for this version, as not running an up-to-date Arch install is not supported. This package should support a newly installed Arch Linux. If it doesn't then this package is broken. Adding the flag makes this package not broken. Do this at least until there is a version update for Teams that resolves the issue, then you can remove the flag.
Sure, doesn't work for every case, but does work for most cases. Add the flag. There shouldn't be a requirement that everyone who installs this package has to come here to see all the drama and what they need to manually do to make it work when it could be already done and 'just work'. Yes, there could be 'security concerns', but, this is the AUR. Making the change manually is the exact same 'security concern' as just having the package do it correctly in the first place.
BTW, Teams likes to create its own teams.desktop autostart file which DOESN'T have the flag. That's a real PITA.
Pinned Comments
ogarcia commented on 2023-02-24 07:46 (UTC)
@mluque Yes, it seems that Microsoft is doing the wrong thing and has deleted the packages from the repository. There are several open threads on this topic.
The truth is that since the announcement that Microsoft was going to withdraw the Teams client, one does not know what is going to happen. I hope they restore the files, but in the meantime I have uploaded the binaries here (they are the Arch packages, I don't have the original .deb packages but if someone passes them to me I can include them).
ogarcia commented on 2022-02-01 10:30 (UTC) (edited on 2022-04-19 12:53 (UTC) by ogarcia)
Please, before flag as Out-of-date perform a double check in versions. Version 1.4.00.4855 is higher than 1.3.00.30857, 1.3.00.5153 or 1.3.00.958.
If you doubt, please remember the math classes and perform a count 1, 2, 3, 4, ..., 958, 959, ..., 5152, 5153, 5154, ..., 30856, 30857, 30858, etc.
You can go to HERE, download DEB or RPM and compare versions