Hey, thanks for the detailed report. This is a known issue on Linux with kernel 6.2+ and AppArmor. It affects a lot of users on Ubuntu 24.04+. Full thread here: Terminal Sandbox Issue Linux.
First, the specific error uid_map (mapping UID 0 -> 1000) is caused by chmod 4755 on cursorsandbox. Setuid makes the binary run as root, and the kernel blocks the mapping. Set it back to normal permissions:
sudo chmod 0755 /usr/share/cursor/resources/app/resources/helpers/cursorsandbox
This will remove the current error, but it will likely bring back the previous one loopback or unshare EPERM. The sandbox itself might still not work yet.
Next depends on what exactly is being blocked on your system. Please share the output of:
sudo journalctl -k -b | grep -iE 'apparmor="DENIED".*cursor' | tail -n 30
If you see AppArmor denials, there are community workarounds that helped some users, like adding missing rules to the AppArmor profile. But to be honest, on some setups the issue is deeper, related to how Electron spawns the sandbox process, and AppArmor fixes don’t help.
As a fallback, the most reliable workaround right now is:
echo 'kernel.apparmor_restrict_unprivileged_userns=0' | sudo tee /etc/sysctl.d/99-userns.conf
sudo sysctl --system
This removes the userns restriction system-wide. It’s not ideal for security, but it’s been the most stable fix.
The team is aware of the issue, but there’s no timeline yet. Let’s start with the journalctl output, and then we can see what makes sense for your case.