This is based on my experience, and I'm documenting it in case someone else has the same problem and finds this information helpful.
I downloaded and ran the Itch installer (itch-setup) from the official website; at the time of writing, the version was 26.1.9.
The installation started correctly, but near the end, the window closed, and the last messages in the console indicated a problem with the sandbox.
Kernel should support SUID sandboxing, leaving it enabled
App launched, getting out of the way
The simplest solution is to run itch with the --no-sandbox parameter, but while that works, it removes a layer of security, so instead of taking the easy way out, I decided to find the root cause of the problem.
We need to navigate to the folder containing the executable file. This folder should be located within your user's home directory,under ".itch"
If we list the files, we will see a folder named "app" and the version number of the installed application.
In my case, it will be "app-26-1-9", so I just need to type:
cd app-26.1.9/
Once inside, we run the itch application from the console, and we should see an error message indicating why the application cannot be executed.
[7564:0925/222421.739574:FATAL:setuid_sandbox_host.cc(157)] The SUID sandbox helper binary was found, but is n
ot configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /home
/user/.itch/app-26.1.9/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap (core dumped)
For some reason, the installation did not correctly assign the user and permissions to the "chrome-sandbox" file.
To resolve this, we changed the user and permissions as indicated in the message using:
sudo chown root:root chrome-sandbox
sudo chmod 4755 chrome-sandbox
And that's it, in my case, that solved the problem and now I can run the Itch application normally.
------------------------------------------------------------------------------------
PS:
Another possible error is that the "user namespace sandbox" feature is not enabled. By default, it should be enabled in Ubuntu; you can check if it's enabled using the following command:
sysctl kernel.unprivileged_userns_clone
If it is enabled, it should return this value to you:
kernel.unprivileged_userns_clone = 1
If it returns a 0 instead of a 1, then it means it is not enabled, and it must be enabled using the following command:
sudo sysctl -w kernel.unprivileged_userns_clone=1
and you can make that change permanent by adding this line:
kernel.unprivileged_userns_clone=1
to the file /etc/sysctl.conf