From f162839a1eda1a79df211c56660faf051d9511b9 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Tue, 8 Dec 2020 18:04:49 -0800 Subject: [PATCH 1/3] steam: fix electron launchers --- pkgs/games/steam/fhsenv.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkgs/games/steam/fhsenv.nix b/pkgs/games/steam/fhsenv.nix index ecd318e64c6..34b2fe19853 100644 --- a/pkgs/games/steam/fhsenv.nix +++ b/pkgs/games/steam/fhsenv.nix @@ -35,6 +35,10 @@ let # Steam VR procps usbutils + + # electron based launchers need newer versions of these libraries than what runtime provides + mesa + sqlite ] ++ lib.optional withJava jdk8 # TODO: upgrade https://github.com/NixOS/nixpkgs/pull/89731 ++ lib.optional withPrimus primus ++ extraPkgs pkgs; @@ -175,7 +179,6 @@ in buildFHSUserEnv rec { libidn tbb wayland - mesa libxkbcommon # Other things from runtime From 6c52434eb0015ec5ab17adca2a08b4acbfb88e68 Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Tue, 8 Dec 2020 18:20:44 -0800 Subject: [PATCH 2/3] buildFHSUserEnvBubblewrap: expand unshare options --- .../build-fhs-userenv-bubblewrap/default.nix | 33 ++++++++++++------- 1 file changed, 22 insertions(+), 11 deletions(-) diff --git a/pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix b/pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix index 3a3c9e932fd..b40569a479b 100644 --- a/pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix +++ b/pkgs/build-support/build-fhs-userenv-bubblewrap/default.nix @@ -1,20 +1,27 @@ -{ callPackage, runCommandLocal, writeShellScriptBin, stdenv, coreutils, bubblewrap }: - -let buildFHSEnv = callPackage ./env.nix { }; in +{ lib, callPackage, runCommandLocal, writeShellScriptBin, stdenv, coreutils, bubblewrap }: args @ { - name, - runScript ? "bash", - extraInstallCommands ? "", - meta ? {}, - passthru ? {}, - ... + name +, runScript ? "bash" +, extraInstallCommands ? "" +, meta ? {} +, passthru ? {} +, unshareUser ? true +, unshareIpc ? true +, unsharePid ? true +, unshareNet ? false +, unshareUts ? true +, unshareCgroup ? true +, ... }: with builtins; let + buildFHSEnv = callPackage ./env.nix { }; + env = buildFHSEnv (removeAttrs args [ "runScript" "extraInstallCommands" "meta" "passthru" + "unshareUser" "unshareCgroup" "unshareUts" "unshareNet" "unsharePid" "unshareIpc" ]); chrootenv = callPackage ./chrootenv {}; @@ -92,8 +99,12 @@ let --dev-bind /dev /dev --proc /proc --chdir "$(pwd)" - --unshare-all - --share-net + ${lib.optionalString unshareUser "--unshare-user"} + ${lib.optionalString unshareIpc "--unshare-ipc"} + ${lib.optionalString unsharePid "--unshare-pid"} + ${lib.optionalString unshareNet "--unshare-net"} + ${lib.optionalString unshareUts "--unshare-uts"} + ${lib.optionalString unshareCgroup "--unshare-cgroup"} --die-with-parent --ro-bind /nix /nix ${etcBindFlags} From 2831a66be623796185ccadcacda16eb5bcd2dc8e Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Tue, 8 Dec 2020 18:42:56 -0800 Subject: [PATCH 3/3] steam: share ipc, fix some gui launchers --- pkgs/games/steam/fhsenv.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/games/steam/fhsenv.nix b/pkgs/games/steam/fhsenv.nix index 34b2fe19853..d3d5b3a2271 100644 --- a/pkgs/games/steam/fhsenv.nix +++ b/pkgs/games/steam/fhsenv.nix @@ -268,6 +268,10 @@ in buildFHSUserEnv rec { broken = nativeOnly; }; + # allows for some gui applications to share IPC + # this fixes certain issues where they don't render correctly + unshareIpc = false; + passthru.run = buildFHSUserEnv { name = "steam-run";