mirror of
https://github.com/Kron4ek/Conty
synced 2025-01-15 03:41:04 +01:00
Mount all X sockets separately
Remount /tmp/.X11-unix as tmpfs and then mount all X sockets separately. This fixes gamescope.
This commit is contained in:
parent
71d2460e60
commit
36d01751b4
1 changed files with 20 additions and 9 deletions
|
@ -43,7 +43,7 @@ mount_point="${working_dir}"/mnt
|
||||||
# a problem with mounting the image due to an incorrectly calculated offset.
|
# a problem with mounting the image due to an incorrectly calculated offset.
|
||||||
|
|
||||||
# The size of this script
|
# The size of this script
|
||||||
scriptsize=24287
|
scriptsize=24535
|
||||||
|
|
||||||
# The size of the utils archive
|
# The size of the utils archive
|
||||||
utilssize=2542302
|
utilssize=2542302
|
||||||
|
@ -548,6 +548,7 @@ run_bwrap () {
|
||||||
unset unshare_net
|
unset unshare_net
|
||||||
unset custom_home
|
unset custom_home
|
||||||
unset non_standard_home
|
unset non_standard_home
|
||||||
|
unset xsockets
|
||||||
|
|
||||||
if [ -n "${WAYLAND_DISPLAY}" ]; then
|
if [ -n "${WAYLAND_DISPLAY}" ]; then
|
||||||
wayland_socket="${WAYLAND_DISPLAY}"
|
wayland_socket="${WAYLAND_DISPLAY}"
|
||||||
|
@ -560,7 +561,6 @@ run_bwrap () {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Handle non-standard HOME locations
|
# Handle non-standard HOME locations
|
||||||
|
|
||||||
if [ -n "${HOME}" ] && [ "$(echo "${HOME}" | head -c 6)" != "/home/" ]; then
|
if [ -n "${HOME}" ] && [ "$(echo "${HOME}" | head -c 6)" != "/home/" ]; then
|
||||||
non_standard_home+=("--tmpfs" "/home" \
|
non_standard_home+=("--tmpfs" "/home" \
|
||||||
"--bind" "${HOME}" "/home/${USER}" \
|
"--bind" "${HOME}" "/home/${USER}" \
|
||||||
|
@ -597,10 +597,6 @@ run_bwrap () {
|
||||||
if [ -n "${SANDBOX_LEVEL}" ] && [ "${SANDBOX_LEVEL}" -ge 3 ]; then
|
if [ -n "${SANDBOX_LEVEL}" ] && [ "${SANDBOX_LEVEL}" -ge 3 ]; then
|
||||||
sandbox_level_msg="(level 3)"
|
sandbox_level_msg="(level 3)"
|
||||||
DISABLE_NET=1
|
DISABLE_NET=1
|
||||||
sandbox_params+=("--ro-bind-try" "/tmp/.X11-unix/X${xephyr_display}" "/tmp/.X11-unix/X${xephyr_display}" \
|
|
||||||
"--setenv" "DISPLAY" ":${xephyr_display}")
|
|
||||||
else
|
|
||||||
sandbox_params+=("--ro-bind-try" "/tmp/.X11-unix" "/tmp/.X11-unix")
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
show_msg "Sandbox is enabled ${sandbox_level_msg}"
|
show_msg "Sandbox is enabled ${sandbox_level_msg}"
|
||||||
|
@ -620,11 +616,26 @@ run_bwrap () {
|
||||||
[ ! -d "${HOME_DIR}" ] && mkdir -p "${HOME_DIR}"
|
[ ! -d "${HOME_DIR}" ] && mkdir -p "${HOME_DIR}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Set the XAUTHORITY variable if it's missing (which is unlikely)
|
# Set the XAUTHORITY variable if it's missing
|
||||||
if [ -z "${XAUTHORITY}" ]; then
|
if [ -z "${XAUTHORITY}" ]; then
|
||||||
XAUTHORITY="${HOME}"/.Xauthority
|
XAUTHORITY="${HOME}"/.Xauthority
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Mount X server sockets and XAUTHORITY
|
||||||
|
xsockets+=("--tmpfs" "/tmp/.X11-unix")
|
||||||
|
xsockets+=("--ro-bind-try" "${XAUTHORITY}" "${XAUTHORITY}")
|
||||||
|
|
||||||
|
if [ "$(ls /tmp/.X11-unix 2>/dev/null)" ]; then
|
||||||
|
if [ -n "${SANDBOX_LEVEL}" ] && [ "${SANDBOX_LEVEL}" -ge 3 ]; then
|
||||||
|
xsockets+=("--ro-bind-try" "/tmp/.X11-unix/X${xephyr_display}" "/tmp/.X11-unix/X${xephyr_display}" \
|
||||||
|
"--setenv" "DISPLAY" ":${xephyr_display}")
|
||||||
|
else
|
||||||
|
for s in /tmp/.X11-unix/*; do
|
||||||
|
xsockets+=("--bind-try" "${s}" "${s}")
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
show_msg
|
show_msg
|
||||||
|
|
||||||
launch_wrapper "${bwrap}" \
|
launch_wrapper "${bwrap}" \
|
||||||
|
@ -651,8 +662,8 @@ run_bwrap () {
|
||||||
"${non_standard_home[@]}" \
|
"${non_standard_home[@]}" \
|
||||||
"${sandbox_params[@]}" \
|
"${sandbox_params[@]}" \
|
||||||
"${custom_home[@]}" \
|
"${custom_home[@]}" \
|
||||||
|
"${xsockets[@]}" \
|
||||||
${unshare_net} \
|
${unshare_net} \
|
||||||
--ro-bind-try "${XAUTHORITY}" "${XAUTHORITY}" \
|
|
||||||
--setenv PATH "${CUSTOM_PATH}" \
|
--setenv PATH "${CUSTOM_PATH}" \
|
||||||
"$@"
|
"$@"
|
||||||
}
|
}
|
||||||
|
@ -734,7 +745,7 @@ if [ "$(ls "${mount_point}" 2>/dev/null)" ] || \
|
||||||
fi
|
fi
|
||||||
|
|
||||||
QUIET_MODE=1 DISABLE_NET=1 SANDBOX_LEVEL=2 run_bwrap \
|
QUIET_MODE=1 DISABLE_NET=1 SANDBOX_LEVEL=2 run_bwrap \
|
||||||
--bind /tmp/.X11-unix /tmp/.X11-unix \
|
--bind-try /tmp/.X11-unix /tmp/.X11-unix \
|
||||||
Xephyr -noreset -ac -br -screen ${XEPHYR_SIZE} :${xephyr_display} &>/dev/null & sleep 1
|
Xephyr -noreset -ac -br -screen ${XEPHYR_SIZE} :${xephyr_display} &>/dev/null & sleep 1
|
||||||
xephyr_pid=$!
|
xephyr_pid=$!
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue