anime-game-testing/anime-launcher-sdk
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

1.1.6

Browse source 
- partially fixed sandboxed game running
  will require a bit more stuff to do in future to fix
  other compatibility issues
This commit is contained in:
Observer KRypt0n_ 2023-05-04 14:38:50 +02:00
parent fb775feff6
commit 4169e90225
No known key found for this signature in database
GPG key ID: 844DA47BA25FE1E2
2 changed files with 14 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Cargo.toml
View file

@ -1,6 +1,6 @@
[package] [package]
name = "anime-launcher-sdk" name = "anime-launcher-sdk"
version = "1.1.5" version = "1.1.6"
authors = ["Nikita Podvirnyy <suimin.tu.mu.ga.mi@gmail.com>"] authors = ["Nikita Podvirnyy <suimin.tu.mu.ga.mi@gmail.com>"]
license = "GPL-3.0" license = "GPL-3.0"
readme = "README.md" readme = "README.md"

18
src/config/schema_blanks/sandbox/mod.rs
View file

@ -117,10 +117,12 @@ impl Sandbox {
/// | Original | Mounted | Type | Optional | /// | Original | Mounted | Type | Optional |
/// | :- | :- | :- | :- | /// | :- | :- | :- | :- |
/// | `/` | `/` | read-only bind | false | /// | `/` | `/` | read-only bind | false |
/// | `/tmp` | `/tmp` | bind | false |
/// | `/proc` | `/proc` | bind | false |
/// | `/dev` | `/dev` | dev bind | false |
/// | - | `/home` | tmpfs | true | /// | - | `/home` | tmpfs | true |
/// | - | `/var/home/$USER` | tmpfs | true | /// | - | `/var/home/$USER` | tmpfs | true |
/// | - | `$HOME` | tmpfs | true | /// | - | `$HOME` | tmpfs | true |
/// | - | `/tmp` | tmpfs | false |
/// | `wine_dir` | `/tmp/sandbox/wine` | bind | false | /// | `wine_dir` | `/tmp/sandbox/wine` | bind | false |
/// | `prefix_dir` | `/tmp/sandbox/prefix` | bind | false | /// | `prefix_dir` | `/tmp/sandbox/prefix` | bind | false |
/// | `game_dir` | `/tmp/sandbox/game` | bind | false | /// | `game_dir` | `/tmp/sandbox/game` | bind | false |
@ -130,6 +132,10 @@ impl Sandbox {
pub fn get_command(&self, wine_dir: impl AsRef<str>, prefix_dir: impl AsRef<str>, game_dir: impl AsRef<str>) -> String { pub fn get_command(&self, wine_dir: impl AsRef<str>, prefix_dir: impl AsRef<str>, game_dir: impl AsRef<str>) -> String {
let mut command = String::from("bwrap --ro-bind / /"); let mut command = String::from("bwrap --ro-bind / /");
command.push_str(" --bind /tmp /tmp");
command.push_str(" --bind /proc /proc");
command.push_str(" --dev-bind /dev /dev");
if let Some(hostname) = &self.hostname { if let Some(hostname) = &self.hostname {
command += &format!(" --hostname '{hostname}'"); command += &format!(" --hostname '{hostname}'");
} }
@ -151,8 +157,6 @@ impl Sandbox {
command += &format!(" --tmpfs '{}'", path.trim()); command += &format!(" --tmpfs '{}'", path.trim());
} }
command.push_str(" --tmpfs /tmp");
for (from, to) in &self.mounts.read_only { for (from, to) in &self.mounts.read_only {
command += &format!(" --ro-bind '{}' '{}'", from.trim(), to.trim()); command += &format!(" --ro-bind '{}' '{}'", from.trim(), to.trim());
} }
@ -171,8 +175,12 @@ impl Sandbox {
command.push_str(" --die-with-parent"); command.push_str(" --die-with-parent");
command.push_str(" --unshare-all"); // --unshare-pid breaks wine
command.push_str(" --share-net");
command.push_str(" --unshare-user");
command.push_str(" --unshare-ipc");
command.push_str(" --unshare-uts");
command.push_str(" --unshare-cgroup");
if let Some(args) = &self.args { if let Some(args) = &self.args {
command.push_str(args.trim()); command.push_str(args.trim());