Commons of opengl-game-wrapper.sh #4071
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rusty-snake
force-pushed
the
open-game-wrapper
branch
from
c823aa4 to
185167d
Compare
|
I'm unsure whether we should add profiles for all the GAME-wrappers or not. Explanation: Fedora (and maybe more) installs a .desktop that uses $ cat /usr/bin/opengl-game-wrapper.sh
#!/usr/bin/bash
. /usr/share/opengl-games-utils/opengl-game-functions.sh
GAME=`basename $0 | sed 's/-wrapper.*//'`
checkDriOK $GAME
exec $GAME "$@"
$ cat /usr/share/opengl-games-utils/opengl-game-functions.sh
# check if DRI is available, true if it is, false otherwise
function hasDri ()
{
if [ "`glxinfo | grep "direct rendering: " | head -n 1 | cut -d " " -f 3`" != Yes ] ||
glxinfo | grep -qE "OpenGL renderer string: Software Rasterizer|OpenGL renderer string: Gallium .* on llvmpipe"; then
return 1
else
return 0
fi
}
# check if DRI is available, show an error and exit if it isn't
function checkDriOK ()
{
if ! hasDri; then
zenity --error --text="Your system currently is not capable of hardware \
accelerated 3D. Therefore $1 cannot run.
Usually the cause of this error is that there are no Free Software drivers \
for your graphics card, please contact your graphics card manufacturer and \
kindly ask them to provide Free Software support for your card."
exit 1;
fi
}On the one hand it makes sense to have this check inside that sandbox. On the other hand it requires a shell which can weaken the sandbox. |
glitsj16
approved these changes
Apr 20, 2021
Always difficult IMO weighing pro's and con's in such a context. How about adding a comment? I mean, keep the sandbox as tight as possible (no shell) and inform users on how to proceed if they want that? As you can probably tell, I don't have any experience with (sandboxing) games, so I can't offer anything helpful here I'm afraid. |
rusty-snake
force-pushed
the
open-game-wrapper
branch
2 times, most recently
from
24a9cc9 to
4df6485
Compare
…, gl-117, glaxium, pinball alienarena is missing in firecfg.config by intention, I didn't tested any online multiplayer.
[skip ci] - Add allow-opengl-game.inc - Add profiles for alienarena-wrapper, ballbuster-wrapper, colorful-wrapper, etr-wrapper, gl-117-wrapper, glaxium-wrapper, neverball-wrapper, neverputt-wrapper, pinball-wrapper, supertuxkart-wrapper - Use allow-opengl-game.inc in xonotic.profile and the profiles above - xonotic.profile: simplify private-bin by using xonotic*
rusty-snake
force-pushed
the
open-game-wrapper
branch
from
4df6485 to
41f69f7
Compare
kmk3
added a commit
to kmk3/firejail
that referenced
this pull request
Apr 26, 2021
Added on commit 41f69f7 ("Commons of opengl-game-wrapper.sh") / PR netblue30#4071. Commands used to search and replace: $ git ls-files -z -- '*.profie' | xargs -0 -I '{}' sh -c "git mv '{}' \"\`printf '%s\n' '{}' | sed 's/.[^.]*$//'\`\""
kmk3
added a commit
to kmk3/firejail
that referenced
this pull request
Apr 26, 2021
They are duplicates of their equivalent *.profile files. Added on commit 41f69f7 ("Commons of opengl-game-wrapper.sh") / PR netblue30#4071. Commands used to search and replace (which results in their deletion): $ git ls-files -z -- '*.profie' | xargs -0 -I '{}' sh -c "git mv -f '{}' \"\`printf '%s\n' '{}' | sed 's/.[^.]*$//'\`.profile\""
kmk3
added a commit
to kmk3/firejail
that referenced
this pull request
Apr 26, 2021
Added on commit 41f69f7 ("Commons of opengl-game-wrapper.sh") / PR netblue30#4071. Each one is a duplicate of a .profile file that was added on the same commit. Commands used to search and replace (which is what causes their deletion): $ git ls-files -z -- '*.profie' | xargs -0 -I '{}' sh -c "git mv -f '{}' \"\`printf '%s\n' '{}' | sed 's/.[^.]*$//'\`.profile\""
Merged
kmk3
added a commit
to kmk3/firejail
that referenced
this pull request
Apr 4, 2024
To make it consistent with the other include profiles. See etc/templates/profile.template. With this, all `etc/inc/allow-*` files are listed in profile.template. The explanation is based on a comment by @rusty-snake[1]. Relates to netblue30#4071. This is a follow-up to netblue30#6299. [1] netblue30#4071 (comment)
kmk3
added a commit
that referenced
this pull request
Apr 5, 2024
To make it consistent with the other include profiles. See etc/templates/profile.template. With this, all `etc/inc/allow-*` files are listed in profile.template. The explanation is based on a comment by @rusty-snake[1]. Relates to #4071. This is a follow-up to #6299. [1] #4071 (comment)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add profiles for alienarena, ballbuster, colorful, gl-117, glaxium, pinball
Commons of opengl-game-wrapper.sh
colorful-wrapper, etr-wrapper, gl-117-wrapper, glaxium-wrapper,
neverball-wrapper, neverputt-wrapper, pinball-wrapper,
supertuxkart-wrapper