While you're here, please consider supporting GamingOnLinux on:
Reward Tiers: Patreon. Plain Donations: PayPal.
This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!
You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Reward Tiers: Patreon. Plain Donations: PayPal.
This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!
You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register
- GOG launch their Preservation Program to make games live forever with a hundred classics being 're-released'
- Valve dev details more on the work behind making Steam for Linux more stable
- NVIDIA detail upcoming Linux driver features for Wayland and explain current support
- Half-Life 2 free to keep until November 18th, Episodes One & Two now included with a huge update
- Direct3D to Vulkan translation layer DXVK v2.5 released with rewritten memory management
- > See more over 30 days here
-
The Walking Dead, The Expanse and more in the Telltale …
- Liam Dawe -
Half-Life 2 free to keep until November 18th, Episodes …
- Ehvis -
Hybrid gaming controller MoveMaster has a new website, …
- furaxhornyx -
Half-Life 2 free to keep until November 18th, Episodes …
- tuxmuppet -
Half-Life 2 free to keep until November 18th, Episodes …
- Tuxee - > See more comments
- New Desktop Screenshot Thread
- Vortex_Acherontic - Types of programs that are irritating
- dvd - What do you want to see on GamingOnLinux?
- Linas - Weekend Players' Club 11/15/2024
- StoneColdSpider - Our own anti-cheat list
- Xpander - See more posts
View PC info
First of all, you CAN'T give the namespace NO network. Processes will just crash, for example a lot of Wine processes can't initialize. Also, there may be dlls that bypass network functionality, but your process will die in the ass if no network is initialized. For example GoG Galaxy isn't necessary for single player games installed with offline installers, but there may be a dll that gets hooked. It needs an interface, so I give it loopback.
Secondly, namespaces aren't a lot of fun for users, because they require privileges. CAP_SYS_ADMIN at least and while I could grant my user that with linux capabilities, that's almost as bad as running things as root.
So therefore, these are the gymnastics I settled for, in my Lutris launching command. Trial and error :-)
sudo unshare -n -- sh -c 'ip link set dev lo up; sudo -u grogan lutris'
That will prompt for your user password once (unless it's already cached from recent use in that shell already). The second sudo command will not prompt, because you're downgrading privileges from root, launching as your user in that case.
Then, games launched from lutris will not crash, but fail to connect to the internet. I tested it on the EA App, which launches but fails to log in because it has no internet connectivity.
View PC info
Well, if using KDE, Gnome, XFCE or other sophisticated environment, when you create shortcuts you should have a checkbox to "run in terminal"
If not (I use a simple window manager), just use xterm -e
For example, as the command of your shortcut or menu entry
xterm -e sudo unshare -n -- sh -c 'ip link set dev lo up; sudo -u grogan lutris'
This then pops up a little xterm window for me to answer the sudo password prompt, then lutris runs.
View PC info
I must admit I had this idea one time and wanted to search how to do it, but in the end I never did.
View PC info
You'd only want to do this when you want to prevent network access.
View PC info
I don't see why not (any command you want) :-)
sudo unshare -n -- sh -c 'ip link set dev lo up; sudo -u grogan /storage3/shit/Soma/start.sh'
(just tested that... Linux native game bought on GoG)
EDIT: As "Command prefix" in your Lutris runner settings I mean, not for launching Lutris itself. Should work just fine for native and Wine games, outside of lutris as well. You'll need to install firejail first, obviously.
Last edited by tuubi on 13 September 2023 at 2:26 pm UTC
View PC info
Also, as I said, no network interface is an unexpected condition that will cause a lot of things to crash and abort. It would probably be OK for Linux native games (as would simply unshare -n) but I couldn't get anything off the ground because of wine services failing without bringing up at least lo
Even so, Just Cause 2 crashes and aborts after the first splash screen even with the lo interface in the network namespace. At first I thought it was "phone home or die" but I did a test with the network cable unplugged (I booted up without it too, so eth0 wouldn't even be brought up) and Just Cause 2 launches normally then, as long as its not running in that namespace. That's creepy... that's only a network namespace that's not restricting anything else, and it has an interface to bind to. It should be no different than a yanked cable.