js/Bubblewine
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use a separate network namespace

Browse source
This commit is contained in:
Jonathan Schleifer 2021-08-06 22:24:53 +02:00
parent ae429be907
commit 0e04e6eda5
No known key found for this signature in database
GPG key ID: 636703577395312F
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
bubblewine
View file

@ -36,10 +36,13 @@ if [ ! -d "$HOME/.bubblewine" ]; then
WINEPREFIX="$HOME/.bubblewine" wineserver -k WINEPREFIX="$HOME/.bubblewine" wineserver -k
fi fi
xsocket="/tmp/.X11-unix/X${DISPLAY#:}"
bwrap \ bwrap \
--unshare-user \ --unshare-user \
--unshare-ipc \ --unshare-ipc \
--unshare-pid \ --unshare-pid \
--unshare-net \
--unshare-uts \ --unshare-uts \
--unshare-cgroup \ --unshare-cgroup \
--new-session \ --new-session \
@ -61,5 +64,6 @@ bwrap \
--proc /proc \ --proc /proc \
--tmpfs /tmp \ --tmpfs /tmp \
--bind "$HOME/.bubblewine" /wineprefix \ --bind "$HOME/.bubblewine" /wineprefix \
--bind "$xsocket" "$xsocket" \
--setenv WINEPREFIX /wineprefix \ --setenv WINEPREFIX /wineprefix \
wine "$@" wine "$@"