summaryrefslogtreecommitdiff
path: root/usr.games.steam
diff options
context:
space:
mode:
Diffstat (limited to 'usr.games.steam')
-rw-r--r--usr.games.steam79
1 files changed, 60 insertions, 19 deletions
diff --git a/usr.games.steam b/usr.games.steam
index 4b8f535..3646a3d 100644
--- a/usr.games.steam
+++ b/usr.games.steam
@@ -1,6 +1,7 @@
#include <tunables/global>
/usr/games/steam {
+#/usr/games/steam flags=(complain) {
#include <abstractions/X>
#include <abstractions/base>
#include <abstractions/fonts>
@@ -12,10 +13,14 @@
#include <abstractions/freedesktop.org>
#include <abstractions/xdg-desktop>
+ ptrace (trace) peer=/usr/games/steam,
+
/usr/games/steam r,
/usr/games/steam.real r,
+ /usr/bin/bwrap PUx,
/bin/* rix,
/usr/bin/* rix,
+
/sys/ r,
/sys/** r,
/run/shm/* rwkl,
@@ -23,11 +28,16 @@
/dev/dri/ r,
/dev/dri/* rwm,
/dev/snd/* rwm,
+ /dev/input/* rwm,
/etc/udev/udev.conf r,
/etc/ld.so.preload r,
+ /lib/i386-linux-gnu/ld-2.[0-9]*.so rix,
+ /lib/x86_64-linux-gnu/ld-2.[0-9]*.so rix,
+ /sbin/ldconfig rix,
/run/udev/** r,
- /usr/share/fonts/** rm,
+ /usr/share/fonts/** rmk,
+ /usr/share/glvnd/egl_vendor.d/* r,
/tmp/steam_chrome_shmem* rw,
/tmp/gameoverlayui.log rw,
@@ -38,35 +48,66 @@
/tmp/dumps/ w,
/tmp/dumps/** rw,
/tmp/.org.chromium.Chromium.*/ w,
+ /tmp/.wine-[0-9]*/** rwm,
/ r,
/home/ r,
/tmp/** rwk,
- @{HOME}/ r,
- @{HOME}/.steam/ r,
- @{HOME}/.steam/** rwlkix,
- @{HOME}/.local/share/** rwk,
- @{HOME}/.steampath rw,
- @{HOME}/.steampid rw,
- @{HOME}/.config/unity3d/** rw,
- @{HOME}/.cache/unity3d/** rw,
+ owner @{HOME}/ r,
+ owner @{HOME}/.steam/ r,
+ owner @{HOME}/.steam/** rwlkix,
+ owner @{HOME}/.local/share/** rwk,
+ owner @{HOME}/.steampath rw,
+ owner @{HOME}/.steampid rw,
+ owner @{HOME}/.config/unity3d/** rwk,
+ owner @{HOME}/.cache/unity3d/** rw,
+ owner @{HOME}/.cache/fontconfig/** rwk,
+ owner @{HOME}/.cache/mesa_shader_cache/** rwk,
+ owner @{HOME}/.glvnd* rwm,
+ owner @{HOME}/.pki/nssdb/{cert9.db,pkcs11.txt} r,
+ #owner @{HOME}/#[0-9][0-9][0-9][0-9][0-9][0-9][0-9] rwm,
- @{HOME}/.factorio/** rwk,
- @{HOME}/.config/StardewValley/** rwk,
- @{HOME}/.Braid/** rwk,
+ owner @{HOME}/.factorio/** rwk,
+ owner @{HOME}/.config/StardewValley/** rwk,
+ owner @{HOME}/.Prison?Architect/** rwk,
+ owner @{HOME}/.Braid/** rwk,
+ owner @{HOME}/.bitsquid/** rwk,
+ owner @{HOME}/.bs5/** rwk,
+ owner @{HOME}/.adom.steam/** rwk,
+ @{PROC}/ r,
@{PROC}/version r,
@{PROC}/loadavg r,
- @{PROC}/[0-9]*/cmdline r,
- @{PROC}/[0-9]*/auxv r,
- @{PROC}/[0-9]*/environ r,
- @{PROC}/[0-9]*/fd/ r,
- @{PROC}/[0-9]*/status r,
- @{PROC}/[0-9]*/task/ r,
- @{PROC}/[0-9]*/task/[0-9]*/stat r,
+ owner @{PROC}/[0-9]*/cmdline r,
+ owner @{PROC}/[0-9]*/auxv r,
+ owner @{PROC}/[0-9]*/environ r,
+ owner @{PROC}/[0-9]*/fd/ r,
+ owner @{PROC}/[0-9]*/status r,
+ owner @{PROC}/[0-9]*/mem r,
+ owner @{PROC}/[0-9]*/task/ r,
+ owner @{PROC}/[0-9]*/task/[0-9]*/stat r,
+ owner @{PROC}/[0-9]*/task/[0-9]*/status r,
+ owner @{PROC}/[0-9]*/task/[0-9]*/comm rw,
+ owner @{PROC}/[0-9]*/oom_score_adj w,
+
+ /usr/share/zenity/zenity.ui r,
+ /etc/magic r,
/var/tmp/etilqs_* rwk,
+
+ /etc/ssl/openssl.cnf r,
+
+ # tmp additions
+ /tmp/miles_image_* rwm,
+ @{PROC}/sys/dev/i915/perf_stream_paranoid r,
+ @{PROC}/sys/kernel/overflowuid r,
+ @{PROC}/sys/kernel/overflowgid r,
+
+ /usr/share/vulkan/** r,
+ /etc/vulkan/** r,
+
+ @{HOME}/.fltk/** rw,
}