make a shared XDG_RUNTIME_DIR part of the DESKTOP profile

diff --git a/README.md b/README.md
index e63c4e23c1f7c89b48edd3d506c8b6e244936367..52930dd22a30bdb301f6dade96a4e533f392fe2c 100644 (file)
--- a/README.md
+++ b/README.md
@@ -26,8 +26,7 @@ in a BubbleBox checkout with contents like this:
 from bubblebox import *
 
 bubblebox(
 from bubblebox import *
 
 bubblebox(

-  profiles.DEFAULT,
-  profiles.DESKTOP,
+  profiles.DESKTOP("gamejail"),

   dbus_proxy_flags("--own=com.steampowered.*"),
 
   home_access({
   dbus_proxy_flags("--own=com.steampowered.*"),
 
   home_access({


@@ -53,18 +52,21 @@ The `profiles.py` file contains some useful directives that are needed by most a
 - `profiles.DEFAULT` adds the basic flags to isolate the sandbox from the environment
   by unsharing all namespaces except for the network.
   This profile gives access to `/usr`, `/sys`, and `/etc` and also creates a
 - `profiles.DEFAULT` adds the basic flags to isolate the sandbox from the environment
   by unsharing all namespaces except for the network.
   This profile gives access to `/usr`, `/sys`, and `/etc` and also creates a

-  stub file system inside the sandbox that is basically always required. It
-  assumes a merged-usr setup, e.g. it will add `/bin` as a symlink to
-  `/usr/bin`. It also gives read-only access to some files in the home directory
-  that are often needed to make a basic shell work: `.bashrc`, `.bash_aliases`,
-  `.profile` and the `bin` directory.
-- `profiles.DESKTOP` is intended to make GUI applications work. It provides
-  access to DRI, X11, ALSA, Wayland, and PulseAudio. Furthermore, some GUI
-  configuration files (`.XCompose`, fontconfig, and default mime-type
-  associations) are made available to the sandbox. This also sets up the D-Bus
-  proxy and gives the application access to notifications, screen saver control,
-  status icons, and the flatpak portals (however, actually using these portals
-  is untested and would likely require further integration). Finally, it makes
+  stub file system inside the sandbox that is basically always required, such as
+  an empty folder to serve as XDG_RUNTIME_DIR. It assumes a merged-usr setup,
+  e.g. it will add `/bin` as a symlink to `/usr/bin`. It also gives read-only
+  access to some files in the home directory that are often needed to make a
+  basic shell work: `.bashrc`, `.bash_aliases`, `.profile` and the `bin`
+  directory.
+- `profiles.DESKTOP("name")` is intended to make GUI applications work. It
+  extends `DEFAULT` by providing access to DRI, X11, ALSA, Wayland, and
+  PulseAudio. Furthermore, some GUI configuration files (`.XCompose`,
+  fontconfig, and default mime-type associations) are made available to the
+  sandbox. The `name` is used to create an XDG_RUNTIME_DIR that will be shared
+  among all instances of this sandbox. This also sets up the D-Bus proxy and
+  gives the application access to notifications, screen saver control, status
+  icons, and the flatpak portals (however, actually using these portals is
+  untested and would likely require further integration). Finally, it makes

   clicking on links inside the sandbox work properly if your default browser is
   Firefox.
 
   clicking on links inside the sandbox work properly if your default browser is
   Firefox.
 


@@ -78,9 +80,6 @@ own sandboxes. Here are the key directives to use:
 - `bwrap_flags` allows passing flags directly to `bwrap`. This is rarely needed.
 - `dbus_proxy_flags` allows passing flags directly to `xdg-dbus-proxy`.
   This is the typical way to provide access to given D-Bus names.
 - `bwrap_flags` allows passing flags directly to `bwrap`. This is rarely needed.
 - `dbus_proxy_flags` allows passing flags directly to `xdg-dbus-proxy`.
   This is the typical way to provide access to given D-Bus names.

-- `shared_runtime_dir("name")` ensures that all instances of the sandbox with this
-  name have a shared XDG_RUNTIME_DIR. This is needed e.g. for VSCodium instances
-  to find each other. This must be declared *before* `profiles.DESKTOP`.

 
 ## Source, License
 
 
 ## Source, License
 

diff --git a/profiles.py b/profiles.py
index decab8696b7976160aa9930aa3d36bee8d9ba3f3..5ac39c840442dde30f03ffd3dcc116f49d5e9ebd 100644 (file)
--- a/profiles.py
+++ b/profiles.py
@@ -21,25 +21,29 @@ DEFAULT = collect_flags(
 
 # https://github.com/igo95862/bubblejail is a good source of paths that need allowing.
 # We do not give access to pipewire, that needs a portal (https://docs.pipewire.org/page_portal.html).
 
 # https://github.com/igo95862/bubblejail is a good source of paths that need allowing.
 # We do not give access to pipewire, that needs a portal (https://docs.pipewire.org/page_portal.html).

-DESKTOP = collect_flags(
-  # Access to screen and audio
-  host_access({
-    "dev": {
-      ("dri", "snd"): Access.Device,
-    },
-    "/tmp/.X11-unix/": Access.Read,
-    os.environ["XAUTHORITY"]: Access.Read,
-    XDG_RUNTIME_DIR: {
-      ("wayland*", "pulse"): Access.Read,
-    },
-  }),
-  # Access to some key user configuration
-  home_access({
-    (".config/fontconfig", ".XCompose", ".local/share/applications"): Access.Read,
-  }),
-  # Access to basic d-bus services (that are hopefully safe to expose...)
-  dbus_proxy_flags("--talk=org.kde.StatusNotifierWatcher.*", "--talk=org.freedesktop.Notifications.*", "--talk=org.freedesktop.ScreenSaver.*", "--talk=org.freedesktop.portal.*"),
-  # Make it possible to open websites in Firefox
-  home_access({ ".mozilla/firefox/profiles.ini": Access.Read }),
-  dbus_proxy_flags("--talk=org.mozilla.firefox.*"),
-)
+def DESKTOP(name):
+  return collect_flags(
+    DEFAULT,
+    # Share XDG_RUNTIME_DIR among all instances of this sandbox
+    shared_runtime_dir(name),
+    # Access to screen and audio
+    host_access({
+      "dev": {
+        ("dri", "snd"): Access.Device,
+      },
+      "/tmp/.X11-unix/": Access.Read,
+      os.environ["XAUTHORITY"]: Access.Read,
+      XDG_RUNTIME_DIR: {
+        ("wayland*", "pulse"): Access.Read,
+      },
+    }),
+    # Access to some key user configuration
+    home_access({
+      (".config/fontconfig", ".XCompose", ".local/share/applications"): Access.Read,
+    }),
+    # Access to basic d-bus services (that are hopefully safe to expose...)
+    dbus_proxy_flags("--talk=org.kde.StatusNotifierWatcher.*", "--talk=org.freedesktop.Notifications.*", "--talk=org.freedesktop.ScreenSaver.*", "--talk=org.freedesktop.portal.*"),
+    # Make it possible to open websites in Firefox
+    home_access({ ".mozilla/firefox/profiles.ini": Access.Read }),
+    dbus_proxy_flags("--talk=org.mozilla.firefox.*"),
+  )