Interesting approach! I work on the itch.io app (functionality overlaps the Steam client somewhat, but with a different content offering / different way of running things) and we do address both concerns:<p><pre><code> * app isn't tied to / doesn't assume a Debian-ish distribution (we ship .deb, .rpm, a PKGBUILD, and a simple binary .tar.xz)
* app uses firejail on Linux (sandbox-exec on macOS, different user on Windows) to "set up more fences around" games you download from the internet.
</code></pre>
There's a bunch more features we want to add to the app (live video capture, see itchio/capsule on github, synced collections, etc.) — but isolating "downloaded apps" from the rest of the system seemed like a sensible prerequisite on the road to doing that.<p>I don't want to spam links, but if you're interested in our approach, you can probably search "itch.io sandbox" with your favorite search engine and stumble upon it :)
Is this meant to make uninstalling Steam easier than it is now?<p>Or is this an exercise in getting GUI applications with slightly exotic features (GPU access) to run?<p>I'd like to understand why this was made but it isn't described in the usage instructions.
I made a separate user for using Steam (and other games), and it involved a little bit of routing when it comes to X11 and PulseAudio. My reason for doing so was primarily because of how games create many dotfiles, and I wanted my home folder clean.
This is hardcoding driver versions: <a href="https://github.com/arno01/steam/blob/master/docker-compose.yml" rel="nofollow">https://github.com/arno01/steam/blob/master/docker-compose.y...</a><p>Is there a better way?
I'm running steam in a systemd container, the main issues were sound and notifications: I don't understand how pulseaudio works, so I had to give share some system directories with the guest system to get the sound working. Notifications were solved by sharing dbus. GPU was shared by sharing a single directory in /dev with correct persmissions
Steam is exactly the kind of software that should be distributed using Flatpak[0].<p>[0] <a href="http://flatpak.org/" rel="nofollow">http://flatpak.org/</a>
I use this on an otherwise free-software-only system (Parabola/Trisquel), since the only proprietary software I ever use is games, so I try as hard to isolate proprietary code as much as possible (without performance loss, which happens with VMs). This sort of goes with point "1. I want to set-up more fences when running the code I don't/can't trust;"
Been there, done that. Here's a video where I run Counter Strike through steam in a docker container.<p><a href="https://youtu.be/ZHWsR8TnKsw?t=801" rel="nofollow">https://youtu.be/ZHWsR8TnKsw?t=801</a><p>PS: Audio is in spanish.
How does persistent state work with this? For example, what happens to my saved games? What if I update the image (for example to pick up a Steam update)? What will happen to those saved games?
How is the performance on this compared to a bare metal install?<p>IE how many FPS do you get with a native Steam install vs Dockerized Steam on the same hardware?