ValveSoftware
[Q] Is it possibe to bypass the SteamLinuxRuntime_soldier "sandbox" for external applications like MangoHud ?
Question
I notice on my System, MangoHud is failing executing some commands with popen(command).
My question is simple, is it possible for an external application like MangoHud to be allowed to bypass the SteamLinuxRuntime_soldier sandbox to run executables from the system's /usr/bin directly ? Maybe a special environment variable has to be set ?
For example the following call
exec("/usr/bin/command");
fails with
sh: 1: /usr/bin/command: not found
It fails even if /usr/bin/command exists on the system
This has not been simple to understand but I have finally found that after using popen(ls -la /usr/bin), the content displayed was not the content of /usr/bin on my system but instead, it was the content of the following folder
/home/${USER}/.local/share/Steam/steamapps/common/SteamLinuxRuntime_soldier/var/deploy-0.20210415.0/files/bin/
How could MangoHud tell SteamLinuxRuntime_soldier it requires access to /usr/bin/glxinfo if everything called in /usr/bin is redirected to the steam runtime folder ?
Your system information
- Steam client version (build number or date):
Built 7 May 2021 at 23:55:52 (API:020 Package: 1620684960) - Distribution (e.g. Ubuntu): Arch Linux
- Opted into Steam client beta?: Yes
- Have you checked for system updates?: Yes
Steps for reproducing this issue:
- Choose a game for running with Proton (not sure Proton is a requirement, at least that's how I tested)
- Add
PROTON_LOG=1 mangohud %command%as launch option - Run the game, look the log for
sh: 1: glxinfo: not found
Traces
11553 lseek(204, 33837056, SEEK_SET <unfinished ...>
11583 execve("/bin/sh", ["sh", "-c", "glxinfo -B | grep 'OpenGL versio"...], 0x7ede35e0 /* 164 vars */ <unfinished ...>
11553 <... lseek resumed>) = 33837056
11584 stat("/home/arno/.local/share/Steam/steamapps/common/Proton 6.3/dist/bin//glxinfo", <unfinished ...>
11583 pipe( <unfinished ...>
11553 <... lseek resumed>) = 34086912
11443 poll([{fd=40, events=POLLIN}], 1, 0 <unfinished ...>
11584 <... stat resumed>0x7ffe132b08e0) = -1 ENOENT (No such file or directory)
11583 <... pipe resumed>[4, 5]) = 0
11553 lseek(204, 34095104, SEEK_SET <unfinished ...>
11443 <... poll resumed>) = 0 (Timeout)
11584 stat("/usr/bin/glxinfo", <unfinished ...>
11583 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
11553 <... lseek resumed>) = 34095104
11443 readv(41, <unfinished ...>
11584 <... stat resumed>0x7ffe132b08e0) = -1 ENOENT (No such file or directory)
11553 read(204, <unfinished ...>
11443 <... readv resumed>[{iov_base=0x146dae0, iov_len=4096}], 1) = -1 EAGAIN (Resource temporarily unavailable)
11584 stat("/bin/glxinfo", <unfinished ...>
11553 <... read resumed>"\202\200?&y\336>G\312\v\344\31\10]\264/\200\200\22\203_\202\340g\355\363\366E2\271L&"..., 4096) = 4096
11443 clock_nanosleep(CLOCK_REALTIME, 0, {tv_sec=0, tv_nsec=1000000}, <unfinished ...>
11584 stat("/bin/glxinfo", <unfinished ...>
11553 <... read resumed>"\202\200?&y\336>G\312\v\344\31\10]\264/\200\200\22\203_\202\340g\355\363\366E2\271L&"..., 4096) = 4096
11443 clock_nanosleep(CLOCK_REALTIME, 0, {tv_sec=0, tv_nsec=1000000}, <unfinished ...>
11584 <... stat resumed>0x7ffe132b08e0) = -1 ENOENT (No such file or directory)
11583 <... clone resumed>, child_tidptr=0x7f88e5491a10) = 11585
11553 lseek(204, 34099200, SEEK_SET <unfinished ...>
11583 close(3 <unfinished ...>
11585 close(4 <unfinished ...>
11584 write(2, "sh: 1: ", 7 <unfinished ...>
11583 <... close resumed>) = 0
11553 <... lseek resumed>) = 34099200
11585 <... close resumed>) = 0
11584 <... write resumed>) = 7
11583 close(5 <unfinished ...>
11585 dup2(3, 0 <unfinished ...>
11584 write(2, "glxinfo: not found", 18 <unfinished ...>
ls -la /usr/bin/glxinfo
-rwxr-xr-x 1 root root 63464 25 avril 2020 /usr/bin/glxinfo
an external application like MangoHud
MangoHUD is not an external application, it's a Vulkan layer that gets loaded into the game itself. It's in a special situation and needs to be careful what it does.
is it possible for an external application like MangoHud to be allowed to bypass the SteamLinuxRuntime_soldier sandbox to run executables from the system's /usr/bin directly ?
Not really; once you're in the container, you can't get out. The purpose of the container is that it replaces /usr (and other system directories) with a predictable library stack that Proton can rely on.
The container is a mechanism for managing runtime libraries, not a security boundary or sandbox, so it is technically possible for things inside the container to use inter-process communication to run commands outside the container, but that presumably isn't what MangoHUD wants anyway, because MangoHUD presumably wants information about the environment in which the game is running - which in this case means the container. Information about the host system is not actually very relevant there, and could be misleading if glxinfo in the container and on the host system would give different answers.
Running glxinfo through a shell is not a great way to get system information - there's no guarantee that glxinfo will be installed, even on the host system.
It's also potentially dangerous for MangoHUD to be running subprocesses, because MangoHUD gets loaded into an arbitrary game process that it doesn't have control over.
Running
glxinfothrough a shell is not a great way to get system information - there's no guarantee thatglxinfowill be installed, even on the host system.It's also potentially dangerous for MangoHUD to be running subprocesses, because MangoHUD gets loaded into an arbitrary game process that it doesn't have control over.
This is the question I also asked myself while reading the mangohud code, there are surely better ways to get the information.
Thank you very much for your informations on the operation of the Steam runtime, it should help the developers to improve the code :)