Open Roman2dot0 opened 6 months ago
Sorry, maybe it related with
Can confirm the issue. It started to happen after recent update of Steam Linux Runtime 3.0 (sniper). As a temporary workaround, you can downgrade this update: find "Steam Linux Runtime 3.0 (sniper)" in your Steam Library in Tools section, select "Properties -> Beta Versions" and select "previous_release". But for permanent solution, snap AppArmor profile need to be adjusted
Thank you for testing the app armor changes, I'll see about submitting a PR to snapd.
Thank you for testing the app armor changes, I'll see about submitting a PR to snapd.
As with previous AppArmor problems, instead of trying to narrow down precisely what Steam does and doesn't do today, please allow anything that is consistent with snapd's security policy: for example instead of
mount fstype=tmpfs options=(rw, nosuid, nodev) tmpfs -> /newroot/run/pressure-vessel/ldso/,
mount fstype=tmpfs options=(rw, nosuid, nodev) tmpfs -> /newroot/var/pressure-vessel/ldso/,
please do something more like this (untested) if there is no security reason not to:
mount fstype=tmpfs options=(rw, nosuid, nodev) * -> /newroot/**/,
That will make it much less likely that a future change in pressure-vessel will randomly break the Snap app.
The precise paths used within the pressure-vessel namespace are implementation details, and will be changed whenever there is some reason why we need to change them. This Snap app cannot rely on them remaining constant.
If this Snap app is something that Canonical wants to recommend and support, then I would suggest that at least one of its developers should routinely be running the Steam Linux Runtime
compatibility tools from their client_beta
branch, so that you will find out about changes to internal implementation details before your users do.
As a temporary workaround, you can downgrade this update: find "Steam Linux Runtime 3.0 (sniper)" in your Steam Library in Tools section, select "Properties -> Beta Versions" and select "previous_release"
This is a very temporary workaround, and will stop working as soon as there is a new release (which will also overwrite the previous_release
).
The way to avoid having to rely on the previous_release
is to make sure that a maintainer of the Snap app follows the beta branch, so that they will find out about future problems before they become current problems; or, alternatively, use the non-Snap version of Steam that is maintained and supported by Valve.
As of yesterday's Steam beta client, the container runtime framework is required for the Steam UI and not just for specific games.
It started to happen after recent update of Steam Linux Runtime 3.0 (sniper)
Steam Linux Runtime 2.0 (soldier) is equally affected by this, in fact.
Today's beta releases of Steam Linux Runtime 2.0 (soldier) and 3.0 (sniper) contain a temporary workaround for this Snap-specific issue. If you were using the previous_release
for either of these for this reason, please upgrade to the client_beta
branch.
In versions with the workaround, steamapps/common/SteamLinuxRuntime_*/VERSIONS.txt
will say pressure-vessel 0.20240123.2
or later.
The workaround adds additional complexity to the container runtime framework, which is bad for robustness in the long term (for everyone, not just Snap users), so it will be removed in a future release. If snapd is not fixed before that happens, then this app will regress again. [Edited to add: I believe snapd was fixed in 2.62.]
After the workaround has progressed to the stable/default branch, maintainers can test whether a fix for this issue has been successful by replacing both SteamLinuxRuntime_soldier/pressure-vessel
and SteamLinuxRuntime_soldier/pressure-vessel
with a version of the pressure-vessel tool that did not have this workaround, by unpacking one of the pressure-vessel-bin.tar.gz
archives from https://repo.steampowered.com/pressure-vessel/snapshots/. The newest version that does not have the workaround is 0.20240123.2. The full status is:
Can confirm the issue. It started to happen after recent update of Steam Linux Runtime 3.0 (sniper). As a temporary workaround, you can downgrade this update: find "Steam Linux Runtime 3.0 (sniper)" in your Steam Library in Tools section, select "Properties -> Beta Versions" and select "previous_release". But for permanent solution, snap AppArmor profile need to be adjusted
Work for me thanks a lot
select "Properties -> Beta Versions" and select "previous_release"
There is probably going to be a new stable release and a new beta soon, perhaps as soon as today, at which point this workaround will stop working - in fact, at that point it will probably be only the previous_release
where this issue is seen. The precise timing of these releases is not something that I have control over.
At that point, you will need to upgrade to the default or client_beta
branch to be able to continue to use Proton.
You can get ahead of this change by starting to use the client_beta
branch already. As announced in https://github.com/canonical/steam-snap/issues/356#issuecomment-1912411145, the client_beta
branch has a workaround for this issue on the Steam Linux Runtime side.
[Edited to add: Yes, these releases happened on 2024-02-12 at around 21:00 UTC.]
If I'm keeping track correctly, this was fixed in snapd 2.62, which is mandatory since #367. As a result, the pressure-vessel version included in yesterday's SLR soldier and sniper beta releases disables our workaround for this issue by default. If there are no regression reports in the next few days/weeks, we will remove the workaround completely.
I edited https://github.com/canonical/steam-snap/issues/356#issuecomment-1912411145 to reflect the current status.
If it becomes necessary to re-enable the workaround, you can do this:
PRESSURE_VESSEL_WORKAROUNDS="+steam-snap#356"
in the environment (if you need to use more than one workaround, it's a space-separated list)
Ensure there isn't an existing issue for this and check the wiki
Current Behavior
Launch a game that uses proton, Frostpunk for example, game will crash. Proton version is 8.0-4.
Expected Behavior
Game starts without errors.
Steps To Reproduce
No response
Environment
gaming-graphics-core22 version
kisak-fresh (default)
Anything else?
Game fail with log:
/newroot/var/pressure-vessel/ldso
But in the appararmor profile in file:
/var/lib/snapd/apparmor/profiles/snap.steam.steam
only allow for tmpfs mount is:
mount fstype=tmpfs options=(rw, nosuid, nodev) tmpfs -> /newroot/run/pressure-vessel/ldso/,
adding the same line with var to the mount path (and reload) solves the problem and the game starts normally:
mount fstype=tmpfs options=(rw, nosuid, nodev) tmpfs -> /newroot/var/pressure-vessel/ldso/,
apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap.steam.steam