I know there are some tools including firejail and bindtointerface on standard Linux Distros, but they don’t run in userland, so whenever the deck updates they will be overwritten.

Anyone have any ideas how to block access on a Steam Deck?

  • gr522x@lemmy.mlOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    From what i understand any changes to the system outside of the userland will be overwritten after a SteamOS update.

    • Shindig@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      That is correct. The best case is to write a script to make your desired changes, and then run it after each system update.
      My own use-case is that I have a NFS mount-point for my Steam Deck to use extra storage on my NAS. After the first time I figured out how to get it mounted, I made a script to disable read-only filesystem, make all the changes to the system, and then re-enable read-only filesystem. After every system update, I just run that script once.

      • gr522x@lemmy.mlOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Thanks for the reply!

        I can find my way around bash, but the most advanced script I've personally authored it probably "Hello World." Would you be willing to share the script from pastebin or github? IDK, I guess you could copy and paste it posted on Lemmy.

        I think I need to do exactly what you recommended, but I may need some help setting it up. So are an update, you simply run the script to get the system changes re-applied?

        • Shindig@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          This is the script. /home/deck/scripts/fstab contains my customised fstab file. Yes, after an update, I just run this script once.

          #!/bin/bash
          
          if [ ! -f ~/.config/kdesurc ];then
            touch ~/.config/kdesurc
            echo "[super-user-command]" > ~/.config/kdesurc
            echo "super-user-command=sudo" >> ~/.config/kdesurc
          fi
          
          if [ ! -f /var/mnt/nas ];then
            sudo -c 'sudo mkdir "/var/mnt/nas"'
          fi
          
          sudo cp -a /home/deck/scripts/fstab /etc/fstab
          sudo steamos-readonly disable
          sudo pacman -Syy
          sudo pacman-key --init
          sudo pacman-key --populate
          sudo pacman -S --overwrite "*" nfs-utils
          sudo steamos-readonly enable
          sudo mount -a