Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

Untitled

By: a guest on Dec 7th, 2012  |  syntax: Bash  |  size: 6.06 KB  |  hits: 875  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. ###########################################################################
  2. # This HOWTO tells you how to install the Steam for Linux Limited Beta in a separate user account without giving any root privileges to Steam.
  3. # This gives you double security:
  4. # 1. None of the Steam programs is ever executed as root, not even the install script
  5. # 2. Steam is not even run with privileges of your primary user account. You are told how to generate a second user account which is a sandbox for Steam.
  6. #
  7. # The HOWTO was written and tested on Kubuntu 12.10 amd64 on 2012-12-07.
  8. ###########################################################################
  9.  
  10. # do the following as root (execute "sudo -i" in a terminal to get a root shell):
  11.         # add steam user account
  12.         useradd --create-home --shell /bin/bash --user-group steam
  13.         # deny terminal login for steam
  14.         passwd -l steam
  15.         # allow access to soundcard for steam
  16.         usermod -a -G audio steam
  17.        
  18.         # now we allow access to the files of the steam user for our primary user account by adding it to the steam group
  19.         # notice that this is not needed for steam to work but it is nice to have
  20.         usermod -a -G steam <USERNAME OF YOUR PRIMARY USER ACCOUNT>
  21.         # give write access to steam group on steam homedir
  22.         chmod g+w /home/steam
  23.         # inherit steam group to files which are created in the homedir of steam by your primary user
  24.         chmod g+s /home/steam
  25.        
  26.         # prevent steam user from modifying bash configuration so it cannot fake a "logout". ideally, never use "logout", it is insecure. instead, close the X terminal window.
  27.         chattr +i /home/steam/.bash_logout /home/steam/.bashrc /home/steam/.profile
  28.        
  29.         # now we allow our primary user account to sudo commands as the steam user
  30.         # open the file with nano editor:
  31.         nano /etc/sudoers.d/steam
  32.         # paste the following and press CTRL+X to exit, Y to save, ENTER to confirm the filename:
  33.                 <USERNAME OF YOUR PRIMARY USER ACCOUNT>     ALL=(steam)       NOPASSWD: ALL
  34.         # set correct permissions:
  35.         chmod 440 /etc/sudoers.d/steam
  36.  
  37. # now the steam user account is set up and we install steam
  38. # we must open a terminal which runs as the steam user and preserves the connection to the X-server.
  39. # for kde-distrubtions such as kubuntu, use kdesudo:
  40. kdesudo -u steam konsole
  41. # for gnome-distributions such as ubuntu, use gksudo / gnome terminal (not tested, i use KDE):
  42. gksudo -u steam gnome-terminal
  43.  
  44. # now enter the following in the terminal of the steam user:
  45.         # download the steam package:
  46.         wget http://media.steampowered.com/client/installer/steam.deb
  47.        
  48.         # extract package control information so we can look at the install scripts
  49.         dpkg -e steam.deb ~/steam-package-control-information
  50.                
  51.         # extract the actual package contents:
  52.         dpkg -x steam.deb ~/steam-package
  53.        
  54.         # now we obtain the list of packages which we need to install for steam to work:
  55.         grep Depends ~/steam-package-control-information/control
  56.         # => use your favorite package manager to install those packages.
  57.  
  58.         # after the packages are installed, continue in the steam user's terminal:
  59.                        
  60.         # reading the script /home/steam/steam-package-control-information/postinst shows that the primary action of the install script is to make the update notifier execute the script "/usr/lib/steam/steam-install-notify" per user
  61.         # so i looked what that script does and it tells the user to run "/usr/bin/steam"
  62.         # we had extracted this script to "/home/steam/steam-package/usr/bin/steam"
  63.         # so your job now is to edit this script and replace all absolute paths (= paths starting with "/") which reference steam stuff to be prefixed with $HOME/steam-package
  64.         # this can be done by:
  65.         # 1) listing all top level files/directories in the steam package with "ls steam-package".
  66.         # 2) searching the script for the names of those files/directories
  67.         # 3) looking carefully at each occurence and deciding whether it is steam stuff and needs to be changed or a system directory which does not need to be changed
  68.         # here is a diff of the modifications which i have done to the 2012-12-07 version of the file:
  69.         ## $ diff steam.default ~/steam-package/usr/bin/steam
  70.         ## 86c86
  71.         ## <       LAUNCHSTEAMBOOTSTRAPFILE="/usr/lib/$STEAMPACKAGE/bootstraplinux_$LAUNCHSTEAMPLATFORM.tar.xz"
  72.         ## ---
  73.         ## >       LAUNCHSTEAMBOOTSTRAPFILE="/home/steam/steam-package/usr/lib/$STEAMPACKAGE/bootstraplinux_$LAUNCHSTEAMPLATFORM.tar.xz"
  74.         ## 156c156
  75.         ## <       cp /usr/share/applications/$STEAMPACKAGE.desktop "$DESKTOP_DIR"
  76.         ## ---
  77.         ## >       cp /home/steam/steam-package/usr/share/applications/$STEAMPACKAGE.desktop "$DESKTOP_DIR"
  78.  
  79.         # so now we have a modified steam install script.
  80.         # it will try to generate files in the Desktop of the user account, and the directory does not exist yet, so we create it.
  81.         mkdir Desktop
  82.        
  83.         # now execute the install script finally:
  84.         steam-package/usr/bin/steam
  85.        
  86.         # steam is installed now :)
  87.        
  88.         # now i've looked at Desktop/steam.desktop and checked for the syntax of steam. it was: "/usr/bin/steam %U"
  89.         # according to "http://standards.freedesktop.org/desktop-entry-spec/latest/ar01s06.html" the %U is an URL, so we don't need that
  90.         # as a conclusion, the syntax to run steam from the terminal of the steam user is:
  91.         # /home/steam/steam-package/usr/bin/steam
  92.  
  93. # for being able to run steam directly from your primary user account, we can use gksudo/kdesudo:
  94. # for kde-distrubtions such as kubuntu, use kdesudo:
  95. kdesudo -u steam /home/steam/steam-package/usr/bin/steam
  96. # for gnome-distributions such as ubuntu, use gksudo (not tested, i use KDE):
  97. gksudo -u steam /home/steam/steam-package/usr/bin/steam
  98.  
  99. # of course you can create a desktop shortcut which executes this command. for kde, the following works:
  100. # 1) browse to /usr/bin with the file manager
  101. # 2) drag&drop the kdesudo binary to your desktop to generate a shortcut
  102. # 3) rightclick the shortcut and select "icon settings"
  103. # 4) in the application tab, set name to "Steam", the command to "/usr/bin/kdesudo -u steam /home/steam/steam-package/usr/bin/steam", and the work path to "/home/steam"
  104.  
  105. # if you liked this HOWTO, please consider donating some bitcoins to me. my address is: 1MUpLx5Y5fH7qTJdT9JvZviwAMjcc4wGWh
create a new version of this paste RAW Paste Data