[Service]
#DeviceAllow=/dev/dri rw
#DeviceAllow=/dev/shm rw
#ExecStart=
#ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --machine=%I --property=CPUQuota=10% --setenv=DISPLAY=unix$DISPLAY --bind=/tmp/.X11-unix:/tmp/.X11-unix --bind /run/user/1000/pulse:/run/pulse --bind /var/lib/dbus:/var/lib/dbus
DeviceAllow=/dev/dri rw
DeviceAllow=/dev/shm rw
DeviceAllow=char-usb_device rwm 
DeviceAllow=char-input rwm 
DeviceAllow=char-alsa rwm 
Environment=SYSTEMD_NSPAWN_USE_CGNS=0
ExecStart=
ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --machine=%I