dotfiles/examples/etc/systemd/nspawn/sandbox.nspawn

32 lines
435 B
Plaintext

[Exec]
Boot=1
# Next 2 lines for docker
Capability=all
SystemCallFilter=add_key keyctl
PrivateUsers=no
[Files]
#opengl
BindReadOnly=/tmp/.X11-unix
# Next line for docker
Bind=/sys/fs/cgroup
Bind=/dev/dri
#Bind=/dev/nvidia0
#Bind=/dev/nvidiactl
#Bind=/dev/nvidia-modeset
Bind=/dev/shm
# input
Bind=/dev/input
# pulseaudio
Bind=/run/user/1000/pulse:/run/user/host/pulse
# alsa
Bind=/dev/snd
# downloads
#Bind=/home/drew/Downloads