[Steam Proton] For those who can't run recent Steam Proton games because of bubblewrap

I just found out that the current version of Steam Proton (version 5.13 and above) wont be able to play games in default Manjaro kernel. Turns out it require bubblewrap sandbox with setuid enabled. After installing bubblewrap-suid package all Proton games are now playable. Anyway, is it OK to run Proton in setuid enabled bubblewrap?

Edited:
I change the title to include bubblewrap. This might have to do with that package and disabled unprivileged userns clone / hardened kernel.

OK, this short out the problem. Only install bubblewrap-suid if you have this error when launching Proton games:

`bwrap: No permissions to creating new namespace, likely because 
the kernel does not allow non-privileged user namespaces. On e.g. debian
 this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'`

I didn’t even know this was a thing.
I have some trouble running games for the first time. After a games has launched successfully, it later launches without any problem.
All you have to do is install bubblewrap-suid from pacman?

Are you sure there are no other reason why you would need that package? I don’t have any issue running any of my games, with any Proton version. I use official kernels from repositories, I use Steam from the repositories. I do not have this bubblewrap-suid package installed.

3 Likes

I don’t have any problem, even with recents games on Manjaro or Mint
(one week on Manjaro next on mint an so on).
Using Steam and officials kernels from repositories.
So bubblewrap-suid ???

Do you have Steam installed as a Flatpak? I heard this issues from users with Flatpak.

I have the same experience as Omano, and do not have the bubblewrap-suid package installed.

As a heavy Linux gamer, I don’t have bubblewrap-suid installed, and haven’t had any issues playing Steam Games with any versions of Proton. I do not know why you need it to get it to work.

Hi, I’m on 5.13 using Steam runtime and all my games (even officially unsupported ones) run fine without Bubblewrap.

This is a good guess, considering what bubbblewrap does.

Indeed. See FS#63316 for more information.

@LyraleiBreeze
Yes, you just need to install bubblewrap-suid. Of course if you have problems with it. If your game are running without it, then you don’t need to install it.

@omano
I don’t know why or how you can run the game (or why I can’t do that) without bubblewrap. But yes, Proton needs bubblewrap (or bubblewrap-suid for hardened kernel like in Manjaro) for its new Pressure Vessel sandbox. It’s mentioned here: bwrap requires user namespaces · Issue #297 · ValveSoftware/steam-runtime · GitHub
But you don’t need to enable unprivileged userns clone, tho.

@perso
Well, I wonder why I got this error if I don’t have bubblewrap-suid.
bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.
It’s mentioned in the link above by someone else too.
Note: As far as I know about this, enabling userns clone is considered unsafe.

@XRaTiX
Nope. I don’t use Flatpak.

@realmain
I wonder why too. I’ll try to look out a bit more about this.

@Yochanan
So, is it OK to use bubblewrap-suid for hardened kernel? Especially for windows games.

It obviously doesn’t NEED it as me, and all the others confirming it, do not have bubblewrap-suid, and have absolutely no issue playing any game with Proton. Maybe you meant “for a specific game”, so if you specify which game NEEDS that, it could start to make sense, but you said “wont be able to play games in default Manjaro kernel” so it means all games.

1 Like

Hmm, I haven’t check about this but I’m playing games on multi-user setup. Is there any of you guys using multi-user setup and having this problem too? Maybe because my user account that I use to play games doesn’t have permission access to create namespace is what causing bwrap error. :thinking:

Edited:
Does Manjaro use hardened kernel? If not, then I might have disabled unprivileged userns clone sometime in the past that causing this.

The link I gave you doesn’t mention that this is a specific games error. So, my assumption was that this problems occur in any proton games. Well, I wonder why too. Why do I (and the user in valve’s github) are having this problem. That is why I’m asking people here.

I didn’t read the issue you linked as first it is closed since last year, and Kisak from Valve didn’t even reply in it. At first sight to me it is unrelated issue.

Yes, I haven’t found any official statement about this too. I edited my post so I can sort out the root cause of this problem.

What I can find on this for sure is people using unofficial kernel (Xanmod, LinuxHardened) have issues.

That’s why I’m asking this. And no, I’m using official Manjaro kernel.

Maybe you could define that for someone from Manjaro Team to answer specifically, but I don’t think Manjaro is using much additional patches on the kernels, maybe it is detailed on their Gitlab Manjaro · GitLab

//EDIT: here for 5.14 Packages / Core / linux514 · GitLab

I recently came back from Fedora because of issues with Steam. The one thing that has me off is that I updated from 34-35, and I could’ve sworn up until the update that I had been getting Steam from the RPM fusion repos… not Flatpak… kind of makes sense now.