LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Trying to whitelist an application in Tails (https://www.linuxquestions.org/questions/linux-security-4/trying-to-whitelist-an-application-in-tails-4175676312/)

quickquestion111 06-01-2020 08:12 PM
Trying to whitelist an application in Tails
 
Im trying to whitelist an appimage game in Tails that uses networking for multiplayer (so it should not run through Tor; latency is too bad). I discovered Tails use the 'clearnet' user to run the 'unsafe browser' (the unsafe browser does not use Tor, so that you may login at captive portals). This clearnet user is permitted in the firewall to use TCP (in all other cases Tails only uses UDP)

So im trying run the appimage as the user clearnet (via sudo -u clearnet game.AppImage).. But for some reason that I dont understand is the game is reporting an error saying that "No supported OpenGL profiles were found". I'd like to say the game does run fine when ran as 'amnesia' (the default user), but it doesnt run as any other user (not even root!), giving that error. However it does run as root when invoked via sudo (i.e sudo game.AppImage). So im guesing that amnesia has something in it's environment that no other user has that allows it to use these OpenGL profiles. Which would explain why 'sudo game.AppImage works', as sudo may be preserving some portion of amnesia's environment (but then again maybe not, as sudo -u clearnet does not work). I also disabled all apparmor profiles, but still that didn't work. And rememeber I dont want to run it as user 'amnesia' as I dont want it to go through Tor, so it seems the user 'clearnet is key here.

Here is the full error log message from: ~/.config/thegame/graphics.log

Code:
System.InvalidOperationException: No supported OpenGL profiles were found.
  at OpenRA.Platforms.Default.Sdl2PlatformWindow..ctor (OpenRA.Primitives.Size requestEffectiveWindowSize, OpenRA.WindowMode windowMode, System.Single scaleModifier, System.Int32 batchSize, System.Int32 videoDisplay, OpenRA.GLProfile requestProfile) [0x000c3] in <044321142f104d319ff35c7ee1a9937e>:0
  at OpenRA.Platforms.Default.DefaultPlatform.CreateWindow (OpenRA.Primitives.Size size, OpenRA.WindowMode windowMode, System.Single scaleModifier, System.Int32 batchSize, System.Int32 videoDisplay, OpenRA.GLProfile profile) [0x00000] in <044321142f104d319ff35c7ee1a9937e>:0
  at OpenRA.Renderer..ctor (OpenRA.IPlatform platform, OpenRA.GraphicSettings graphicSettings) [0x00057] in <935747805c924a31bc5fa5fcaf2e207c>:0
  at OpenRA.Game.Initialize (OpenRA.Arguments args) [0x00204] in <935747805c924a31bc5fa5fcaf2e207c>:0
System.InvalidOperationException: No supported OpenGL profiles were found.
  at OpenRA.Platforms.Default.Sdl2PlatformWindow..ctor (OpenRA.Primitives.Size requestEffectiveWindowSize, OpenRA.WindowMode windowMode, System.Single scaleModifier, System.Int32 batchSize, System.Int32 videoDisplay, OpenRA.GLProfile requestProfile) [0x000c3] in <044321142f104d319ff35c7ee1a9937e>:0
  at OpenRA.Platforms.Default.DefaultPlatform.CreateWindow (OpenRA.Primitives.Size size, OpenRA.WindowMode windowMode, System.Single scaleModifier, System.Int32 batchSize, System.Int32 videoDisplay, OpenRA.GLProfile profile) [0x00000] in <044321142f104d319ff35c7ee1a9937e>:0
  at OpenRA.Renderer..ctor (OpenRA.IPlatform platform, OpenRA.GraphicSettings graphicSettings) [0x00057] in <935747805c924a31bc5fa5fcaf2e207c>:0
  at OpenRA.Game.Initialize (OpenRA.Arguments args) [0x00204] in <935747805c924a31bc5fa5fcaf2e207c>:0
Ofc I can just open up the firewall to allow full network access to the program, but I would like to offer the same protections for it as they did their 'unsafe browser' (i.e. running it as user clearnet whom can't login, and chooting the application).. Here's is how Tor is enforced in Tails (if you're interested in how Tails enforces Tor, and how the security of that works then this is the most interesting information: https://tails.boum.org/contribute/de...r_enforcement/)

business_kid 06-09-2020 01:06 PM
348 views, no replies, so I'll have a go.

As a general rule & IME, when I get 200+ views and no replies, I conclude I'm mad, or starting from the wrong place.

You have The Amnesiac Incognito Linux System as your OS. Now you're going to great lengths to 'bend it' and play your game. You want Tails at the default settings. Otherwise, it isn't Tails.

The game will suck, no fast video drivers, no fast disk access, no saved games = lousy performance.

There's a saying: "Horses for courses." Some are sprinters, endurance runners, steeple-chasers, show jumpers. Just like Usain Bolt was a great sprinter, but he never did a marathon that I heard of. Mo Farah never tried sprinting. Both were winners.

Follow the R&D (joke) motto: "If at first you don't succeed - give up!" Give the game what it wants, and enjoy tails for what it is. If you're worried about being secure, use a vm, or wine. If you have data in wine, add another luser, and just install the game(s) there. There's tools for IP masquerading.


All times are GMT -5. The time now is 11:48 AM.