├── pulseaudio.client.conf ├── Dockerfile ├── minecraft.sh └── minecraft.json /pulseaudio.client.conf: -------------------------------------------------------------------------------- 1 | default-server = unix:/tmp/pulseaudio.socket 2 | # Prevent a server running in the container 3 | autospawn = no 4 | daemon-binary = /bin/true 5 | # Prevent the use of shared memory 6 | enable-shm = false 7 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian 2 | 3 | ADD https://launcher.mojang.com/download/Minecraft.deb /Minecraft.deb 4 | RUN apt-get update 5 | RUN apt install -y /Minecraft.deb 6 | 7 | USER 1000:1000 8 | 9 | ADD pulseaudio.client.conf /etc/pulse/client.conf 10 | ENV PULSE_SERVER unix:/tmp/pulseaudio.socket 11 | ENV PULSE_COOKIE /tmp/pulseaudio.cookie 12 | 13 | CMD minecraft-launcher 14 | -------------------------------------------------------------------------------- /minecraft.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | docker run -ti --rm --name minecraft --hostname $(uname -n) -u $(id --user):$(id --group) $(id --groups | sed 's/\([0-9]\+\)/--group-add \1/g') --security-opt seccomp=./minecraft.json -e DISPLAY -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro -v /tmp/.X11-unix:/tmp/.X11-unix -e XAUTHORITY -v $XAUTHORITY:$XAUTHORITY --device /dev/dri/card0 --device /dev/dri/renderD128 -v ${HOME}/docker-volumes/minecraft-home:${HOME} -v $HOME/.minecraft:$HOME/.minecraft -w $HOME -v /var/run/nscd/socket:/var/run/nscd/socket -v /run/user/$(id --user)/pulse/native:/tmp/pulseaudio.socket test/minecraft "$@" 4 | -------------------------------------------------------------------------------- /minecraft.json: -------------------------------------------------------------------------------- 1 | { 2 | "defaultAction": "SCMP_ACT_ERRNO", 3 | "architectures": [ 4 | "SCMP_ARCH_X86_64", 5 | "SCMP_ARCH_X86", 6 | "SCMP_ARCH_X32" 7 | ], 8 | "syscalls": [ 9 | { 10 | "name": "", 11 | "action": "SCMP_ACT_ALLOW", 12 | "args": [], 13 | "names": [ 14 | "access", 15 | "arch_prctl", 16 | "bind", 17 | "brk", 18 | "capget", 19 | "capset", 20 | "chdir", 21 | "chmod", 22 | "clock_getres", 23 | "clone", 24 | "close", 25 | "connect", 26 | "creat", 27 | "dup", 28 | "dup2", 29 | "epoll_create", 30 | "epoll_create1", 31 | "epoll_ctl", 32 | "epoll_pwait", 33 | "epoll_wait", 34 | "eventfd", 35 | "eventfd2", 36 | "execve", 37 | "execveat", 38 | "exit", 39 | "exit_group", 40 | "fadvise64", 41 | "fchdir", 42 | "fchmodat", 43 | "fchown", 44 | "fchownat", 45 | "fcntl", 46 | "fcntl64", 47 | "fdatasync", 48 | "fork", 49 | "fstat", 50 | "fstatfs", 51 | "ftruncate", 52 | "futex", 53 | "getcwd", 54 | "getdents", 55 | "getdents64", 56 | "getegid", 57 | "geteuid", 58 | "getgid", 59 | "getgroups", 60 | "getpeername", 61 | "getpgrp", 62 | "getpid", 63 | "getppid", 64 | "getpriority", 65 | "getrandom", 66 | "getrlimit", 67 | "getrusage", 68 | "getsockname", 69 | "getsockopt", 70 | "gettid", 71 | "getuid", 72 | "inotify_add_watch", 73 | "inotify_init", 74 | "inotify_init1", 75 | "ioctl", 76 | "keyctl", 77 | "kill", 78 | "lseek", 79 | "lstat", 80 | "madvise", 81 | "mkdir", 82 | "mkdirat", 83 | "mknodat", 84 | "memfd_create", 85 | "mlock", 86 | "mmap", 87 | "mount", 88 | "mprotect", 89 | "munmap", 90 | "name_to_handle_at", 91 | "nanosleep", 92 | "newfstatat", 93 | "open", 94 | "openat", 95 | "personality", 96 | "pipe", 97 | "pipe2", 98 | "pivot_root", 99 | "poll", 100 | "ppoll", 101 | "prctl", 102 | "pread", 103 | "pread64", 104 | "pselect6", 105 | "ptrace", 106 | "pwrite64", 107 | "read", 108 | "readlink", 109 | "readlinkat", 110 | "recvfrom", 111 | "recvmsg", 112 | "rename", 113 | "rmdir", 114 | "rt_sigaction", 115 | "rt_sigprocmask", 116 | "rt_sigqueueinfo", 117 | "rt_sigreturn", 118 | "sched_getaffinity", 119 | "sched_yield", 120 | "select", 121 | "semctl", 122 | "semget", 123 | "semop", 124 | "sendmsg", 125 | "sendto", 126 | "setgid", 127 | "setgroups", 128 | "sethostname", 129 | "setpgid", 130 | "setpriority", 131 | "setresgid", 132 | "setresuid", 133 | "setreuid", 134 | "setrlimit", 135 | "set_robust_list", 136 | "setsid", 137 | "setsockopt", 138 | "set_tid_address", 139 | "setuid", 140 | "shmat", 141 | "shmctl", 142 | "shmdt", 143 | "shmget", 144 | "shutdown", 145 | "socket", 146 | "socketpair", 147 | "stat", 148 | "statfs", 149 | "symlink", 150 | "symlinkat", 151 | "sysinfo", 152 | "tgkill", 153 | "timerfd_create", 154 | "timerfd_settime", 155 | "tkill", 156 | "umask", 157 | "uname", 158 | "unlink", 159 | "unlinkat", 160 | "unshare", 161 | "vfork", 162 | "wait4", 163 | "write", 164 | "writev" 165 | ] 166 | } 167 | ] 168 | } 169 | --------------------------------------------------------------------------------