We are going through more or less Wine anyway, the libraries on the system don’t matter as long as Wine compiles
Which wine though?
The one pre-packaged by your distro? That doesn’t work because Valve needs to control the version you use and to provide additional stuff not part of vanilla wine.
The one part of proton that is built and delivered to your system by Valve? They would have to compile and support it for every set of dependency versions out there.
One of the core features of containers is process and process memory separation from host.
As far as container technology is concerned, the isolation is configurable. pressure-vessel is most likely using (possibly indirectly) namespaces and/or cgroups to achieve the isolation. I don’t see a technical reason that you can’t disable the isolation of shared memory or any other resource. The issue is whether you are given access to disable it.
According to the docs the runtime is based on flatpak and uses bubblewrap and libcapsule. I don’t know about libcapsule, but I recall that bubblewrap has granular control over what resources it isolates.
We have no control over what they put in those containers.
Apparently, you can modify the container as shown here. But there’s no reason why you shouldn’t be able to install custom containers alongside the default ones in the same way that you can install custom proton versions. Steam just doesn’t provide the interface for it.
Once they disable the PRESSURE_VESSEL_SHELL=instead we will have no insight into what’s inside.
There already exists an alternative that is “more likely to be extended in future” rather than being removed as shown [here](more likely to be extended in future). But I believe you would always be able to gain access to the container because it remains a chroot + namespace + cgroup isolation, all of which you can control on your system.
and app developers neither have!
App developers don’t control what’s on your system either. The container is a huge improvement for them because it at least gives them a known target to build for. They can still bundle dependencies in any way that they would on a non-containerized system. There’s no loss of control from their perspective.
if it doesn’t work for some reason (with Wine I don’t really see it happening as what we run doesn’t rely on our OS libraries directly), you can create chroot, additional library packages with old versions, etc.
That’s what pressure-vessel is and as shown above you can modify it. And if you couldn’t it would be a tooling issue, not an inherent container disadvantage.
Worst case scenario, Linux community will figure something out
No, they won’t. Compatibility significantly increased after Valve got involved. In fact, the linux community is porting pressure-vessel outside of Steam to use it across different launchers as umu. The community is headed towards using pressure-vessel for everything.
Now I replied to each claim individually, but it’s not really about any specific point you’re making. The general idea is that there’s nothing inherent to container technology that prevents you from tinkering with it. Anything that you can’t do currently is because Steam is not designed to allow you to do it. It’s got nothing to do with whether Steam uses containers or not. Any control that you’ve lost over your system is because you’re using a proprietary app. They could remove the containers and still prevent tinkering, eg by using a bundled wine with no way for you to modify it or its launch options. It’s not about what Steam does, but about how it does it.
Which wine though?
The one pre-packaged by your distro? That doesn’t work because Valve needs to control the version you use and to provide additional stuff not part of vanilla wine.
The one part of proton that is built and delivered to your system by Valve? They would have to compile and support it for every set of dependency versions out there.
As far as container technology is concerned, the isolation is configurable. pressure-vessel is most likely using (possibly indirectly) namespaces and/or cgroups to achieve the isolation. I don’t see a technical reason that you can’t disable the isolation of shared memory or any other resource. The issue is whether you are given access to disable it.
According to the docs the runtime is based on flatpak and uses bubblewrap and libcapsule. I don’t know about libcapsule, but I recall that bubblewrap has granular control over what resources it isolates.
Apparently, you can modify the container as shown here. But there’s no reason why you shouldn’t be able to install custom containers alongside the default ones in the same way that you can install custom proton versions. Steam just doesn’t provide the interface for it.
There already exists an alternative that is “more likely to be extended in future” rather than being removed as shown [here](more likely to be extended in future). But I believe you would always be able to gain access to the container because it remains a chroot + namespace + cgroup isolation, all of which you can control on your system.
App developers don’t control what’s on your system either. The container is a huge improvement for them because it at least gives them a known target to build for. They can still bundle dependencies in any way that they would on a non-containerized system. There’s no loss of control from their perspective.
That’s what pressure-vessel is and as shown above you can modify it. And if you couldn’t it would be a tooling issue, not an inherent container disadvantage.
No, they won’t. Compatibility significantly increased after Valve got involved. In fact, the linux community is porting pressure-vessel outside of Steam to use it across different launchers as umu. The community is headed towards using pressure-vessel for everything.
Now I replied to each claim individually, but it’s not really about any specific point you’re making. The general idea is that there’s nothing inherent to container technology that prevents you from tinkering with it. Anything that you can’t do currently is because Steam is not designed to allow you to do it. It’s got nothing to do with whether Steam uses containers or not. Any control that you’ve lost over your system is because you’re using a proprietary app. They could remove the containers and still prevent tinkering, eg by using a bundled wine with no way for you to modify it or its launch options. It’s not about what Steam does, but about how it does it.