From 2e6e29ed34b33a6df8566a9dcc70088f3c3478c4 Mon Sep 17 00:00:00 2001
From: Peter Cai <peter@typeblog.net>
Date: Mon, 26 Dec 2022 08:32:01 -0500
Subject: [PATCH] app_containers: Set DeviceAllow properly

/dev/dri and /dev/shm are NOT devices.
---
 app_containers/.local/bin/run_app_container | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/app_containers/.local/bin/run_app_container b/app_containers/.local/bin/run_app_container
index b4daf91..95b0f0a 100755
--- a/app_containers/.local/bin/run_app_container
+++ b/app_containers/.local/bin/run_app_container
@@ -49,8 +49,7 @@ SUDO_ASKPASS=$HOME/.local/bin/askpass-bemenu sudo -A systemd-nspawn -M $CONTAINE
     `# GPU` \
     --bind=/dev/dri \
     --bind=/dev/shm \
-    --property=DeviceAllow='/dev/dri rw' \
-    --property=DeviceAllow='/dev/shm rw' \
+    --property=DeviceAllow='char-drm rw' \
     `# Input devices` \
     --bind-ro=/dev/input \
     --property=DeviceAllow='char-input r' \