steam / steam-run: programs run with steam-run cannot access steam game's tmp files

[DrymarchonShaun]

Nixpkgs version

• Stable (24.11)

Describe the bug

Currently, steam and steam-run are using separate FHSEnvs, both with privateTmp = true;, and as such an application run with steam-run can't access the /tmp directory of something launched through steam.

This breaks applications that need to communicate directly with a game. In my case, I need to run Teamspeak (in proton, if it matters) and have it connect to Arma 3 (also running in proton), which it does using something that ends up in /tmp. (if I set privateTmp = false; in the steam package, everything works as expected, although as far as I can tell the easiest way to do this is overlaying a patched version of nixpkgs, because #341219 removed the override for privateTmp)

Steps to reproduce

1. echo "test" | steam-run tee /tmp/steamenvtesting
2. put cat /tmp/steamenvtesting # %command% in the launch options of a game, hit play, and check console (or log file at ~/.local/share/Steam/logs/console-linux.txt for the output [2025-02-13 15:33:53] cat: /tmp/steamenvtesting: No such file or directory

Expected behaviour

output in steam log would ideally be [2025-02-13 15:36:07] test

Screenshots

No response

Relevant log output

Additional context

No response

System metadata

• system: "x86_64-linux"
• host os: Linux 6.11.11, NixOS, 24.11 (Vicuna), 24.11.20250210.44534bc
• multi-user?: yes
• sandbox: yes
• version: nix-env (Nix) 2.24.12
• channels(root): ""
• nixpkgs: /nix/store/z88hhaq46sdqzkm0zas1sn284h7w87k9-source

Notify maintainers

@K900

Note for maintainers: Please tag this issue in your pull request description. (i.e. Resolves #ISSUE.)

I assert that this issue is relevant for Nixpkgs

• I assert that this is a bug and not a support request.
• I assert that this is not a duplicate of an existing issue.
• I assert that I have read the NixOS Code of Conduct and agree to abide by it.

Is this issue important to you?

Add a 👍 reaction to issues you find important.

[K900]

Yeah, steam-run can't really force itself into the same container, so the solution here is probably to allow privateTmp to be overridden again...

[DrymarchonShaun]

Would it be better/possible to disable privateTmp and bind both containers' /tmp to a different directory on the host instead of the host's /tmp, that way they can share temporary files without effecting the host's?

[K900]

In theory, yes, but that would also just defeat the main point of isolating them in the first place.