What are the best ways to run a game on sandboxed mode with only game HDD shared to it. There should not be network access for the game and there should be GPU (intel integrated) pass-through.
I have tried Gnome boxes, but GPU pass through is not working and checked distrobox, but that too shares HOME folder.
Update: I have installed Bubblejail and sandboxed Alacritty. Shared a Directory in with it on Home and disabled network. Since my game is launched using a shell script, I use this setup for it.
There are systemd nspawn Containers, you could install debian, or whatever you fancy inside, they provode simmillar isolation to docker containers and you can even integrate them with gui.
Containerized apps will then only see the container folder
https://michael.franzl.name/blog/posts/2023-12-02-run-graphical-wayland-applications-in-systemd-nspawn
im not on arch but the explanation is still valuable: https://wiki.archlinux.org/title/Systemd-nspawn