User:Cronolio/build/sandbox

From Gentoo Wiki
Jump to: navigation, search
Resources

Sandbox is a library (and helper utility) to run programs in a "sandboxed" environment. This is used as a QA measure to try and prevent applications from modifying files they should not.

Sandbox have systemwide /etc/sandbox.conf config file which is declaring minimal settings and /usr/share/sandbox/sandbox.bashrc file which is preloading sandbox.so library for each shell or make process and add to SANDBOX_WRITE variable portage related directories.

direct usage example

For example we want to sandbox some application which will trying to write into root directory.

root #sandbox mkdir -v /foo
 * ACCESS DENIED:  mkdir:        /foo
mkdir: cannot create directory ‘/foo’: Permission denied
 * --------------------------- ACCESS VIOLATION SUMMARY ---------------------------
 * LOG FILE: "/var/log/sandbox/sandbox-2508.log"
 * 
VERSION 1.0
FORMAT: F - Function called
FORMAT: S - Access Status
FORMAT: P - Path as passed to function
FORMAT: A - Absolute Path (not canonical)
FORMAT: R - Canonical Path
FORMAT: C - Command Line

F: mkdir
S: deny
P: /foo
A: /foo
R: /foo
C: mkdir -v /foo 
 * --------------------------------------------------------------------------------

To allow application to write into root directory required to add root path into SANDBOX_WRITE variable.

root #SANDBOX_WRITE="${SANDBOX_WRITE}:/" sandbox mkdir -v /foo
mkdir: created directory '/foo'

Do not forget to remove foo directory.

root #rmdir -v /foo
rmdir: removing directory, '/foo'

portage and sandbox

During the src_unpack, src_compile, src_test and src_install phases, ebuild.sh operates inside a sandbox

  • (what user is used on which phases)

if emerge runed by root user

phase sandboxed? user change user
fetch ? portage feature userfetch enabled by default
unpack yes portage feature userpriv enabled by default
prepare ? portage
configure ? portage
compile yes portage
test yes portage
preinst ? ?
install yes root
postinst ? root
qmerge no root
unmerge
prerm postrm
no root