Path to this page:
./
sysutils/sandboxctl,
Manages chroot-based sandboxes
Branch: CURRENT,
Version: 1.1nb2,
Package name: sandboxctl-1.1nb2,
Maintainer: pkgsrc-userssandboxctl is a tool to interact with chroot-based sandboxes.
The sandboxctl tool provides an automated mechanism to create and
interact with chroot-based sandboxes. These sandboxes can be transient
(e.g. to run a single command within them) or long-lived (e.g. to run a
system service in a safe manner).
Sandboxes can be created using multiple mechanisms, which range from
extracting fresh distribution sets to bind-mounting the outer file
systems inside the sandbox. The specific mechanism depends on the
features supported by the underlying operating system and the chosen
sandbox type. Currently, sandboxctl includes support for FreeBSD,
Linux, macOS (Darwin), and NetBSD.
Each sandbox is defined via a configuration file provided by the user
and a system-specific template provided by this package. The user
configuration is simple and semantically-rich, allowing the system
administrator to not worry about the environment-specific details.
This is not an official Google product.
Required to run:[
devel/shtk]
Required to build:[
pkgtools/cwrappers]
Package options: tests
Master sites:
Filesize: 96.719 KB
Version history: (Expand)
- (2024-06-23) Updated to version: sandboxctl-1.1nb2
- (2019-09-21) Updated to version: sandboxctl-1.1nb1
- (2019-01-14) Updated to version: sandboxctl-1.1
- (2017-02-18) Package added to pkgsrc.se, version sandboxctl-1.0 (created)
CVS history: (Expand)
2024-07-25 07:41:53 by Thomas Klausner | Files touched by this commit (22) |
Log message:
*: reset MAINTAINER (became observer)
|
2024-06-23 19:16:41 by Amitai Schleier | Files touched by this commit (3) |
Log message:
sandboxctl: run certctl if available. Bump PKGREVISION.
|
2021-10-26 13:20:30 by Nia Alarie | Files touched by this commit (630) |
Log message:
sysutils: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
|
2021-10-07 16:58:44 by Nia Alarie | Files touched by this commit (630) |
Log message:
sysutils: Remove SHA1 hashes for distfiles
|
2019-09-21 00:31:30 by Maya Rashish | Files touched by this commit (3) |
Log message:
sandboxctl: don't use tar -e on netbsd. it's not supported by the newly
default libarchive tar.
From Robert Nestor on pkgsrc-users.
bump PKGREVISION
|
2019-01-14 11:52:49 by Julio Merino | Files touched by this commit (3) | |
Log message:
Update sandboxctl to 1.1:
Changes in version 1.1
======================
**Released on 2019-01-14.**
* Fixed the `darwin-native` type to allow accessing the Oracle JRE from
within the sandbox.
* Expose `/usr/local` in `darwin-native` so that third-party software
installed on the host, such as OSXFUSE, can be found.
* Expose an empty `/private/var/mail` directory within the `darwin-native`
sandbox so that programs that expect the directory to exist can work.
* Issue 2: Fixed access to the system keychain on `darwin-native`
sandboxes, which allows, among other things, for HTTPS downloads to
work properly.
* Issue 4: Fixed the `netbsd-native` type to recognize a `/boot` directory
and to ignore the lack of `/netbsd`, as is the case for
NetBSD/evbarm-earmv7hf 7.1 Raspberry Pi images.
* Issue 5: Fixed DNS resolution in `darwin-native` sandboxes, which
apparently got broken in the macOS Sierra 10.12.4 update because SIP
now prevents modifying the running mDNSResponder instance.
* Issue 7: Fixed execution of compilers and other Xcode tools within a
`darwin-native` sandbox starting with High Sierra. Unfortunately, we
now require SIP to be disabled for these tools to work.
* Added support for XZ-compressed files to `sandbox_extract`.
* Added support for XZ-compressed release sets to `netbsd-native` and
`netbsd-release`. As a side-effect of this change, the
`NETBSD_RELEASE_SETS` setting in `netbsd-release` now takes a list
of set names *without* their extension.
|
2017-02-17 22:23:42 by Julio Merino | Files touched by this commit (8) |
Log message:
Initial addition of sandboxctl 1.0:
sandboxctl is a tool to interact with chroot-based sandboxes.
The sandboxctl tool provides an automated mechanism to create and
interact with chroot-based sandboxes. These sandboxes can be transient
(e.g. to run a single command within them) or long-lived (e.g. to run a
system service in a safe manner).
Sandboxes can be created using multiple mechanisms, which range from
extracting fresh distribution sets to bind-mounting the outer file
systems inside the sandbox. The specific mechanism depends on the
features supported by the underlying operating system and the chosen
sandbox type. Currently, sandboxctl includes support for FreeBSD,
Linux, macOS (Darwin), and NetBSD.
Each sandbox is defined via a configuration file provided by the user
and a system-specific template provided by this package. The user
configuration is simple and semantically-rich, allowing the system
administrator to not worry about the environment-specific details.
This package is primarily targetted at supporting pkgtools/pkg_comp
but is provided as a standalone tool for flexibility.
|