2011-08-10 23:22:41 +02:00
.TH SANDBOX "8" "May 2010" "sandbox" "User Commands"
2010-06-10 22:35:55 +02:00
.SH NAME
sandbox \- Run cmd under an SELinux sandbox
.SH SYNOPSIS
.B sandbox
2022-10-13 15:23:12 +02:00
[\- C] [\- s] [ \- d DPI ] [\- l level ] [[\- M | \- X] \- H homedir \- T tempdir ] [ \- R runuserdir ] [\- I includefile ] [ \- W windowmanager ] [ \- w windowsize ] [[\- i file ]...] [ \- t type ] cmd
2011-08-10 23:22:41 +02:00
.br
.B sandbox
2022-10-13 15:23:12 +02:00
[\- C] [\- s] [ \- d DPI ] [\- l level ] [[\- M | \- X] \- H homedir \- T tempdir ] [ \- R runuserdir ] [\- I includefile ] [ \- W windowmanager ] [ \- w windowsize ] [[\- i file ]...] [ \- t type ] \- S
2010-06-10 22:35:55 +02:00
.br
.SH DESCRIPTION
.PP
Run the
.I cmd
2013-10-09 20:37:31 +02:00
application within a tightly confined SELinux domain. The default sandbox domain only allows applications the ability to read and write stdin, stdout and any other file descriptors handed to it. It is not allowed to open any other files. The \- M option will mount an alternate homedir and tmpdir to be used by the sandbox.
2010-06-10 22:35:55 +02:00
If you have the
.I policycoreutils-sandbox
2013-10-09 20:37:31 +02:00
package installed, you can use the \- X option and the \- M option.
.B sandbox \- X
2010-06-10 22:35:55 +02:00
allows you to run X applications within a sandbox. These applications will start up their own X Server and create a temporary home directory and /tmp. The default SELinux policy does not allow any capabilities or network access. It also prevents all access to the users other processes and files. Files specified on the command that are in the home directory or /tmp will be copied into the sandbox directories.
2013-10-09 20:37:31 +02:00
If directories are specified with \- H or \- T the directory will have its context modified with chcon(1) unless a level is specified with \- l. If the MLS/MCS security level is specified, the user is responsible to set the correct labels.
2010-06-10 22:35:55 +02:00
.PP
.TP
2016-05-10 09:21:21 +02:00
\fB \- h\ \fB \- \- help\fR
2013-10-09 20:37:31 +02:00
display usage message
2010-06-10 22:35:55 +02:00
.TP
2016-05-10 09:21:21 +02:00
\fB \- H\ \fB \- \- homedir\fR
2013-10-09 20:37:31 +02:00
Use alternate homedir to mount over your home directory. Defaults to temporary. Requires \- X or \- M.
.TP
\fB \- i\fR \fB \- \- include\fR
2010-06-10 22:35:55 +02:00
Copy this file into the appropriate temporary sandbox directory. Command can be repeated.
.TP
2013-10-09 20:37:31 +02:00
\fB \- I\fR \fB \- \- includefile\fR
Copy all files listed in inputfile into the
2010-06-10 22:35:55 +02:00
appropriate temporary sandbox directories.
.TP
2013-10-09 20:37:31 +02:00
\fB \- l\fR \fB \- \- level\fR
2010-06-10 22:35:55 +02:00
Specify the MLS/MCS Security Level to run the sandbox with. Defaults to random.
.TP
2013-10-09 20:37:31 +02:00
\fB \- M\fR \fB \- \- mount\fR
2010-06-10 22:35:55 +02:00
Create a Sandbox with temporary files for $HOME and /tmp.
.TP
2013-10-09 20:37:31 +02:00
\fB \- s\fR \fB \- \- shred\fR
2012-10-25 13:40:27 +02:00
Shred temporary files created in $HOME and /tmp, before deleting.
.TP
2013-10-09 20:37:31 +02:00
\fB \- t\fR \fB \- \- type\fR
Use alternate sandbox type, defaults to sandbox_t or sandbox_x_t for \- X.
2012-05-04 01:21:18 +02:00
\fB Examples:\fR
.br
2013-10-09 20:37:31 +02:00
sandbox_t \- No X, No Network Access, No Open, read/write on passed in file descriptors.
2012-05-04 01:21:18 +02:00
.br
2013-10-09 20:37:31 +02:00
sandbox_min_t \- No Network Access
2012-05-04 01:21:18 +02:00
.br
2016-06-17 19:24:35 +02:00
sandbox_x_t \- Ports for X applications to run locally
2012-05-04 01:21:18 +02:00
.br
2013-10-09 20:37:31 +02:00
sandbox_web_t \- Ports required for web browsing
2012-05-04 01:21:18 +02:00
.br
2016-06-17 19:24:35 +02:00
sandbox_net_t \- Network ports (for server software)
.br
sandbox_net_client_t \- All network ports
2012-05-04 01:21:18 +02:00
2010-06-10 22:35:55 +02:00
.TP
2013-10-09 20:37:31 +02:00
\fB \- T\fR \fB \- \- tmpdir\fR
Use alternate temporary directory to mount on /tmp. Defaults to tmpfs. Requires \- X or \- M.
2010-06-10 22:35:55 +02:00
.TP
2022-10-13 15:23:12 +02:00
\fB \- R\fR \fB \- \- runuserdir\fR
Use alternate temporary directory to mount on XDG_RUNTIME_DIR (/run/user/$UID).
.TP
2013-10-09 20:37:31 +02:00
\fB \- S\fR \fB \- \- session\fR
2011-08-10 23:22:41 +02:00
Run a full desktop session, Requires level, and home and tmpdir.
.TP
2013-10-09 20:37:31 +02:00
\fB \- w\fR \fB \- \- windowsize\fR
2011-08-10 23:22:41 +02:00
Specifies the windowsize when creating an X based Sandbox. The default windowsize is 1000x700.
.TP
2013-10-09 20:37:31 +02:00
\fB \- W\fR \fB \- \- windowmanager\fR
2010-06-10 22:35:55 +02:00
Select alternative window manager to run within
2013-10-09 20:37:31 +02:00
.B sandbox \- X.
Default to /usr/bin/openbox.
2010-06-10 22:35:55 +02:00
.TP
\fB \- X\fR
Create an X based Sandbox for gui apps, temporary files for
$HOME and /tmp, secondary Xserver, defaults to sandbox_x_t
2011-06-13 19:24:38 +02:00
.TP
2013-10-09 20:37:31 +02:00
\fB \- d\fR \fB \- \- dpi\fR
Set the DPI value for the sandbox X Server. Defaults to the current X Sever DPI.
2011-11-07 21:52:37 +01:00
.TP
2013-10-09 20:37:31 +02:00
\fB \- C\fR \fB \- \- capabilities\fR Use capabilities within the
sandbox. By default applications executed within the sandbox will not
be allowed to use capabilities (setuid apps), with the \- C flag, you
can use programs requiring capabilities.
2010-06-10 22:35:55 +02:00
.PP
.SH "SEE ALSO"
.TP
2011-08-03 21:09:22 +02:00
runcon(1), seunshare(8), selinux(8)
2010-06-10 22:35:55 +02:00
.PP
2011-08-03 21:09:22 +02:00
.SH AUTHOR
This manual page was written by
.I Dan Walsh <dwalsh@redhat.com>
and
.I Thomas Liu <tliu@fedoraproject.org>
