Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 690036 Details for
Bug 774861
sys-apps/sandbox crash built on musl with sh -> busybox
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
/etc/sandbox.conf
sandbox.conf (text/plain), 2.77 KB, created by
pash
on 2021-03-08 14:24:23 UTC
(
hide
)
Description:
/etc/sandbox.conf
Filename:
MIME Type:
Creator:
pash
Created:
2021-03-08 14:24:23 UTC
Size:
2.77 KB
patch
obsolete
># Sandbox main configuration file > ># Note that configuration parser is fairly basic, so try to keep things simple. > ># ># BASIC Section ># > ># Basic sandbox configuration. Sandbox will use values here if not already set ># in the environment. Assignment works like bash variable assignment (ie, last ># value assigned to the variable is used). > ># SANDBOX_VERBOSE ># ># Determine if sandbox print access violations, or if debugging is enabled, ># it will also print allowed operations. Default is "yes" >#SANDBOX_VERBOSE="yes" > ># SANDBOX_DEBUG ># ># In addition to the normal log, a debug log is also written containing all ># operations caught by sandbox. Default is "no" >#SANDBOX_DEBUG="no" > ># NOCOLOR ># ># Determine the use of color in the output. Default is "false" (ie, use color) >#NOCOLOR="false" > > ># ># Namespace Section (Linux-only) ># > ># Global knob to control all namespaces. >#NAMESPACES_ENABLE="no" > ># Knobs for different types of namespaces. If the runtime doesn't support a ># particular type, it will be automatically skipped. Default to off as these ># are currently experimental. ># For more details on each type, see the namespaces(7) manpage. >#NAMESPACE_IPC_ENABLE="no" >#NAMESPACE_MNT_ENABLE="no" >#NAMESPACE_NET_ENABLE="no" >#NAMESPACE_PID_ENABLE="no" >#NAMESPACE_SYSV_ENABLE="no" >#NAMESPACE_USER_ENABLE="no" >#NAMESPACE_UTS_ENABLE="no" > > ># ># ACCESS Section ># > ># The next section contain rules for access. It works a bit different from the ># previous section in that values assigned to variables stack. Also since these ># do NOT get overridded by values already set in the environment, but rather ># those get added. ># ># If you want values that only get set if one of the variables are not already ># present in the environment, place a file in /etc/sandbox.d/ (replace /etc ># with what sysconfdir was configured to). ># ># Another difference from above, is that these support simple variable name ># substitution. Variable names must be in the form of '${variable}' (without ># the ''). It is very basic, so no command substitution, etc is supported. ># ># The values consists of the respective paths seperated by a colon (:) ># ># SANDBOX_DENY - all access to respective paths are denied ># ># SANDBOX_READ - can read respective paths ># ># SANDBOX_WRITE - can write to respective paths ># ># SANDBOX_PREDICT - respective paths are not writable, but no access violation ># will be issued in the case of a write ># > ># Needed for stdout, stdin and stderr >SANDBOX_WRITE="/dev/fd:/proc/self/fd" ># Common device nodes >SANDBOX_WRITE="/dev/zero:/dev/null:/dev/full" ># Console device nodes >SANDBOX_WRITE="/dev/console:/dev/tty:/dev/vc/:/dev/pty:/dev/tts" ># Device filesystems >SANDBOX_WRITE="/dev/ptmx:/dev/pts/:/dev/shm" ># Tempory storage >SANDBOX_WRITE="/tmp/:/var/tmp/" ># Needed for shells >SANDBOX_WRITE="${HOME}/.bash_history" >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 774861
: 690036 |
690039
|
690060
|
690063
|
690066
|
690069
|
690084
|
690087
|
690090