Hi,
I found this script example online, but can not figure out how to block the network access in the sandbox. If I remove “--share-net” it works for command line apps, but not for apps with GUI, for example Firefox.
Here is the error I get with GUI apps:
Error: cannot open display: :0
Here is the script:
I found this script example online, but can not figure out how to block the network access in the sandbox. If I remove “--share-net” it works for command line apps, but not for apps with GUI, for example Firefox.
Here is the error I get with GUI apps:
Error: cannot open display: :0
Here is the script:
Code:
#!/usr/bin/env bashset -euo pipefail(exec bwrap --ro-bind /usr /usr \ --dir /tmp \ --dir /var \ --symlink ../tmp var/tmp \ --proc /proc \ --dev /dev \ --ro-bind /etc/resolv.conf /etc/resolv.conf \ --symlink usr/lib /lib \ --symlink usr/lib64 /lib64 \ --symlink usr/bin /bin \ --symlink usr/sbin /sbin \ --unshare-all \ --share-net \ --die-with-parent \ --dir /run/user/$(id -u) \ --setenv XDG_RUNTIME_DIR "/run/user/`id -u`" \ --bind $HOME/.bwrap/user $HOME \ /bin/sh )Statistics: Posted by 3-WVI — 2024-08-25 14:34 — Replies 1 — Views 25