.\" $NetBSD: mksandbox.8,v 1.7 2018/08/16 15:40:50 sevan Exp $ .\" .\" Copyright (c) 2012 Thomas Klausner .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .Dd August 16, 2018 .Dt MKSANDBOX 8 .Os .Sh NAME .Nm mksandbox .Nd set up a sandbox .Sh SYNOPSIS .Nm .Op Fl Fl mounthost Ns = Ns Ar host .Op Fl Fl rodirs Ns = Ns Ar dir,... .Op Fl Fl rwdirs Ns = Ns Ar dir,... .Op Fl Fl pkgsrc Ns = Ns Ar dir .Op Fl Fl src Ns = Ns Ar srcdir .Op Fl Fl xsrc Ns = Ns Ar xsrcdir .Op Fl Fl without-x .Op Fl Fl without-pkgsrc .Op Fl Fl without-src .Op Fl Fl without-xsrc .Op Fl Fl verbose .Ar sandbox-dir .Sh DESCRIPTION .Nm is a small shell script to set up a sandbox (usually for a pkgsrc bulk build), using null mounts. The sandbox is set up for the target directory .Ar sandbox-dir . .Pp The following options are available: .Bl -tag -width "Xmounthost=hostXXX" .It Fl Fl mounthost Ns = Ns Ar host Use .Ar host as the mount host. .It Fl Fl rodirs Ns = Ns Ar dir,... Mount additional directories read-only. .It Fl Fl rwdirs Ns = Ns Ar dir,... Mount additional directories read-write. .It Fl Fl pkgsrc Ns = Ns Ar dir Look for the pkgsrc files in .Ar dir instead of the default .Pa /usr/pkgsrc . .It Fl Fl src Ns = Ns Ar srcdir Look for the .Nx src files in .Ar srcdir instead of the default .Pa /usr/src (only needed for some packages that compile kernel modules). .It Fl Fl xsrc Ns = Ns Ar xsrcdir Look for the .Nx xsrc files in .Ar xsrcdir instead of the default .Pa /usr/xsrc (only needed for some packages). .It Fl Fl without-pkgsrc Do not mount pkgsrc directories in the sandbox. .It Fl Fl without-src Do not mount src directory in the sandbox. .It Fl Fl without-xsrc Do not mount xsrc directory in the sandbox. .It Fl Fl without-x Do not include X files in the sandbox. .It Fl Fl verbose More verbose output. .El .Sh USAGE After .Nm has finished successfully, .Ar sandbox-dir will contain a file .Pa sandbox which can be used to set up and tear down the sandbox, as well as execute commands inside. The .Pa sandbox script supports the following commands: .Bl -tag -width XXnoXargumentXXXX .It Ic chroot Start .Xr ksh 1 inside the sandbox and load .Pa /etc/shrc . .It Ic mount Set up the sandbox. .It Ic umount Tear down the sandbox. .It (no argument) Start .Xr ksh 1 inside the sandbox without loading .Pa /etc/shrc . Can only be called after .Ic mount . .It Ic command Try running .Pa command inside the sandbox. Fails if the argument is not an executable. Can only be called after .Ic mount . .El .Sh EXAMPLES The most common usage is running mksandbox once, e.g., .Dl mksandbox /home/user/sandboxdir and then reusing this sandbox. Once the sandbox exists, the most common usage is: .Bd -literal -offset indent cd /home/user/sandboxdir \&./sandbox mount \&./sandbox (do something inside, like a bulk build or building one package by hand) (CTRL-D or logout, to leave the shell inside the sandbox) \&./sandbox umount .Ed .Sh AUTHORS .An Alistair G. Crooks .Aq agc@NetBSD.org