Joel Roth edited this page Mar 31, 2017 · 1 revision
Clone this wiki locally
       UnionSandbox -

       UnionSandbox [<options>] <program> [<command-parameters...>]

       Run the program in a protected sandbox, as superuser, using unionfs


              Enable terse messages.


              Enable debug messages.

       -h, --help

              Show this help.


              Show program version.

       -v, --verbose

              Enable verbose mode.

       --logfile <entry>

              Log all output to specified file.

       -w, --writedir <entry>

              The dir where writes outside sandbox are written.

       -d, --directory <entry>

              The program should be run at <entry>. This path should be either absolute, or relative to the sandbox root.

       -s, --sandbox <entry>[:<entry>...]

              Colon-separated list of areas where the restricted process has write access to.  The default value is '.'.

       -m, --map <entry>[:<entry>...]

              Colon-separated mapping (lhs=rhs) where writes to rhs are mapped to lhs.


       To allow mobility within the sandbox, the '.' directory is mounted at a sandbox root (like ). For this reason, use of
       relative paths like '..' to reach directories higher in the hierarchy than '.' may produce  unexpected  results.   It
       may also confuse symbolic links that flow through the sandbox.

              UnionSandbox -r 0.0 -s '.:/Programs/NaughtyApp/Current' make install

       Copyright © 2003. Released under the GNU GPL.

GoboLinux                                                March 2017                                          UNIONSANDBOX(1)