Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

sandbox(5) [centos man page]

sandbox.conf(5) 					    Linux System Administration 					   sandbox.conf(5)

sandbox.conf - user config file for the SELinux sandbox DESCRIPTION
When running sandbox with the -C argument, it will be confined using control groups and a system administrator can specify how the sandbox is confined. Everything after "#" is ignored, as are empty lines. All arguments should be separated by and equals sign ("="). These keywords are allowed. NAME The name of the sandbox control group. Default is "sandbox". CPUAFFINITY Which cpus to assign sandbox to. The default is ALL, but users can specify a comma-separated list with dashes ("-") to rep- resent ranges. Ex: 0-2,5 MEMUSAGE How much memory to allow sandbox to use. The default is 80%. Users can specify either a percentage or a value in the form of a number followed by one of the suffixes K, M, G to denote kilobytes, megabytes or gigabytes respectively. Ex: 50% or 100M CPUUSAGE Percentage of cpu sandbox should be allowed to use. The default is 80%. Specify a value followed by a percent sign ("%"). Ex: 50% SEE ALSO
sandbox(8) AUTHOR
This manual page was written by Thomas Liu <> sandbox.conf June 2010 sandbox.conf(5)

Check Out this Related Man Page

SANDBOX_INIT(3) 					   BSD Library Functions Manual 					   SANDBOX_INIT(3)

sandbox_init, sandbox_free_error -- set process sandbox (DEPRECATED) SYNOPSIS
#include <sandbox.h> int sandbox_init(const char *profile, uint64_t flags, char **errorbuf); void sandbox_free_error(char *errorbuf); DESCRIPTION
The sandbox_init() and sandbox_free_error() functions are DEPRECATED. Developers who wish to sandbox an app should instead adopt the App Sandbox feature described in the App Sandbox Design Guide. The sandbox_init() function places the current process into a sandbox(7). The NUL-terminated string profile specifies the profile to be used to configure the sandbox. The flags specified are formed by or'ing the following values: SANDBOX_NAMED The profile argument specifies a sandbox profile named by one of the constants given in the AVAILABLE PROFILES sec- tion below. The out parameter *errorbuf will be set according to the error status. RETURN VALUES
Upon successful completion of sandbox_init(), a value of 0 is returned and *errorbuf is set to NULL. In the event of an error, a value of -1 is returned and *errorbuf is set to a pointer to a NUL-terminated string describing the error. This string may contain embedded newlines. This error information is suitable for developers and is not intended for end users. This pointer should be passed to sandbox_free_error(3) to release the allocated storage when it is no longer needed. AVAILABLE PROFILES
The following are brief descriptions of each available profile. Keep in mind that sandbox(7) restrictions are typically enforced at resource acquisition time. kSBXProfileNoInternet TCP/IP networking is prohibited. kSBXProfileNoNetwork All sockets-based networking is prohibited. kSBXProfileNoWrite File system writes are prohibited. kSBXProfileNoWriteExceptTemporary File system writes are restricted to the temporary folder /var/tmp and the folder specified by the confstr(3) configuration variable _CS_DARWIN_USER_TEMP_DIR. kSBXProfilePureComputation All operating system services are prohibited. SEE ALSO
sandbox-exec(1), sandbox(7), sandboxd(8) Mac OS X November 15, 2011 Mac OS X
Man Page

11 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

filesystem monitor, for unprivileged user

how can i, ordinary, not a privileged user, monitor my part of filesystem ($HOME dir), to see (at least in log) when and which files was created/deleted/moved ? (I heard something abound "sandbox", but i don`t need to restrict applications, i just want to log its actions) p.s. my system is... (0 Replies)
Discussion started by: variety
0 Replies

2. What is on Your Mind?

LINUX Download

I would like to download a basic copy of LINUX to my PC as a sandbox in which I can run basic commands and functions as a learning tool. I have an older PC - Pentium III Processor at 1GHz, 128MB RAM at 133 MHz, Windows ME operating system. Is there a version of LINUX that would be compatible with... (9 Replies)
Discussion started by: ednan171
9 Replies

3. Shell Programming and Scripting

Help with AWK -- quick question

Ok. I'm just starting to use AWK and I have a question. Here's what I'm trying to do: uname -n returns the following on my box: I want to pipe this to an AWK statement and make it only print: svsi20 I tried: uname -n | awk '{ FS = "." ; print $1 }' ... (5 Replies)
Discussion started by: Probos
5 Replies

4. UNIX and Linux Applications

User Mode Linux sandbox?

Hi all, Thanks (0 Replies)
Discussion started by: rubberjones
0 Replies

5. UNIX for Dummies Questions & Answers

need help.. ! Production Env.

Hi ! I want to delete a softlink... with a name.. " -> ALCATEL " FYI:- lrwxrwxrwx 1 infomcm develop 32 Dec 3 2007 COX -> /wlsuite/om/cm/build/sandbox/COX lrwxrwxrwx 1 infomcm develop 33 Jul 21 05:52 WL10 -> /wlsuite/om-cm/build/sandbox/WL10 lrwxrwxrwx 1... (2 Replies)
Discussion started by: dashok.83
2 Replies

6. Debian

Sandboxes for developers

hi guys, I need to create a sandbox environment on my Debian based LAMP server for PHP/MySql development. Anyone who could point me in the right direction or share their insight? (1 Reply)
Discussion started by: ziggy911
1 Replies

7. Shell Programming and Scripting

air sandbox parameters

Hi guys, I have a problem in unix shell script for abinitio. if i'm using air sandbox parameters command to set the parameter ABC_FILE_MASK to this value ^abc_rules_.csv$ , it is throwing error. Some one please help me find a solution. (1 Reply)
Discussion started by: suresh01_apk
1 Replies

8. UNIX for Dummies Questions & Answers

Not able to delete a dir !!!

Hi All, One of the dir has a subdir in it. Subdir has no files in it. I verified it using ls -la command. When I try to remove this subdir, it says that this directory is not empty. :wall: It does not show any files under it, so what could be the issue?? Appreciate help in... (10 Replies)
Discussion started by: Hangman2
10 Replies

9. Shell Programming and Scripting

How to implement the counter in loop?

Hi, I am working on a script where I need to add one functionality i.e. to could the number of tar files at particular location...but the script is working in below way. 1) create sandbox 2) Drop old member function 3) addmember function 4) Apply checkpoint lable 5) Resync operation(This... (1 Reply)
Discussion started by: anuragpgtgerman
1 Replies

10. Shell Programming and Scripting

Removing blank lines

Hi, my input file is like this I want to remove the blank line. "/home/rit/sandbox/garuda/data/test/woman/T_RITK_F0008_ML_100080039.lab" r a N e l a k sh a m . "/home/rit/sandbox/garuda/data/test/woman/T_RITK_F0008_ML_100070453.lab" a v a s (4 Replies)
Discussion started by: sreejithalokkan
4 Replies

11. Red Hat

RHEL Linux 6.2 to 7.3 - Bootable iso

Hi All On one of my sandbox machine, I want to replace RHEL 6.2 to RHEL 7.3. I am using both developer editions. rhel-server-7.3-x86_64-dvd.iso ... This is what I have downloaded from Red Hat Enterprise Linux Download | Red Hat Developers My understanding is this file would work as a... (1 Reply)
Discussion started by: videsh77
1 Replies

Featured Tech Videos