%general-entities; ]> bubblewrap Bubblewrap is a setuid implementation of user namespaces, or sandboxing, that provides access to a subset of kernel user namespace features. Bubblewrap allows user owned processes to run in an isolated environment with limited access to the underlying filesystem. &lfs121_checked; Package Information Download (HTTP): Download (FTP): Download MD5 sum: &bubblewrap-md5sum; Download size: &bubblewrap-size; Estimated disk space required: &bubblewrap-buildsize; Estimated build time: &bubblewrap-time; Bubblewrap Dependencies Optional (to generate manual pages) and (built with python bindings, for tests) When this package began, upstream expected it could be installed suid-root. That was a long time ago, suid-root is generally considered a bad idea. As well as the default namespaces, this package requires the optional User namespace to be enabled. If that has not yet been enabled, select the following option in the kernel configuration and recompile the kernel: bubblewrap Install Bubblewrap by running the following commands: mkdir build && cd build && meson setup --prefix=/usr --buildtype=release .. && ninja Next, if you desire to run the test suite, fix an issue caused by the merged-/usr configuration in LFS: sed 's@symlink usr/lib64@ro-bind-try /lib64@' -i ../tests/libtest.sh To test the results, issue (as a user other than the root user): ninja test Now, as the root user: ninja install Installed Program Installed Libraries Installed Directories bwrap None None Short Descriptions bwrap generates a sandbox for a program to run in bwrap