When options are used multiple times, the last option wins, unless
Print help and exit
Parse nul-separated arguments from the given file
descriptor. This option can be used multiple times to parse options from
Options related to kernel namespaces:
Create a new user namespace
Create a new user namespace if possible else skip
Create a new ipc namespace
Create a new pid namespace
Create a new network namespace
Create a new uts namespace
Create a new cgroup namespace
Create a new cgroup namespace if possible else skip
Unshare all possible namespaces. Currently equivalent
with: --unshare-user-try --unshare-ipc --unshare-pid
--unshare-net --unshare-uts --unshare-cgroup-try
Use an existing user namespace instead of creating a new
one. The namespace must fulfil the permission requirements for setns(), which
generally means that it must be a descendant of the currently active user
namespace, owned by the same user.
This is incompatible with --unshare-user, and doesn't work in the
setuid version of bubblewrap.
After setting up the new namespace, switch into the
specified namespace. For this to work the specified namespace must be a
descendant of the user namespace used for the setup, so this is only useful in
combination with --userns.
This is useful because sometimes bubblewrap itself creates nested
user namespaces (to work around some kernel issues) and --userns2 can be
used to enter these.
Use an existing pid namespace instead of creating one.
This is often used with --userns, because the pid namespace must be owned by
the same user namespace that bwrap uses.
Note that this can be combined with --unshare-pid, and in that
case it means that the sandbox will be in its own pid namespace, which is a
child of the passed in one.
Use a custom user id in the sandbox (requires
Use a custom group id in the sandbox (requires
Use a custom hostname in the sandbox (requires
Options about environment setup:
Change directory to DIR
--setenv VAR VALUE
Set an environment variable
Unset an environment variable
Unset all environment variables, except for PWD
and any that are subsequently set by --setenv
Options for monitoring the sandbox from the outside:
Take a lock on DEST while the sandbox is running. This
option can be used multiple times to take locks on multiple files.
Keep this file descriptor open while the sandbox is
Filesystem related options. These are all operations that modify
the filesystem directly, or mounts stuff in the filesystem. These are
applied in the order they are given as arguments.
Any missing parent directories that are required to create a
specified destination are automatically created as needed. Their permissions
are normally set to 0755 (rwxr-xr-x). However, if a --perms option is
in effect, and it sets the permissions for group or other to zero, then
newly-created parent directories will also have their corresponding
permission set to zero.
This option does nothing on its own, and must be followed
by one of the options that it affects. It sets the permissions for the next
operation to OCTAL. Subsequent operations are not affected: for example,
--perms 0700 --tmpfs /a --tmpfs /b will mount /a with permissions 0700, then
return to the default permissions for /b.
--bind SRC DEST
Bind mount the host path SRC on DEST
--bind-try SRC DEST
Equal to --bind but ignores non-existent SRC
--dev-bind SRC DEST
Bind mount the host path SRC on DEST, allowing device
--dev-bind-try SRC DEST
Equal to --dev-bind but ignores non-existent
--ro-bind SRC DEST
Bind mount the host path SRC readonly on DEST
--ro-bind-try SRC DEST
Equal to --ro-bind but ignores non-existent
Remount the path DEST as readonly. It works only on the
specified mount point, without changing any other mount point under the
Mount procfs on DEST
Mount new devtmpfs on DEST
Mount new tmpfs on DEST. If the previous option was
--perms, it sets the mode of the tmpfs. Otherwise, the tmpfs has mode
Mount new mqueue on DEST
Create a directory at DEST. If the directory already
exists, its permissions are unmodified, ignoring --perms (use
--chmod if the permissions of an existing directory need to be
changed). If the directory is newly created and the previous option was
--perms, it sets the mode of the directory. Otherwise, newly-created
directories have mode 0755.
--file FD DEST
Copy from the file descriptor FD to DEST. If the previous
option was --perms, it sets the mode of the new file. Otherwise, the
file has mode 0666 (note that this is not the same as
--bind-data FD DEST
Copy from the file descriptor FD to a file which is
bind-mounted on DEST. If the previous option was --perms, it sets the
mode of the new file. Otherwise, the file has mode 0600 (note that this is not
the same as --file).
--ro-bind-data FD DEST
Copy from the file descriptor FD to a file which is
bind-mounted read-only on DEST. If the previous option was --perms, it
sets the mode of the new file. Otherwise, the file has mode 0600 (note that
this is not the same as --file).
--symlink SRC DEST
Create a symlink at DEST with target SRC
--chmod OCTAL PATH
Set the permissions of PATH, which must already exist, to
Load and use seccomp rules from FD. The rules need to be
in the form of a compiled cBPF program, as generated by
Exec Label from the sandbox. On an SELinux system you can
specify the SELinux context for the sandbox process(s).
File label for temporary sandbox content. On an SELinux
system you can specify the SELinux context for the sandbox content.
Block the sandbox on reading from FD until some data is
Do not initialize the user namespace but wait on FD until
it is ready. This allow external processes (like newuidmap/newgidmap) to setup
the user namespace before it is used by the sandbox process.
Write information in JSON format about the sandbox to
Create a new terminal session for the sandbox (calls
setsid()). This disconnects the sandbox from the controlling terminal which
means the sandbox can't for instance inject input into the terminal.
Note: In a general sandbox, if you don't use --new-session, it is
recommended to use seccomp to disallow the TIOCSTI ioctl, otherwise the
application can feed keyboard input to the terminal.
Ensures child process (COMMAND) dies when bwrap's parent
dies. Kills (SIGKILL) all bwrap sandbox processes in sequence from parent to
child including COMMAND process when bwrap or bwrap's parent dies. See prctl,
Do not create a process with PID=1 in the sandbox to reap
Add the specified capability when running as privileged
user. It accepts the special value ALL to add all the permitted caps.
Drop the specified capability when running as privileged
user. It accepts the special value ALL to drop all the caps. By default no
caps are left in the sandboxed process. The --cap-add and
--cap-drop options are processed in the order they are specified on the
command line. Please be careful to the order they are specified.