Feature request/clarification: Sandboxing the file system

[I-Al-Istannen]

Hey,

I've seen that rattler-build uses linux namespaces for isolation — but it allows access to the whole file system by default. I've ran into a few bugs where a build in rattler silently picked up system-level header files, archives or binaries. Every time this happens you have to go debug the CI, wait an hour for the build to crash and then try to pick out what could have potentially happened from the sparse logs you patched in.

Is there any reason why the sandbox shares all paths and isn't a lot more restricted? I couldn't find much documentation on this and I don't quite understand why I haven't found anything about it, the sandbox has existed for over a year by now :)

Enjoy your day 🐞

PS: Not sure if this is better suited as a discussion…

[wolfv]

Hi @I-Al-Istannen the sandbox is still mostly "experimental". We would love it if you help us experiment with it and figure out better patterns for what should be allowed / disallowed from the filesystem.

rattler-build, by default, uses tools from the host system such as bash, glibc, ...