boxlite 0.9.3

Embeddable virtual machine runtime for secure, isolated code execution
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

//! AppArmor profile generation for bundled bwrap.
//!
//! On Ubuntu 23.10+ with `kernel.apparmor_restrict_unprivileged_userns=1`,
//! each binary that needs user namespaces must have an AppArmor profile with
//! `allow userns`. System bwrap at `/usr/bin/bwrap` ships with this profile,
//! but our bundled bwrap at a custom path does not.
//!
//! This module generates a profile for the bundled bwrap path, mirroring
//! Ubuntu's `/etc/apparmor.d/bwrap-userns-restrict`.

use std::path::{Path, PathBuf};

/// Generate an AppArmor profile for a bwrap binary at the given path.
///
/// Mirrors Ubuntu's `/etc/apparmor.d/bwrap-userns-restrict` but with:
/// - The bundled bwrap's absolute path (instead of `/usr/bin/bwrap`)
/// - Unique profile names (`boxlite_bwrap` / `boxlite_unpriv_bwrap`)
///   to avoid collision with the system's `bwrap` profile
///
/// The profile grants `allow userns` which is required on systems with
/// `kernel.apparmor_restrict_unprivileged_userns=1`.
pub(crate) fn generate_bwrap_profile(bwrap_path: &Path) -> String {
    let abs_path = bwrap_path
        .canonicalize()
        .unwrap_or_else(|_| bwrap_path.to_path_buf());

    format!(
        r#"# Auto-generated by BoxLite for bundled bwrap.
# Load with: sudo apparmor_parser -r <this_file>
# Remove with: sudo apparmor_parser -R <this_file>

abi <abi/4.0>,

include <tunables/global>

profile boxlite_bwrap {path} flags=(attach_disconnected,mediate_deleted) {{
  allow capability,
  allow file rwlkm /{{**,}},
  allow network,
  allow unix,
  allow ptrace,
  allow signal,
  allow mqueue,
  allow io_uring,
  allow userns,
  allow mount,
  allow umount,
  allow pivot_root,
  allow dbus,

  # Stacked child profile for no-new-privs (bwrap uses PR_SET_NO_NEW_PRIVS)
  allow pix /** -> &boxlite_bwrap//&boxlite_unpriv_bwrap,
}}

# Child profile strips capabilities within the user namespace
profile boxlite_unpriv_bwrap flags=(attach_disconnected,mediate_deleted) {{
  allow file rwlkm /{{**,}},
  allow network,
  allow unix,
  allow ptrace,
  allow signal,
  allow mqueue,
  allow io_uring,
  allow userns,
  allow mount,
  allow umount,
  allow pivot_root,
  allow dbus,

  allow pix /** -> &boxlite_unpriv_bwrap,

  audit deny capability,
}}
"#,
        path = abs_path.display()
    )
}

/// Write the generated AppArmor profile to `{apparmor_dir}/boxlite-bwrap`.
///
/// The caller provides the output directory. Creates it if needed.
/// Returns the path to the written file, which the caller can include
/// in diagnostics for `sudo apparmor_parser -r`.
pub(crate) fn write_bwrap_profile(
    bwrap_path: &Path,
    apparmor_dir: &Path,
) -> Result<PathBuf, String> {
    std::fs::create_dir_all(apparmor_dir).map_err(|e| {
        format!(
            "failed to create AppArmor profile directory {}: {}",
            apparmor_dir.display(),
            e
        )
    })?;

    let profile_path = apparmor_dir.join("boxlite-bwrap");
    let profile_content = generate_bwrap_profile(bwrap_path);

    std::fs::write(&profile_path, &profile_content).map_err(|e| {
        format!(
            "failed to write AppArmor profile to {}: {}",
            profile_path.display(),
            e
        )
    })?;

    tracing::info!(
        profile_path = %profile_path.display(),
        bwrap_path = %bwrap_path.display(),
        "Generated AppArmor profile for bundled bwrap"
    );

    Ok(profile_path)
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_generate_bwrap_profile_contains_path() {
        let profile = generate_bwrap_profile(Path::new("/opt/boxlite/bin/bwrap"));
        assert!(profile.contains("/opt/boxlite/bin/bwrap"));
        assert!(profile.contains("profile boxlite_bwrap"));
        assert!(profile.contains("allow userns"));
    }

    #[test]
    fn test_generate_bwrap_profile_unique_names() {
        let profile = generate_bwrap_profile(Path::new("/usr/local/bin/bwrap"));
        // Should use boxlite_ prefix, not clash with system "bwrap" profile
        assert!(profile.contains("boxlite_bwrap"));
        assert!(profile.contains("boxlite_unpriv_bwrap"));
        assert!(profile.contains("audit deny capability"));
    }

    #[test]
    fn test_generate_bwrap_profile_valid_syntax() {
        let profile = generate_bwrap_profile(Path::new("/tmp/test-bwrap"));
        // Verify required AppArmor syntax elements
        assert!(profile.contains("abi <abi/4.0>"));
        assert!(profile.contains("include <tunables/global>"));
        assert!(profile.contains("flags=(attach_disconnected,mediate_deleted)"));
        assert!(profile.contains("allow pix /** -> &boxlite_bwrap//&boxlite_unpriv_bwrap"));
    }
}