sboxd 0.1.9

Policy-driven command runner for sandboxed dependency installation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174

# Getting Started

## What you need

- Linux (Fedora, Ubuntu, Debian, Arch, etc.)
- Rootless Podman **or** Docker installed and working
- That's it

If you're not sure whether rootless Podman is set up correctly, run `sbox doctor` after installing — it checks everything and tells you what to fix.

---

## Install sbox

**From crates.io:**

```bash
cargo install sboxd
```

The binary is named `sbox`.

**Pre-built binaries** (no Rust toolchain needed):

```bash
# x86_64
curl -fsSL https://github.com/Aquilesorei/sboxd/releases/latest/download/sbox-linux-x86_64 \
  -o ~/.local/bin/sbox && chmod +x ~/.local/bin/sbox

# aarch64
curl -fsSL https://github.com/Aquilesorei/sboxd/releases/latest/download/sbox-linux-aarch64 \
  -o ~/.local/bin/sbox && chmod +x ~/.local/bin/sbox
```

Make sure `~/.local/bin` is in your PATH:

```bash
export PATH="$HOME/.local/bin:$PATH"   # add to ~/.bashrc or ~/.zshrc
```

**From source:**

```bash
git clone https://github.com/Aquilesorei/sboxd
cd sboxd
cargo install --path .
```

---

## Check everything works

```bash
sbox doctor
```

This tells you whether Podman or Docker is available, whether rootless mode is configured, whether `skopeo` is available for signature verification, and whether shims are installed. Fix anything it flags before continuing.

---

## Add sbox to a project

### Option 1 — preset (fastest)

```bash
sbox init --preset node      # Node.js — npm, node:22-bookworm-slim
sbox init --preset python    # Python  — uv,  python:3.13-slim
sbox init --preset rust      # Rust    — cargo, rust:1-bookworm
sbox init --preset go        # Go      — go, golang:1.23-bookworm
sbox init --preset generic   # Blank   — ubuntu:24.04, manual profiles
```

Language presets generate a `package_manager:` config — one line declares the package manager name and sbox handles the rest. The `generic` preset generates a manual profiles skeleton instead.

### Option 2 — interactive wizard

```bash
cd myproject
sbox init --interactive
```

The wizard asks two to five questions depending on your choice:

**Simple mode** (recommended for most projects):

1. Setup mode → `simple`
2. Package manager → npm / yarn / pnpm / bun / uv / pip / poetry / cargo / go
3. Container image → default shown, press Enter to accept
4. Container backend → auto / podman / docker

Writes a minimal config with `package_manager:`. That's it — sbox infers install profiles, build profiles, network policy, and writable paths from the preset.

**Advanced mode** (for custom policies):

1. Setup mode → `advanced`
2. Container backend
3. Language / ecosystem
4. Container image
5. Default network access
6. Writable paths
7. Whether to add dispatch rules

Writes a config with explicit `profiles:` and `dispatch:` for full manual control.

Press Enter at any prompt to accept the default.

---

## See what will happen before running anything

```bash
sbox plan -- npm install
```

This resolves the full execution policy and prints it — which image, which mounts, which env vars pass through, what network policy — without starting a container. Use this to understand and debug your config.

```
sbox plan
phase: 2
config: /home/user/myproject/sbox.yaml

command: npm install

resolution:
  profile: pm-npm-install
  profile source: package_manager preset `npm` (install) via pattern `npm install*`
  mode: sandbox

runtime:
  backend: podman
  image: ref:node:22-bookworm-slim
  user mapping: keep-id

workspace:
  root: /home/user/myproject
  mount: /workspace
  sandbox cwd: /workspace

policy:
  network: on
  network_allow: [resolved] registry.npmjs.org
  writable: false
  no_new_privileges: true

mounts:
  - bind /home/user/myproject -> /workspace (ro, workspace)
  - bind /home/user/myproject/node_modules -> /workspace/node_modules (rw, workspace)
  - bind /home/user/myproject/package-lock.json -> /workspace/package-lock.json (rw, workspace)
  - mask /workspace/.npmrc (credential masked)
```

---

## Run your first sandboxed command

```bash
sbox run -- npm install
```

The first run pulls the container image if it's not already local (a few seconds to a few minutes depending on image size). Subsequent runs use the cached image.

npm runs inside the container. Postinstall scripts can only reach `registry.npmjs.org` — arbitrary internet hosts are blocked. They cannot read your SSH keys or tokens, cannot write outside `node_modules/` and `package-lock.json`. When the container exits, `node_modules/` is on your host as usual.

---

## What's next

**If it worked:** read [Progressive adoption](adoption.md) to understand the residual risk from Stage 1 and how to close it.

**If something broke:** check [Troubleshooting](troubleshooting.md). The most common issues are read-only filesystem errors (fix with `writable_paths`) and missing env vars (fix with `pass_through`).

**If you want to understand what the sandbox actually does:** read [How it works](how-it-works.md).

**If you need to download packages from the registry:** `network: off` blocks downloads too. Read [Network security](network.md) for the options.