Bubblewrap sandbox executor plugin for Docketeer

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for chrisguidry from gravatar.com chrisguidry
Meta

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

docketeer-bubblewrap

Sandboxed command execution for Docketeer using bubblewrap (bwrap).

This plugin provides a CommandExecutor implementation that runs external programs inside a lightweight Linux sandbox using unprivileged user namespaces. Each process gets its own PID, UTS, IPC, and cgroup namespaces, and network access is denied by default. The --die-with-parent flag ensures sandboxed processes are cleaned up if the parent exits.

Requirements

  • Linux with unprivileged user namespaces enabled
  • bwrap on PATH (install via your distro's bubblewrap package)

How it works

The executor builds a minimal filesystem view inside the sandbox:

  • Read-only binds for system directories (/usr, /bin, /lib, /etc/ssl, etc.)
  • /proc, /dev, and a tmpfs /tmp
  • User-specified mounts (read-only or writable)
  • Optional network access via --share-net

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for chrisguidry from gravatar.com chrisguidry
Meta

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

0.0.17

0.0.16

This version

0.0.15

0.0.14

0.0.13

0.0.12

0.0.11

0.0.10

0.0.9

0.0.8

0.0.7

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

docketeer_bubblewrap-0.0.15.tar.gz (8.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

docketeer_bubblewrap-0.0.15-py3-none-any.whl (5.5 kB view details)

Uploaded Python 3

File details

Details for the file docketeer_bubblewrap-0.0.15.tar.gz.

File metadata

  • Download URL: docketeer_bubblewrap-0.0.15.tar.gz
  • Upload date:
  • Size: 8.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for docketeer_bubblewrap-0.0.15.tar.gz
Algorithm Hash digest
SHA256 d9aadcc23d376cdcb537f3202c246af25fab69d5ca93dd022a2615e0112d7327
MD5 d2a0ce1e0242eb74f9362bcbdb2239c2
BLAKE2b-256 024143c6a6dbf2a352a37e7b7fba40dfffd0f4dcbc6360f5509ae8ef767340d4

See more details on using hashes here.

Provenance

The following attestation bundles were made for docketeer_bubblewrap-0.0.15.tar.gz:

Publisher: publish.yml on chrisguidry/docketeer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file docketeer_bubblewrap-0.0.15-py3-none-any.whl.

File metadata

File hashes

Hashes for docketeer_bubblewrap-0.0.15-py3-none-any.whl
Algorithm Hash digest
SHA256 345260d88f16dd5446f8173e544f2c041ad30d3bdcd14e1e0268f80d5d3d326a
MD5 d681c7899cef07f70d51a8a5f8996224
BLAKE2b-256 362832d49738228c13c2de07fed9db651809cc35c22ad035efdbdf3ea3722150

See more details on using hashes here.

Provenance

The following attestation bundles were made for docketeer_bubblewrap-0.0.15-py3-none-any.whl:

Publisher: publish.yml on chrisguidry/docketeer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page