FlatImage
A configurable Linux containerization system
Loading...
Searching...
No Matches
Namespaces | Classes | Typedefs | Functions
ns_bwrap Namespace Reference

Bubblewrap sandboxing integration. More...

Namespaces

namespace  ns_proxy
 Bubblewrap proxy types and user configuration.
 

Classes

class  Bwrap
 Manages bubblewrap (bwrap) containerization. More...
 
struct  bwrap_run_ret_t
 

Typedefs

using Permissions = ns_reserved::ns_permissions::Permissions
 
using Permission = ns_reserved::ns_permissions::Permission
 
using Unshares = ns_reserved::ns_unshare::Unshares
 
using Unshare = ns_reserved::ns_unshare::Unshare
 

Functions

Value< void > bwrap_clean (fs::path const &path_dir_work)
 Cleans up the bwrap work directory.
 
std::vector< fs::path > get_mounted_layers (fs::path const &path_dir_layers)
 Get the mounted layers object.
 

Detailed Description

Bubblewrap sandboxing integration.

Provides unprivileged containerization via Linux namespaces using bubblewrap. Manages sandbox configuration, permission-based bind mounts, user namespace isolation, overlay filesystem setup, and GPU/device access control. Supports both native overlay and FUSE-based overlay modes.

Typedef Documentation

◆ Permission

using ns_bwrap::Permission = ns_reserved::ns_permissions::Permission

Definition at line 214 of file bwrap.hpp.

◆ Permissions

using ns_bwrap::Permissions = ns_reserved::ns_permissions::Permissions

Definition at line 213 of file bwrap.hpp.

◆ Unshare

using ns_bwrap::Unshare = ns_reserved::ns_unshare::Unshare

Definition at line 216 of file bwrap.hpp.

◆ Unshares

using ns_bwrap::Unshares = ns_reserved::ns_unshare::Unshares

Definition at line 215 of file bwrap.hpp.

Function Documentation

◆ bwrap_clean()

Value< void > ns_bwrap::bwrap_clean ( fs::path const & path_dir_work)
inline

Cleans up the bwrap work directory.

Bwrap leaves behind a 'root' owned empty directory. It is possible to remove without root since it is empty after bwrap is finished. Might take some attempts.

Parameters
path_dir_workPath to the bwrap work directory to clean
Returns
Value<void> Nothing on success, or the respective error
Note
Even if it fails, this won't affect the next program execution since the directory is empty

Definition at line 175 of file bwrap.hpp.

Here is the caller graph for this function:

◆ get_mounted_layers()

std::vector< fs::path > ns_bwrap::get_mounted_layers ( fs::path const & path_dir_layers)
inlinenodiscard

Get the mounted layers object.

Parameters
path_dir_layersPath to the layer directory
Returns
std::vector<fs::path> The list of layer directory paths

Definition at line 202 of file bwrap.hpp.