I experimented bubblewrap as a better alternative to firejail. Unfortunately there are scripts for few applications. It’s tool for developers. Users are better off flatpaks powered by bubblewrap .
I wanted to build flatpaks cli applications and I still don't understand how to build a flatpak cli in the first place and I have asked in some communities and they mention things like vim being in flatpak but I more so need a definitive guide on how to publish a cli application to flatpak
A lot of focus in flatpak sadly gets focused on guis and not clis
Like how much efforts would it take to convert a golang static binary/project cli to flatpak?
It's the base for Flatpack, the thing that makes Flatpack be sandboxed.
I use it to run Claude Code / Codex / Gemini CLI, to make sure that they have a limited / fake view of my system.
You can bind directories into it, or overlay them into it, restrict other kinds of access.
If Docker is a thing in a scale between a VM and your OS, Bubblewrap is a thing a scale between Docker and your OS. You use your OS, instead of installing and managing an OS like you do with Docker, but you get filesystem and process isolation like with Docker.
Though I had an issue where I cannot use `--new-session`, which is kind of dangerous to not use, but you can get around it if you use seccomp to block ioctl calls, and ptrace.
That's obviously super permissive, but from there can take things away to expose as much or little of the host system as needed.
For my system I'm working on making a few bwrapped "zones". E.g. start a terminal that can see a certain subset of files, and can configure whether it should use gpu or not, have internet or not, have access to local network or not, etc. A bit more project/environment focused than bwrapping programs one by one.
12 comments
[ 65.3 ms ] story [ 197 ms ] threadA lot of focus in flatpak sadly gets focused on guis and not clis
Like how much efforts would it take to convert a golang static binary/project cli to flatpak?
https://github.com/containers/bubblewrap
It's the base for Flatpack, the thing that makes Flatpack be sandboxed.
I use it to run Claude Code / Codex / Gemini CLI, to make sure that they have a limited / fake view of my system.
You can bind directories into it, or overlay them into it, restrict other kinds of access.
If Docker is a thing in a scale between a VM and your OS, Bubblewrap is a thing a scale between Docker and your OS. You use your OS, instead of installing and managing an OS like you do with Docker, but you get filesystem and process isolation like with Docker.
Though I had an issue where I cannot use `--new-session`, which is kind of dangerous to not use, but you can get around it if you use seccomp to block ioctl calls, and ptrace.
https://hanako.codeberg.page/ (Flatpak is not a sandbox)
https://github.com/strongdm/leash
It even has a --darwin macOS-native mode which goes beyond the capabilities and guarantees of sandbox-exec and bubblewrap.
Full-disclosure: I am one of the authors.
Moreover it vendores patched gcc compiler, so the entire toolchain is reproducible too as well.
How cool is that?! For the record golang brings it further - its entire package registry containing +40mln packages is bit by bit reproducible.
https://bootstrappable.org/ https://stagex.tools/
That's obviously super permissive, but from there can take things away to expose as much or little of the host system as needed.
For my system I'm working on making a few bwrapped "zones". E.g. start a terminal that can see a certain subset of files, and can configure whether it should use gpu or not, have internet or not, have access to local network or not, etc. A bit more project/environment focused than bwrapping programs one by one.