sandbox(5) — Linux manual page


sandbox.conf(5)        Linux System Administration       sandbox.conf(5)

NAME         top

       sandbox.conf - user config file for the SELinux sandbox

DESCRIPTION         top

       When running sandbox with the -C argument, it will be confined
       using control groups and a system administrator can specify how
       the sandbox is confined.

       Everything after "#" is ignored, as are empty lines.  All
       arguments should be separated by and equals sign ("=").

       These keywords are allowed.

              NAME   The name of the sandbox control group.  Default is

                     Which cpus to assign sandbox to.  The default is
                     ALL, but users can specify a comma-separated list
                     with dashes ("-") to represent ranges.  Ex: 0-2,5

                     How much memory to allow sandbox to use.  The
                     default is 80%.  Users can specify either a
                     percentage or a value in the form of a number
                     followed by one of the suffixes K, M, G to denote
                     kilobytes, megabytes or gigabytes respectively.
                     Ex: 50% or 100M

                     Percentage of cpu sandbox should be allowed to use.
                     The default is 80%.  Specify a value followed by a
                     percent sign ("%"). Ex: 50%

SEE ALSO         top


AUTHOR         top

       This manual page was written by Thomas Liu

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-
       space libraries and tools) project.  Information about the
       project can be found at 
       ⟨⟩.  If you have a
       bug report for this manual page, see
       This page was obtained from the project's upstream Git repository
       ⟨⟩ on 2024-06-14.  (At
       that time, the date of the most recent commit that was found in
       the repository was 2023-05-11.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to

sandbox.conf                    June 2010                sandbox.conf(5)