Sandbox = Some basic sandboxing for i2pd using [seccomp](http://wikiless.i2p/wiki/Seccomp) and [Landlock](https://docs.kernel.org/security/landlock.html). If you tested this please let me know how it worked. Dependencies - You need a kernel with Landlock support enabled. ``` grep landlock /sys/kernel/security/lsm ``` If Landlock is not enabled check the kernel. ``` grep CONFIG_SECURITY_LANDLOCK /boot/config-`uname -r` ``` Or alternatively. ``` sudo modprobe configs zgrep CONFIG_SECURITY_LANDLOCK /proc/config.gz ``` If Landlock is built in but not enabled you can add "lsm=landlock" to the kernel boot parameters. Fetching - Run the following commands. ``` export http_proxy=http://127.0.0.1:4444 git clone http://git.community.i2p/dietshasta/Sandbox.git git clone --depth=1 --branch 2.56.0 --single-branch http://git.community.i2p/PurpleI2P/i2pd.git cp -rf Sandbox/* i2pd/ && cd i2pd ``` Building for Debian - For seccomp headers need to be installed. ``` sudo apt install libseccomp-dev ``` Then build. ``` make SANDBOX=yes ``` Building for Docker - Build and run. ``` sudo EXTERNAL_PORT= docker-compose up --build ``` Tested - **i2pd-2.57.0** ✅ Docker Image (x86-64) **i2pd-2.56.0** ✅ Debian 12.9 (x86-64) ✅ Debian 12.9 (aarch64) ✅ Docker Image (x86-64) **i2pd-2.55.0** ✅ Debian 12.8 (x86-64) **i2pd-2.54.0** ✅ Debian 12.7 (x86-64) **i2pd-2.53.0** ✅ Docker Image (aarch64) **i2pd-2.52.0** ✅ Docker Image (aarch64) ✅ Debian 12.4 (x86-64) ✅ Debian 12.4 (aarch64) **i2pd-2.51.0** ✅ Debian 12.4 (x86-64) ✅ Debian 12.4 (aarch64) **i2pd-2.50.2** ✅ Debian 12.4 (x86-64) ✅ Debian 12.4 (aarch64) ❌ Raspberry Pi OS 2024-03-12 (aarch64). Fail: no Landlock support.