|
||
---|---|---|
daemon | ||
Dockerfile | ||
Makefile.linux | ||
README.md | ||
docker-compose.yml |
README.md
Sandbox
Some basic sandboxing for i2pd using seccomp and Landlock.
If you tested this please let me know how it worked.
Dependencies
You need a kernel with Landlock support enabled.
grep landlock /sys/kernel/security/lsm
If Landlock is not enabled check the kernel.
grep CONFIG_SECURITY_LANDLOCK /boot/config-`uname -r`
Or alternatively.
sudo modprobe configs
zgrep CONFIG_SECURITY_LANDLOCK /proc/config.gz
If Landlock is built in but not enabled you can add "lsm=landlock" to the kernel boot parameters.
Fetching
Run the following commands.
export http_proxy=http://127.0.0.1:4444
git clone http://git.community.i2p/dietshasta/Sandbox.git
git clone --depth=1 --branch 2.56.0 --single-branch http://git.community.i2p/PurpleI2P/i2pd.git
cp -rf Sandbox/* i2pd/ && cd i2pd
Building for Debian
For seccomp headers need to be installed.
sudo apt install libseccomp-dev
Then build.
make SANDBOX=yes
Building for Docker
Build and run.
sudo EXTERNAL_PORT= docker-compose up --build
Tested
i2pd-2.57.0
✅ Docker Image (x86-64)
✅ Debian 12.11 (x86-64)
i2pd-2.56.0
✅ Debian 12.9 (x86-64)
✅ Debian 12.9 (aarch64)
✅ Docker Image (x86-64)
i2pd-2.55.0
✅ Debian 12.8 (x86-64)
i2pd-2.54.0
✅ Debian 12.7 (x86-64)
i2pd-2.53.0
✅ Docker Image (aarch64)
i2pd-2.52.0
✅ Docker Image (aarch64)
✅ Debian 12.4 (x86-64)
✅ Debian 12.4 (aarch64)
i2pd-2.51.0
✅ Debian 12.4 (x86-64)
✅ Debian 12.4 (aarch64)
i2pd-2.50.2
✅ Debian 12.4 (x86-64)
✅ Debian 12.4 (aarch64)
❌ Raspberry Pi OS 2024-03-12 (aarch64). Fail: no Landlock support.