Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Deps ¶
type Deps struct {
// LookPath resolves the bwrap binary. Defaults to exec.LookPath.
LookPath func(file string) (string, error)
Log *slog.Logger
}
Deps allows dependency injection for testing.
type Namespace ¶
type Namespace struct {
// contains filtered or unexported fields
}
Namespace builds and executes a bubblewrap (bwrap) sandbox that bind-mounts the host filesystem and overlays a FUSE-backed workspace.
func (*Namespace) Command ¶
func (n *Namespace) Command(fuseMountDir, containerPath, workingDir string, cmdline []string) (string, []string)
Command returns the bwrap binary path and full argument list without executing anything. Useful for inspection and testing.
func (*Namespace) Leave ¶
func (n *Namespace) Leave()
Leave is a no-op retained for interface compatibility. Bwrap cleans up its own namespaces on exit.
func (*Namespace) Run ¶
func (n *Namespace) Run(ctx context.Context, fuseMountDir, containerPath, workingDir string, cmdline []string, env []string) error
Run executes cmdline inside a bwrap sandbox. The host root is bind-mounted read-write, and fuseMountDir is bound over containerPath so the FUSE workspace is visible at the expected location. workingDir sets the initial working directory inside the container.
Source Files
Click to show internal directories.
Click to hide internal directories.