macOS

[kzvi]

Would the maintainers be open to patches working towards implementing support on macOS?

Perhaps a good first issue to work on would be a version of the sandboxing mechanism or the packed executable mechanism that works on macOS?

[kylewlacy]

Yes, I would definitely be open to that! macOS support is definitely something I want to have sooner rather than later so getting some patches to help with that effort would be great!

I will say that it's a pretty core feature to Brioche, so there will be extra scrutiny on this effort specifically. I'd definitely recommend discussing high-level approaches and designs here in this issue or on Zulip/Discord while making progress (and I'm definitely open to doing code reviews on in-progress PRs as one way of handling this). A few high-level thoughts and notes:

• We should use sandbox-exec for sandboxing on macOS. It's a pretty limited tool for sandboxing, but there's a lot of precedence for it and it's the only mechanism I can think of that doesn't involve using a VM under the hood
• The macOS sandbox should use a temp dir (probably either within the user's actual home dir or in /tmp, not sure which) as a sort of "prefix", and most of the paths the process has access to will be within that dir. For example, $HOME could end up being set set to something like /Users/me/.local/share/brioche/process-temp/123456/home/brioche-runner-abcdef within the sandbox (on Linux this would just be /home/brioche-runner-abcdef because we can just remap paths, but that's not an option AFAICT on macOS)
• I want to maximally limit how much stuff the macOS sandbox has access to on the host system. I know it should at least have /usr/bin/env and /bin/sh (and anything those depend on), but it shouldn't have access to gcc, for example (except maybe for bootstrapping the toolchain itself?). It's kind of out of scope of the sandboxing itself, but macOS builds should eventually use a toolchain based on osxcross I think
• I still don't know what packed executables look like on macOS... the main reason they exist on Linux is because Linux itself doesn't include a dynamic linker (but either glibc or musl would have one in practice). But, macOS is a proper OS so it does have an actual dynamic linker that can find dynamic libraries. Maybe Brioche on macOS would just set the RPATH when executables get built or wrapped? Or maybe it would still make sense to do some dynamic linker stuff like on Linux? Definitely open to ideas here