Question about grains

[alphapapa]

Awesome! It's annoying having to install all my software everytime though... Can you help?

No problem! You need sand grains! These are little pre-configured scripts for automatically installing software in your sandboxes! Simply use the -g flag, comma separating any sand grains you would like to install!

Hi,

This sounds interesting, but I don't understand the necessity of the grains. e.g. if I already have Firefox installed, why would I need the grain to install it again into the sandbox? I thought the whole point of unionfs was to make use of the underlying filesystem by copy-on-write.

Also, it would help if you could write a brief comparison with other sandboxing tools, cgroups, container tools, etc. It's hard to understand how this fits in and what use-cases it would be best for. :)

Thanks.

[cal2195]

The idea behind the grains is for quick installing of software you don't want on your main system, eg. Different versions of java! Also it provides a way to quickly setup software that might need more config before use! :)

And good point about the comparison! The main advantage and the reason I started this was that it doesn't rely on anything other than chroot and userspace tools, so it'll run on openvz virtualization and the like, that don't let you load kernel modules or use systemd containers!

I'll add it to the read me! :)

[alphapapa]

Cool, thanks. :)

One more question, how does it work with regard to file permissions? i.e. if I run it as my own user, do processes in the sandbox have the same apparent permissions as would outside the sandbox? Or do they get root in the sandbox?

[cal2195]

You become which ever user you start it with! Although you could always su in it! :)