Landrun：使用 Landlock 沙盒化任何 Linux 进程，无需 root 权限或容器

Landrun：使用 Landlock 沙盒化任何 Linux 进程，无需 root 权限或容器
Landrun: Sandbox any Linux process using Landlock, no root or containers

Landrun是一个轻量级、安全的沙箱，用于运行Linux进程，它利用Landlock LSM的内核级安全机制来实现强大的进程隔离。可以把它想象成firejail，但它拥有内核级安全性且开销极小。它提供细粒度的访问控制，允许你限制进程对特定目录的访问权限，包括只读（--ro）或读写（--rw）权限，并可以选择允许在允许的路径中执行（--exec）。对于Linux内核版本6.8或更高版本的系统，Landrun支持网络限制，可以控制TCP端口绑定和连接。安装过程包括下载、构建（需要Go 1.24.1+）并将二进制文件放置到你的PATH环境变量中。基本用法包括在启动命令时指定允许的路径和网络端口。Landrun在旧版本的内核上会优雅降级到其尽力而为模式，并支持文件系统级别的权限控制。它还提供通过`--log-level`或`LANDRUN_LOG_LEVEL`环境变量控制日志记录的功能。通过明确定义允许的资源，Landrun确保进程在严格控制的边界内运行，从而降低潜在的安全风险。该项目是开源的（GPLv2），欢迎贡献代码。

Zoup 在 Hacker News 上介绍了他的工具 `landrun`，这是一种无需 root 权限、容器或复杂的 SELinux/AppArmor 安全配置就能轻松沙箱化 Linux 进程的方法。`landrun` 利用 Linux Landlock 内核模块，允许非特权进程自我沙箱化，但目标是简化 Landlock 原本复杂的 API。 `landrun` 使用 Go 编写，提供 CLI 用于对文件系统和网络访问进行细粒度控制，专注于可审计的轻量级沙箱化。它目前支持 Landlock v5 的文件访问和 TCP 限制功能。作者鼓励 Hacker News 社区提供反馈，用户已经开始询问它与 bubblewrap 等现有沙箱解决方案的区别。

TinyKVM：运行在 Varnish 之上的快速沙箱 2025-03-15

（评论） 2025-03-15

OrbStack：运行 Docker 容器和 Linux 的快速、轻便且简单的方法 2024-09-03

（评论） 2024-05-02

原文

A lightweight, secure sandbox for running Linux processes using Landlock LSM. Think firejail, but with kernel-level security and minimal overhead.

🔒 Kernel-level security using Landlock LSM
🚀 Lightweight and fast execution
🛡️ Fine-grained access control for directories
🔄 Support for read and write paths
⚡ Optional execution permissions for allowed paths
🌐 TCP network access control (binding and connecting)

Linux kernel 5.13 or later with Landlock LSM enabled
Linux kernel 6.8 or later for network restrictions (TCP bind/connect)
Go 1.24.1 or later (for building from source)

go install github.com/zouuup/landrun/cmd/landrun@latest

git clone https://github.com/zouuup/landrun.git
cd landrun
go build -o landrun cmd/landrun/main.go
sudo cp landrun /usr/local/bin/

Basic syntax:

landrun [options] <command> [args...]

--ro <path>: Allow read-only access to specified path (can be specified multiple times)
--rw <path>: Allow read-write access to specified path (can be specified multiple times)
--exec: Allow executing files in allowed paths
--bind-tcp <port>: Allow binding to specified TCP port (can be specified multiple times)
--connect-tcp <port>: Allow connecting to specified TCP port (can be specified multiple times)
--best-effort: Use best effort mode, falling back to less restrictive sandbox if necessary [default: enabled]
--log-level <level>: Set logging level (error, info, debug) [default: "error"]

You must explicitly add the path to the command you want to run with the --ro flag
For system commands, you typically need to include /usr/bin, /usr/lib, and other system directories
When using --exec, you still need to specify the directories containing executables with --ro
Network restrictions require Linux kernel 6.8 or later with Landlock ABI v5
The --best-effort flag allows graceful degradation on older kernels that don't support all requested restrictions

LANDRUN_LOG_LEVEL: Set logging level (error, info, debug)

Run a command with read-only access to a directory:

landrun --ro /usr/bin --ro /lib --ro /lib64 --ro /path/to/dir ls /path/to/dir

Run a command with write access to a directory:

landrun --ro /usr/bin --ro /lib --ro /lib64 --rw /path/to/dir touch /path/to/dir/newfile

Run a command with execution permissions:

landrun --ro /usr/bin --ro /lib --ro /lib64 --exec /usr/bin/bash

Run with debug logging:

landrun --log-level debug --ro /usr/bin --ro /lib --ro /lib64 --ro /path/to/dir ls

Run with network restrictions:

landrun --ro /usr/bin --ro /lib --ro /lib64 --bind-tcp 8080 --connect-tcp 53 /usr/bin/my-server

This will allow the program to only bind to TCP port 8080 and connect to TCP port 53.

Run a DNS client with appropriate permissions:

landrun --ro /usr/bin --ro /lib --ro /lib64 --ro /etc/resolv.conf --connect-tcp 53 dig example.com

This allows DNS resolution by granting access to /etc/resolv.conf and permitting connections to port 53 (DNS).

Run a web server with selective network permissions:

landrun --ro /usr/bin --ro /lib --ro /lib64 --ro /var/www --rw /var/log --bind-tcp 80 --bind-tcp 443 /usr/bin/nginx

landrun uses Linux's Landlock LSM to create a secure sandbox environment. It provides:

File system access control
Directory access restrictions
Execution control
TCP network restrictions
Process isolation

Landlock is an access-control system that enables processes to securely restrict themselves and their future children. As a stackable Linux Security Module (LSM), it creates additional security layers on top of existing system-wide access controls, helping to mitigate security impacts from bugs or malicious behavior in applications.

Landlock Access Control Rights

landrun leverages Landlock's fine-grained access control mechanisms, which include:

File-specific rights:

Execute files (LANDLOCK_ACCESS_FS_EXECUTE)
Write to files (LANDLOCK_ACCESS_FS_WRITE_FILE)
Read files (LANDLOCK_ACCESS_FS_READ_FILE)
Truncate files (LANDLOCK_ACCESS_FS_TRUNCATE) - Available since Landlock ABI v3

Directory-specific rights:

Read directory contents (LANDLOCK_ACCESS_FS_READ_DIR)
Remove directories (LANDLOCK_ACCESS_FS_REMOVE_DIR)
Remove files (LANDLOCK_ACCESS_FS_REMOVE_FILE)
Create various filesystem objects (char devices, directories, regular files, sockets, etc.)
Refer/reparent files across directories (LANDLOCK_ACCESS_FS_REFER) - Available since Landlock ABI v2

Network-specific rights (requires Linux 6.8+ with Landlock ABI v5):

Bind to specific TCP ports (LANDLOCK_ACCESS_NET_BIND_TCP)
Connect to specific TCP ports (LANDLOCK_ACCESS_NET_CONNECT_TCP)

Landlock must be supported by your kernel
Network restrictions require Linux kernel 6.8+ with Landlock ABI v5
Some operations may require additional permissions
Files or directories opened before sandboxing are not subject to Landlock restrictions

Kernel Compatibility Table

Feature	Minimum Kernel Version	Landlock ABI Version
Basic filesystem sandboxing	5.13	1
File referring/reparenting control	5.17	2
File truncation control	6.1	3
Network TCP restrictions	6.8	5

If you receive "permission denied" or similar errors:

Ensure you've added all necessary paths with --ro or --rw
Try running with --log-level debug to see detailed permission information
Check that Landlock is supported and enabled on your system:
```
grep -E 'landlock|lsm=' /boot/config-$(uname -r)
```
You should see CONFIG_SECURITY_LANDLOCK=y and lsm=landlock,... in the output
For network restrictions, verify your kernel version is 6.8+ with Landlock ABI v5:

This project uses the landlock-lsm/go-landlock package for sandboxing, which provides both filesystem and network restrictions. The current implementation supports:

Read/write/execute restrictions for files and directories
TCP port binding restrictions
TCP port connection restrictions
Best-effort mode for graceful degradation on older kernels

When using --best-effort (enabled by default), landrun will gracefully degrade to using the best available Landlock version on the current kernel. This means:

On Linux 6.8+: Full filesystem and network restrictions
On Linux 6.1-6.7: Filesystem restrictions including truncation, but no network restrictions
On Linux 5.17-6.0: Basic filesystem restrictions including file reparenting, but no truncation control or network restrictions
On Linux 5.13-5.16: Basic filesystem restrictions without file reparenting, truncation control, or network restrictions
On older Linux: No restrictions (sandbox disabled)

Based on the Linux Landlock API capabilities, we plan to add:

🔒 Enhanced filesystem controls with more fine-grained permissions
🌐 Support for UDP and other network protocol restrictions (when supported by Linux kernel)
🔄 Process scoping and resource controls
🛡️ Additional security features as they become available in the Landlock API

This project is licensed under the GNU General Public License v2

Contributions are welcome! Please feel free to submit a Pull Request.