sulincix/sandbox.sh

## sandbox.sh
#!/bin/bash
if ! which "$1" &> /dev/null ; then
    exit 127
fi
xhost +local:
mkdir -p "$HOME/.sandbox/home/$1"
exec env -i DISPLAY=$DISPLAY PULSE_SERVER=127.0.0.1 bwrap --bind / / \
    --dev /dev  \
    --tmpfs /tmp --tmpfs /dev/shm \
    --bind /dev/dri /dev/dri \
    --bind /tmp/.X11-unix /tmp/.X11-unix \
    --bind /dev/kvm /dev/kvm \
    --bind "$HOME/.sandbox/home/$1" $HOME \
    --bind /dev/snd /dev/snd \
    --tmpfs /run/user/`id -u` \
    --hostname sandbox-$$ --unshare-uts \
    dbus-run-session sh -c "$@"
	#!/bin/bash
	if ! which "$1" &> /dev/null ; then
	exit 127
	fi
	xhost +local:
	mkdir -p "$HOME/.sandbox/home/$1"
	exec env -i DISPLAY=$DISPLAY PULSE_SERVER=127.0.0.1 bwrap --bind / / \
	--dev /dev \
	--tmpfs /tmp --tmpfs /dev/shm \
	--bind /dev/dri /dev/dri \
	--bind /tmp/.X11-unix /tmp/.X11-unix \
	--bind /dev/kvm /dev/kvm \
	--bind "$HOME/.sandbox/home/$1" $HOME \
	--bind /dev/snd /dev/snd \
	--tmpfs /run/user/`id -u` \
	--hostname sandbox-$$ --unshare-uts \
	dbus-run-session sh -c "$@"