adiog · September 20, 2017 05:42
diff --git a/sandbox.sh b/sandbox.sh
 # Copyright 2014 Aleksander Gajewski <[email protected]>
 #   created:  Sun 16 Nov 2014 08:40:32 AM CET
 #   modified: Mon 17 Nov 2014 04:08:15 AM CET

 RAMSIZE=128

 if [ "$1" == "" ]; then
  echo "Simple sandbox with chroot. Usage:"
  echo " ./sandbox.sh program_to_run [other_program_or_folder] .."
  echo " eg. ./sandbox.sh bash bc"
  exit
 fi

 # BASH_CLEANUP {{{
 BASH_CLEANUP_FILE=`mktemp`
 trap BASH_CLEANUP EXIT

 function BASH_CLEANUP() {
  tac $BASH_CLEANUP_FILE | bash
  rm $BASH_CLEANUP_FILE
 }

 function BASH_SAFE() {
  eval $1
  echo $2 >> $BASH_CLEANUP_FILE
 }

 function BASH_FINALLY() {
  echo $2 >> $BASH_CLEANUP_FILE
 }

 function BASH_MKTEMP() {
  BASH_TMP=`mktemp`
  echo "rm $BASH_TMP" >> $BASH_CLEANUP_FILE
  echo $BASH_TMP
 }

 function BASH_MKTEMP_DIR() {
  BASH_TMP=`mktemp -d`
  echo "rm -fr $BASH_TMP" >> $BASH_CLEANUP_FILE
  echo $BASH_TMP
 }
 # }}}

 # COLLECT LIBS {{{
 function collect_libs() {
  FILE=$1
  FILES=$2
  for file in `ldd $FILE | sed -n "/=>/p" | \
               sed "s/.*\ =>\ \(.*\) (.*)/\1/" | sed "/^\s*$/d"`; do
    if ! grep -q $file $FILES; then
      echo $file >> $FILES
    fi
  done
  for file in `ldd $FILE | grep -v "=>" | \
               sed "s/\s*\(.*\)\ (.*)/\1/" | sed "/^\s*$/d"`; do 
    if ! grep -q $file $FILES; then
      echo $file >> $FILES
    fi
  done
 }
 # }}}

 CHROOT=`BASH_MKTEMP_DIR`
 BASH_SAFE "sudo mount -t tmpfs -o size=${RAMSIZE}M tmpfs $CHROOT" \
          "sudo umount $CHROOT"

 FILES_TO_COPY=`BASH_MKTEMP`
 for file in $*; do
  if [ -d $file ]; then
    DST_DIR=$CHROOT/`dirname $file`
    mkdir -p $DST_DIR
    cp -r $file $DST_DIR
  else
    BIN=`which $file`
    echo $BIN >> $FILES_TO_COPY
    collect_libs $BIN $FILES_TO_COPY
  fi
 done

 while read line; do
  mkdir -p $CHROOT/`dirname $line`
  cp $line $CHROOT$line
 done < $FILES_TO_COPY 

 BIN=`which $1`
 sudo chroot $CHROOT $BIN
	# Copyright 2014 Aleksander Gajewski <[email protected]>
	# created: Sun 16 Nov 2014 08:40:32 AM CET
	# modified: Mon 17 Nov 2014 04:08:15 AM CET

	RAMSIZE=128

	if [ "$1" == "" ]; then
	echo "Simple sandbox with chroot. Usage:"
	echo " ./sandbox.sh program_to_run [other_program_or_folder] .."
	echo " eg. ./sandbox.sh bash bc"
	exit
	fi

	# BASH_CLEANUP {{{
	BASH_CLEANUP_FILE=`mktemp`
	trap BASH_CLEANUP EXIT

	function BASH_CLEANUP() {
	tac $BASH_CLEANUP_FILE \| bash
	rm $BASH_CLEANUP_FILE
	}

	function BASH_SAFE() {
	eval $1
	echo $2 >> $BASH_CLEANUP_FILE
	}

	function BASH_FINALLY() {
	echo $2 >> $BASH_CLEANUP_FILE
	}

	function BASH_MKTEMP() {
	BASH_TMP=`mktemp`
	echo "rm $BASH_TMP" >> $BASH_CLEANUP_FILE
	echo $BASH_TMP
	}

	function BASH_MKTEMP_DIR() {
	BASH_TMP=`mktemp -d`
	echo "rm -fr $BASH_TMP" >> $BASH_CLEANUP_FILE
	echo $BASH_TMP
	}
	# }}}

	# COLLECT LIBS {{{
	function collect_libs() {
	FILE=$1
	FILES=$2
	for file in `ldd $FILE \| sed -n "/=>/p" \| \
	sed "s/.\ =>\ \(.\) (.)/\1/" \| sed "/^\s$/d"`; do
	if ! grep -q $file $FILES; then
	echo $file >> $FILES
	fi
	done
	for file in `ldd $FILE \| grep -v "=>" \| \
	sed "s/\s\(.\)\ (.)/\1/" \| sed "/^\s$/d"`; do
	if ! grep -q $file $FILES; then
	echo $file >> $FILES
	fi
	done
	}
	# }}}

	CHROOT=`BASH_MKTEMP_DIR`
	BASH_SAFE "sudo mount -t tmpfs -o size=${RAMSIZE}M tmpfs $CHROOT" \
	"sudo umount $CHROOT"

	FILES_TO_COPY=`BASH_MKTEMP`
	for file in $*; do
	if [ -d $file ]; then
	DST_DIR=$CHROOT/`dirname $file`
	mkdir -p $DST_DIR
	cp -r $file $DST_DIR
	else
	BIN=`which $file`
	echo $BIN >> $FILES_TO_COPY
	collect_libs $BIN $FILES_TO_COPY
	fi
	done

	while read line; do
	mkdir -p $CHROOT/`dirname $line`
	cp $line $CHROOT$line
	done < $FILES_TO_COPY

	BIN=`which $1`
	sudo chroot $CHROOT $BIN