core/core-agent-ide
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
core-agent-ide/codex-rs/linux-sandbox/src
History
viyatb-oai f956cc2a02
feat(linux-sandbox): vendor bubblewrap and wire it with FFI (#10413) 
## Summary

Vendor Bubblewrap into the repo and add minimal build plumbing in
`codex-linux-sandbox` to compile/link it.

## Why

We want to move Linux sandboxing toward Bubblewrap, but in a safe
two-step rollout:
1) vendoring/build setup (this PR),  
2) runtime integration (follow-up PR).

## Included

- Add `codex-rs/vendor/bubblewrap` sources.
- Add build-time FFI path in `codex-rs/linux-sandbox`.
- Update `build.rs` rerun tracking for vendored files.
- Small vendored compile warning fix (`sockaddr_nl` full init).

follow up in https://github.com/openai/codex/pull/9938
2026-02-02 23:33:46 -08:00
..
bwrap.rs feat(linux-sandbox): vendor bubblewrap and wire it with FFI (#10413) 2026-02-02 23:33:46 -08:00
landlock.rs revert: remove pre-Landlock bind mounts apply (#9300) 2026-01-15 09:47:57 -08:00
lib.rs feat(linux-sandbox): vendor bubblewrap and wire it with FFI (#10413) 2026-02-02 23:33:46 -08:00
linux_run_main.rs feat(linux-sandbox): vendor bubblewrap and wire it with FFI (#10413) 2026-02-02 23:33:46 -08:00
main.rs fix: overhaul how we spawn commands under seccomp/landlock on Linux (#1086) 2025-05-23 11:37:07 -07:00
mounts.rs revert: remove pre-Landlock bind mounts apply (#9300) 2026-01-15 09:47:57 -08:00
vendored_bwrap.rs feat(linux-sandbox): vendor bubblewrap and wire it with FFI (#10413) 2026-02-02 23:33:46 -08:00