Hi colleagues!

I want to use sandbox2 inside docker container. To understand what capabilities I need to use I have build tools (andboxed_api/sandbox2/examples)/tool) and want to run it inside container

Dockerfile:
FROM mcr.microsoft.com/devcontainers/cpp:ubuntu-22.04
COPY sandbox2tool sandbox2tool

How I tried to run docker container and it did not work:

1. docker run --cap-add CAP_SYS_ADMIN --cap-add CAP_NET_ADMIN -it sandbox_img/bin/bash
2. docker run --rm -it --cap-add=ALL -it sandbox_img/bin/bash
3. docker run --rm -it --cap-add=ALL --security-opt apparmor=unconfined -it sandbox_img/bin/bash
   Error:
   root ➜ / $ ./sandbox2tool /bin/sh
   [global_forkclient.cc : 121] RAW: Starting global forkserver
   [namespace.cc : 353] RAW: Check syscall(__NR_pivot_root, kSandbox2ChrootPath, realroot_path.c_str()) != -1 failed: pivot root: Operation not permitted [1]
   [forkserver.cc : 594] RAW: Check TEMP_FAILURE_RETRY(read(fds[1], &unused, 1)) == 1 failed: synchronizing initial namespaces creation: No such file or directory [2]
   E1124 11:12:41.759428 57 fork_client.cc:61] Receiving init PID from the ForkServer failed
   E1124 11:12:41.759502 57 global_forkclient.cc:276] Global forkserver connection terminated
   [global_forkclient.cc : 199] RAW: forkserver (pid=58) terminated by signal 6
   E1124 11:12:41.759627 56 sandbox2tool.cc:235] Sandbox failed
   E1124 11:12:41.759695 56 sandbox2tool.cc:241] Sandbox error: SETUP_ERROR - Code: FAILED_SUBPROCESS

If I run docker image with --privileged flag it works without any issue.

Hi there!

For the pivot_root syscall itself, you'll need the CAP_SYS_ADMIN capability, as you've already figured out.
On top of that, Docker also by default applies a seccomp policy, which interferes here. See the docs, pivot_root is explicitly disallowed by default.

You can either continue with --privileged (Sandbox2 is the only layer then), or try and add --security-opt seccomp=unconfined to disable seccomp.

Thank you for the so fast reply!