lockbox

Section 7

Landlock LSM build isolation for mkpkg

Description

The lockbox is an optional filesystem restriction applied during package builds. When active, the build process can only read files owned by packages listed in the port's depends and makedeps arrays, plus a fixed implicit toolchain set (see BASE PACKAGES below). Write access is limited to the build work tree, port directory, and /tmp . Lockbox uses the Linux Landlock LSM (kernel 5.13+). No container runtime, no root privileges, and no overlay filesystem are required. The restriction is applied by mk pkg(8) itself before invoking build() . If an undeclared library or header is installed on the host but not listed in any dependency array, the kernel blocks the open (2) call on it. The configure script or build system will report the dependency as missing — the build either skips the feature or fails. Either way the undeclared dependency is never silently linked.

Activation

lockbox=(yes): Set in the MAKEPKG to activate lockbox on every build of this port.
mkpkg -b: Activate lockbox for a single build regardless of MAKEPKG.
mkpkg -ib: Disable lockbox even if lockbox=(yes) is set.

Per-command sandboxing

An alternative form wraps only specific commands rather than the full build:

lockbox=(make meson ninja)

mkpkg rewrites each matching command in build() to run under lbexec (1), a small helper that sets up its own Landlock ruleset and then execvp (3) the real command. The parent shell remains unrestricted. This is lighter than full lockbox and works well for ports with complex shell logic around the compilation step. Lockbox is applied to core ports by convention. Ports in opt, libs, and devel involve deep transitive pkg-config dependency chains and enabling lockbox on them is left to the user.

Base Packages

Always allowed regardless of depends or makedeps .

Toolchain

`llvm-toolchain`	clang, lld, llvm-ar, llvm-nm and friends
`libffi`	llvm-toolchain runtime dependency
`libedit`	llvm-toolchain runtime dependency
`ncurses`	llvm-toolchain runtime dependency
`libxml2`	libLLVM.so links against it

C library and headers

`musl`	libc headers and runtime
`linux-headers`	kernel headers at /include

Shell and scripting

`bash`	mkpkg build hooks
`dash`	build() runs under POSIX sh
`mawk`	awk for configure scripts
`readline`	bash links libreadline.so

Core utilities

`coreutils`	cp, mkdir, install, etc.
`gmp`	coreutils expr links libgmp
`libcap`	coreutils ls links libcap
`tar`	source archive extraction
`acl`	tar and sed link libacl
`attr`	tar and sed link libattr
`grep`	configure scripts
`pcre2`	grep links libpcre2-8
`sed`	configure scripts
`findutils`	find used in configure and make
`diffutils`	diff used in configure
`patch`	patch() hook in MAKEPKG
`file`	configure uses file(1)
`make`	GNU make

Source extraction

`gzip`	.tar.gz extraction
`xz`	.tar.xz extraction
`bzip2`	.tar.bz2 extraction
`zstd`	.tar.zst extraction

Build system

`autoconf`	config.status uses it
`automake`	dependency tracking bootstrap
`libtool`	libtool scripts in builds
`m4`	autoconf and automake use m4
`pkgconf`	universal pkg-config tool

Package tools and runtime libraries

`mkpkg`	addpkg / delpkg
`mkpkg`	the builder itself
`libressl`	mkpkg links libssl/libcrypto
`zlib`	mkpkg and builds link libz

Diagnostics

mkpkg: lockbox: Landlock ABI vN: Lockbox activated using Landlock ABI version N.
mkpkg: lockbox: N rules from mkpkg db: Filesystem rules installed from the package database.
mkpkg: lockbox: filesystem restricted: The Landlock ruleset is in effect.
mkpkg: lockbox: error: 'X' is not installed: Package X is listed in depends or makedeps but not in the database. Install it with pkg add X .
mkpkg: lockbox: error: Landlock not available: The running kernel does not support Landlock ( CONFIG_SECURITY_LANDLOCK=y required, kernel >= 5.13).

Files

/var/lib/pkg/db: Package database used to build the Landlock ruleset.
/etc/mkpkg.conf: Build configuration. Work, source, package, and tmp directories receive full read-write access.