mirror/decomp.me
1
0
Fork 0
mirror of https://github.com/decompme/decomp.me.git synced 2026-05-04 05:51:43 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
61a59d5ecdb73f59e64fb154cf7db082f909a31d
decomp.me/docs/SANDBOX.md
T
Ethan Roseman 8ea10ca286 CodeMirror & PresetSelect fix (#413) 
* yarn upgrade

* update eslint no-multiple-empty-lines rule

* update Next.js & React

Resolves #358.

* use CodeMirror in scratch editor

* use codemirror on new page

* move extensions out of CodeMirror component

* grow scratch codemirror

* fix state bug

* initial theming

* fix scratch page SSR

* fix credits page rendering

* max width for AsyncButton error popup

* word wrap

* bye monaco

* cleanup

* style scrollbars everywhere

* tab stuff

* updates

* more

* update codemirror theme

* new react, backend deps, preset on scratch, bugfixes

* improve monospace areas

* store preset name on scratch

* stylelint

* mypy

* mypy 2

* monospace

* fix monospace

* add padding to editor

* fix saving

* fix selection colours

* Highlight assembly line on source selected line change (#416)

Co-authored-by: Alex Bates <hi@imalex.xyz>

* mypy & black

* font stuff

* remove courier new

* make diff style consistent with editor

* fix codemirror exception when editing eof

* attempt to reduce layout thrashing

* /new: store presetName in localStorage

* use react-window for diff

* link diff column scroll position

* hide double scrollbar

* increase overscan

* pointer-events:none on diff header

* fix diff header thing

* make diff columns non-draggable

* dont shrink tabs

* add draggable bar between diff columns

* remove log

* fix 2-col mode

* fix diff align

* DiffCell support cell=undefined

* drag better

* style .cm-search

* eth style changes

* reduce rerenders when dragging diff bar

Co-authored-by: Alex Bates <hi@imalex.xyz>
Co-authored-by: hatal175 <hatal175@users.noreply.github.com>
Co-authored-by: Alex Bates <alex@nanaian.town>
2022-03-31 22:22:39 +09:00

20 lines
1020 B
Markdown
Raw Blame History

### Sandbox jail
There is support for running subprocesses within [`nsjail`](https://github.com/google/nsjail).
This is controlled by the `SANDBOX` settings, and is disabled by default in the development `.env` but is enabled inside the `backend` Docker container.
To enable it locally outside of the Docker container:
- Build or install `nsjail` locally. Example instructions for Ubuntu:
- `apt-get install autoconf bison flex gcc g++ git libprotobuf-dev libnl-route-3-dev libtool make pkg-config protobuf-compiler`
- `git clone --recursive --branch=3.0 https://github.com/google/nsjail`
- `cd nsjail && make`
- Enable `unprivileged_userns_clone`
- Temporary: `sudo sysctl -w kernel.unprivileged_userns_clone=1`
- Permanent: `echo 'kernel.unprivileged_userns_clone=1' | sudo tee -a /etc/sysctl.d/00-local-userns.conf && sudo service procps restart`
- Edit `.env.local`:
- Set `USE_SANDBOX_JAIL=on`
- Set `SANDBOX_NSJAIL_BIN_PATH` to the absolute path of the `nsjail` binary built above
Reference in New Issue View Git Blame Copy Permalink