macOS
brew install bubblewraplocal Homebrew formula metadata
brew
Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für bubblewrap in AI-Agent-Workflows.
Installation
brew install bubblewraplocal Homebrew formula metadata
sudo apk add bubblewrapAlpine Linux edge package indexes · bubblewrap · Quelle: dl-cdn.alpinelinux.org
sudo apt install bubblewrapDebian stable package indexes · bubblewrap · Quelle: deb.debian.org
sudo dnf install bubblewrapFedora Rawhide package metadata · bubblewrap · Quelle: dl.fedoraproject.org
nix profile install nixpkgs#bubblewrapnixpkgs package indexes · pkgs/by-name/bu/bubblewrap/package.nix · Quelle: api.github.com
sudo pacman -S bubblewrapArch Linux sync databases · bubblewrap · Quelle: geo.mirror.pkgbuild.com
sudo zypper install bubblewrapopenSUSE Tumbleweed package metadata · bubblewrap · Quelle: download.opensuse.org
Überblick
Unprivileged sandboxing tool for Linux
Verlauf
bubblewrap is a low-level Linux sandboxing tool that constructs restricted process environments with namespaces, bind mounts, seccomp, and related kernel features. It is best known as the small, auditable sandbox primitive used by Flatpak and similar desktop/container tools.
The bubblewrap README positions it against system-administrator container runtimes such as Docker and systemd-nspawn: those tools are not suitable to hand directly to unprivileged users, while bubblewrap is designed around unprivileged sandbox construction.
The original code predates modern unprivileged user namespaces and inherits from xdg-app helper code, which in turn derives from linux-user-chroot. Older bubblewrap also supported a setuid mode for systems without unprivileged user namespaces, but the README notes that setuid support has been removed.
The public GitHub repository was created in February 2016. The repository description identifies bubblewrap as a low-level unprivileged sandboxing tool used by Flatpak and similar projects, with topics for Linux containers and user namespaces.
bubblewrap spread because Flatpak and related desktop sandboxing systems needed a small shared primitive instead of each project carrying its own privileged helper. The README lists Flatpak, rpm-ostree unprivileged, and bwrap-oci as users or intended users.
The input package metadata shows broad Linux distribution packaging through Alpine, Debian, Fedora/dnf, Nix, Arch/pacman, Ubuntu, and openSUSE/zypper, plus Homebrew. That breadth reflects its role as plumbing for sandbox frameworks rather than as an end-user application.
Security-sensitive adoption is cautious: bubblewrap constructs a sandbox, but the actual security boundary depends on the arguments supplied by the caller. This makes it attractive for larger frameworks that own policy and want a narrow mechanism.
bwrap creates a new mount namespace whose root is an empty tmpfs, then command-line options bind selected host paths, create proc/dev views, unshare namespaces, apply seccomp filters, and run a command inside the resulting environment.
Typical direct use is scripting a constrained shell or process; typical indirect use is through Flatpak or another framework that assembles a policy-specific bwrap command. The project has no ordinary per-user config file or credentials store.
bubblewrap is package-manager-significant because a small CLI becomes part of the desktop Linux trust base. Its package version, setuid/user-namespace behavior, CVE history, and distribution kernel defaults can affect whether higher-level sandboxing stacks actually work.
It is also a clean example of separating mechanism from policy: package the tiny sandbox constructor once, let Flatpak and peers define the higher-level sandbox rules.
Sicherheitslage
narrow executable package without higher-risk signals.
grün Risiko · niedrig Konfidenz · appliance
Prüfe vor unbeaufsichtigter Agent-Nutzung, ob das Tool Klartext-Credentials liest, Remote-Zustand schreibt, Artefakte veröffentlicht oder Plugins ausführt.
Executables
| Befehl | Art | Sichtbarkeit | Hinweis |
|---|---|---|---|
bwrap | cli | globales Executable |
Aktualität
Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.
https://github.com/containers/bubblewrap
Installationsmetadaten
| Paketschlüssel | brew:bubblewrap |
|---|---|
| Version | 0.11.2 |
| Paketmanager | Homebrew |
| Paketmanager-Seite | https://formulae.brew.sh/formula/bubblewrap |
| Homepage | https://github.com/containers/bubblewrap |
| Repository | https://github.com/containers/bubblewrap |
| Upstream-Dokumentation | https://github.com/containers/bubblewrap#readme |
| Lizenz | LGPL-2.0-or-later |
| Quellarchiv | https://github.com/containers/bubblewrap/releases/download/v0.11.2/bubblewrap-0.11.2.tar.xz |
| Zuletzt aktualisiert | 2026-06-11T17:22:39Z |
| Pulse | updated |
| Abhängigkeiten | libcap |
| Build-Abhängigkeiten | docbook-xsl, libxslt, meson, ninja, pkgconf |
| Bottle | verfügbar (auf arm64_linux, x86_64_linux) |
| Homebrew post-install | nicht definiert |
| Dienst | keiner deklariert |
Registry-Fakten
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | bubblewrap |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Requirements |
|
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
Source-Datenbank-Treffer
Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.
bubblewrap 0.11.0-2+deb13u1
utility for unprivileged chroot and namespace manipulation
https://github.com/containers/bubblewrap
sudo apt install bubblewrapbubblewrap
nix profile install nixpkgs#bubblewrapbubblewrap 0.9.0-1build1
utility for unprivileged chroot and namespace manipulation
https://github.com/containers/bubblewrap
sudo apt install bubblewrapbubblewrap 0.11.2-r0
Unprivileged sandboxing tool
https://github.com/containers/bubblewrap
sudo apk add bubblewrapbubblewrap-bash-completion 0.11.2-r0
Bash completions for bubblewrap
https://github.com/containers/bubblewrap
sudo apk add bubblewrap-bash-completionbubblewrap-doc 0.11.2-r0
Unprivileged sandboxing tool (documentation)
https://github.com/containers/bubblewrap
sudo apk add bubblewrap-docbubblewrap-static 0.11.2-r0
Unprivileged sandboxing tool (static binary)
https://github.com/containers/bubblewrap
sudo apk add bubblewrap-staticbubblewrap-zsh-completion 0.11.2-r0
Zsh completions for bubblewrap
https://github.com/containers/bubblewrap
sudo apk add bubblewrap-zsh-completionbubblewrap 0.11.0-4.fc44
Core execution tool for unprivileged containers
https://github.com/containers/bubblewrap/
sudo dnf install bubblewrapbubblewrap 0.11.2-1
Unprivileged sandboxing tool
https://github.com/containers/bubblewrap
sudo pacman -S bubblewrapbubblewrap 0.11.2-1.1
Core execution tool for unprivileged containers
https://github.com/containers/bubblewrap
sudo zypper install bubblewrapbubblewrap-zsh-completion 0.11.2-1.1
Zsh tab-completion for bubblewrap
https://github.com/containers/bubblewrap
sudo zypper install bubblewrap-zsh-completionQuellspur
Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.
View the package source record on GitHub.