LOCKBOX

Section 7

Landlock LSM build isolation for mkpkg

Description

The lockbox is an optional filesystem restriction applied during package builds. When active, the build process can only read files owned by packages listed in the port's depends and makedeps arrays, plus a fixed set of implicit base packages (see BASE PACKAGES below). Write access is limited to the build work tree, port directory, and /tmp . Lockbox uses the Linux Landlock LSM (kernel 5.13+, ABI v1\(envalid on any kernel from 5.13 onwards). No container runtime, no overlay filesystem, and no root privileges are required. The restriction is applied by the mkpkg(8) process itself before invoking build() . Two failure modes are detected and reported before the build starts:

1.: A package listed in depends or makedeps is not installed. The build is aborted with a LOCKBOX ERROR message and a hint to run tux prepare .
2.: A package listed in depends or makedeps is installed but has a missing file on disk. A warning is printed and the build proceeds.

If an undeclared library or header is installed on the host but not listed in any dependency array, the kernel blocks the open (2) call on it during the build. The configure script or build system will report the dependency as not found \(en the build either skips the feature or fails with an error. Either way the undeclared dependency is never silently linked into the resulting package.

Activation

Lockbox mode is enabled in two ways:

lockbox=(yes): Set this array in the MAKEPKG file to activate lockbox automatically on every build of this port.
mkpkg --lockbox: Pass this flag on the command line to activate lockbox for a single build regardless of whether lockbox=(yes) is set.
mkpkg --no-lockbox: Disable lockbox even if lockbox=(yes) is set in the MAKEPKG.

Lockbox currently applies to core ports by convention. Ports in opt, libs, devel, and other collections involve deep transitive pkg-config dependency chains \(en whether to enable lockbox on such ports is left to the user.

Base Packages

The following packages are always allowed regardless of what the port declares in depends or makedeps . They represent the minimal build toolchain and are never listed explicitly in a MAKEPKG.

Toolchain

`llvm-toolchain`	clang, lld, llvm-ar, llvm-nm and friends
`libffi`	llvm-toolchain runtime dependency
`libedit`	llvm-toolchain runtime dependency
`ncurses`	llvm-toolchain runtime dependency
`libxml2`	libLLVM.so links against it

C library and headers

`musl`	libc headers and runtime
`linux-headers`	kernel headers at /include

Shell and scripting

`bash`	mkpkg build hooks
`dash`	build() runs under POSIX sh
`mawk`	awk for configure scripts
`readline`	bash links libreadline.so

Core utilities

`coreutils`	cp, mkdir, install, etc.
`gmp`	coreutils expr links libgmp
`libcap`	coreutils ls links libcap
`tar`	source archive extraction
`acl`	tar and sed link libacl
`attr`	tar and sed link libattr
`grep`	configure scripts
`pcre2`	grep links libpcre2-8
`sed`	configure scripts
`findutils`	find used in configure and make
`diffutils`	diff used in configure
`patch`	patch() hook in MAKEPKG
`file`	configure uses file(1)
`make`	GNU make

Source extraction

`gzip`	.tar.gz extraction
`xz`	.tar.xz extraction
`bzip2`	.tar.bz2 extraction
`zstd`	.tar.zst extraction

Build system

`autoconf`	config.status uses it
`automake`	dependency tracking bootstrap
`libtool`	libtool scripts in builds
`m4`	autoconf and automake use m4
`pkgconf`	universal pkg-config tool

Package tools and runtime libraries

`pkgtools`	pkg.add / pkg.del
`mkpkg`	the builder itself
`libressl`	mkpkg links libssl/libcrypto
`zlib`	mkpkg and builds link libz

Files

__IBLOCK__/var/lib/pkg/db: Package database read by lockbox to build the per-file Landlock ruleset. Each installed package's files are added as read-only rules.
__IBLOCK__/etc/mkpkg.conf: Build configuration. The work, source, package, and tmp directories defined here receive full read-write access.

Diagnostics

>>> lockbox: Landlock ABI vN: Lockbox activated successfully using Landlock ABI version N.
>>> lockbox: added N rules from pkgtools db: Number of filesystem rules installed from the package database.
>>> lockbox: filesystem restricted to declared deps + build paths: The Landlock ruleset is in effect. The build is about to start.
>>> LOCKBOX ERROR: declared dep 'X' is not installed (run: tux prepare): Package __IBLOCK__X is listed in depends or makedeps but is not present in the package database. Run tux prepare in the port directory to install missing build dependencies.
>>> LOCKBOX ERROR: Landlock not available: The running kernel does not support Landlock ( CONFIG_SECURITY_LANDLOCK=y required, kernel >= 5.13).