Portable is a sandbox framework targeted for Desktop usage and offers ease of use for packagers. It provides isolation to the filesystem, in addition to blocking non-portal calls, filtering accessibility calls, it also stops unsafe portals from being used like the location portal and screenshot portal. Portable itself is still in development and have already been applied to Minecraft, WeChat and Discord.
Running untrusted code is never safe, sandboxing does not change this.
Discuss Development at #portable-dev:matrix.org
Install aur/portable-git, aur/portable or install files directly
install -Dm755 portable.sh /usr/bin/portable
install -Dm755 open.sh /usr/lib/portable/open
install -Dm755 user-dirs.dirs /usr/lib/portable/user-dirs.dirs
install -Dm755 mimeapps.list /usr/lib/portable/mimeapps.list
install -Dm755 flatpak-info /usr/lib/portable/flatpak-info
Preferred location:
# Modify before installing
install -Dm755 config /usr/lib/portable/info/appID/config
Environment variables are read from XDG_DATA_HOME/stateDirectory/portable.env
Start portable with environment variable _portableConfig
, which is pointed to the actual config. It searches absolute path (if exists), /usr/lib/portable/info/${_portableConfig}/config
and $(pwd)/${_portableConfig}
respectively. The legacy _portalConfig
will work for future releases.
The name of your .desktop file should match the appID, like top.kimiblock.example.desktop
Your .desktop file should contain the following entries:
X-Flatpak-Tags=aTag;
X-Flatpak=appID;
X-Flatpak-RenamedFrom=previousName.desktop;
--actions f5aaebc6-0014-4d30-beba-72bce57e0650
: Toggle Sandbox, requires user confirmation.
--actions opendir
: Open the sandbox's home directory.
--actions share-files
: Choose multiple files to share with the sandbox. The file will be temporarily stored in XDG_DATA_HOME/stateDirectory/Shared
, which is purged each launch.
--actions quit
: Stop sandbox and D-Bus proxy. If the app fails to stop after 20s, it'll be killed.
--actions inspect
: Enters the sandbox.
Start portable with argument --actions connect-tty debug-shell
Optionally enable debugging output using environment variable PORTABLE_LOGGING=debug
This repository is available @ Codeberg due to AUR packaging for Chinese users.