W dniu 14.07.2018 o 14:49, Dave Howorth pisze:
What's the best/easiest way to stop a program accessing the net?
I want to run a program (actually 'make') that may in turn run other programs and some of which might try to access the net. I'd like the access to be stopped and me given a meaningful error message (i.e. what part of what program tried to access what net resource). Ideally, I'd then have the choice of aborting or allowing it to continue.
Searching throws up various possibilities, some of which are not in the standard repositories, and I'm not sure what the best approach is.
You may try network namespaces: https://lmddgtfy.net/?q=linux%20netns
You can create a new network namespace, without attaching any interfaces to it, and run your application in it.
sudo ip netns add isolated sudo ip netns exec sudo -u my_username -i
This will start new shell session running as your user, but without any access to network.
If you want to start graphical application in it, you need to execute