Library/application launcher for quickly running daemons inside of restricted jails

Clone this repo:
  1. 11bd7a6 minijail: check if `fp == NULL` and other cleanup by Ben Scarlato · 12 days ago main stabilize-15483.B stabilize-15485.B
  2. dac5fb7 minijail: use xstrdup() for all `= optarg` assignments by Ben Scarlato · 5 weeks ago release-R115-15474.B
  3. 524695a minijail: use xstrdup() for 'K' remount_mode by Ben Scarlato · 5 weeks ago
  4. 1c2fa0a minijail: call setup_fs_rules_fd() early for API users by Ben Scarlato · 5 weeks ago stabilize-15446.B
  5. 238e67a minijail: remove LANDLOCK_ACCESS_FS_REFER logs by Ben Scarlato · 6 weeks ago


The Minijail homepage is

The main source repo is

There might be other copies floating around, but this is the official one!

What is it?

Minijail is a sandboxing and containment tool used in ChromeOS and Android. It provides an executable that can be used to launch and sandbox other programs, and a library that can be used by code to sandbox itself.

Getting the code

You're one git clone away from happiness.

$ git clone
$ cd minijail

Releases are tagged as linux-vXX:


See the document for more details.

Release process

See the document for more details.

Additional tools

See the tools/ document for more details.


We've got a couple of contact points.

Talks and presentations

The following talk serves as a good introduction to Minijail and how it can be used.

Video, slides.

Example usage

The ChromiumOS project has a comprehensive sandboxing document that is largely based on Minijail.

After you play with the simple examples below, you should check that out.

Change root to any user

# id
uid=0(root) gid=0(root) groups=0(root),128(pkcs11)
# minijail0 -u jorgelo -g 5000 /usr/bin/id
uid=72178(jorgelo) gid=5000(eng) groups=5000(eng)

Drop root while keeping some capabilities

# minijail0 -u jorgelo -c 3000 -- /bin/cat /proc/self/status
Name: cat
CapInh: 0000000000003000
CapPrm: 0000000000003000
CapEff: 0000000000003000
CapBnd: 0000000000003000

Historical notes

Q. “Why is it called minijail0?”

A. It is minijail0 because it was a rewrite of an earlier program named minijail, which was considerably less mini, and in particular had a dependency on libchrome (the ChromeOS packaged version of Chromium's //base). We needed a new name to not collide with the deprecated one.

We didn‘t want to call it minijail2 or something that would make people start using it before we were ready, and it was also concretely less since it dropped libbase, etc. Technically, we needed to be able to fork/preload with minimal extra syscall noise which was too hard with libbase at the time (onexit handlers, etc that called syscalls we didn’t want to allow). Also, Elly made a strong case that C would be the right choice for this for linking and ease of controlled surprise system call use. added the original implementation.

Source: Conversations with original authors, ellyjones@ and wad@.