Merge pull request #67 from AkihiroSuda/linux

Support Linux hosts

Author: AkihiroSuda

.github/workflows/main.yml

@@ -27,7 +27,7 @@ jobs:
       GOTOOLCHAIN: local
     strategy:
       matrix:
-        runs-on: [macos-15, macos-26]
+        runs-on: [ubuntu-24.04, macos-15, macos-26]
     runs-on: ${{ matrix.runs-on }}
     timeout-minutes: 10
     steps:
@@ -51,7 +51,7 @@ jobs:
   lint:
     env:
       GOTOOLCHAIN: local
-    runs-on: macos-26
+    runs-on: ubuntu-24.04
     timeout-minutes: 10
     steps:
       - uses: actions/checkout@v6

.github/workflows/release.yml

@@ -31,7 +31,7 @@ jobs:
   release:
     env:
       GOTOOLCHAIN: local
-    runs-on: macos-26
+    runs-on: ubuntu-24.04
     timeout-minutes: 20
     # The maximum access is "read" for PRs from public forked repos
     # https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

Makefile

@@ -7,7 +7,8 @@ VERSION_TRIMMED := $(VERSION:v%=%)
 VERSION_SYMBOL := github.com/AkihiroSuda/alcless/cmd/alclessctl/version.Version
 
 export SOURCE_DATE_EPOCH ?= $(shell git log -1 --pretty=%ct)
-SOURCE_DATE_EPOCH_TOUCH := $(shell date -r $(SOURCE_DATE_EPOCH) +%Y%m%d%H%M.%S)
+# BSD date (macOS) uses `-r EPOCH`; GNU date (Linux) uses `-d @EPOCH`.
+SOURCE_DATE_EPOCH_TOUCH := $(shell date -r $(SOURCE_DATE_EPOCH) +%Y%m%d%H%M.%S 2>/dev/null || date -d @$(SOURCE_DATE_EPOCH) +%Y%m%d%H%M.%S)
 
 GO ?= go
 # Keep symbols by default, for supporting gomodjail
@@ -25,6 +26,13 @@ GOARCH ?= $(shell $(GO) env GOARCH)
 BINARIES := _output/bin/alclessctl _output/bin/alcless
 
 TAR ?= tar
+# BSD tar (macOS) and GNU tar (Linux) use different flags for reproducible
+# archives. `--option !timestamp` and `gzip -n` both omit the gzip header mtime.
+ifeq ($(shell $(TAR) --version 2>/dev/null | head -1 | grep -c bsdtar),1)
+	TAR_REPRODUCIBLE_FLAGS := --uid 0 --gid 0 --option !timestamp -czvf
+else
+	TAR_REPRODUCIBLE_FLAGS := --owner=0 --group=0 --use-compress-program='gzip -n' -cvf
+endif
 
 .PHONY: all
 all: binaries
@@ -60,30 +68,22 @@ define touch_recursive
 	find "$(1)" -exec touch -t $(SOURCE_DATE_EPOCH_TOUCH) {} +
 endef
 
-to_uname_m = $(shell echo $(1) | sed 's/amd64/x86_64/')
-
 define make_artifact
 	make clean
-	GOARCH=$(1) make
+	GOOS=$(1) GOARCH=$(2) make
 	$(call touch_recursive,_output)
-	$(TAR) -C _output/ --no-xattrs --numeric-owner --uid 0 --gid 0 --option !timestamp -czvf _artifacts/alcless-$(VERSION_TRIMMED)-Darwin-$(call to_uname_m,$(1)).tar.gz ./
+	$(TAR) -C _output/ --no-xattrs --numeric-owner $(TAR_REPRODUCIBLE_FLAGS) _artifacts/alcless-$(VERSION_TRIMMED)-$(3)-$(4).tar.gz ./
 endef
 
-# Needs to be executed on macOS
 .PHONY: artifacts
 artifacts:
 	rm -rf _artifacts
 	mkdir -p _artifacts
-	$(call make_artifact,amd64)
-	$(call make_artifact,arm64)
+	$(call make_artifact,darwin,amd64,Darwin,amd64)
+	$(call make_artifact,darwin,arm64,Darwin,arm64)
+	$(call make_artifact,linux,amd64,Linux,x86_64)
+	$(call make_artifact,linux,arm64,Linux,aarch64)
 	make clean
-	go version | tee _artifacts/build-env.txt
-	echo --- >> _artifacts/build-env.txt
-	sw_vers | tee -a _artifacts/build-env.txt
-	echo --- >> _artifacts/build-env.txt
-	pkgutil --pkg-info=com.apple.pkg.CLTools_Executables | tee -a _artifacts/build-env.txt
-	echo --- >> _artifacts/build-env.txt
-	$(CC) --version | tee -a _artifacts/build-env.txt
 	(cd _artifacts ; sha256sum *) > SHA256SUMS
 	mv SHA256SUMS _artifacts/SHA256SUMS
 	$(call touch_recursive,_artifacts)

README.md

@@ -6,9 +6,9 @@
 
 # Alcoholless: lightweight security sandbox for Homebrew, AI agents, etc.
 
-Alcoholless is a lightweight security sandbox for macOS programs.
+Alcoholless is a lightweight security sandbox, primarily for macOS programs.
 
-While Alcoholless was originally made for the sake of securing Homebrew, basically it can be used for almost any CLI programs on macOS.
+While Alcoholless was originally made for the sake of securing Homebrew, basically it can be used for almost any CLI programs.
 Notably, Alcoholless is useful for allowing an AI agent to run shell commands with less risk of [breaking the host operating system](https://old.reddit.com/r/ClaudeAI/comments/1pgxckk/claude_cli_deleted_my_entire_home_directory_wiped/).
 
 See also my blog article: <https://medium.com/nttlabs/alcoholless-lightweight-security-sandbox-for-macos-ccf0d1927301>
@@ -145,7 +145,7 @@ Select `Launch OpenCode`, press `→`, and choose a model such as `gemma4`.
 ## Install
 
 Requirements:
-- macOS
+- macOS (recommended) or Linux
 - [Go](https://go.dev)
 
 To install Alcoholless, run:
@@ -214,7 +214,7 @@ See [FAQs](#faqs) for the reason why `su` is wrapped inside `sudo`.
 
 ### FAQs
 #### Why wrap `su` inside `sudo`?
-Because `sudo` doesn't isolate "a specific Mach bootstrap subset, audit session and other characteristics not recognized by POSIX" (see `launchd(8)`),
+Because `sudo` doesn't isolate "a specific Mach bootstrap subset, audit session and other characteristics not recognized by POSIX" (see `launchd(8)`) on macOS,
 while `su` isolates them.
 
 e.g., `sudo -u alcless_exampleuser_default open -a TextEdit` opens the `TextEdit` application as the current user, not as `alcless_exampleuser_default`.
@@ -224,19 +224,20 @@ however, touching such system configuration files might be scary.
 
 So, the current workaround is to just wrap `su` inside `sudo`.
 
+#### Why not use containers?
+Because containers are not supported on macOS.
+
 #### Why not use VM?
 Because VM has several disadvantages:
 - Non-negligible performance overhead
 - High disk consumption
 - No direct access to the host hardware (GPU, etc.)
 - Localhost address inaccessible from the host
 - Does not work on GitHub Actions etc. due to lack of the support for nested virtualization
-
-#### Why not support Linux and FreeBSD?
-Because Linux and FreeBSD already have containers.
+- [Licensing limitations](https://www.apple.com/legal/sla/) apply for macOS guests (e.g., only 2 guests can be runnable at most)
 
 #### How does Alcoholless relate to Lima?
-- Alcoholless (**Lightweight**): run commands as a separate macOS user (not a VM, nor a container)
+- Alcoholless (**Lightweight**): run commands as a separate user (not a VM, nor a container)
 - [Lima](https://lima-vm.io/) (**Strong security**): run commands in a VM
   ([Linux](https://lima-vm.io/docs/usage/guests/linux/), [macOS](https://lima-vm.io/docs/usage/guests/macos/), etc.)
 

cmd/alclessctl/commands/create/create.go

@@ -115,7 +115,9 @@ func action(cmd *cobra.Command, args []string) error {
 		}
 	}
 	if !flagPlain {
-		if err = brew.Installed(ctx, instUser); err == nil {
+		if !brew.Supported() {
+			slog.WarnContext(ctx, "Homebrew is not supported on this host", "instance", instName, "instUser", instUser)
+		} else if err = brew.Installed(ctx, instUser); err == nil {
 			slog.InfoContext(ctx, "Homebrew is already installed", "instance", instName, "instUser", instUser)
 		} else {
 			slog.DebugContext(ctx, "Homebrew is not installed", "instance", instName, "instUser", instUser, "error", err)

cmd/alclessctl/commands/shell/shell.go

@@ -67,7 +67,7 @@ func New() *cobra.Command {
 	return cmd
 }
 
-// Depth of "/Users/USER" is 3.
+// Depth of "/Users/USER" (macOS) and "/home/USER" (Linux) is 3.
 const rsyncMinimumSrcDirDepth = 4
 
 func action(cmd *cobra.Command, args []string) error {
@@ -159,7 +159,7 @@ func action(cmd *cobra.Command, args []string) error {
 			return fmt.Errorf("the host working directory must not be $HOME, as this directory is being rsynced to the instance (Hint: %s)", hint)
 		} else {
 			srcWdDepth := len(strings.Split(hostWD, string(os.PathSeparator)))
-			// Depth of "/Users/USER" is 3
+			// Depth of "/Users/USER" (macOS) and "/home/USER" (Linux) is 3
 			slog.DebugContext(ctx, "Working directory depth", "wd", hostWD, "depth", srcWdDepth)
 			if srcWdDepth < rsyncMinimumSrcDirDepth {
 				return fmt.Errorf("expected the depth of the host working directory (%q) to be more than %d, only got %d (Hint: %s)",
@@ -186,7 +186,14 @@ func action(cmd *cobra.Command, args []string) error {
 		}
 	}
 
-	sudoCmd := sudo.Cmd(ctx, instUser, guestWD, cmdExe, cmdArgs)
+	var sudoOpts []sudo.CmdOpt
+	if flagTty {
+		// Allocate a pty (Linux only) so the spawned shell has a controlling
+		// terminal, avoiding "cannot set terminal process group" and getting
+		// job control to work.
+		sudoOpts = append(sudoOpts, sudo.WithPTY())
+	}
+	sudoCmd := sudo.Cmd(ctx, instUser, guestWD, cmdExe, cmdArgs, sudoOpts...)
 	sudoCmdOpts, err := cmdutil.RunOptsFromCobra(cmd) // Propagate stdin
 	if err != nil {
 		return err

pkg/brew/brew.go

@@ -24,6 +24,7 @@ import (
 	"os/exec"
 	"os/user"
 	"path/filepath"
+	"runtime"
 
 	"github.com/AkihiroSuda/alcless/pkg/sudo"
 )
@@ -53,14 +54,34 @@ func Installed(ctx context.Context, instUser string) error {
 }
 
 func InstallCmds(ctx context.Context, instUser string) []*exec.Cmd {
+	systemHomebrewPrefix := "/opt/homebrew"
+	if runtime.GOOS == "linux" {
+		systemHomebrewPrefix = "/home/linuxbrew/.linuxbrew"
+	}
 	cmds := []*exec.Cmd{
 		// Remove system-wide Homebrew (/opt/homebrew/bin) from the PATH
 		// Needed since Homebrew 4.5.9 (July 8, 2025)
 		// https://github.com/AkihiroSuda/alcless/issues/23
-		sudo.Cmd(ctx, instUser, "", "sh", []string{"-c", `echo 'PATH="$(echo "$PATH" | sed -e s@/opt/homebrew/bin:@@g)"; export PATH' | tee -a "${HOME}/.bash_profile" | tee -a "${HOME}/.bashrc" | tee -a "${HOME}/.zprofile" >> "${HOME}/.zshenv"`}),
+		sudo.Cmd(ctx, instUser, "", "sh", []string{"-c", `echo 'PATH="$(echo "$PATH" | sed -e s@` + systemHomebrewPrefix + `/bin:@@g)"; export PATH' | tee -a "${HOME}/.bash_profile" | tee -a "${HOME}/.bashrc" | tee -a "${HOME}/.zprofile" >> "${HOME}/.zshenv"`}),
 
 		sudo.Cmd(ctx, instUser, "", "git", []string{"clone", "https://github.com/Homebrew/brew", "homebrew"}),
 		sudo.Cmd(ctx, instUser, "", "sh", []string{"-c", `echo 'eval "$("${HOME}/homebrew/bin/brew" shellenv)"' | tee -a "${HOME}/.bash_profile" >> "${HOME}/.zshenv"`}),
 	}
 	return cmds
 }
+
+func Supported() bool {
+	switch runtime.GOOS {
+	case "darwin":
+		return true
+	case "linux":
+		switch runtime.GOARCH {
+		case "amd64", "arm64":
+			return true
+		default:
+			return false
+		}
+	default:
+		return false
+	}
+}

pkg/sudo/sudo.go

@@ -26,6 +26,7 @@ import (
 	"os/exec"
 	"os/user"
 	"path/filepath"
+	"runtime"
 	"strings"
 
 	"al.essio.dev/pkg/shellescape"
@@ -35,23 +36,71 @@ func SudoersPath(instUser string) (string, error) {
 	return filepath.Join("/etc/sudoers.d/", instUser), nil
 }
 
+// suArgs returns the arguments passed to /usr/bin/su, excluding `-c COMMAND`.
+//
+// On Linux, `-P` allocates a pseudo-terminal so that the spawned shell has a
+// controlling terminal and job control works. macOS `su` (BSD) does not
+// support `-P`, and the macOS-style invocation already retains the caller's
+// tty, so no workaround is needed there.
+func suArgs(instUser string, pty bool) []string {
+	if pty && runtime.GOOS == "linux" {
+		return []string{"-P", "-", instUser}
+	}
+	return []string{"-", instUser}
+}
+
 func Sudoers(instUser string) (string, error) {
 	currentUser, err := user.Current()
 	if err != nil {
 		return "", err
 	}
-	return fmt.Sprintf("%s ALL=(root) NOPASSWD: /usr/bin/su - %s -c *", currentUser.Username, instUser), nil
+	// Allow both the plain and the `-P` (Linux pty) forms. Both invocations
+	// may be issued by alclessctl depending on whether an interactive
+	// pseudo-terminal is needed.
+	patterns := []string{
+		strings.Join(append([]string{"/usr/bin/su"}, suArgs(instUser, false)...), " ") + " -c *",
+	}
+	if runtime.GOOS == "linux" {
+		patterns = append(patterns,
+			strings.Join(append([]string{"/usr/bin/su"}, suArgs(instUser, true)...), " ")+" -c *",
+		)
+	}
+	return fmt.Sprintf("%s ALL=(root) NOPASSWD: %s", currentUser.Username, strings.Join(patterns, ", ")), nil
+}
+
+type cmdOpts struct {
+	pty bool
+}
+
+// CmdOpt is an option for Cmd.
+type CmdOpt func(*cmdOpts)
+
+// WithPTY requests that the command be wrapped in a pseudo-terminal,
+// so that job control works in interactive shells. Only honored on Linux.
+func WithPTY() CmdOpt {
+	return func(o *cmdOpts) {
+		o.pty = true
+	}
 }
 
-func Cmd(ctx context.Context, instUser, wd, cmdExe string, cmdArgs []string) *exec.Cmd {
+func Cmd(ctx context.Context, instUser, wd, cmdExe string, cmdArgs []string, opts ...CmdOpt) *exec.Cmd {
+	var o cmdOpts
+	for _, f := range opts {
+		f(&o)
+	}
 	quotedArgs := make([]string, len(cmdArgs))
 	for i, f := range cmdArgs {
 		quotedArgs[i] = shellescape.Quote(f)
 	}
-	snippet := fmt.Sprintf("cd %s ; exec %s %s", // cd may fail
-		shellescape.Quote(wd), // can be empty
+	execPart := fmt.Sprintf("exec %s %s",
 		shellescape.Quote(cmdExe),
 		strings.Join(quotedArgs, " "))
-	cmd := exec.CommandContext(ctx, "sudo", "-n", "/usr/bin/su", "-", instUser, "-c", snippet)
+	snippet := execPart
+	if wd != "" {
+		snippet = fmt.Sprintf("cd %s ; %s", shellescape.Quote(wd), execPart)
+	}
+	args := append([]string{"-n", "/usr/bin/su"}, suArgs(instUser, o.pty)...)
+	args = append(args, "-c", snippet)
+	cmd := exec.CommandContext(ctx, "sudo", args...)
 	return cmd
 }

pkg/userutil/userutil.go

@@ -54,3 +54,9 @@ func Exists(name string) (bool, error) {
 	}
 	return true, nil
 }
+
+type Attribute string
+
+const (
+	AttributeUserShell = Attribute("UserShell")
+)

pkg/userutil/userutil_darwin.go

@@ -48,12 +48,6 @@ func Users(ctx context.Context) ([]string, error) {
 	return res, scanner.Err()
 }
 
-type Attribute string
-
-const (
-	AttributeUserShell = Attribute("UserShell")
-)
-
 func ReadAttribute(ctx context.Context, username string, k Attribute) (string, error) {
 	var stderr bytes.Buffer
 	cmd := exec.CommandContext(ctx, "dscl", ".", "-read", "/Users/"+username, string(k))