Move cfgs to file from process call

2 files changed, 6 insertions, 14 deletions

diff --git a/config/snekbox.cfg b/config/snekbox.cfg
index 16810d6..f4f86b8 100644
--- a/config/snekbox.cfg
+++ b/config/snekbox.cfg
@@ -3,7 +3,7 @@ description: "Execute Python"
 
 mode: ONCE
 hostname: "snekbox"
-cwd: "/snekbox"
+cwd: "/home"
 
 time_limit: 6
 
@@ -16,10 +16,12 @@ envar: "VECLIB_MAXIMUM_THREADS=5"
 envar: "NUMEXPR_NUM_THREADS=5"
 envar: "PYTHONPATH=/snekbox/user_base/lib/python3.11/site-packages"
 envar: "PYTHONIOENCODING=utf-8:strict"
+envar: "HOME=home"
 
 keep_caps: false
 
 rlimit_as: 700
+rlimit_fsize: 0
 
 clone_newnet: true
 clone_newuser: true
@@ -56,13 +58,6 @@ mount {
 }
 
 mount {
-    src: "/lib64"
-    dst: "/lib64"
-    is_bind: true
-    rw: false
-}
-
-mount {
     src: "/snekbox"
     dst: "/snekbox"
     is_bind: true
diff --git a/snekbox/nsjail.py b/snekbox/nsjail.py
index 4e9cf4d..006ff98 100644
--- a/snekbox/nsjail.py
+++ b/snekbox/nsjail.py
@@ -182,15 +182,12 @@ class NsJail:
         with NamedTemporaryFile() as nsj_log, MemFS(self.memfs_instance_size) as fs:
             # Add the temp dir to be mounted as cwd
             nsjail_args = (
+                # Set fslimit to unlimited, cannot be set in cfg
+                # due to upstream protobuf parsing issue
+                "--rlimit_fsize=inf",
                 # Mount `home` with Read/Write access
                 "--bindmount",
                 f"{fs.home}:home",
-                # Set cwd to temp dir
-                "--cwd",
-                "home",
-                # Some packages rely on the HOME env variable
-                "--env",
-                "HOME=home",
                 *nsjail_args,
             )