What is the environment when 'sandbox' is enabled for a script?

When configuring a script to run the sandbox option “[…] restricts access to the file system and available commands that can be used by the script.” from the docs.

What file system restrictions are in place? Maybe the virtual directories listed from the web GUI/Digi RM ‘Files’ tab?

What commands can/can’t be run?

I ask because I’ve gotten some answers through trial and error but would much rather be able to either read some documentation or see the implementing code or config. For example I found when uploading a file from Remote Manager I have to upload to the non-existent /applications/ directory but in a scheduled task I access the uploaded file at /etc/config/scripts.

I ask because I want to pause execution of some of my scripts until I have a valid time source (either NTP or, if not on a network, an external real-time clock I can query and then set the system time from) and I don’t know if I should expect date -s ... to work.

The script sandbox is an apparmor profile that can be inspected on a device via shell at: /etc/apparmor.d/script_sandbox. Still no luck on the location of the alias/mounts that show in Digi RM.

The apparmor profile might cause issues with Python logging to /dev/log but would probably work to localhost:514. I’ll update/reply again once I feel I’ve accurately reproduced what I thought I saw.

The apparmor script_sandbox profile definitely prevents logging to /dev/log but logging to UDP localhost:514 works just fine.

If you want to pip install ... inside a script the sandbox seems to prevent that so might not want to have it enabled for initial setup scripts depending on how you have your system deployment done.