virt-sandbox-service-execute man page

virt-sandbox-service execute — execute commands inside Secure container


Execute a command within a security container

  virt-sandbox-service [-c URI] execute [-h] [-N] NAME -- COMMAND [ARG1 [ARG2...]]


virt-sandbox-service is used to manage secure sandboxed system services. These applications will be launched via libvirt and run within a virtualization technology such as LinuX Containers (LXC), or optionally QEMU/KVM. The container / virtual machines will be secured by SELinux and resource separated using cgroups.

The execute subcommand is used to execute commands within an already running container.


-h, --help

Display help message

-c URI, --connect URI

The connection URI for the hypervisor (currently only LXC URIs are supported).

-N, --noseclabel

Execute command within the container.


Execute /bin/sh in httpd1 container

 # virt-sandbox-service execute httpd1 -- /bin/sh

See Also

libvirt(8), selinux(8), systemd(8), "virt-sandbox-service(1)"


Container content will be stored in subdirectories of /var/lib/libvirt/filesystems, by default.  You can manage the content in these directories outside of the container and processes within the container will see the content.


Daniel Walsh <> Daniel P. Berrange <>


virt-sandbox is distributed under the terms of the GNU LGPL v2+. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE

Referenced By


2015-07-01 libvirt-sandbox-0.6.0 Virtualization Support