commit 399b51c074a3f38fb3defb6af85c14844684c8da
author fwang <fwang@igalia.com> Thu Nov 10 09:48:27 2016
committer Commit bot <commit-bot@chromium.org> Thu Nov 10 09:53:54 2016
tree 6b26dafcc3945bf6dd38ae38bec2a601223ceded
parent 0e33dadcaf3d1c69c3183d13eb68ff0b173f9b94

Ozone: Improve sandboxing documentation

The Linux SUID sandbox is going to be removed [1]. Also, it may not
necessary to disable it to run Ozone builds. Instead of repeating
the command line parameter --disable-setuid-sandbox everywhere, the
documentation is changed to point to the general Sandboxing page.

BUG=None

[1] https://bugs.chromium.org/p/chromium/issues/detail?id=312380

Review-Url: https://codereview.chromium.org/2480293011
Cr-Commit-Position: refs/heads/master@{#431226}

docs/ozone_overview.md

diff --git a/docs/ozone_overview.md b/docs/ozone_overview.md
index db4d0e44..b32fd7b 100644
--- a/docs/ozone_overview.md
+++ b/docs/ozone_overview.md
@@ -130,7 +130,7 @@
 Then to run for example the X11 platform:
 
 ``` shell
-./out/OzoneChromeOS/chrome --ozone-platform=x11 --disable-setuid-sandbox
+./out/OzoneChromeOS/chrome --ozone-platform=x11
 ```
 
 ### Embedded
@@ -155,8 +155,7 @@
 Then to run for example the headless platform:
 
 ``` shell
-./out/OzoneEmbedded/content_shell --disable-setuid-sandbox \
-                                  --ozone-platform=headless \
+./out/OzoneEmbedded/content_shell --ozone-platform=headless \
                                   --ozone-dump-file=/tmp/
 ```
 
@@ -178,7 +177,6 @@
 
 ``` shell
 ./out/OzoneLinuxDesktop/chrome --ozone-platform=x11 \
-                               --disable-setuid-sandbox \
                                --mash
 ```
 
@@ -202,12 +200,10 @@
 ## Running with Ozone
 
 Specify the platform you want to use at runtime using the `--ozone-platform`
-flag. Disabling the setuid sandbox may be required during development.
-
-For example, to run content_shell with the GBM platform:
+flag. For example, to run `content_shell` with the GBM platform:
 
 ``` shell
-content_shell --disable-setuid-sandbox --ozone-platform=gbm
+content_shell --ozone-platform=gbm
 ```
 
 Caveats:
@@ -215,6 +211,8 @@
 * `content_shell` always runs at 800x600 resolution.
 * For the GBM platform, you may need to terminate your X server (or any other
   display server) prior to testing.
+* During development, you may need to configure
+  [sandboxing](linux_sandboxing.md) or to disable it.
 
 ## Ozone Platforms
 
@@ -228,8 +226,7 @@
 command line:
 
 ``` shell
-content_shell --disable-setuid-sandbox \
-              --ozone-platform=headless \
+content_shell --ozone-platform=headless \
               --ozone-dump-file=/tmp/
 ```
 
@@ -270,8 +267,7 @@
 gn args out/OzoneWayland --args="use_ozone=true enable_package_mash_services=true"
 ninja -C out/OzoneWayland chrome
 ./out/OzoneWayland/chrome --ozone-platform=wayland \
-                          --mash \
-                          --disable-setuid-sandbox
+                          --mash
 ```
 
 ### Caca
@@ -298,7 +294,7 @@
 gn args out/OzoneCaca \
         --args="use_ozone=true ozone_platform_caca=true use_sysroot=false ozone_auto_platforms=false toolkit_views=false"
 ninja -C out/OzoneCaca content_shell
-./out/OzoneCaca/content_shell --disable-setuid-sandbox
+./out/OzoneCaca/content_shell
 ```
 
   Note: traditional TTYs are not the ideal browsing experience.<br/>