Jonkman Microblog
  • Login
Show Navigation

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. clacke (clacke@social.heldscal.la)'s status on Thursday, 25-Jan-2018 09:00:16 EST clacke clacke
    Links to #userspace #rootless #container #userspacecontainer #rootlesscontainer stuff, so I can find them again:

    #bubblewrap https://github.com/projectatomic/bubblewrap/blob/master/README.md

    No, it's not called #flypaper or anything.

    #binctr is a PoC for nonroot RunC, not being developed further there.

    https://github.com/jessfraz/binctr

    https://blog.jessfraz.com/post/getting-towards-real-sandbox-containers/

    #runc has an issue or branch somewhere for upstreaming the binctr ideas

    https://github.com/opencontainers/runc
    In conversation Thursday, 25-Jan-2018 09:00:16 EST from social.heldscal.la permalink

    Attachments

    1. projectatomic/bubblewrap
      from GitHub
      bubblewrap - Unprivileged sandboxing tool
    2. jessfraz/binctr
      from GitHub
      binctr - Fully static, unprivileged, self-contained, containers as executable binaries.
    3. Getting Towards Real Sandbox Containers
      from Jessie Frazelle's Blog
      What steps need to be done until we have containers that can be considered sandboxes
    4. opencontainers/runc
      from GitHub
      runc - CLI tool for spawning and running containers according to the OCI specification
    1. clacke@libranet.de is my main (notclacke@loadaverage.org)'s status on Friday, 15-Mar-2019 12:31:13 EDT clacke@libranet.de is my main clacke@libranet.de is my main
      in reply to
      The rootless containers patch to libcontainer and runc are upstream since https://github.com/opencontainers/runc/pull/774 (2017-03-28), but #binctr is about more than just that and lives on.

      Its new home is at https://github.com/genuinetools/binctr and https://genuinetools.org/ .

      The rootless containers concept now has its own home page at https://rootlesscontaine.rs/ and talks about more implementations or almost-implementations than just runc.

      @clacke
      In conversation Friday, 15-Mar-2019 12:31:13 EDT from loadaverage.org permalink

      Attachments

      1. Rootless Containers by cyphar · Pull Request #774 · opencontainers/runc
        from GitHub
        This enables the support for "rootless container mode". There are certain restrictions on what non-root users can do, resulting in several runC features not being available. There are no ...
      2. genuinetools/binctr
        from GitHub
        Fully static, unprivileged, self-contained, containers as executable binaries. - genuinetools/binctr
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.