Jonkman Microblog
  • Login
Show Navigation

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. clacke (clacke@social.heldscal.la)'s status on Thursday, 25-Jan-2018 09:00:16 EST clacke clacke
    Links to #userspace #rootless #container #userspacecontainer #rootlesscontainer stuff, so I can find them again:

    #bubblewrap https://github.com/projectatomic/bubblewrap/blob/master/README.md

    No, it's not called #flypaper or anything.

    #binctr is a PoC for nonroot RunC, not being developed further there.

    https://github.com/jessfraz/binctr

    https://blog.jessfraz.com/post/getting-towards-real-sandbox-containers/

    #runc has an issue or branch somewhere for upstreaming the binctr ideas

    https://github.com/opencontainers/runc
    In conversation Thursday, 25-Jan-2018 09:00:16 EST from social.heldscal.la permalink

    Attachments

    1. Invalid filename.
      projectatomic/bubblewrap
      from GitHub
      bubblewrap - Unprivileged sandboxing tool
    2. Invalid filename.
      jessfraz/binctr
      from GitHub
      binctr - Fully static, unprivileged, self-contained, containers as executable binaries.
    3. Invalid filename.
      Getting Towards Real Sandbox Containers
      from Jessie Frazelle's Blog
      What steps need to be done until we have containers that can be considered sandboxes
    4. Invalid filename.
      opencontainers/runc
      from GitHub
      runc - CLI tool for spawning and running containers according to the OCI specification
    1. clacke@libranet.de is my main (notclacke@loadaverage.org)'s status on Friday, 15-Mar-2019 12:31:13 EDT clacke@libranet.de is my main clacke@libranet.de is my main
      in reply to
      The rootless containers patch to libcontainer and runc are upstream since https://github.com/opencontainers/runc/pull/774 (2017-03-28), but #binctr is about more than just that and lives on.

      Its new home is at https://github.com/genuinetools/binctr and https://genuinetools.org/ .

      The rootless containers concept now has its own home page at https://rootlesscontaine.rs/ and talks about more implementations or almost-implementations than just runc.

      @clacke
      In conversation Friday, 15-Mar-2019 12:31:13 EDT from loadaverage.org permalink

      Attachments

      1. Invalid filename.
        Rootless Containers by cyphar · Pull Request #774 · opencontainers/runc
        from GitHub
        This enables the support for "rootless container mode". There are certain restrictions on what non-root users can do, resulting in several runC features not being available. There are no ...
      2. Invalid filename.
        genuinetools/binctr
        from GitHub
        Fully static, unprivileged, self-contained, containers as executable binaries. - genuinetools/binctr
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.