Bootstrapping Alpine Linux without root

(blog.brixit.nl)

27 points | by mooreds 3 days ago

3 comments

  • coppsilgold 2 hours ago
    You can rip a rootfs from a docker image using skopeo[1] and undocker[2] then you can puppeteer it with bwrap[3].

    This works for most linux distributions (they behave well as fakeroot puppets). Package managers from Debian-based distros tend to misbehave in bwrap in my experience.

    I use this method to obtain software from various distro repositories or when RPM packages are distributed by vendors.

    [1] <https://github.com/containers/skopeo>

    [2] <https://git.jakstys.lt/motiejus/undocker>

    [3] <https://github.com/containers/bubblewrap>

  • yjftsjthsd-h 3 hours ago
    > Creating a chroot in Linux is pretty easy: put a rootfs in a folder and run the sudo chroot /my/folder command. But what if you don't want to use superuser privileges for this?

    My very first thought is actually proot ( https://proot-me.github.io/ ), though that does have a performance hit.

    That said, once you're using unshare (which is a good idea), why not just use podman? Mostly the same under the hood, but does a bunch of this for you. And for this exact usecase I appreciate that there are tradeoffs but I personally would have built pmbootstrap out of Dockerfiles in the first place.

    • MartijnBraam 51 minutes ago
      Using wrappers doesn't really help that much because the difficulties are in the things that aren't covered anyway. Proot doesn't help for these issues, there's a long-standing open issue for that one.

      Using docker would make the mixing and nesting of native and foreign architecture chroots only more difficult

  • Dwedit 3 hours ago
    What about user-mode Linux containers?