wbrawner/toolbox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Tool for interactive command line environments on Linux
311 commits 1 branch 0 tags 9.2 MiB
Shell 54.9%
Go 36.1%
Dockerfile 5.8%
Meson 1.9%
Python 0.7%
Other 0.6%
Find a file
Debarshi Ray 4481769182 README.md: Add a section about distro support 
Toolbox is being increasingly used outside the Fedora universe. Endless
OS already uses it, and there's some interest in using it on Arch
Linux, Red Hat Enterprise Linux and Ubuntu. Therefore, it's a good
idea to clearly document what's necessary for a smooth Toolbox user
experience on a given operating system distribution.

Note that this might not match the current reality of the code, which
is predominantly developed, tested and used on Fedora. This is a step
towards formally specifying what an OS distributor is expected to
provide. The code can then be iteratively improved to match the
specification.

https://github.com/containers/toolbox/pull/300
2019-10-21 15:36:26 +02:00
completion/bash completion: Make it work with short options 2019-10-11 17:02:23 +02:00
data logo: Convert text to shapes 2019-04-04 16:19:52 +02:00
doc Improve the help or usage output 2019-09-04 20:54:13 +02:00
images/fedora Update the label for tagging to reflect the project's new home 2019-10-14 12:36:17 +02:00
profile.d profile.d: Tighten the Silverblue check 2019-08-12 13:47:36 +02:00
.travis.yml Enable Travis 2019-04-10 15:18:06 +02:00
COPYING Rename LICENSE as COPYING 2018-10-19 18:24:23 +02:00
gen-docs-list images: Restore documentation removed from the base Fedora images 2019-03-05 18:01:27 +01:00
meson.build Prepare 0.0.15 2019-09-30 16:21:56 +02:00
meson_options.txt Show a welcome text on interactive shells running on Silverblue hosts 2019-04-25 15:52:23 +02:00
NEWS Prepare 0.0.15 2019-09-30 16:21:56 +02:00
README.md README.md: Add a section about distro support 2019-10-21 15:36:26 +02:00
toolbox Unbreak 'run' if container lacks files that are redirected to the host 2019-10-18 19:15:59 +02:00

README.md

Toolbox logo landscape

Toolbox is a tool that offers a familiar package based environment for developing and debugging software that runs fully unprivileged using Podman.

The toolbox container is a fully mutable container; when you see yum install ansible for example, that's something you can do inside your toolbox container, without affecting the base operating system.

This is particularly useful on OSTree based operating systems like CoreOS and Silverblue. The intention of these systems is to discourage installation of software on the host, and instead install software as (or in) containers.

However, this tool doesn't require using an OSTree based system — it works equally well if you're running e.g. existing Fedora Workstation or Server, and that's a useful way to incrementally adopt containerization.

The toolbox environment is based on an OCI image. On Fedora this is the fedora-toolbox image. This image is used to create a toolbox container that seamlessly integrates with the rest of the operating system.

Usage

Create your toolbox container:

[user@hostname ~]$ toolbox create
Created container: fedora-toolbox-30
Enter with: toolbox enter
[user@hostname ~]$

This will create a container called fedora-toolbox-<version-id>.

Enter the toolbox:

[user@hostname ~]$ toolbox enter
⬢[user@toolbox ~]$

Distro support

By default, Toolbox creates the container using an OCI image called <ID>-toolbox:<VERSION-ID>, where <ID> and <VERSION-ID> are taken from the host's /usr/lib/os-release. For example, the default image on a Fedora 30 host would be fedora-toolbox:30.

This default can be overridden by the --image option in toolbox create, but operating system distributors should provide an adequately configured default image to ensure a smooth user experience.

Image requirements

Toolbox customizes newly created containers in a certain way. This requires certain tools and paths to be present and have certain characteristics inside the OCI image.

Tools:

  • getent(1)
  • id(1)
  • ln(1)
  • mkdir(1): for hosts where /home is a symbolic link to /var/home
  • passwd(1)
  • readlink(1)
  • rm(1)
  • rmdir(1): for hosts where /home is a symbolic link to /var/home
  • sleep(1)
  • test(1)
  • touch(1)
  • unlink(1)
  • useradd(8)

Paths:

  • /etc/host.conf: optional, if present not a bind mount
  • /etc/hosts: optional, if present not a bind mount
  • /etc/krb5.conf.d: directory, not a bind mount
  • /etc/localtime: optional, if present not a bind mount
  • /etc/resolv.conf: optional, if present not a bind mount
  • /etc/timezone: optional, if present not a bind mount

The image should have sudo(8) enabled for users belonging to either the sudo or wheel groups, and the group itself should exist. File an issue if you really need support for a different group. However, it's preferable to keep this list as short as possible.

Since Toolbox only works with OCI images that fulfill certain requirements, it will refuse images that aren't tagged with com.github.containers.toolbox="true" and com.github.debarshiray.toolbox="true" labels. These labels are meant to be used by the maintainer of the image to indicate that they have read this document and tested that the image works with Toolbox. You can use the following snippet in a Dockerfile for this:

LABEL com.github.containers.toolbox="true" \
      com.github.debarshiray.toolbox="true"