wbrawner/toolbox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
toolbox/README.md
Debarshi Ray d0fe8c45f7 README.md: Clarify that Toolbx isn't a security mechanism 
Using the word 'containerized' gives the false impression of heightened
security.  As if it's a mechanism to run untrusted software in a
sandboxed environment without access to the user's private data (such as
$HOME), hardware peripherals (such as cameras and microphones), etc..
That's not what Toolbx is for.

Toolbx aims to offer an interactive command line environment for
development and troubleshooting the host operating system, without
having to install software on the host.  That's all.  It makes no
promise about security beyond what's already available in the usual
command line environment on the host that everybody is familiar with.

https://github.com/containers/toolbox/issues/1020
2022-11-29 17:46:34 +01:00

52 lines
2.8 KiB
Markdown
Raw Blame History

![README](data/gfx/README.gif)
[![Zuul](https://zuul-ci.org/gated.svg)](https://softwarefactory-project.io/zuul/t/local/builds?project=containers/toolbox)
[![Daily Pipeline](https://softwarefactory-project.io/zuul/api/tenant/local/badge?project=containers/toolbox&pipeline=periodic)](https://softwarefactory-project.io/zuul/t/local/builds?project=containers%2Ftoolbox&pipeline=periodic)
[![Arch Linux package](https://img.shields.io/archlinux/v/community/x86_64/toolbox)](https://www.archlinux.org/packages/community/x86_64/toolbox/)
[![Fedora package](https://img.shields.io/fedora/v/toolbox/rawhide)](https://src.fedoraproject.org/rpms/toolbox/)
[Toolbox](https://containertoolbx.org/) is a tool for Linux, which allows the
use of interactive command line environments for development and
troubleshooting the host operating system, without having to install software
on the host. It is built on top of [Podman](https://podman.io/) and other
standard container technologies from [OCI](https://opencontainers.org/).
Toolbox environments have seamless access to the user's home directory,
the Wayland and X11 sockets, networking (including Avahi), removable devices
(like USB sticks), systemd journal, SSH agent, D-Bus, ulimits, /dev and the
udev database, etc..
This is particularly useful on
[OSTree](https://ostree.readthedocs.io/en/latest/) based operating systems like
[Fedora CoreOS](https://coreos.fedoraproject.org/) and
[Silverblue](https://silverblue.fedoraproject.org/). The intention of these
systems is to discourage installation of software on the host, and instead
install software as (or in) containers — they mostly don't even have package
managers like DNF or YUM. This makes it difficult to set up a development
environment or troubleshoot the operating system in the usual way.
Toolbox solves this problem by providing a fully mutable container within
which one can install their favourite development and troubleshooting tools,
editors and SDKs. For example, it's possible to do `yum install ansible`
without affecting the base operating system.
However, this tool doesn't *require* using an OSTree based system. It works
equally well on Fedora Workstation and Server, and that's a useful way to
incrementally adopt containerization.
The toolbox environment is based on an [OCI](https://www.opencontainers.org/)
image. On Fedora this is the `fedora-toolbox` image. This image is used to
create a toolbox container that offers the interactive command line
environment.
Note that Toolbox makes no promise about security beyond what's already
available in the usual command line environment on the host that everybody is
familiar with.
## Installation & Use
See our guides on
[installing & getting started](https://containertoolbx.org/install/) with
Toolbox and [Linux distro support](https://containertoolbx.org/distros/).
Reference in a new issue View git blame Copy permalink