In many cases, people want to start containers on a system where the administrator is not happy about granting privileges to users or installing any new software. For example, when I was a researcher and wanted to run Python 3 on a computing cluster it was not possible to get the administrator to install Docker or Python 3.
In recent Linux kernels, it has been possible to create containers without any privileges. All that's missing is a container runtime that allows you to do this. LXC is close but falls short (it requires certain privileged processes and PAM modules for everything to work).
The current state of the work is available here. All of the basics work properly, but there's lots of unresolved things left to deal with (as well as lots of cleanup to be done). In addition, certain tools don't work as expected in a rootless container (such as anything that tries to use the unix privilege model). So, I've started work on a tool to fix that issue as well.
I also would like to write some blog posts about all of this work.
Looking for hackers with the skills:
This project is part of:
Hack Week 14
Activity
Comments
Be the first to comment!
Similar Projects
Containerized git server/client for playground and tutorials by mberti
[comment]: # (Please use the project descriptio...
Building a CNF solution for Edge environment by lizhang
Project Description
Network managemen...
K3S Control Planes as a service by ademicev0
[comment]: # (Please use the project descriptio...
Image generation AI in container using Radeon GPU by tjyrinki_suse
[comment]: # (Please use the project descriptio...
Make iguana-workflow to support multiple container frontends by oholecek
Project Description
Iguana is an attempt ...
Improve Docker registry listing tool by rbranco
Project Description
[regview](https://git...
Containerized git server/client for playground and tutorials by mberti
[comment]: # (Please use the project descriptio...
Containerfile / Dockerfile generator library by amanzini
[comment]: # (Please use the project descriptio...