From Fedora Project Wiki

Notes from a call on June 27

Debarshi has been experimenting with various container tools on Fedora Silverblue, trying to manually reproduce some of the CoreOS [toolbox] experience.

Some issues he ran into / conclusions we came to:

  • Need to be root. We want to avoid the need to prefix every command with sudo, so we need some a way around this. Owen pointed out that runc has a --rootless option, which may be what is needed here
  • Toolbox currently uses rkt to create the image, but that is dead, going forward, so we should use buildah or skopeo instead
  • We should place our image into the official container storage space, so it is visible to other container tooling
  • We need a custom image - it should be more or less equivalent to the workstation as far as the commandline is concerned
  • Unsolved problem: how to pass the Wayland socket into the container. Owen suggets that this may be an selinux issue

Next steps, aim to have done by next week:

  • Write a toolbox-alike script
    • Use skopeo or buildah for the download
    • Use runc or systemd-nspawn for the execution
    • Make it duplicate the user account
    • Make it use a custom shell prompt
    • Use the stock fedora image for now

Next steps, after Guadec:

  • Start defining a customized image to use, call it fedora-toolbox, or something
  • Create an initial package, and ask some people to try it out and see how it works
  • Look into terminal integration
  • Investigate pre-installing the fedora-toolbox image