Conty/README.md

122 lines
3.4 KiB
Markdown
Raw Permalink Normal View History

2021-03-26 18:03:50 +01:00
## Conty
This is an easy to use non-root container compressed into squashfs and packed
into a single executable that runs (or at least should run) on most Linux distros.
2021-03-26 18:29:43 +01:00
You can use it to run any applications, including games (Vulkan and OpenGL).
2021-03-26 18:03:50 +01:00
Besides, due to bubblewrap, Conty also supports true filesystem sandboxing, so you can even use it to sandbox
your applications.
It uses two technologies:
2021-03-26 18:29:43 +01:00
* SuqashFS (using squashfuse)
2021-03-26 18:03:50 +01:00
* Linux namespaces (using bubblewrap)
## Benefits
2021-03-26 18:17:36 +01:00
* Single executable - download and run, nothing else it required.
2021-03-26 18:30:03 +01:00
* Root rights are **not required**.
2021-03-26 18:03:50 +01:00
* Compressed into squashfs, so it takes much less disk space than
unpacked containers.
2021-03-26 18:17:36 +01:00
* Contains many libraries and packages so it can run almost everything. And you don't
need to install anything on your main (host) system. You can even run 32-bit applications
2021-03-26 18:03:50 +01:00
on pure 64-bit systems.
* Based on Arch Linux, so it contains latest software, including latest
videodrivers.
2021-03-26 18:14:38 +01:00
* Almost completely seamless experience. All applcations that you run
2021-03-26 18:03:50 +01:00
with Conty store their configs in your HOME directory as if you wouldn't
use container at all.
2021-03-26 18:29:43 +01:00
* Supports filesystem sandboxing.
2021-03-26 18:03:50 +01:00
## Requirements
2021-03-26 18:14:38 +01:00
The only requirements are **bash**, **fuse2** and **tar**. And your /tmp directory
2021-03-26 18:03:50 +01:00
should allow binaries execution (which it does by default on most distros).
Also, your Linux kernel must support unprivileged user namespaces. On some
Linux distros this feature is disabled by default and can be enabled with sysfs:
```
sysctl kernel.unprivileged_userns_clone=1
```
or
```
echo 1 > /proc/sys/kernel/unprivileged_userns_clone
```
## Usage
2021-03-26 18:14:38 +01:00
Either download ready-to-use executable from the [**releases**](https://github.com/Kron4ek/Conty/releases) page or create your
2021-03-26 18:03:50 +01:00
own (the instructions are below). Make it executable before run.
```
chmod +x conty.sh
./conty.sh command command_arguments
```
2021-03-26 18:14:38 +01:00
For example, if you want to run an application from your HOME directory run:
2021-03-26 18:03:50 +01:00
```
./conty.sh /home/username/App/application_binary
```
Conty also contains Steam, Lutris, Wine-Staging and much more.
```
./conty.sh steam
./conty.sh lutris
./conty.sh wine app.exe
```
2021-03-26 18:14:38 +01:00
Want to check if graphics acceleration works? Run glxinfo and glxgears:
2021-03-26 18:03:50 +01:00
```
./conty.sh glxinfo | grep direct
./conty.sh glxgears
```
List all built-in binaries with:
```
./conty.sh ls /usr/bin
```
## Sandbox
2021-03-26 18:14:38 +01:00
Conty uses bubblewrap and thus supports filesystem sandboxing. By default
2021-03-26 18:03:50 +01:00
it's disabled and all directories on your system are available for the container.
2021-03-26 18:14:38 +01:00
You can enable sandboxing with the **SANDBOX** environment variable. You can allow
access to directories you want with the **WHITELIST_DIRS** variable. And it's
also possible to disable network with the **DISABLE_NET**. For example:
2021-03-26 18:03:50 +01:00
```
export DISABLE_NET=1
export SANDBOX=1
export WHITELIST_DIRS="/home/username/.cache /opt /home/username/Downloads"
./conty.sh command
```
2021-03-26 18:14:38 +01:00
## How to create your own Conty executables
2021-03-26 18:03:50 +01:00
2021-03-26 18:14:38 +01:00
If you want to create Arch-based container then use the **create-arch-bootstrap.sh** script. Root rights
2021-03-26 18:03:50 +01:00
are required for this step, because chrooting is used here.
```
./create-arch-bootstrap.sh
```
You can edit the script, if you want to include different set of packages inside
the container.
2021-03-26 18:25:08 +01:00
If you want to use some other distro then you need to manually obtain it from somewhere.
2021-03-26 18:03:50 +01:00
2021-03-26 18:14:38 +01:00
When distro bootsrap is obtained, use the **create-conty.sh** script to pack
2021-03-26 18:03:50 +01:00
everything into a single executable.
```
./create-conty.sh
```
Done!