[lxc-users] Using LXC as an application container.
Brian Allen Vanderburg II
brianvanderburg2 at aim.com
Sun Jun 7 16:58:08 UTC 2015
Thanks, that looks interesting. There were some discussion of potential
security (being recorded by pulse, keys logged). But other than that it
seems like it would work. Now would it be possible to set it up as a
bare minimum container. That is, instead of essentially a mimimum OS
with all the files, could I basically just copy over/extract the main
executable for the application (/opt/firefox/firefox for example), data
files, and the needed library files, then make /sbin/init point to or
launch /opt/firefox/firefox?
Thanks,
Brian Allen Vanderburg II
On 06/05/2015 12:32 AM, Serge Hallyn wrote:
> See https://www.stgraber.org/2014/02/09/lxc-1-0-gui-in-containers/ as one
> of many examples.
>
> Quoting Brian Allen Vanderburg II (brianvanderburg2 at aim.com):
>> I'm wondering if LXC could be used to create a generic application
>> container/sandbox. I've created similar sandboxes in the past using
>> chroot, unionfs-fuse, and bind mounts, successfully running applications
>> such as Firefox, Sauerbraten, etc. But this was limited and had
>> drawbacks. Using chroot requires root, unprivileged containers can be
>> run without root after everything is properly set up. Chroot only hides
>> away parts of the filesystem, a container can also isolate network
>> namespaces, etc. Is there a way to achieve similar, with better control
>> of isolation, using unprivileged containers?
>>
>>
>> Brian Allen Vanderburg II
>>
>
>
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150607/a07da8a7/attachment.sig>
More information about the lxc-users
mailing list