fcnetd
| Crates.io | fcnetd |
| lib.rs | fcnetd |
| version | 0.1.0 |
| source | src |
| created_at | 2024-10-27 18:09:06.022923 |
| updated_at | 2024-10-27 18:09:06.022923 |
| description | A daemon process that receives rootless connections from fcnetd-client to perform rootful Firecracker microVM networking. |
| homepage | |
| repository | https://github.com/kanpov/fcnet |
| max_upload_size | |
| id | 1424864 |
| size | 35,770 |
kanpov (kanpov)
documentation
README
fcnetd
fcnetd is a binary daemon that runs as root and receives I/O connections by listening asynchronously on a Unix socket with Tokio.
While fcnetd runs as root, the socket is chown()-ed to a rootless user so that a rootless application process can connect to
fcnetd, thus proxying its networking needs into a separate process without running the whole application as root.
Examples:
fcnetd /tmp/fcnetd.sock- listen on/tmp/fcnetd.sockand make available only toroot.fcnetd --uid 1000 --gid 100 /tmp/fcnetd.sock- listen on/tmp/fcnetd.sockand make available to UID 1000 and GID 100.fcnetd --password abcde --uid 1000 /tmp/fcnetd.sock- listen on/tmp/fcnetd.sockaccessible by UID 1000, additionally authenticate connections with theabcdepassword.