sbox

Crates.io	sbox
lib.rs	sbox
version	0.2.1
source	src
created_at	2024-01-31 19:17:44.044556
updated_at	2024-06-30 12:09:50.16805
description	Tiny Linux containers implementation
homepage
repository	https://github.com/udovin/sbox
max_upload_size
id	1122082
size	62,524

Ivan Udovin (udovin)

documentation

README

sbox

Tiny Linux containers implementation.

Usage

use std::fs::create_dir_all;
use std::path::PathBuf;

use nix::unistd::{getgid, getuid};
use sbox::{BaseMounts, BinNewIdMapper, Cgroup, Container, InitProcess, OverlayMount};

fn main() {
    // Create user namespace mapper for current user with subuids and subgids.
    let user_mapper = BinNewIdMapper::new_root_subid(getuid(), getgid()).unwrap();
    // Create cgroup for container.
    let cgroup = Cgroup::new("/sys/fs/cgroup", "sbox").unwrap();
    // Path to rootfs for container image.
    let image_dir = PathBuf::from("/tmp/sbox-image");
    // Path to container state dir.
    let state_dir = PathBuf::from("/tmp/sbox-state");
    create_dir_all(state_dir.join("upper")).unwrap();
    create_dir_all(state_dir.join("work")).unwrap();
    // Create container.
    let container = Container::options()
        .cgroup(cgroup)
        .add_mount(OverlayMount::new(
            vec![image_dir],
            state_dir.join("upper"),
            state_dir.join("work"),
        ))
        .add_mount(BaseMounts::new())
        .rootfs(state_dir.join("rootfs"))
        .user_mapper(user_mapper.clone())
        .create()
        .unwrap();
    // Start container.
    InitProcess::options()
        .command(vec![
            "/bin/sh".into(),
            "-c".into(),
            "echo 'Hello, World' && id && cat /proc/self/cgroup".into(),
        ])
        .start(&container)
        .unwrap()
        .wait()
        .unwrap();
}

License

sbox is distributed under the terms of both the MIT license and the Apache 2.0 License.

Commit count: 37

sbox

documentation

README

sbox

Usage

License

cargo fmt