Toward cooperation between bubblewrap and LXC
20 views
Skip to first unread message
Forest
Sep 22, 2021, 3:17:03 PM9/22/21
to lxc-...@lists.linuxcontainers.org
A discussion has come up about getting bubblewrap and LXC to cooperate.
One use case would be allowing Steam, which recently started launching games
in a bwrap container, to work in unprivileged LXC containers. (Flatpak can
already do this, but unfortunately, it doesn't serve the same needs that LXC
does.)
I think some perspective from LXC maintainers would be valuable there:
https://github.com/containers/bubblewrap/issues/362
One use case would be allowing Steam, which recently started launching games
in a bwrap container, to work in unprivileged LXC containers. (Flatpak can
already do this, but unfortunately, it doesn't serve the same needs that LXC
does.)
I think some perspective from LXC maintainers would be valuable there:
https://github.com/containers/bubblewrap/issues/362
Stéphane Graber
Sep 22, 2021, 6:03:05 PM9/22/21
to Forest, LXC development mailing-list
Responded to the issue on Github, basically this seems to all work
just fine in LXD when nesting is enabled.
This kind of thing cannot work inside a privileged container and to do
it with unprivileged LXC is definitely possible (that's what LXD does)
but requires quite a bit of care to get all pieces right.
> --
> You received this message because you are subscribed to the Google Groups "lxc-devel" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to lxc-devel+...@lists.linuxcontainers.org.
> To view this discussion on the web visit https://groups.google.com/a/lists.linuxcontainers.org/d/msgid/lxc-devel/680nkgpqn5clmhbpfqstsuvv6ra1e25dpl%404ax.com.
just fine in LXD when nesting is enabled.
This kind of thing cannot work inside a privileged container and to do
it with unprivileged LXC is definitely possible (that's what LXD does)
but requires quite a bit of care to get all pieces right.
> You received this message because you are subscribed to the Google Groups "lxc-devel" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to lxc-devel+...@lists.linuxcontainers.org.
> To view this discussion on the web visit https://groups.google.com/a/lists.linuxcontainers.org/d/msgid/lxc-devel/680nkgpqn5clmhbpfqstsuvv6ra1e25dpl%404ax.com.
Reply all
Reply to author
Forward
0 new messages