Notes from a call on June 27

Debarshi has been experimenting with various container tools on Fedora Silverblue, trying to manually reproduce some of the CoreOS [toolbox] experience.

Some issues he ran into / conclusions we came to:

• Need to be root. We want to avoid the need to prefix every command with sudo, so we need some a way around this. Owen pointed out that runc has a --rootless option, which may be what is needed here
• Toolbox currently uses rkt to create the image, but that is dead, going forward, so we should use buildah or skopeo instead
• We should place our image into the official container storage space, so it is visible to other container tooling
• We need a custom image - it should be more or less equivalent to the workstation as far as the commandline is concerned
• Unsolved problem: how to pass the Wayland socket into the container. Owen suggets that this may be an selinux issue

Next steps, aim to have done by next week:

• Write a toolbox-alike script
  • Use skopeo or buildah for the download
  • Use runc or systemd-nspawn for the execution
  • Make it duplicate the user account
  • Make it use a custom shell prompt
  • Use the stock fedora image for now

Next steps, after Guadec:

• Start defining a customized image to use, call it fedora-toolbox, or something
• Create an initial package, and ask some people to try it out and see how it works
• Look into terminal integration
• Investigate pre-installing the fedora-toolbox image