Package Details: docker-rootless-extras 29.6.2-1

Git Clone URL: https://aur.archlinux.org/docker-rootless-extras.git (read-only, click to copy)
Package Base: docker-rootless-extras
Description: Extras to run docker as non-root.
Upstream URL: https://docs.docker.com/engine/security/rootless/
Keywords: containers docker isolation rootless
Licenses: Apache-2.0
Conflicts: docker-rootless, docker-rootless-extras, docker-rootless-extras-bin
Provides: docker-rootless, docker-rootless-extras, docker-rootless-extras-bin
Submitter: whynothugo
Maintainer: the-k
Last Packager: the-k
Votes: 44
Popularity: 1.42
First Submitted: 2021-04-14 17:58 (UTC)
Last Updated: 2026-07-17 09:17 (UTC)

Dependencies (7)

Required by (0)

Sources (4)

Pinned Comments

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 Next › Last »

psvoboda commented on 2021-05-27 15:04 (UTC)

@MartinX3 Podman in rootless mode has the same serious security implications since it relies on kernel.unprivileged_userns_clone=1 as well, doesn't it?

MartinX3 commented on 2021-05-26 18:58 (UTC)

If you're a security aware user, I recommend

to build containers: https://github.com/containers/buildah

to run containers: https://github.com/containers/podman Podman also has podman-compose

Or if you have a network of several servers: https://github.com/kubernetes/kubernetes

whynothugo commented on 2021-05-26 14:14 (UTC)

I'm going to stop maintaining this package since it actually has some serious security implications (since docker-rootless relies on kernel.unprivileged_userns_clone=1).

I suggest you read this answer if you're going to continue using this package: https://security.stackexchange.com/a/209533

Running docker as root is likely far safer. Consider podman if that's not an option for you.

whynothugo commented on 2021-05-26 14:13 (UTC)

I'm going to stop maintaining this package since it actually has some serious security implications (since docker-rootless relies on kernel.unprivileged_userns_clone=1).

I suggest you read this answer if you're going to continue using this package: https://security.stackexchange.com/a/209533

Running docker as root is likely far safer. Consider podman if that's not an option for you.

HornyApple commented on 2021-05-20 20:02 (UTC)

It is more like another error than wrong hashes - you don't get the error message with makepkg?

whynothugo commented on 2021-05-20 19:50 (UTC)

I've updated the checksums, do they not work?

HornyApple commented on 2021-05-20 18:30 (UTC) (edited on 2021-05-20 18:30 (UTC) by HornyApple)

archiso for x86_64 builds a baseline iso successfully with this package installed (skipped checksums).

HornyApple commented on 2021-05-20 17:53 (UTC)

I guess my kernel (from debian, because the aarch64 kernel from archlinux doesn't boot on my device) doesn't have that feature set.

I still have to build uboot (often used in embedded devices) and build a working kernel myself, to check what's working and what not.

archiso on aarch64 seems to be broken(?) because of some missing packages while doing mkarchiso... I have to investigate this further to be sure, what issue I have.

missing packages in core/extra/community for aarch64: archiso cloud-init mkinitcpio-archiso syslinux virtualbox-guest-utils-nox

I used the archiso from aur.

Also, I am trying to build this on my x86_64 machine - getting a ==> ERROR: Integrity checks (sha256) differ in size from the source array. from makepkg...

Investigating this myself, but I am a bit irritated. Maybe a bug inside makepkg.

whynothugo commented on 2021-05-20 16:44 (UTC)

I've updated the checksums.

I meant to ask if you managed to build an aarch64 ISO (with archiso), since I'm currently stuck on that phase before setting up an arm64 setup.