@MartinX3 Podman in rootless mode has the same serious security implications since it relies on kernel.unprivileged_userns_clone=1 as well, doesn't it?
Search Criteria
Package Details: docker-rootless-extras 29.6.2-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/docker-rootless-extras.git (read-only, click to copy) |
|---|---|
| Package Base: | docker-rootless-extras |
| Description: | Extras to run docker as non-root. |
| Upstream URL: | https://docs.docker.com/engine/security/rootless/ |
| Keywords: | containers docker isolation rootless |
| Licenses: | Apache-2.0 |
| Conflicts: | docker-rootless, docker-rootless-extras, docker-rootless-extras-bin |
| Provides: | docker-rootless, docker-rootless-extras, docker-rootless-extras-bin |
| Submitter: | whynothugo |
| Maintainer: | the-k |
| Last Packager: | the-k |
| Votes: | 44 |
| Popularity: | 1.42 |
| First Submitted: | 2021-04-14 17:58 (UTC) |
| Last Updated: | 2026-07-17 09:17 (UTC) |
Dependencies (7)
- docker (rancher-desktop-gitAUR, podman-docker-gitAUR, rancher-desktop-binAUR, docker-gitAUR, docker-cli-binAUR, rancher-desktopAUR, podman-docker)
- rootlesskit
- sh (dashbinshAUR, zshbinshAUR, bash-gitAUR, bash-devel-gitAUR, bash)
- fuse-overlayfs (fuse-overlayfs-gitAUR) (optional) – overlayfs support
- lxc (lxc-selinuxAUR, lxc-gitAUR) (optional) – experimental `lxc-user-nic` network driver
- passt (passt-gitAUR) (optional) – experimental `pasta` network driver
- slirp4netns (slirp4netns-gitAUR) (optional) – recommended network driver
Required by (0)
Sources (4)
Latest Comments
« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 Next › Last »
psvoboda commented on 2021-05-27 15:04 (UTC)
MartinX3 commented on 2021-05-26 18:58 (UTC)
If you're a security aware user, I recommend
to build containers: https://github.com/containers/buildah
to run containers: https://github.com/containers/podman Podman also has podman-compose
Or if you have a network of several servers: https://github.com/kubernetes/kubernetes
whynothugo commented on 2021-05-26 14:14 (UTC)
I'm going to stop maintaining this package since it actually has some serious security implications (since docker-rootless relies on kernel.unprivileged_userns_clone=1).
I suggest you read this answer if you're going to continue using this package: https://security.stackexchange.com/a/209533
Running docker as root is likely far safer. Consider podman if that's not an option for you.
whynothugo commented on 2021-05-26 14:13 (UTC)
I'm going to stop maintaining this package since it actually has some serious security implications (since docker-rootless relies on kernel.unprivileged_userns_clone=1).
I suggest you read this answer if you're going to continue using this package: https://security.stackexchange.com/a/209533
Running docker as root is likely far safer. Consider podman if that's not an option for you.
HornyApple commented on 2021-05-20 20:02 (UTC)
It is more like another error than wrong hashes - you don't get the error message with makepkg?
whynothugo commented on 2021-05-20 19:50 (UTC)
I've updated the checksums, do they not work?
HornyApple commented on 2021-05-20 18:30 (UTC) (edited on 2021-05-20 18:30 (UTC) by HornyApple)
archiso for x86_64 builds a baseline iso successfully with this package installed (skipped checksums).
HornyApple commented on 2021-05-20 17:53 (UTC)
I guess my kernel (from debian, because the aarch64 kernel from archlinux doesn't boot on my device) doesn't have that feature set.
I still have to build uboot (often used in embedded devices) and build a working kernel myself, to check what's working and what not.
archiso on aarch64 seems to be broken(?) because of some missing packages while doing mkarchiso... I have to investigate this further to be sure, what issue I have.
missing packages in core/extra/community for aarch64: archiso cloud-init mkinitcpio-archiso syslinux virtualbox-guest-utils-nox
I used the archiso from aur.
Also, I am trying to build this on my x86_64 machine - getting a ==> ERROR: Integrity checks (sha256) differ in size from the source array. from makepkg...
Investigating this myself, but I am a bit irritated. Maybe a bug inside makepkg.
whynothugo commented on 2021-05-20 16:44 (UTC)
I've updated the checksums.
I meant to ask if you managed to build an aarch64 ISO (with archiso), since I'm currently stuck on that phase before setting up an arm64 setup.
Pinned Comments