[ 原始碼: rootlesskit ]
套件:rootlesskit(2.0.2-2 以及其他的)
Linux-native "fake root" for rootless containers
The purpose of RootlessKit is to run Docker and Kubernetes as an unprivileged user (known as "Rootless mode"), so as to protect the real root on the host from potential container-breakout attacks.
RootlessKit creates user_namespaces(7) and mount_namespaces(7), and executes newuidmap(1)/newgidmap(1) along with subuid(5) and subgid(5).
RootlessKit also supports isolating network_namespaces(7) with userspace NAT using "slirp".
This Debian package doesn't support vpnkit mode.
On Debian system, kernel.unprivileged_userns_clone should be enabled.
其他與 rootlesskit 有關的套件
|
|
|
|
-
- dep: libc6 (>= 2.34)
- GNU C 函式庫:共用函式庫
同時作為一個虛擬套件由這些套件填實: libc6-udeb
-
- dep: libgcc-s1 (>= 3.4) [ppc64]
- GCC 支援函式庫
-
- dep: libgo23 [ppc64]
- Runtime library for GNU Go applications
-
- dep: uidmap
- programs to help use subuids
-
- rec: slirp4netns
- User-mode networking for unprivileged network namespaces
下載 rootlesskit
| 硬體架構 | 版本 | 套件大小 | 安裝後大小 | 檔案 |
|---|---|---|---|---|
| amd64 | 2.0.2-2+b5 | 5,995。5 kB | 23,390。0 kB | [檔案列表] |
| arm64 | 2.0.2-2+b5 | 4,808。5 kB | 21,870。0 kB | [檔案列表] |
| armel | 2.0.2-2+b5 | 5,111。7 kB | 22,572。0 kB | [檔案列表] |
| armhf | 2.0.2-2+b5 | 5,017。4 kB | 22,444。0 kB | [檔案列表] |
| i386 | 2.0.2-2+b5 | 5,457。6 kB | 22,429。0 kB | [檔案列表] |
| mips64el | 2.0.2-2+b4 | 4,416。8 kB | 23,459。0 kB | [檔案列表] |
| ppc64 (非官方移植版) | 2.0.2-2 | 1,098。8 kB | 10,742。0 kB | [檔案列表] |
| ppc64el | 2.0.2-2+b5 | 5,051。0 kB | 22,830。0 kB | [檔案列表] |
| riscv64 | 2.0.2-2+b4 | 3,715。4 kB | 20,394。0 kB | [檔案列表] |
| s390x | 2.0.2-2+b5 | 5,953。3 kB | 24,622。0 kB | [檔案列表] |