{"id":22912031,"url":"https://github.com/opencoff/android-container","last_synced_at":"2025-04-01T11:09:04.474Z","repository":{"id":75756904,"uuid":"95586914","full_name":"opencoff/android-container","owner":"opencoff","description":"Linux containers for Android","archived":false,"fork":false,"pushed_at":"2017-07-13T21:55:57.000Z","size":95,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-02-07T06:15:19.447Z","etag":null,"topics":["andoid","containers","diy-containers","linux-namespaces","simple-containers"],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/opencoff.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-06-27T18:07:41.000Z","updated_at":"2017-07-27T23:51:55.000Z","dependencies_parsed_at":"2023-06-07T14:45:49.680Z","dependency_job_id":null,"html_url":"https://github.com/opencoff/android-container","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fandroid-container","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fandroid-container/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fandroid-container/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fandroid-container/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/opencoff","download_url":"https://codeload.github.com/opencoff/android-container/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246628235,"owners_count":20808106,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["andoid","containers","diy-containers","linux-namespaces","simple-containers"],"created_at":"2024-12-14T04:19:37.284Z","updated_at":"2025-04-01T11:09:04.456Z","avatar_url":"https://github.com/opencoff.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"=============================\nSimple Containers for Android\n=============================\n\n:Author: Sudhi Herle \u003csw-at-herle.net\u003e\n:Date: June 26, 2017\n\nThis hack builds on Michael Kerrisk's example in\n``user_namespaces(7)`` into a simplified container startup tool.\n\nThe code is in the ``src`` directory; and it builds a tool called\n``ns``.\n\nUsage\n-----\nThe ``ns`` tool is useful to start the ``init`` process of a\n``chroot`` sandbox. This of this as a better ``chroot(8)``::\n\n    ns [options] pre /newroot init [uid gid]\n\nWhere ::\n\n    PRE      is a pre-exec script that is run in the parent context\n             to setup networking, bridges etc. Since this is run in\n             the parent's context, it must be an absolute path\n             relative to the parent's root directory.\n\n    /newroot is the new RootFS subdir containing a valid root\n             filesystem.\n\n    init     is the \"init\" process that will be started in the cloned\n             namespace. Thus, this script or program must be an\n             absolute path relative to \"/newroot\".\n\nWhere options are::\n\n    --verbose, -v    Show verbose progress messages\n    --network, -n    Additionally clone a network namespace\n    --user, -u       Additionally clone a user namespace\n    --memory=M, -m M Restrict cloned processes to M bytes of system\n                     memory. The size specification can have an\n                     optional 'k', 'M' or 'G' suffix to denote kilo,\n                     Megabyte or Gigabyte respectively.\n\nIf ``--user`` (or ``-u``) option is specified, then ``ns`` will\nrequire two additional command line arguments: ``uid gid``, where::\n\n    uid     UID 0 inside the container is mapped to this 'uid'\n    gid     GID 0 inside the container is mapped to this 'gid'\n\n\nThe pre-exec script will be invoked with the following arguments::\n\n    pre.sh PID\n\nWhere ``PID`` is the process-id of the cloned child (i.e., the\ncontainerized child). In addition, two other environment variables\nare available for **both** scripts::\n\n    CLONE_NEWUSER   This is set to '1' if the user invoked 'ns' with\n                    --user option.\n    CLONE_NEWNET    This is set to '1' if the user invoked 'ns' with\n                    --network option.\n\nThe *pre.sh* script can make use of these variables to guide its\nactions.\n\nExample Invocation\n------------------\nLet us start with the following assumptions:\n\n#.  We have an unpacked root file system under\n    */tmp/root*; i.e., this directory tree has all the usual directories\n    found in a typical Linux desktop or server installation. Further,\n\n#.  We have a pre-exec script in */tmp/pre.sh* that setups a virtual\n    network adapter.\n\n#.  We have a init script in */tmp/root/init.sh*. We will refer to\n    this as */init.sh* -- since that is path relative to the root\n    directory (*/tmp/root*).\n\n::\n\n    sudo ns -m 1G -n /tmp/pre.sh /tmp/root /init.sh\n\nThis will start *init.sh* as pid 1 and uid 0 inside an isolated\nnamespace.\n\nExample implementations of *pre.sh* and *init.sh* are in the *examples/*\nsubdirectory. \n\nBuilding the Code\n=================\nThis builds on any Linux flavor. ::\n\n    cd src\n    make\n\nBy default, this builds a \"debug\" build. And, build-output is in a\nplatform and build-type specific directory. e.g., ``Linux-dbg``,\n``Linux-rel``, ``android64-dbg`` etc. All the object files and final\nexecutable are in these build output directories.\n\nRelease Builds\n--------------\nRelease builds differ from debug builds in one way: addition of\noptimization flags. ::\n\n    make O=1\n\nAndroid Builds\n--------------\nYou can cross-compile to Android as long as you have a working NDK\ninstalled. The Makefile enables you to build for Android-32 bit or\nAndroid-64 bit::\n\n    make ANDROID=1\n    make ANDROID64=1\n\nOf course, you can combine release builds too::\n\n    make O=1 ANDROID64=1\n\nGuide to Source\n===============\nAll the source code is in the *src/* directory and is largely\nderived from Michael Kerrisk's original work in\n``user-namespaces(7)``.\n\n*ns.c*\n    Has ``main()`` and most of the functionality.\n\n*error.c*, *error.h**\n    Utility functions to print the error message and die.\n\n*getopt_long.c*, *getopt_long.h*\n    Portable ``getopt_long(3)`` implementation from the NetBSD libc\n    code. This is BSD licensed (original license).\n\n*mk-test-root.sh*\n    Builds a working root directory from busybox-static. This is\n    useful to quickly setup a root-dir for test purposes. By\n    default, this script builds a root-dir in ``/tmp/zzroot``. Edit\n    this script if you wish to customize it.\n\nOther Notes\n===========\nFor unprivileged user namespaces to work::\n\n    sudo echo 1 \u003e /sys/fs/cgroup/cpuset/cgroup.clone_children\n    sudo echo 1 \u003e /proc/sys/kernel/unprivileged_userns_clone\n\n\n.. vim: ft=rst:sw=4:ts=4:tw=72:expandtab:\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopencoff%2Fandroid-container","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopencoff%2Fandroid-container","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopencoff%2Fandroid-container/lists"}