{"id":21162789,"url":"https://github.com/p5-vbnekit/lcboot","last_synced_at":"2025-07-23T19:31:59.111Z","repository":{"id":218832076,"uuid":"747485418","full_name":"p5-vbnekit/lcboot","owner":"p5-vbnekit","description":"minimalistic file system for booting guests (qemu, lxc, etc.)","archived":false,"fork":false,"pushed_at":"2024-03-05T13:14:29.000Z","size":23,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-14T16:21:15.845Z","etag":null,"topics":["boot","chroot","containers","ext4","ext4-images","init","libvirt","linux","linux-containers","lxc","lxc-containers","lxd","lxd-container","overlay","overlayfs","python","python3","rbind","rootfs","scripts"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/p5-vbnekit.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-01-24T02:40:50.000Z","updated_at":"2024-08-29T17:52:43.000Z","dependencies_parsed_at":"2024-02-25T21:27:39.378Z","dependency_job_id":"73ec3387-6eb6-404a-a67b-17f68f2bfe6a","html_url":"https://github.com/p5-vbnekit/lcboot","commit_stats":null,"previous_names":["p5-vbnekit/guest_bootloader.prototypes","p5-vbnekit/lcboot.prototypes"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/p5-vbnekit/lcboot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p5-vbnekit%2Flcboot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p5-vbnekit%2Flcboot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p5-vbnekit%2Flcboot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p5-vbnekit%2Flcboot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/p5-vbnekit","download_url":"https://codeload.github.com/p5-vbnekit/lcboot/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p5-vbnekit%2Flcboot/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266738302,"owners_count":23976414,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-23T02:00:09.312Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["boot","chroot","containers","ext4","ext4-images","init","libvirt","linux","linux-containers","lxc","lxc-containers","lxd","lxd-container","overlay","overlayfs","python","python3","rbind","rootfs","scripts"],"created_at":"2024-11-20T13:33:54.502Z","updated_at":"2025-07-23T19:31:59.074Z","avatar_url":"https://github.com/p5-vbnekit.png","language":"Python","readme":"# p5-lcboot\nMinimalistic file system for booting guests (qemu, lxc, etc.)\n\n### Motivation\nThere are many pain with rootless [`libvirt_lxc` containers](https://libvirt.org/drvlxc.html).\nThey cannot use `/dev/loop`, `overlay`, `user xattr`, etc.\nThis toolbox was primarily developed as a way to downgrade privileges to rootless inside a rootfull `lxc-libvirt` container.\n\n### Features\n- Configurable `/sbin/init` - `p5.lcboot.init` script.\n - hooking in \"tolerant\" mode - `p5.lcboot.tolerant` script.\n - re-`unshare` namespaces - `uts`, `ipc`, `user` (`uid`/`gid` mapping), `mount`, `cgroup` (isolate it), `network`.\n- Trivial `/dev/initctl` provider implementation - `p5.lcboot.initctl` (`/sbin/initctl`) script.\n- `/sbin/overlay` - `p5.lcboot.overlay` helper script.\n- [`/sbin/mount-idmapped`](https://github.com/brauner/mount-idmapped) binary.\n\n### Typical launch\n- Provide `p5.lcboot` image into `/` of your container (read-only if you wish).\n- Provide target (next hop, real guest) root into `/mnt/root` of your container (read-only if you wish).\n- Provide read/write cache directory (ram, host fs, etc.) into `/mnt/cache` of your container.\n- Set container entry point to `/sbin/init`.\n- Enjoy.\n\n### Advanced configuration\n- Set container entry point to `/bin/sh`.\n- Use `--help` key for any `p5.lcboot.*` executable ([\"python3/scripts\" directory in source code](python3/scripts)).\n- Check out the [sources](python3), there is nothing complicated there. =)\n- Configure boot via your own `/mnt/init.yml`.\n\n#### Example of `/mnt/init.yml`:\n```yaml\n# \"Next hop\" root file system path.\n# For example, may be mounted to guest via `/dev/loop` readonly source.\n# And/or may usually be (re)mounted several times during \"setup.before\" step.\nroot: /mnt/root # default is {path: \"/mnt/root\", mode: \"pivot\"}\n\n# Let's enable uid/gid mapping for unshare system call (disabled by default).\nid_map:\n users: 0 1000000 65536\n groups:\n - 0 1000000 # `internal` `external` (size = 1 by default)\n - 1 1000001 1 # `internal` `external` `size`\n - internal: 2\n external: 1000002\n # size: 1 # default too\n - internal: 3\n external: 1000003\n size: 65533\n\ninitctl: false # default; replace to `true` if you want to spawn `/dev/initctl` (via `p5.lcboot.initctl`) right now\n\n# First step is \"setup\".\n# At this step `p5.lcboot.init` will:\n# - mount /mnt/root/proc`;\n# - invoke `unshare` system call;\n# - mount new `/mnt/root/sys`, `/mnt/root/dev`.\n# After this step `p5.lcboot.init` will change root to `/mnt/root` via `pivot_root` system call.\n# You may change root.mode to `chroot` or `none`.\nsetup:\n # Let's set `setup` mode. Replace it to `none` for skip it and do some in `before` and `exec.before`.\n mode: auto # default\n\n # Custom \"setup\" instructions before this step.\n # In this case we hope that `/mnt/root` is already populated by container owner,\n # but we want to remap some uids/gids and apply some fs layers.\n before:\n # Let's remap users/groups on `/mnt/root`.\n - mount-idmapped --map-mount=b:0:1000000:65536 /mnt/root /mnt/root\n\n # Remount `/mnt/root` as `overlayfs` with:\n # - `lower` ro source layers: `/mnt/root` under `mnt/layers/0` under `/mnt/layers/1`;\n # - `upper` rw layer: `/mnt/cache/overlay/upper`;\n # - `workdir`: `/mnt/cache/overlay/temp/w`;\n # - destination: `/mnt/root`.\n - overlay -- /mnt/layers/0 /mnt/layers/1\n\n# Last step is \"exec\".\nexec:\n # Of course, you can do something before `exec`.\n before:\n - echo \"Hello, 'next hop' root!\"\n - [\"echo\", \"We are ready to boot `systemd` now.\"]\n - command: bash -e # we have `bash` on \"next hop\" root\n input: |\n echo 'Yeah! Only now '\"it's\"' interpreted by real shell ('\"$0\"')!'\n echo 'This script received via stdin.'\n echo \"Date is `date`\"\n - - sh\n - -ec\n - \"echo 'This script received via `cli` key.'; echo Shell is \\\"$0\\\"; echo \\\"Date is `date`\\\"\"\n\n # Let's set custom `exec` system call command.\n # Also, you can override it or append arguments via `cli`, use `--help` key.\n command: /lib/systemd/systemd --system # \"/sbin/init\" by default\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fp5-vbnekit%2Flcboot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fp5-vbnekit%2Flcboot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fp5-vbnekit%2Flcboot/lists"}