Received: from mail-io1-f65.google.com (mail-io1-f65.google.com [209.85.166.65])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id 422867802BB
	for <~alpine/users@lists.alpinelinux.org>; Sun, 28 Jun 2020 19:27:42 +0000 (UTC)
Received: by mail-io1-f65.google.com with SMTP id i25so15035131iog.0
        for <~alpine/users@lists.alpinelinux.org>; Sun, 28 Jun 2020 12:27:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:from:date:message-id:subject:to;
        bh=pN92C9o/yiSk8YZJvB8pK7Roajf88K6Q6R2VolH2QDw=;
        b=gq32aNegWpOGgbOPUE2Qt0Omi2fgHME46mxDEY73mDiFcoC8g/Pso0D/BlzJ/SBKry
         t6IrvSMTOwtB0Ue0Kd3/22SznctYV2q42wGgRmNSj+hazFEDyJTxfeKxNune8lKxQebG
         WWAK3yMVcWJbnxpQGZ/wihlPx9zsePLbTDqyLxa3ToJquhs3/qlCnqmBh7OGgVXdke5q
         3WjPofZR1U8owqsWwFf6UkfBNLStZ6uaxFiUI3GewE9Q+byRErWKLEZR9YF7RpiCwKZI
         4F2HFL0GkDukjmzLeH9aQ/5mwpxJSj2ht3XhLzhlUoo0VHokjA1/4wJ88GcR00kwkQ6G
         G7zg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=pN92C9o/yiSk8YZJvB8pK7Roajf88K6Q6R2VolH2QDw=;
        b=bBcclm8g6bTNEwDPPVnO9nSFlAWnn9mVkHCbkUBu/H7dXrRx6qkmlEtAgliO0/5Fld
         PV5wAYWZstN6zwojZhAqrkpBs7x64XnvFbOhysLHn1Qdg1tfGP837JhNR6aU64C2qIgB
         mh9tUPXDSGY4wxbczk5m9YPcRIcMA8hp3BHy6XzWMtDNhhfMH+H8x0YRbCoi0nOy8cIH
         UPaOyTs939dKVNl5odYCdVb+yL8rCSQLj/uCdZhIMa1gs1DICHM/UPirVtbylpRx8ezH
         /94zdIcn7Qh2wnhkiUNKreSb0BOmY5yqRmHUIfaOj0UvtI0QL/xaOIcldrK7uzzMawxW
         nzaw==
X-Gm-Message-State: AOAM530JZ8KdvOdcKZpGNffEhJRWOs9DTUVvnZrYUID5VTujcQbPT/vf
	VtWPFKHZE4ASqjEe6Ps5yw0ghcXY7oZUf36wFGnl2XTQ
X-Google-Smtp-Source: ABdhPJyKuG4xoDokNHu9YO7gKWS5+bkwt+fmpM2146Errn5A8Wd0aTvVtf8JoMO8VqZQmUMGus17Aeiq5q+gXe5rSzo=
X-Received: by 2002:a02:c50d:: with SMTP id s13mr8269931jam.109.1593372460394;
 Sun, 28 Jun 2020 12:27:40 -0700 (PDT)
MIME-Version: 1.0
From: Parke <parke.nexus@gmail.com>
Date: Sun, 28 Jun 2020 12:27:04 -0700
Message-ID: <CAPxz1+b_hafVEvMrca8SrQ6pMkyEZD+a6J1OmouhGACa+EwDcQ@mail.gmail.com>
Subject: Running Alpine's userland in a Linux user namespace via lxroot
To: ~alpine/users@lists.alpinelinux.org
Content-Type: text/plain; charset="UTF-8"

I have been enjoying running Alpine's userland in a Linux user
namespace on a non-Alpine host system.  I create the namespace via a
utility I wrote that I call "lxroot".  lxroot can be thought of as an
alternative to chroot that does not require root access.  (This is
possible because Linux user namespaces can be created without root
access.)

If anyone is interested in learning more, lxroot is here:
https://github.com/parke/lxroot

One potential use of lxroot would be running (as non-root) multiple
versions (and/or multiple instances) of Alpine's userland on top of a
single kernel and host system.  This might be useful for package
development and testing.

lxroot can also limit access to the file system, and can optionally
deny network access.

(Aside:  I have not tried running lxroot on top of Alpine's kernel, so
it may or may not work.  lxroot requires, obviously, that the host
kernel has support for Linux user namespaces.)

Cheers,

Parke