[PRoot]: carry some patches
jessfraz opened this issue · 4 comments
jessfraz commented
see: https://github.com/AkihiroSuda/runrootless
and xattrs for rootless
AkihiroSuda commented
PRoot is currently slow because seccomp acceleration has been broken with recent kernels.
(Tracked in proot-me/proot#130 but seems still broken now)
So I'd suggest using rootless runc with SUID newuidmap
tools.
(It requires my several PRs. review is welcome 🐧 https://github.com/opencontainers/runc/pulls?q=is%3Apr+is%3Aopen+label%3Arootless-containers)
At least, PRoot should be only enabled for apt/apk/yum commands.
AkihiroSuda commented
cc @cyphar
AkihiroSuda commented
FYI here is some benchmark result of PRoot https://github.com/AkihiroSuda/runrootless/issues/14
jessfraz commented
oh cool thanks so much for the info!