On Running systemd-nspawn Containers (2022)

[yjftsjthsd-h]

Linux user namespaces can be used to create containers without having root access, see ex. https://unix.stackexchange.com/questions/66084/simulate-chro...

There's also https://github.com/termux/proot-distro which may or may not count as containers depending on how you define the word but I think it does count

[1oooqooq]

you can't detach your username from a process, nor the network ns... etc, etc, etc.

yeah you can do some smaller fakechroot and maybe some bind mounts... if you call that a "container" good for you.

[yjftsjthsd-h]

> you can't detach your username from a process, nor the network ns... etc, etc, etc.

Sure looks like it works?

  $ unshare -i -n -p -u -T -r -f
  # ls
  # id
  gid=0(root) groups=0(root),65534(nogroup)
  # ip -br a
  lo               DOWN

> yeah you can do some smaller fakechroot and maybe some bind mounts... if you call that a "container" good for you.

Why are you being condescending about what constitutes a container?