Tool for containerized command line environments on Linux

Related tags

Command Line toolbox


Zuul Daily Pipeline

Arch Linux package Fedora package

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.

This is particularly useful on OSTree based operating systems like Fedora CoreOS and Silverblue. The intention of these systems is to discourage installation of software on the host, and instead install software as (or in) containers — they mostly don't even have package managers like DNF or YUM. This makes it difficult to set up a development environment or install tools for debugging in the usual way.

Toolbox solves this problem by providing a fully mutable container within which one can install their favourite development and debugging tools, editors and SDKs. For example, it's possible to do yum install ansible without affecting the base operating system.

However, this tool doesn't require using an OSTree based system. It works equally well on Fedora Workstation and Server, and that's a useful way to incrementally adopt containerization.

The toolbox environment is based on an OCI image. On Fedora this is the fedora-toolbox image. This image is used to create a toolbox container that seamlessly integrates with the rest of the operating system by providing access to the user's home directory, the Wayland and X11 sockets, networking (including Avahi), removable devices (like USB sticks), systemd journal, SSH agent, D-Bus, ulimits, /dev and the udev database, etc..


Toolbox is installed by default on Fedora Silverblue. On other operating systems it's just a matter of installing the toolbox package.


Create your toolbox container:

[user@hostname ~]$ toolbox create
Created container: fedora-toolbox-33
Enter with: toolbox enter
[user@hostname ~]$

This will create a container called fedora-toolbox- .

Enter the toolbox:

[user@hostname ~]$ toolbox enter
⬢[user@toolbox ~]$

Remove a toolbox container:

[user@hostname ~]$ toolbox rm fedora-toolbox-33
[user@hostname ~]$

Dependencies and Building

Toolbox requires at least Podman 1.4.0 to work, and uses the Meson build system.

The following dependencies are required to build it:

  • meson
  • go-md2man
  • systemd
  • go
  • ninja
  • patchelf

The following dependencies enable various optional features:

  • bash-completion

It can be built and installed as any other typical Meson-based project:

[user@hostname toolbox]$ meson -Dprofile_dir=/etc/profile.d builddir
[user@hostname toolbox]$ ninja -C builddir
[user@hostname toolbox]$ sudo ninja -C builddir install

Toolbox is written in Go. Consult the src/go.mod file for a full list of all the Go dependencies.

By default, Toolbox uses Go modules and all the required Go packages are automatically downloaded as part of the build. There's no need to worry about the Go dependencies, unless the build environment doesn't have network access or any such peculiarities.

Distro support

By default, Toolbox creates the container using an OCI image called -toolbox: , where and are taken from the host's /usr/lib/os-release. For example, the default image on a Fedora 33 host would be fedora-toolbox:33.

This default can be overridden by the --image option in toolbox create, but operating system distributors should provide an adequately configured default image to ensure a smooth user experience.

Image requirements

Toolbox customizes newly created containers in a certain way. This requires certain tools and paths to be present and have certain characteristics inside the OCI image.


  • capsh(1)
  • mkdir(1)
  • mount(8)
  • passwd(1)
  • test(1)
  • touch(1)
  • useradd(8)
  • usermod(8)


  • /etc/host.conf: optional, if present not a bind mount
  • /etc/hosts: optional, if present not a bind mount
  • /etc/krb5.conf.d: directory, not a bind mount
  • /etc/localtime: optional, if present not a bind mount
  • /etc/machine-id: optional, not a bind mount
  • /etc/resolv.conf: optional, if present not a bind mount
  • /etc/timezone: optional, if present not a bind mount

Toolbox enables sudo(8) access inside containers. The following is necessary for that to work:

  • The image should have sudo(8) enabled for users belonging to either the sudo or wheel groups, and the group itself should exist. File an issue if you really need support for a different group. However, it's preferable to keep this list as short as possible.

  • The image should allow empty passwords for sudo(8). This can be achieved by either adding the nullok option to the PAM(8) configuration, or by add the NOPASSWD tag to the sudoers(5) configuration.

Since Toolbox only works with OCI images that fulfill certain requirements, it will refuse images that aren't tagged with com.github.containers.toolbox="true" and com.github.debarshiray.toolbox="true" labels. These labels are meant to be used by the maintainer of the image to indicate that they have read this document and tested that the image works with Toolbox. You can use the following snippet in a Dockerfile for this:

LABEL com.github.containers.toolbox="true"

The label com.github.debarshiray.toolbox="true" was used in previous versions of toolbox but is currently deprecated.

  • System tests refactor

    System tests refactor

    I'd like to propose a refactor of the system's tests. The main reason is that the tests have dependencies between them and with external conditions. By definition, tests should be able to work isolated and without any order or dependency.

    Also, I think that using very common libraries for BATS as bats-support and bats-assert might make the tests more explicit and easy to maintain (and to contribute).

    The helper was a bit complex for this project. It might fix a more complex project like libpod, but I think here makes less sense and make it harder to debug.

    I implemented the same tests, but using some extra asserts (mostly for exit codes) and a couple of tests more. If you like the tests, I'd like to add some more.

    The and the Ansible playbooks are updated as well, but it can be improved.

    There are also some notes because I found some possible bugs or improvements (at Toolbox) while I was writing the tests.

    3. Enhancement 2. CI 
    opened by juanje 82
  • Rewrite in Go

    Rewrite in Go

    This is where the Go rewrite is happening. I welcome any kind of comment/contribution.

    The shell script has been renamed to so that toolbox.go can be compiled.

    The new codebase is based on Cobra which takes care of the CLI heavy lifting.

    5. Help Wanted 6. Major Change 
    opened by HarryMichal 77
  • Add zuul-ci

    Add zuul-ci

    This adds configuration for zuul-ci provided by softwarefactory, the first batch of system tests that I scrambled together and a fix for bind mounting inside of containers. This should be ready to be merged. If it will be, also close this #68.

    3. Enhancement 
    opened by HarryMichal 53
  • Support logging into a registry if necessary

    Support logging into a registry if necessary

    This introduces handling of registries with private repositories/images. Practically speaking, if a used image lives in a registry behind a login wall, Toolbox will be aware of the fact and asks the user if they want to log in. This can be automated by combining the existing global --assumeyes option with newly introduced options --authfile and --creds in command create.

    The authentication is done by Podman and Toolbox only serves as a mediator between the user and Podman. It does not record/store user's credentials in any way.

    Examples of the new behaviour:

    # Try to create from an unknown image
    $ toolbox create -i
    Image required to create toolbox container.
    Download (500MB)? [y/N]: y
    Error: The requested image does not exist
    Make sure the image URI is correct.
    # Try to create from an image in registry with authentication
    $ toolbox -y create -i
    Image required to create toolbox container.
    Download (500MB)? [y/N]: y
    The registry requires logging in.
    Do you want to log into the registry and try to pull the image again? [y/N]: y
    Username: <username>
    Retrying to pull image
    Created container: image-toolbox
    Enter with: toolbox enter image-toolbox
    # Create from an image in registry with authentication by providing login credentials
    $ toolbox -y create -i --creds <username>:<password>
    Could not pull image
    The registry requires logging in.
    Credentials were provided. Trying to log into
    Login Succeeded!
    Retrying to pull image
    Created container: image-toolbox
    Enter with: toolbox enter image-toolbox

    Depends on #786, #823

    Closes #754

    3. Enhancement 6. Major Change 2. Host Realm 2. Under The Hood 
    opened by HarryMichal 40
  • Adjust home path

    Adjust home path

    I like to use several toolboxes, with different content. To properly distinguish these, I'd like to mount them in subdirectories (e.g. container1:/home/user -> host:/var/home/user/container1). It's a similar thing to #183 , but not as security- centric. Is there a way to achieve this at the moment / via consistent workaround (I don't want to change a line of code and after the next update I'm saving files somewhere else ;) )?

    Update: I wouldn't actually mind (maybe even appreciate) having these under different user-contexts - but in the same general directory. That way there is a clear distinction and separation. For presenting this to the end- user in a "nice way", one could add an extra link opening the file-browser as sudo... (just thinking loud here)

    Thanks in advance, Chris

    opened by ckaspro 39
  • Isolated development environments to fend against bugs and malware in code under development

    Isolated development environments to fend against bugs and malware in code under development

    One of the reasons to containerize data is to prevent malicious executable inside the container from getting access to my data. It appears that toolbox always mounts the host home directory in the container. That's convenient, but I would prefer if it was optional.

    Not all containers need access to my SSH private key, keychain and other things that might be stored there.

    opened by markstos 37
  • test/system: Fix flaky test

    test/system: Fix flaky test

    This is a naive attempt to solve the flaking. It could be caused by what is going inside of the run function.


    6. Minor Change 3. Bugfix 2. Testing 
    opened by HarryMichal 31
  • Failed to initialize container

    Failed to initialize container

    Describe the bug Toolbox fails to start after an upgrade and a reboot. This seems to be a different error than #669, and I did not do any unusual updates as described there, so I'm creating a different issue.

    Steps how to reproduce the behaviour

    1. toolbox enter

    Expected behaviour Toolbox environment should start as normal.

    Actual behaviour

    $ toolbox enter -v --log-level debug
    DEBU Running as real user ID 1000                 
    DEBU Resolved absolute path to the executable as /usr/bin/toolbox 
    DEBU Running on a cgroups v2 host                 
    DEBU Checking if /etc/subgid and /etc/subuid have entries for user ptomato 
    DEBU TOOLBOX_PATH is /usr/bin/toolbox             
    DEBU Toolbox config directory is /var/home/ptomato/.config/toolbox 
    DEBU Current Podman version is 2.2.1              
    DEBU Creating runtime directory /run/user/1000/toolbox 
    DEBU Old Podman version is 2.2.1                  
    DEBU Migration not needed: Podman version 2.2.1 is unchanged 
    DEBU Resolving container and image names          
    DEBU Container: ''                                
    DEBU Distribution: ''                             
    DEBU Image: ''                                    
    DEBU Release: ''                                  
    DEBU Resolved container and image names           
    DEBU Container: 'fedora-toolbox-33'               
    DEBU Image: 'fedora-toolbox:33'                   
    DEBU Release: '33'                                
    DEBU Checking if container fedora-toolbox-33 exists 
    DEBU Inspecting mounts of container fedora-toolbox-33 
    DEBU Requires org.freedesktop.Flatpak.SessionHelper 
    DEBU Calling org.freedesktop.Flatpak.SessionHelper.RequestSession 
    DEBU Starting container fedora-toolbox-33         
    DEBU Inspecting entry point of container fedora-toolbox-33 
    DEBU Entry point PID is a float64                 
    DEBU Entry point of container fedora-toolbox-33 is toolbox (PID=12307) 
    DEBU Waiting for container fedora-toolbox-33 to finish initializing 
    DEBU Creating runtime directory /run/user/1000/toolbox 
    DEBU Checking if initialization stamp /run/user/1000/toolbox/container-initialized-12307 exists 
    Error: failed to initialize container fedora-toolbox-33

    Screenshots N/A

    Output of toolbox --version (v0.0.90+) toolbox version 0.0.99

    Toolbox package info (rpm -q toolbox) toolbox-0.0.99-1.fc33.x86_64

    Output of podman version

    Version:      2.2.1
    API Version:  2.1.0
    Go Version:   go1.15.5
    Built:        Tue Dec  8 06:37:50 2020
    OS/Arch:      linux/amd64

    Podman package info (rpm -q podman) podman-2.2.1-1.fc33.x86_64

    Info about your OS Fedora Silverblue 33, freshly updated as of the time of writing

    Additional context This happened after a updating the Silverblue image to the latest, and rebooting. The toolbox image is Fedora 33.

    $ toolbox list -i
    IMAGE ID      IMAGE NAME                                        CREATED
    fe7b8c2393f9  9 months ago
    95dc9d4b0f27  4 months ago

    Here's a list of packages upgraded (note, it's the list I got from rpm-ostree rollback, so you have to read it in reverse):

      ModemManager 1.14.10-1.fc33 -> 1.14.6-1.fc33
      ModemManager-glib 1.14.10-1.fc33 -> 1.14.6-1.fc33
      PackageKit-glib 1.2.2-2.fc33 -> 1.2.1-1.fc33
      abattis-cantarell-fonts 0.301-1.fc33 -> 0.201-4.fc33
      adwaita-qt5 1.2.0-1.fc33 -> 1.1.3-4.fc33
      alsa-plugins-pulseaudio 1.2.2-4.fc33 -> 1.2.2-3.fc33
      alsa-sof-firmware 1.6.1-1.fc33 -> 1.6-1.fc33
      atkmm 2.28.1-1.fc33 -> 2.24.3-6.fc33
      audit 3.0-1.fc33 -> 3.0-0.21.20191104git1c2f876.fc33
      audit-libs 3.0-1.fc33 -> 3.0-0.21.20191104git1c2f876.fc33
      authselect 1.2.2-1.fc33 -> 1.2.1-4.fc33
      authselect-libs 1.2.2-1.fc33 -> 1.2.1-4.fc33
      bind-libs 32:9.11.27-1.fc33 -> 32:9.11.24-2.fc33
      bind-libs-lite 32:9.11.27-1.fc33 -> 32:9.11.24-2.fc33
      bind-license 32:9.11.27-1.fc33 -> 32:9.11.24-2.fc33
      bind-utils 32:9.11.27-1.fc33 -> 32:9.11.24-2.fc33
      binutils 2.35-18.fc33 -> 2.35-14.fc33
      binutils-gold 2.35-18.fc33 -> 2.35-14.fc33
      bolt 0.9.1-1.fc33 -> 0.9-3.fc33
      btrfs-progs 5.10-1.fc33 -> 5.9-1.fc33
      buildah 1.18.0-1.fc33 -> 1.16.2-1.fc33
      c-ares 1.17.0-1.fc33 -> 1.16.1-3.fc33
      chromium 88.0.4324.96-1.fc33 -> 86.0.4240.183-1.fc33
      chromium-common 88.0.4324.96-1.fc33 -> 86.0.4240.183-1.fc33
      cifs-utils 6.11-2.fc33 -> 6.11-1.fc33
      cldr-emoji-annotation 1:38-1.1.fc33 -> 1:38-1.fc33
      cldr-emoji-annotation-dtd 1:38-1.1.fc33 -> 1:38-1.fc33
      containernetworking-plugins 0.9.0-1.fc33 -> 0.8.7-1.fc33
      containers-common 1:1.2.0-13.fc33 -> 1:1.2.0-3.fc33
      coreutils 8.32-15.fc33 -> 8.32-12.fc33
      coreutils-common 8.32-15.fc33 -> 8.32-12.fc33
      crun 0.17-1.fc33 -> 0.15.1-1.fc33
      cups 1:2.3.3op1-1.fc33 -> 1:2.3.3-18.fc33
      cups-client 1:2.3.3op1-1.fc33 -> 1:2.3.3-18.fc33
      cups-filesystem 1:2.3.3op1-1.fc33 -> 1:2.3.3-18.fc33
      cups-filters 1.28.6-1.fc33 -> 1.28.5-1.fc33
      cups-filters-libs 1.28.6-1.fc33 -> 1.28.5-1.fc33
      cups-ipptool 1:2.3.3op1-1.fc33 -> 1:2.3.3-18.fc33
      cups-libs 1:2.3.3op1-1.fc33 -> 1:2.3.3-18.fc33
      curl 7.71.1-8.fc33 -> 7.71.1-7.fc33
      dbus-broker 26-1.fc33 -> 24-1.fc33
      dnsmasq 2.83-1.fc33 -> 2.82-3.fc33
      enchant2 2.2.14-1.fc33 -> 2.2.13-1.fc33
      ethtool 2:5.10-1.fc33 -> 2:5.9-1.fc33
      evolution-data-server 3.38.3-1.fc33 -> 3.38.1-1.fc33
      evolution-data-server-langpacks 3.38.3-1.fc33 -> 3.38.1-1.fc33
      f33-backgrounds-base 33.0.8-1.fc33 -> 33.0.7-1.fc33
      f33-backgrounds-gnome 33.0.8-1.fc33 -> 33.0.7-1.fc33
      fedora-chromium-config 1.1-7.fc33 -> 1.1-6.fc33
      fedora-release-common 33-3 -> 33-2
      fedora-release-identity-silverblue 33-3 -> 33-2
      fedora-release-silverblue 33-3 -> 33-2
      ffmpeg-libs 4.3.1-16.fc33 -> 4.3.1-11.fc33
      firefox 85.0-5.fc33 -> 83.0-3.fc33
      firewalld 0.8.6-1.fc33 -> 0.8.4-1.fc33
      firewalld-filesystem 0.8.6-1.fc33 -> 0.8.4-1.fc33
      flac-libs 1.3.3-4.fc33 -> 1.3.3-3.fc33
      flashrom 1.2-5.fc33 -> 1.2-3.fc33
      flatpak 1.10.1-1.fc33 -> 1.8.3-1.fc33
      flatpak-libs 1.10.1-1.fc33 -> 1.8.3-1.fc33
      flatpak-selinux 1.10.1-1.fc33 -> 1.8.3-1.fc33
      flatpak-session-helper 1.10.1-1.fc33 -> 1.8.3-1.fc33
      fuse-overlayfs 1.4.0-1.fc33 -> 1.2.0-1.fc33
      fwupd 1.5.5-1.fc33 -> 1.5.1-1.fc33
      fwupd-plugin-flashrom 1.5.5-1.fc33 -> 1.5.1-1.fc33
      fwupd-plugin-modem-manager 1.5.5-1.fc33 -> 1.5.1-1.fc33
      gcr 3.38.1-1.fc33 -> 3.38.0-2.fc33
      gcr-base 3.38.1-1.fc33 -> 3.38.0-2.fc33
      gdbm-libs 1:1.19-1.fc33 -> 1:1.18.1-5.fc33
      gdisk 1.0.6-1.fc33 -> 1.0.5-2.fc33
      gdm 1: -> 1:3.38.2-1.fc33
      ghostscript 9.53.3-4.fc33 -> 9.53.3-2.fc33
      git-core 2.29.2-3.fc33 -> 2.28.0-1.fc33
      gjs 1.66.2-2.fc33 -> 1.66.1-2.fc33
      glib2 2.66.4-1.fc33 -> 2.66.3-1.fc33
      glibc 2.32-3.fc33 -> 2.32-2.fc33
      glibc-all-langpacks 2.32-3.fc33 -> 2.32-2.fc33
      glibc-common 2.32-3.fc33 -> 2.32-2.fc33
      glibc-devel 2.32-3.fc33 -> 2.32-2.fc33
      glibc-headers-x86 2.32-3.fc33 -> 2.32-2.fc33
      glibmm24 2.64.5-3.fc33 -> 2.64.2-4.fc33
      gnome-classic-session 3.38.2-1.fc33 -> 3.38.1-1.fc33
      gnome-control-center 3.38.3-1.fc33 -> 3.38.1-2.fc33
      gnome-control-center-filesystem 3.38.3-1.fc33 -> 3.38.1-2.fc33
      gnome-desktop3 3.38.3-1.fc33 -> 3.38.1-1.fc33
      gnome-disk-utility 3.38.1-1.fc33 -> 3.38.0-1.fc33
      gnome-getting-started-docs 3.38.0-1.fc33 -> 3.36.2-2.fc33
      gnome-initial-setup 3.38.3-1.fc33 -> 3.38.1-1.fc33
      gnome-shell 3.38.3-1.fc33 -> 3.38.1-3.fc33
      gnome-shell-extension-apps-menu 3.38.2-1.fc33 -> 3.38.1-1.fc33
      gnome-shell-extension-common 3.38.2-1.fc33 -> 3.38.1-1.fc33
      gnome-shell-extension-horizontal-workspaces 3.38.2-1.fc33 -> 3.38.1-1.fc33
      gnome-shell-extension-launch-new-instance 3.38.2-1.fc33 -> 3.38.1-1.fc33
      gnome-shell-extension-places-menu 3.38.2-1.fc33 -> 3.38.1-1.fc33
      gnome-shell-extension-user-theme 3.38.2-1.fc33 -> 3.38.1-1.fc33
      gnome-shell-extension-window-list 3.38.2-1.fc33 -> 3.38.1-1.fc33
      gnome-terminal 3.38.1-2.fc33 -> 3.38.1-1.fc33
      gnome-terminal-nautilus 3.38.1-2.fc33 -> 3.38.1-1.fc33
      gnome-tweaks 3.34.1-1.fc33 -> 3.34.0-6.fc33
      gnome-user-docs 3.38.2-1.fc33 -> 3.38.1-1.fc33
      gnupg2 2.2.25-2.fc33 -> 2.2.23-1.fc33
      gnupg2-smime 2.2.25-2.fc33 -> 2.2.23-1.fc33
      google-noto-emoji-color-fonts 20200916-1.fc33 -> 20200723-2.fc33
      gst-editing-services 1.18.2-1.fc33 -> 1.18.0-1.fc33
      gstreamer1 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gstreamer1-libav 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gstreamer1-plugins-bad-free 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gstreamer1-plugins-bad-freeworld 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gstreamer1-plugins-base 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gstreamer1-plugins-good 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gstreamer1-plugins-good-gtk 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gstreamer1-plugins-good-qt 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gstreamer1-plugins-ugly 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gstreamer1-plugins-ugly-free 1.18.2-1.fc33 -> 1.18.1-1.fc33
      gtk-update-icon-cache 3.24.24-1.fc33 -> 3.24.23-1.fc33
      gtk2 2.24.33-1.fc33 -> 2.24.32-8.fc33
      gtk3 3.24.24-1.fc33 -> 3.24.23-1.fc33
      gtkmm30 3.24.3-1.fc33 -> 3.24.2-3.fc33
      gutenprint 5.3.4-1.fc33 -> 5.3.3-7.fc33
      gutenprint-cups 5.3.4-1.fc33 -> 5.3.3-7.fc33
      gutenprint-libs 5.3.4-1.fc33 -> 5.3.3-7.fc33
      gvfs 1.46.2-1.fc33 -> 1.46.1-1.fc33
      gvfs-afc 1.46.2-1.fc33 -> 1.46.1-1.fc33
      gvfs-afp 1.46.2-1.fc33 -> 1.46.1-1.fc33
      gvfs-archive 1.46.2-1.fc33 -> 1.46.1-1.fc33
      gvfs-client 1.46.2-1.fc33 -> 1.46.1-1.fc33
      gvfs-fuse 1.46.2-1.fc33 -> 1.46.1-1.fc33
      gvfs-goa 1.46.2-1.fc33 -> 1.46.1-1.fc33
      gvfs-gphoto2 1.46.2-1.fc33 -> 1.46.1-1.fc33
      gvfs-mtp 1.46.2-1.fc33 -> 1.46.1-1.fc33
      gvfs-smb 1.46.2-1.fc33 -> 1.46.1-1.fc33
      hplip 3.20.11-1.fc33 -> 3.20.9-2.fc33
      hplip-common 3.20.11-1.fc33 -> 3.20.9-2.fc33
      hplip-libs 3.20.11-1.fc33 -> 3.20.9-2.fc33
      hwdata 0.343-1.fc33 -> 0.340-1.fc33
      ibus 1.5.23-2.fc33 -> 1.5.23-1.fc33
      ibus-gtk2 1.5.23-2.fc33 -> 1.5.23-1.fc33
      ibus-gtk3 1.5.23-2.fc33 -> 1.5.23-1.fc33
      ibus-libs 1.5.23-2.fc33 -> 1.5.23-1.fc33
      ibus-setup 1.5.23-2.fc33 -> 1.5.23-1.fc33
      ibus-typing-booster 2.10.2-1.fc33 -> 2.10.0-1.fc33
      iproute 5.9.0-1.fc33 -> 5.8.0-1.fc33
      iproute-tc 5.9.0-1.fc33 -> 5.8.0-1.fc33
      iptables 1.8.5-4.fc33 -> 1.8.5-3.fc33
      iptables-libs 1.8.5-4.fc33 -> 1.8.5-3.fc33
      iptables-nft 1.8.5-4.fc33 -> 1.8.5-3.fc33
      iwl100-firmware ->
      iwl1000-firmware 1: -> 1:
      iwl105-firmware ->
      iwl135-firmware ->
      iwl2000-firmware ->
      iwl2030-firmware ->
      iwl3160-firmware 1: -> 1:
      iwl3945-firmware ->
      iwl4965-firmware ->
      iwl5000-firmware ->
      iwl5150-firmware ->
      iwl6000-firmware ->
      iwl6000g2a-firmware ->
      iwl6000g2b-firmware ->
      iwl6050-firmware ->
      iwl7260-firmware 1: -> 1:
      kernel 5.10.10-200.fc33 -> 5.9.8-200.fc33
      kernel-core 5.10.10-200.fc33 -> 5.9.8-200.fc33
      kernel-devel 5.10.10-200.fc33 -> 5.9.8-200.fc33
      kernel-headers 5.10.9-200.fc33 -> 5.9.7-200.fc33
      kernel-modules 5.10.10-200.fc33 -> 5.9.8-200.fc33
      kernel-modules-extra 5.10.10-200.fc33 -> 5.9.8-200.fc33
      keyutils 1.6.1-1.fc33 -> 1.6-5.fc33
      keyutils-libs 1.6.1-1.fc33 -> 1.6-5.fc33
      libaom 2.0.1-3.fc33 -> 2.0.0-3.fc33
      libarchive 3.5.1-1.fc33 -> 3.4.3-3.fc33
      libblkid 2.36.1-1.fc33 -> 2.36-3.fc33
      libbluray 1.2.1-2.fc33 -> 1.2.0-3.fc33
      libcurl 7.71.1-8.fc33 -> 7.71.1-7.fc33
      libdb 5.3.28-45.fc33 -> 5.3.28-44.fc33
      libdnf 0.55.2-1.fc33 -> 0.54.2-3.fc33
      libepoxy 1.5.5-1.fc33 -> 1.5.4-3.fc33
      libertas-sd8686-firmware 20201218-116.fc33 -> 20201022-113.fc33
      libertas-sd8787-firmware 20201218-116.fc33 -> 20201022-113.fc33
      libertas-usb8388-firmware 2:20201218-116.fc33 -> 2:20201022-113.fc33
      libfdisk 2.36.1-1.fc33 -> 2.36-3.fc33
      libgcc 10.2.1-9.fc33 -> 10.2.1-6.fc33
      libgcrypt 1.8.7-1.fc33 -> 1.8.6-4.fc33
      libgomp 10.2.1-9.fc33 -> 10.2.1-6.fc33
      libgpg-error 1.41-1.fc33 -> 1.37-2.fc33
      libgs 9.53.3-4.fc33 -> 9.53.3-2.fc33
      libhandy1 1.0.3-1.fc33 -> 1.0.2-1.fc33
      libibverbs 33.0-2.fc33 -> 32.0-1.fc33
      libical 3.0.9-1.fc33 -> 3.0.8-5.fc33
      libical-glib 3.0.9-1.fc33 -> 3.0.8-5.fc33
      libinput 1.16.4-1.fc33 -> 1.16.3-1.fc33
      libipa_hbac 2.4.0-4.fc33 -> 2.4.0-2.fc33
      libjcat 0.1.5-1.fc33 -> 0.1.4-1.fc33
      libmaxminddb 1.4.3-1.fc33 -> 1.4.2-3.fc33
      libmodulemd 2.12.0-1.fc33 -> 2.9.4-3.fc33
      libmount 2.36.1-1.fc33 -> 2.36-3.fc33
      libmtp 1.1.18-1.fc33 -> 1.1.16-5.fc33
      libnet 1.2-1.fc33 -> 1.1.6-20.fc33
      libnfsidmap 1:2.5.2-1.rc4.fc33 -> 1:2.5.2-1.rc1.fc33
      libopenmpt 0.4.16-1.fc33 -> 0.4.15-1.fc33
      libphonenumber 8.12.11-1.fc33 -> 8.12.7-1.fc33
      libpskc 2.6.6-1.fc33 -> 2.6.2-6.fc33
      libqmi 1.26.8-1.fc33 -> 1.26.6-1.fc33
      libqmi-utils 1.26.8-1.fc33 -> 1.26.6-1.fc33
      libreport-filesystem 2.14.0-15.fc33 -> 2.14.0-13.fc33
      librsvg2 2.50.2-1.fc33 -> 2.50.1-1.fc33
      libsane-airscan 0.99.23-1.fc33 -> 0.99.18-1.fc33
      libsane-hpaio 3.20.11-1.fc33 -> 3.20.9-2.fc33
      libsigc++20 2.10.6-1.fc33 -> 2.10.4-1.fc33
      libslirp 4.3.1-3.fc33 -> 4.3.1-2.fc33
      libsmartcols 2.36.1-1.fc33 -> 2.36-3.fc33
      libsmbclient 2:4.13.4-0.fc33 -> 2:4.13.2-1.fc33
      libsmbios 2.4.3-1.fc33 -> 2.4.2-10.fc33
      libsss_autofs 2.4.0-4.fc33 -> 2.4.0-2.fc33
      libsss_certmap 2.4.0-4.fc33 -> 2.4.0-2.fc33
      libsss_idmap 2.4.0-4.fc33 -> 2.4.0-2.fc33
      libsss_nss_idmap 2.4.0-4.fc33 -> 2.4.0-2.fc33
      libsss_sudo 2.4.0-4.fc33 -> 2.4.0-2.fc33
      libstdc++ 10.2.1-9.fc33 -> 10.2.1-6.fc33
      libtiff 4.1.0-6.fc33 -> 4.1.0-4.fc33
      libtracker-control 2.3.6-2.fc33 -> 2.3.6-1.fc33
      libtracker-miner 2.3.6-2.fc33 -> 2.3.6-1.fc33
      libtracker-sparql 2.3.6-2.fc33 -> 2.3.6-1.fc33
      libtracker-sparql3 3.0.2-3.fc33 -> 3.0.1-1.fc33
      libuuid 2.36.1-1.fc33 -> 2.36-3.fc33
      libwacom 1.7-2.fc33 -> 1.5-1.fc33
      libwacom-data 1.7-2.fc33 -> 1.5-1.fc33
      libwbclient 2:4.13.4-0.fc33 -> 2:4.13.2-1.fc33
      libzstd 1.4.7-1.fc33 -> 1.4.5-5.fc33
      linux-firmware 20201218-116.fc33 -> 20201022-113.fc33
      linux-firmware-whence 20201218-116.fc33 -> 20201022-113.fc33
      low-memory-monitor 2.1-1.fc33 -> 2.0-6.fc33
      lua-libs 5.4.2-1.fc33 -> 5.4.1-1.fc33
      mesa-dri-drivers 20.3.3-3.fc33 -> 20.2.2-1.fc33
      mesa-filesystem 20.3.3-3.fc33 -> 20.2.2-1.fc33
      mesa-libEGL 20.3.3-3.fc33 -> 20.2.2-1.fc33
      mesa-libGL 20.3.3-3.fc33 -> 20.2.2-1.fc33
      mesa-libgbm 20.3.3-3.fc33 -> 20.2.2-1.fc33
      mesa-libglapi 20.3.3-3.fc33 -> 20.2.2-1.fc33
      mesa-libxatracker 20.3.3-3.fc33 -> 20.2.2-1.fc33
      mesa-vulkan-drivers 20.3.3-3.fc33 -> 20.2.2-1.fc33
      microcode_ctl 2:2.1-43.fc33 -> 2:2.1-40.fc33
      minizip-compat 1.2.11-23.fc33 -> 1.2.11-22.fc33
      mlocate 0.26-27.fc33 -> 0.26-26.fc33
      mozjs78 78.7.0-1.fc33 -> 78.4.0-1.fc33
      mtr 2:0.94-1.fc33 -> 2:0.92-7.fc33
      mutter 3.38.3-1.fc33 -> 3.38.1-2.fc33
      nautilus 3.38.2-1.fc33 -> 3.38.1-1.fc33
      nautilus-extensions 3.38.2-1.fc33 -> 3.38.1-1.fc33
      net-snmp-libs 1:5.9-4.fc33 -> 1:5.9-2.fc33
      nfs-utils 1:2.5.2-1.rc4.fc33 -> 1:2.5.2-1.rc1.fc33
      nftables 1:0.9.3-7.fc33 -> 1:0.9.3-6.fc33
      nss 3.60.1-1.fc33 -> 3.58.0-3.fc33
      nss-softokn 3.60.1-1.fc33 -> 3.58.0-3.fc33
      nss-softokn-freebl 3.60.1-1.fc33 -> 3.58.0-3.fc33
      nss-sysinit 3.60.1-1.fc33 -> 3.58.0-3.fc33
      nss-util 3.60.1-1.fc33 -> 3.58.0-3.fc33
      open-vm-tools 11.2.5-1.fc33 -> 11.2.0-1.fc33
      open-vm-tools-desktop 11.2.5-1.fc33 -> 11.2.0-1.fc33
      openjpeg2 2.3.1-10.fc33 -> 2.3.1-7.fc33
      opensc 0.21.0-1.fc33 -> 0.20.0-7.fc33
      openssh 8.4p1-4.fc33 -> 8.4p1-2.fc33
      openssh-clients 8.4p1-4.fc33 -> 8.4p1-2.fc33
      openssh-server 8.4p1-4.fc33 -> 8.4p1-2.fc33
      openssl-libs 1:1.1.1i-1.fc33 -> 1:1.1.1h-1.fc33
      openvpn 2.4.10-1.fc33 -> 2.4.9-2.fc33
      orca 3.38.2-1.fc33 -> 3.38.0-1.fc33
      osinfo-db 20201218-1.fc33 -> 20201015-1.fc33
      ostree 2020.8-1.fc33 -> 2020.7-3.fc33
      ostree-grub2 2020.8-1.fc33 -> 2020.7-3.fc33
      ostree-libs 2020.8-1.fc33 -> 2020.7-3.fc33
      p11-kit 0.23.22-2.fc33 -> 0.23.21-2.fc33
      p11-kit-server 0.23.22-2.fc33 -> 0.23.21-2.fc33
      p11-kit-trust 0.23.22-2.fc33 -> 0.23.21-2.fc33
      pam 1.4.0-10.fc33 -> 1.4.0-8.fc33
      pango 1.48.1-1.fc33 -> 1.48.0-1.fc33
      pangomm 2.42.2-1.fc33 -> 2.42.1-2.fc33
      pcre2 10.36-1.fc33 -> 10.35-8.fc33
      pcre2-syntax 10.36-1.fc33 -> 10.35-8.fc33
      pcre2-utf16 10.36-1.fc33 -> 10.35-8.fc33
      pcre2-utf32 10.36-1.fc33 -> 10.35-8.fc33
      perl-AutoLoader 5.74-466.fc33 -> 5.74-464.fc33
      perl-B 1.80-466.fc33 -> 1.80-464.fc33
      perl-Class-Struct 0.66-466.fc33 -> 0.66-464.fc33
      perl-Encode 4:3.08-458.fc33 -> 4:3.07-457.fc33
      perl-Errno 1.30-466.fc33 -> 1.30-464.fc33
      perl-Fcntl 1.13-466.fc33 -> 1.13-464.fc33
      perl-File-Basename 2.85-466.fc33 -> 2.85-464.fc33
      perl-File-stat 1.09-466.fc33 -> 1.09-464.fc33
      perl-FileHandle 2.03-466.fc33 -> 2.03-464.fc33
      perl-Getopt-Std 1.12-466.fc33 -> 1.12-464.fc33
      perl-IO 1.43-466.fc33 -> 1.43-464.fc33
      perl-IPC-Open3 1.21-466.fc33 -> 1.21-464.fc33
      perl-NDBM_File 1.15-466.fc33 -> 1.15-464.fc33
      perl-POSIX 1.94-466.fc33 -> 1.94-464.fc33
      perl-SelectSaver 1.02-466.fc33 -> 1.02-464.fc33
      perl-Socket 4:2.031-1.fc33 -> 4:2.030-2.fc33
      perl-Symbol 1.08-466.fc33 -> 1.08-464.fc33
      perl-base 2.27-466.fc33 -> 2.27-464.fc33
      perl-if 0.60.800-466.fc33 -> 0.60.800-464.fc33
      perl-interpreter 4:5.32.1-466.fc33 -> 4:5.32.0-464.fc33
      perl-libnet 3.13-1.fc33 -> 3.11-458.fc33
      perl-libs 4:5.32.1-466.fc33 -> 4:5.32.0-464.fc33
      perl-macros 4:5.32.1-466.fc33 -> 4:5.32.0-464.fc33
      perl-mro 1.23-466.fc33 -> 1.23-464.fc33
      perl-overload 1.31-466.fc33 -> 1.31-464.fc33
      perl-overloading 0.02-466.fc33 -> 0.02-464.fc33
      perl-subs 1.03-466.fc33 -> 1.03-464.fc33
      perl-vars 1.05-466.fc33 -> 1.05-464.fc33
      pinentry 1.1.0-9.fc33 -> 1.1.0-8.fc33
      pinentry-gnome3 1.1.0-9.fc33 -> 1.1.0-8.fc33
      pinentry-gtk 1.1.0-9.fc33 -> 1.1.0-8.fc33
      pipewire 0.3.20-1.fc33 -> 0.3.15-2.fc33
      pipewire-gstreamer 0.3.20-1.fc33 -> 0.3.15-2.fc33
      pipewire-libs 0.3.20-1.fc33 -> 0.3.15-2.fc33
      podman 2:2.2.1-1.fc33 -> 2:2.1.1-12.fc33
      podman-plugins 2:2.2.1-1.fc33 -> 2:2.1.1-12.fc33
      procps-ng 3.3.16-2.fc33 -> 3.3.16-1.fc33
      pugixml 1.11.4-1.fc33 -> 1.10-4.fc33
      pulseaudio 14.0-2.fc33 -> 13.99.2-1.fc33
      pulseaudio-libs 14.0-2.fc33 -> 13.99.2-1.fc33
      pulseaudio-libs-glib2 14.0-2.fc33 -> 13.99.2-1.fc33
      pulseaudio-module-bluetooth 14.0-2.fc33 -> 13.99.2-1.fc33
      pulseaudio-module-x11 14.0-2.fc33 -> 13.99.2-1.fc33
      pulseaudio-utils 14.0-2.fc33 -> 13.99.2-1.fc33
      python-unversioned-command 3.9.1-2.fc33 -> 3.9.0-1.fc33
      python3 3.9.1-2.fc33 -> 3.9.0-1.fc33
      python3-audit 3.0-1.fc33 -> 3.0-0.21.20191104git1c2f876.fc33
      python3-cups 2.0.1-7.fc33 -> 2.0.1-5.fc33
      python3-firewall 0.8.6-1.fc33 -> 0.8.4-1.fc33
      python3-libs 3.9.1-2.fc33 -> 3.9.0-1.fc33
      python3-nftables 1:0.9.3-7.fc33 -> 1:0.9.3-6.fc33
      python3-pillow 7.2.0-3.fc33 -> 7.2.0-2.fc33
      python3-rpm -> 4.16.0-1.fc33
      python3-speechd 0.10.2-1.fc33 -> 0.10.1-2.fc33
      qemu-guest-agent 2:5.1.0-9.fc33 -> 2:5.1.0-5.fc33
      qgnomeplatform 0.7.0-2.fc33 -> 0.6.1-3.fc33
      qpdf-libs 10.1.0-1.fc33 -> 10.0.3-1.fc33
      qt-settings 33.0-3.fc33 -> 33.0-2.fc33
      qt5-qtbase 5.15.2-2.fc33 -> 5.15.1-7.fc33
      qt5-qtbase-common 5.15.2-2.fc33 -> 5.15.1-7.fc33
      qt5-qtbase-gui 5.15.2-2.fc33 -> 5.15.1-7.fc33
      qt5-qtdeclarative 5.15.2-2.fc33 -> 5.15.1-1.fc33
      qt5-qtwayland 5.15.2-3.fc33 -> 5.15.1-1.fc33
      qt5-qtx11extras 5.15.2-2.fc33 -> 5.15.1-1.fc33
      qt5-qtxmlpatterns 5.15.2-2.fc33 -> 5.15.1-1.fc33
      raptor2 2.0.15-27.fc33 -> 2.0.15-26.fc33
      rav1e-libs 0.4.0~alpha-0.1.fc33 -> 0.3.3-2.fc33.1
      rdma-core 33.0-2.fc33 -> 32.0-1.fc33
      rpm -> 4.16.0-1.fc33
      rpm-build-libs -> 4.16.0-1.fc33
      rpm-libs -> 4.16.0-1.fc33
      rpm-ostree 2021.1-2.fc33 -> 2020.8-1.fc33
      rpm-ostree-libs 2021.1-2.fc33 -> 2020.8-1.fc33
      rpm-plugin-selinux -> 4.16.0-1.fc33
      rpm-sign-libs -> 4.16.0-1.fc33
      rsync 3.2.3-3.fc33 -> 3.2.3-1.fc33
      samba-client 2:4.13.4-0.fc33 -> 2:4.13.2-1.fc33
      samba-client-libs 2:4.13.4-0.fc33 -> 2:4.13.2-1.fc33
      samba-common 2:4.13.4-0.fc33 -> 2:4.13.2-1.fc33
      samba-common-libs 2:4.13.4-0.fc33 -> 2:4.13.2-1.fc33
      samba-libs 2:4.13.4-0.fc33 -> 2:4.13.2-1.fc33
      sane-airscan 0.99.23-1.fc33 -> 0.99.18-1.fc33
      selinux-policy 3.14.6-34.fc33 -> 3.14.6-30.fc33
      selinux-policy-targeted 3.14.6-34.fc33 -> 3.14.6-30.fc33
      shadow-utils 2:4.8.1-5.fc33 -> 2:4.8.1-4.fc33
      skopeo 1:1.2.0-13.fc33 -> 1:1.2.0-3.fc33
      slirp4netns 1.1.8-1.fc33 ->
      speech-dispatcher 0.10.2-1.fc33 -> 0.10.1-2.fc33
      speech-dispatcher-espeak-ng 0.10.2-1.fc33 -> 0.10.1-2.fc33
      sqlite-libs 3.34.1-1.fc33 -> 3.33.0-2.fc33
      sssd 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-ad 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-client 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-common 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-common-pac 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-ipa 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-kcm 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-krb5 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-krb5-common 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-ldap 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-nfs-idmap 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sssd-proxy 2.4.0-4.fc33 -> 2.4.0-2.fc33
      sudo 1.9.5p2-1.fc33 -> 1.9.2-1.fc33
      switcheroo-control 2.4-1.fc33 -> 2.2-2.fc33
      system-config-printer-libs 1.5.15-1.fc33 -> 1.5.13-1.fc33
      system-config-printer-udev 1.5.15-1.fc33 -> 1.5.13-1.fc33
      systemd 246.7-2.fc33 -> 246.6-3.fc33
      systemd-libs 246.7-2.fc33 -> 246.6-3.fc33
      systemd-networkd 246.7-2.fc33 -> 246.6-3.fc33
      systemd-pam 246.7-2.fc33 -> 246.6-3.fc33
      systemd-rpm-macros 246.7-2.fc33 -> 246.6-3.fc33
      systemd-udev 246.7-2.fc33 -> 246.6-3.fc33
      texlive-lib 7:20200327-19.fc33 -> 7:20200327-18.fc33
      thermald 2.4.1-1.fc33 -> 2.3-2.fc33
      time 1.9-12.fc33 -> 1.9-11.fc33
      toolbox 0.0.99-1.fc33 -> 0.0.97-1.fc33
      tpm2-tss 3.0.3-1.fc33 -> 3.0.1-1.fc33
      tracker 2.3.6-2.fc33 -> 2.3.6-1.fc33
      tracker3 3.0.2-3.fc33 -> 3.0.1-1.fc33
      tracker3-miners 3.0.3-1.fc33 -> 3.0.1-1.fc33
      tzdata 2021a-1.fc33 -> 2020d-1.fc33
      urw-base35-bookman-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-c059-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-d050000l-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-fonts-common 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-gothic-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-nimbus-mono-ps-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-nimbus-roman-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-nimbus-sans-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-p052-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-standard-symbols-ps-fonts 20200910-2.fc33 -> 20200910-1.fc33
      urw-base35-z003-fonts 20200910-2.fc33 -> 20200910-1.fc33
      usb_modeswitch 2.6.1-1.fc33 -> 2.6.0-2.fc33
      util-linux 2.36.1-1.fc33 -> 2.36-3.fc33
      vim-minimal 2:8.2.2146-2.fc33 -> 2:8.2.1961-1.fc33
      virtualbox-guest-additions 6.1.18-1.fc33 -> 6.1.16-1.fc33
      vte-profile 0.62.1-2.fc33 -> 0.62.1-1.fc33
      vte291 0.62.1-2.fc33 -> 0.62.1-1.fc33
      wavpack 5.4.0-1.fc33 -> 5.3.0-2.fc33
      webkit2gtk3 2.30.4-1.fc33 -> 2.30.2-1.fc33
      webkit2gtk3-jsc 2.30.4-1.fc33 -> 2.30.2-1.fc33
      wget 1.21.1-1.fc33 -> 1.20.3-8.fc33
      xorg-x11-server-Xorg 1.20.10-1.fc33 -> 1.20.9-1.fc33
      xorg-x11-server-Xwayland 1.20.10-1.fc33 -> 1.20.9-1.fc33
      xorg-x11-server-common 1.20.10-1.fc33 -> 1.20.9-1.fc33
      xz 5.2.5-4.fc33 -> 5.2.5-3.fc33
      xz-libs 5.2.5-4.fc33 -> 5.2.5-3.fc33
      yelp 2:3.38.2-1.fc33 -> 2:3.38.1-1.fc33
      yelp-libs 2:3.38.2-1.fc33 -> 2:3.38.1-1.fc33
      yelp-xsl 3.38.2-1.fc33 -> 3.38.1-1.fc33
      zchunk-libs 1.1.9-1.fc33 -> 1.1.5-3.fc33
      zimg 3.0.1-2.fc33 -> 2.9.3-3.fc33
      zlib 1.2.11-23.fc33 -> 1.2.11-22.fc33
      zlib-devel 1.2.11-23.fc33 -> 1.2.11-22.fc33
    1. Bug 2. Container Realm 
    opened by ptomato 29
  • Test -Dmigration_path_for_coreos_toolbox on CentOS Stream 9

    Test -Dmigration_path_for_coreos_toolbox on CentOS Stream 9

    The code behind -Dmigration_path_for_coreos_toolbox is meant for Red Hat Enterprise Linux 8 and 9. Hence, it makes sense to use CentOS Stream 9 to run the 'unit tests' on the corresponding code path.

    opened by debarshiray 28
  • sudo(8) inside toolbox containers asks for a password with Podman 2.0.5

    sudo(8) inside toolbox containers asks for a password with Podman 2.0.5

    When using toolbox on F33 Silverblue rawhide, entering a newly created toolbox results in an error as follows ...

    /usr/bin/id: cannot find name for group ID 1000

    Inside of toolbox, when issuing a command sudoer privileges are required for, such as dnf like so ... sudo dnf install vim-enhanced terminator results in the following prompt to the user ...

    We trust you have received the usual lecture from the local System
    Administrator. It usually boils down to these three things:
    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

    then, if I enter the user password the result is password attempt failure ...

    [sudo] password for ssnow:
    Sorry, try again.
    [sudo] password for ssnow:
    Sorry, try again.

    This issue was originally reported at and I originally thought the users system must be broken in some way. That was until I installed a fresh rawhide version of Silverblue. IMO, it may relate to the first message I get when entering the toolbox container. Perhaps not mapping the user as the root of the container.

    opened by TheOneandOnlyJakfrost 26
  • Desktop files integration

    Desktop files integration

    If you install an GUI App (for example VS Code, GNOME Builder, et cetera), it will create desktop file in /usr/share/applications. But toolbox have isolated system (except homedir) and it will not bind. If there can be an option to create desktop file from it like: $ toolbox desktop code.desktop will do:

    1. Copy /usr/share/applications/code.desktop to .local/share/applications/toolbox_code.desktop
    2. Change all executable references (/usr/bin/code or code) to the conainers (/usr/bin/code -> toolbox run /usr/bin/code et cetera)
    3. Copy icon to local icon storage

    Also add option to remove: $ toolbox desktop code.desktop -r to remove ~/.local/share/applications/toolbox_code.desktop and the icon

    1. Feature request 
    opened by ghost 24
  • cmd/run: Ensure underlying container is stopped when toolbox is killed

    cmd/run: Ensure underlying container is stopped when toolbox is killed

    Right now "toolbox enter" creates a container on the fly, but then lets it linger after the foreground toolbox process is killed (for instance, from a terminal hangup).

    Not killing the underlying container has the negative side effect of stalling shutdown if a toolbox shell is running.

    This commit addresses that problem by detecting when the toolbox process is signaled, and then in response, kills off the entire cgroup associated with the underlying container.


    opened by halfline 3
  • cmd: Jump to /run/host/$PWD when entering toolbox

    cmd: Jump to /run/host/$PWD when entering toolbox

    As a convenience to users, when entering a container toolbx tries to maintain the working directory from the host. This works great if the user is inside their home directory, for instance, since the home directory is shared between host and container.

    It can be confusing in other cases, though. The issue is that the directory in the container may have the same path as the directory in the host, but have completely different contents. The old contents may actually be in /run/host/$PWD instead.

    Switching to /run/host/$PWD unconditionally has its own downsides. For one, it's ugly, and also, in common cases, like subdirectories of the home directory, it's unnecessary.

    This commit tries to find the balance, by making toolbx check first if the directory is shared between host and container, and if not, only then falling back to trying /run/host/$PWD.


    opened by halfline 4
  • user container cannot receive uevents

    user container cannot receive uevents

    Describe the bug Programs in a standard Fedora toolbox don't receive uevents, i.e. udev events about hardware changes through the AF_NETLINK socket.

    This is supposed to work with running the container in the host's network namespace (currently --network=host) and bind-mounting the host's dev. Issue #468 also sounds like this actually did work in the past.

    Steps how to reproduce the behaviour

    1. toolbox create -r 37; toolbox enter -r 37
    2. sudo dnf install -y /usr/bin/udevadm
    3. Start udevadm monitor --udev once in the toolbox, and once on the host
    4. Trigger some /dev change. Plug in or remove a Yubikey, mouse, or keyboard; or do something like sudo ip link add name e1 type veth or sudo modprobe scsi_debug.

    Expected behaviour The host's udev monitor will see the event, like

    UDEV  [3612.352892] add      /devices/pseudo_0/adapter0/host0/target0:0:0/0:0:0:0/block/sda (block)

    for loading scsi_debug. Ideally, the toolbox should see this as well. This would make it possible to run things like gvfs, sway, calibre, or anything else that needs to react to hardware changes in toolbox.

    Actual behaviour udevadm in toobox does not see any event.

    Output of toolbox --version (v0.0.90+) toolbox version

    Output of podman version

    Client:       Podman Engine
    Version:      4.3.1
    API Version:  4.3.1
    Go Version:   go1.19.2
    Built:        Fri Nov 11 16:01:27 2022
    OS/Arch:      linux/amd64

    Podman package info (rpm -q podman) podman-4.3.1-1.fc37.x86_64

    Info about your OS Fedora 37 OSTree (Silberblue-ish, but a custom build).

    Additional context I'm experimenting with running my whole desktop from toolbox/podman, see and .

    Perhaps this is doomed to fail, but this issue is pretty much the only blocker, so I'd like to at least understand why :grin: Thanks!

    1. Bug 
    opened by martinpitt 3
  • Option to split network from host

    Option to split network from host

    Is your feature request related to a problem? Please describe. If i use an vpn like openvpn the routes are also modify the routes on the host (expected as of --network host), but if i dont want my vpn accessible from the host, but only inside the toolbox im unabled to modify this behaviour in the vanilla way.

    Describe the solution you'd like It would be great to have an option by creating the container to pass an custom value for network.

    Describe alternatives you've considered Alternative i would have to get the podman command by inspect, and create the toolbox the other way around. But i would consider this as bad practice as i intercept the toolbox concept here.

    Additional context Ive read about other container that where said to have the possibility to act like an gateway like gluetun. but there i would have to modify the network also.

    1. Feature request 
    opened by Hero9909 0
  • Improve the error message when running nested inside a non-Toolbx container

    Improve the error message when running nested inside a non-Toolbx container

    The following files have been modified: list.go and root.go Fixed issue

    Signed-off-by: Nieves Montero [email protected]

    opened by nievesmontero 1
  • 10, 2021)

    Overview of changes

    • Add bc and iproute to the fedora-toolbox images
    • Add fedora-toolbox image definition for Fedoras 35 and 36
    • Add support for configuration files
    • Add optional migration paths for coreos/toolbox users
    • Allow overriding the path to tmpfilesdir
    • Avoid RPM failures due to unexpected file owners
    • Bump minimum Meson version to 0.58.0
    • Ensure that binaries are run against their build-time ABI
    • Expose the host's entire / in the container at /run/host
    • Fix the PS1 on Z shell
    • Fix wrong use of regexp.MatchString
    • Give access to PC/SC smart card daemon
    • Make locate(1) opt-in by default
    • Make the test suite non-destructive
    • Mention that private images require 'podman login'
    • Remove misleading and redundant CMD from the fedora-toolbox images
    • Remove the deprecated com.github.debarshiray.toolbox label from the fedora-toolbox images, and when creating a new container
    • Replace outdated logos with pixels
    • Show basic help when man(1) is not available
    • Show welcome message on Fedora Kinoite
    • Test ImageReferenceCanBeID and ParseRelease
    • Unbreak 'enter' if the shell had exited with 127
    • Various additions and improvements to the test suite
    • Various updates to the documentation and manuals
    Source code(tar.gz)
    Source code(zip)
    toolbox- KB)
    toolbox- bytes)
  • 26, 2021)

    Overview of changes

    • Add nano-default-editor to the fedora-toolbox images
    • Add unit tests for pkg/shell
    • Connect Go unit tests to Meson & rename CI job
    • Decouple image caching from Zuul for the system tests
    • Don't assume that the user's GID is the same as the UID
    • Don't require /etc/machine-id in toolbox images
    • Drop ShellCheck on Shell Toolbox
    • Give access to systemd-resolved's Varlink socket
    • Optimize 'enter' and 'run' in the non-fallback case
    • Optimize the performance of 'list'
    • Properly separate builddir setup & build in the Ansible playbooks
    • Rename Dockerfile to Containerfile for the fedora-toolbox images
    • Show test execution time for the system tests
    • Support listing images without names
    • Unbreak 'create' on an unlocked OSTree deployment
    • Unbreak 'create' on CoreOS with read-only /boot
    • Update default release to 33 for non-Fedora hosts
    • Update the GitHub issue templates
    • Use a regular file, not a symbolic link, for the in the fedora-toolbox images
    • Fall back to $HOME when using a container if the current working directory isn't present in it
    • Various updates to the Bash completion
    • Various updates to the manuals
    Source code(tar.gz)
    Source code(zip)
    toolbox- MB)
    toolbox- bytes)
  • 23, 2021)

    Overview of changes

    • Add deprecation notices to the POSIX shell implementation
    • Add test for the new --distro option
    • Drop the FGC namespace from the fedora-toolbox images
    • Fix miscellaneous issues pointed out by
    • Handle hosts with /etc/localtime as absolute symlink
    • Improve
    • Improve the Zuul configuration
    • Mount /mnt only if it is available
    • Refactor the system tests, and use bats-assert and bats-support
    • Test that sudo doesn't require a password
    • Update the manuals
    Source code(tar.gz)
    Source code(zip)
    toolbox- MB)
    toolbox- bytes)
  • 0.0.99(Jan 12, 2021)

    Overview of changes

    • Add a --distro option to 'create', 'enter' and 'run'
    • Prevent setting VTE-specific PROMPT_COMMAND without VTE
    • Remove the --candidate-registry option from Bash completion and the manual for 'create'
    • Remove the deprecated reset command
    • Support RHEL hosts by creating containers based on UBI
    • Try to avoid 'latest' tags, when looking at RepoTags
    • Update the labels used for filtering toolbox containers images
    • Update the range of supported Fedora releases
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.99.tar.xz(5.57 MB)
    toolbox-0.0.99.tar.xz.sha256sum(87 bytes)
  • 7, 2021)

  • 0.0.98(Jan 5, 2021)

    Overview of changes

    • Add nss-mdns to the fedora-toolbox images
    • Correctly check validity of container name
    • Don't leak all the os-release fields into the shell
    • Don't rely on XDG_RUNTIME_DIR when running as root
    • Give access to Avahi to resolve the .local mDNS domain
    • Make coredumpctl(1) 'dump' and 'debug' work inside toolbox containers
    • Make options --image and --release for 'create' mutually exclusive
    • Notify the terminal about the real UID of 'toolbox enter'
    • Remove periods at the end of flag descriptions
    • Set XDG_RUNTIME_DIR when creating the toolbox container
    • Unbreak 'enter' on hosts without a /etc/localtime
    • Unbreak the system tests on Fedora 33
    • Use the host's user namespace when running as root
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.98.tar.xz(5.57 MB)
    toolbox-0.0.98.tar.xz.sha256sum(87 bytes)
  • 0.0.97(Nov 3, 2020)

    Overview of changes

    • Allow X11 clients to run as root
    • Color the output only when displaying on a terminal
    • Don't rely on user D-Bus to track time zone configuration
    • Enable running minikube on Silverblue
    • Expose the host's /boot inside the container at /run/host
    • Fix missing terminfo warning for Ubuntu containers
    • Make locate(1) work inside toolbox containers
    • Make pseudo-terminal devices be owned by the 'tty' group
    • Rework test to check if a toolbox container started successfully
    • Run a login shell when falling back to Bash during 'enter'
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.97.tar.xz(5.57 MB)
    toolbox-0.0.97.tar.xz.sha256sum(87 bytes)
  • 0.0.96(Oct 1, 2020)

  • 0.0.95(Aug 30, 2020)

  • 0.0.94(Aug 24, 2020)

    Overview of changes

    • Add contribution guidelines
    • Add fedora-toolbox image definition for Fedora 34
    • Add more information to errors from creating symbolic links when setting up the toolbox container in the entry point
    • Ensure binaries built on Fedora 33 run on Fedoras 32 & 31
    • Install the tests
    • Make it more obvious when falling back to /bin/bash
    • Document that sudo(8) should work without a password
    • Mount a tmpfs at /tmp to match the host
    • Update issue templates
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.94.tar.xz(5.57 MB)
    toolbox-0.0.94.tar.xz.sha256sum(87 bytes)
  • 0.0.93(Jul 24, 2020)

    Overview of changes

    • Ensure reproducible builds by using the -trimpath build flag
    • Fix the test suite to work with the Go implementation
    • Make listing of containers and images more robust against changes in the JSON returned by Podman
    • List out dependencies and installation instructions
    • Re-enable highlighting of running containers
    • Show the spinner only when connected to a terminal
    • Speed things up by caching the Podman version at runtime
    • Update hint after creating a container to use the new syntax
    • Use the correct verb format for string
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.93.tar.xz(5.56 MB)
    toolbox-0.0.93.tar.xz.sha256sum(87 bytes)
  • 0.0.92(Jul 3, 2020)

  • 0.0.91(Jun 27, 2020)

  • 0.0.90(May 14, 2020)

    Overview of changes

    • Rewrite Toolbox in Go
    • Remove support for toolbox containers created by Toolbox 0.0.9 and older
    • Add option --version to show current Toolbox version
    • Add options --log-level and --log-podman as possible future replacements for --verbose and --very-verbose
    • Clean up the spinner when aborted by SIGINT (or ctrl+c) and such
    • Fix duplication in the output of the list command
    • Mark the reset command as deprecated (replaced by 'podman system reset')
    • Support specifying the name of a toolbox container as an argument to the create and enter commands, in addition to the --container option
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.90.tar.xz(5.57 MB)
    toolbox-0.0.90.tar.xz.sha256sum(87 bytes)
  • 0.0.18(Jan 14, 2020)

  • 0.0.17(Nov 20, 2019)

  • 0.0.16(Oct 29, 2019)

    Overview of changes

    • Add a reset command
    • Document requirements for distro support
    • Don't use a toolbox container until after it has been configured
    • Drop the coloured heading from 'list'
    • Miscellaneous fixes to Bash completion
    • Remove the hidden --sudo option and the /etc/sudoers.d snippet
    • Try to migrate to a supported OCI runtime if 'podman start' suggests so
    • Unbreak 'run' if container lacks files that are redirected to the host
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.16.tar.xz(5.54 MB)
    toolbox-0.0.16.tar.xz.sha256sum(87 bytes)
  • 0.0.15(Sep 30, 2019)

    Overview of changes

    • Be forgiving of a missing /etc/profile.d/ in 'run'
    • Don't sanity check /etc/subgid and /etc/subuid when running as root
    • Install only flatpak-spawn, not the rest of flatpak-xdg-utils, in the images
    • Let the terminal know the active container only on some Fedora variants
    • Rely on 'podman system migrate' always being present
    • Simplify code by dropping compatibility with 'podman create' < 1.4.0
    • Switch to using /usr/lib/os-release instead of /etc/os-release
    • Unbreak 'create' on Silverblue
    • Update default release to 30 when running on non-fedora hosts
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.15.tar.xz(5.54 MB)
    toolbox-0.0.15.tar.xz.sha256sum(87 bytes)
  • 0.0.14(Sep 18, 2019)

    Overview of changes

    • Adjust the grep match pattern to be more specific
    • Don't exit with a non-zero code from 'toolbox list -i'
    • Expose a few more host locations inside the container under /run/host
    • Give access to the system Flatpak directory
    • Give access to the system libvirt instance
    • Mount /run/media only if it is available
    • Preserve the host's ulimits when creating toolbox containers
    • Work around 'podman exec' resetting the terminal size to 80x24
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.14.tar.xz(5.54 MB)
    toolbox-0.0.14.tar.xz.sha256sum(87 bytes)
  • 0.0.13(Sep 5, 2019)

  • 0.0.12(Jul 22, 2019)

  • 0.0.11(Jun 21, 2019)

    Overview of changes

    • Allow Qt applications to work without QT_X11_NO_MITSHM
    • Check if /etc/subgid and /etc/subuid have entries for the user
    • Give access to the entire /dev from the host operating system
    • Keep /etc/host.conf, /etc/localtime and /etc/timezone synchronized with the host
    • Notify the terminal about the current toolbox container in use
    • Prevent Podman from complaining about 'podman cp --pause=true ...'
    • Unbreak rendering & wrapping of commands typed at an interactive prompt
    • Unbreak setting up /home as a symbolic link
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.11.tar.xz(5.53 MB)
    toolbox-0.0.11.tar.xz.sha256sum(87 bytes)
  • 0.0.10(May 21, 2019)

    Overview of changes

    • Add a run command
    • Create /run/.toolboxenv in 'toolbox enter' for identification
    • Drop the Buildah dependency and the user-specific customized image
    • Keep /etc/hosts and /etc/resolv.conf synchronized with the host
    • Migrate existing containers when Podman is updated
    • Retain the PS1 across su(1) and sudo(8)
    • Set the Kerberos credential cache type only if Kerberos is available
    • Support column(1) from bsdmainutils
    • Support 'sudo' as default sudo(8) group
    • Use a magenta hexagon instead of 🔹 in the PS1
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.10.tar.xz(5.53 MB)
    toolbox-0.0.10.tar.xz.sha256sum(87 bytes)
  • 0.0.9(Apr 30, 2019)

    Overview of changes

    • Add Bash completion
    • Allow connecting to Wayland displays other than "wayland-0"
    • Ask for confirmation before downloading the base image
    • Improve the onboarding experience
    • Make it available inside the toolbox container
    • Make 'toolbox enter' create or fall back to a container when possible
    • Set TOOLBOX_CONTAINER in the environment to identify as a toolbox
    • Set default release to 29 when running on non-fedora hosts
    • Show welcome texts on interactive shells
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.9.tar.xz(5.53 MB)
    toolbox-0.0.9.tar.xz.sha256sum(86 bytes)
  • 0.0.8(Apr 12, 2019)

    Overview of changes

    • Add label for tagging, not tied to the fedora-toolbox name
    • Add short variants for various options in 'create' and 'enter'
    • Ensure that names of toolbox containers don't have a colon
    • Enable Travis
    • Fix miscellaneous issues pointed out by
    • Give access to Kerberos if KCM credential caches are being used
    • Improve the onboarding experience
    • Reduce the sizes of the images by removing temporary files created by DNF
    • Use a lighter entry point than /bin/sh
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.8.tar.xz(5.53 MB)
    toolbox-0.0.8.tar.xz.sha256sum(86 bytes)
  • 0.0.7(Mar 14, 2019)

    Overview of changes

    • Add fedora-toolbox image definition for Fedora 31
    • Add flatpak-xdg-utils to Fedoras 29 and 30
    • Add manuals
    • Add rm and rmi commands
    • Be more informative when creating the working container
    • Clarify the error message if the toolbox container is not found
    • Don't create volumes in the image for bind mounts from the host
    • Fix miscellaneous issues pointed out by
    • Give access to /dev/bus for control transfers from USB devices
    • Give access to removable devices and other temporary mounts
    • Lots of Bash-isms removed for POSIX correctness
    • Make the --image flag override the base toolbox image, as documented
    • Make the spinner more efficient
    • Restore documentation removed from the base Fedora images
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.7.tar.xz(14.53 KB)
    toolbox-0.0.7.tar.xz.sha256sum(86 bytes)
  • 0.0.6(Feb 21, 2019)

    Overview of changes

    • Add a list command
    • Drop the "fedora" prefix and rename the project as just "toolbox"
    • Fix typos pointed out by
    • Lots of Bash-isms removed for POSIX correctness
    • Make --container and --image command-specific options
    • Make it work inside the toolbox container itself
    • Shorten the prefix for debug and error messages
    • Use the host's PID namespace for the toolbox container
    • Use the standard error output for error messages
    Source code(tar.gz)
    Source code(zip)
    toolbox-0.0.6.tar.xz(10.10 KB)
    toolbox-0.0.6.tar.xz.sha256sum(86 bytes)
  • 0.0.5(Feb 11, 2019)

  • 0.0.4(Jan 21, 2019)

  • 0.0.3(Jan 4, 2019)

Open Repository for Container Tools
A command line tool that builds and (re)starts your web application everytime you save a Go or template fileA command line tool that builds and (re)starts your web application everytime you save a Go or template file

# Fresh Fresh is a command line tool that builds and (re)starts your web application everytime you save a Go or template file. If the web framework yo

null 0 Nov 22, 2021
An open-source GitLab command line tool bringing GitLab's cool features to your command line

GLab is an open source GitLab CLI tool bringing GitLab to your terminal next to where you are already working with git and your code without switching

Clement Sam 2.1k Dec 30, 2022
A command line tool to prompt for a value to be included in another command line.

readval is a command line tool which is designed for one specific purpose—to prompt for a value to be included in another command line. readval prints

Venky 0 Dec 22, 2021
A twitch focused command line tool for producing, archiving and managing live stream content. Built for Linux.

twinx is a live-streaming command line tool for Linux. It connects streaming services (like Twitch, OBS and YouTube) together via a common title and description.

Kris Nóva 26 Oct 17, 2022
A tool to enumerate all the command-line arguments used to start a Linux process written in Go.

ranwith A tool to enumerate all the command-line arguments used to start a Linux process written in Go. ranwith uses the Linux /proc directory to obta

Alexis Rodriguez 3 Jun 30, 2022
Command-line tool to customize the official Spotify client. Supports Windows, MacOS and Linux.

Command-line tool to customize the official Spotify client. Supports Windows, MacOS and Linux. Features Change colors whole UI Inject CSS for advanced

null 13.1k Jan 2, 2023
Procmon is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows. Procmon provides a convenient and efficient way for Linux developers to trace the syscall activity on the system.

Process Monitor for Linux (Preview) Process Monitor (Procmon) is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools

Windows Sysinternals 3.5k Dec 29, 2022
git-xargs is a command-line tool (CLI) for making updates across multiple Github repositories with a single command.

Table of contents Introduction Reference Contributing Introduction Overview git-xargs is a command-line tool (CLI) for making updates across multiple

Gruntwork 713 Dec 31, 2022
git-xargs is a command-line tool (CLI) for making updates across multiple GitHub repositories with a single command

git-xargs is a command-line tool (CLI) for making updates across multiple GitHub repositories with a single command. You give git-xargs:

Maxar Infrastructure 1 Feb 5, 2022
A command line tool for simplified docker volume command built with go

dockervol A command line tool for simplified docker volume command built with go. Features: Remove anonymous volume (beta) Remove volume by matching n

Moh Achun Armando 0 Dec 18, 2021
Conda-boxes - A Kubernetes Controller CLI to manage Conda environments as volumes or Boxes

conda-boxes A Kubernetes Controller CLI to manage Conda environments as volumes

Jon Velando 1 Mar 20, 2022
Dev-spaces - A CLI to help creating development environments using AWS Spot Instances

This is a CLI to help creating on-demand development spaces using EC2 Spot Intances.

Felipe Marinho 11 Nov 9, 2022
fofax is a fofa query tool written in go, positioned as a command-line tool and characterized by simplicity and speed.

fofaX 0x00 Introduction fofax is a fofa query tool written in go, positioned as

null 516 Jan 8, 2023
Go package to make lightweight ASCII line graph ╭┈╯ in command line apps with no other dependencies.

asciigraph Go package to make lightweight ASCII line graphs ╭┈╯. Installation go get Usage Basic graph package main

Rohit Gupta 2.1k Jan 8, 2023
Package command provide simple API to create modern command-line interface

Package command Package command provide simple API to create modern command-line interface, mainly for lightweight usage, inspired by cobra Usage pack

chenen 0 Jan 16, 2022
Watcher - A simple command line app to watch files in a directory for changes and run a command when files change!

Watcher - Develop your programs easily Watcher watches all the files present in the directory it is run from of the directory that is specified while

Geet Sethi 1 Mar 27, 2022
Arduino command line tool

arduino-cli Arduino CLI is an all-in-one solution that provides builder, Boards/Library Manager, uploader, discovery and many other tools needed to us

Arduino 3.7k Jan 7, 2023
Command line tool for Google Cloud Datastore, written in Go

dsio dsio is a command line tool for Google Cloud Datastore. This tool is under development. Please use in your own risk. Features Bulk upsert entitie

Shinichi Nishimura 66 Feb 8, 2022
A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy.

Fake-SMS A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a pr

Narasimha Prasanna HN 754 Dec 31, 2022