~michel-slm/dpkgs-distrobox

13ec09d1f85155dff9e048f756d0731f8687a9e3 — Michel Alexandre Salim 5 months ago upstream upstream/1.2.15
Import Upstream version 1.2.15
A  => .github/ISSUE_TEMPLATE/bug_report.md +28 -0
@@ 1,28 @@
---
name: Bug report
about: Create a report to help us improve
title: "[Error]"
labels: bug
assignees: ''

---

**Describe the bug**
A clear and concise description of what the bug is.

**To Reproduce**
Steps to reproduce the behavior

**Expected behavior**
A clear and concise description of what you expected to happen.

**Logs**
Run the commands with `--verbose` and post the log here as a file upload
Attach also the output of `podman logs` or `docker logs`, possibly with `--latest` flag

**Desktop (please complete the following information):**
 - OS: [e.g. iOS]
 - Version [e.g. 22]

**Additional context**
Add any other context about the problem here.

A  => .github/ISSUE_TEMPLATE/discussion-issue-template.md +20 -0
@@ 1,20 @@
---
name: Discussion issue template
about: Describe this issue template's purpose here.
title: "[Discussion]"
labels: question
assignees: ''

---

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

A  => .github/ISSUE_TEMPLATE/feature_request.md +20 -0
@@ 1,20 @@
---
name: Feature request
about: Suggest an idea for this project
title: "[Suggestion]"
labels: enhancement
assignees: ''

---

**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

**Describe the solution you'd like**
A clear and concise description of what you want to happen.

**Describe alternatives you've considered**
A clear and concise description of any alternative solutions or features you've considered.

**Additional context**
Add any other context or screenshots about the feature request here.

A  => .github/workflows/compatibility.yml +179 -0
@@ 1,179 @@
---
# This is a basic workflow to help you get started with Actions

name: CI

# Controls when the workflow will run
on:
  # Triggers the workflow on push or pull request events but only for the master branch
  push:
    branches: [main]
  pull_request:
    branches: [main]
    types: [opened, synchronize, ready_for_review, edited]

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:

# Prepare distros matrix
jobs:
  setup:
    runs-on: ubuntu-latest
    outputs:
      targets: ${{ steps.set-matrix.outputs.targets }}
    steps:

      - uses: actions/checkout@v2

      # Fetch from compatibility table all the distros supported
      - id: set-matrix
        run: |
            echo "::set-output name=targets::$(grep -E 'docker.io|quay.io|ghcr|registry.|ecr.' docs/compatibility.md |
              cut -d'|' -f 4 |
              sed 's/<br>/\n/g' |
              tr -d ' ' |
              tail -n +2 |
              jq -R -s -c 'split("\n")[:-1]')"

  run:

    runs-on: ubuntu-latest
    needs: setup
    strategy:
      fail-fast: false
      max-parallel: 8
      matrix:
        distribution: ${{fromJSON(needs.setup.outputs.targets)}}
        container_manager: ["podman", "docker"]
    env:
      DBX_CONTAINER_MANAGER: ${{ matrix.container_manager }}

    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
      - uses: actions/checkout@v2

      # Ensure distrobox create works:
      - name: Distrobox create
        shell: 'script -q -e -c "bash {0}"'
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          ${DBX_CONTAINER_MANAGER} pull "${image}"
          case "${container_name}" in
            *init*)
              echo "SYSTEMD DETECTED: creating container with --init..."
              ./distrobox create --yes -i "${image}" --name "${container_name}" --init
              ;;
            *)
              ./distrobox create --yes -i "${image}" --name "${container_name}"
              ;;
          esac

      # Ensure distrobox enter and init works:
      - name: Distrobox enter - init
        shell: 'script -q -e -c "bash {0}"'
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          ./distrobox enter --name "${container_name}" -- whoami
          # Temporary disable systemd init on github runners, it seems to be incompatible
          # with runner services:
          #   Failed to create /system.slice/runner-provisioner.service/init.scope control group: Permission denied
          # works fine otherwise.
          # case "${container_name}" in
          #   *init*)
          #     echo "SYSTEMD DETECTED: performing systemctl check..."
          #     ./distrobox enter --name "${container_name}" -- systemctl status --no-pager
          #     ;;
          #   *)
          #     ./distrobox enter --name "${container_name}" -- whoami
          #     ;;
          # esac

      # Ensure distrobox enter and init works:
      - name: Distrobox enter - user
        shell: 'script -q -e -c "bash {0}"'
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          # Assert that distrobox exported binary indeed works
          set -x
          command_output="$(./distrobox enter --name "${container_name}" -- whoami | tr -d '\r' | tr -d '^@')"
          expected_output="$(whoami)"
          if [ "$command_output" != "$expected_output" ]; then
            exit 1
          fi

      # Ensure distrobox enter and init works:
      - name: Distrobox enter - command
        shell: 'script -q -e -c "bash {0}"'
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          # Assert that distrobox exported binary indeed works
          set -x
          command_output="$(./distrobox enter --name "${container_name}" -- uname -n | tr -d '\r' | tr -d '^@')"
          expected_output="${container_name}.$(uname -n)"
          if [ "$command_output" != "$expected_output" ]; then
            exit 1
          fi

      # Ensure distrobox export works:
      - name: Distrobox export
        shell: 'script -q -e -c "bash {0}"'
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          ./distrobox enter "${container_name}" -- distrobox-export --bin /bin/uname --export-path ${HOME}/
          # Assert that distrobox exported binary indeed works
          set -x
          command_output="$(${HOME}/uname -n | tr -d '\r' | tr -d '^@')"
          expected_output="${container_name}.$(uname -n)"
          if [ "$command_output" != "$expected_output" ]; then
            exit 1
          fi

      # Ensure distrobox export works:
      - name: Distrobox export - sudo
        shell: 'script -q -e -c "bash {0}"'
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          ./distrobox enter "${container_name}" -- distrobox-export --sudo --bin /bin/uname --export-path ${HOME}/
          # Assert that distrobox exported binary indeed works
          set -x
          command_output="$(${HOME}/uname -n | tr -d '\r' | tr -d '^@')"
          expected_output="${container_name}.$(uname -n)"
          if [ "$command_output" != "$expected_output" ]; then
            exit 1
          fi

      # Ensure distrobox list works:
      - name: Distrobox list
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          ./distrobox list | grep "${container_name}" | grep "${image}" | grep -E "Up|running"

      # Ensure distrobox stop works:
      - name: Distrobox stop
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          ./distrobox stop --yes "${container_name}"

      # Ensure distrobox rm works:
      - name: Distrobox logs on failure
        if: ${{ failure() }}
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          $DBX_CONTAINER_MANAGER logs "${container_name}"

      # Ensure distrobox rm works:
      - name: Distrobox rm
        if: ${{ always() }}
        run: |
          image=${{ matrix.distribution }}
          container_name="$(basename "${image}" | sed -E 's/[:.]/-/g')"
          ./distrobox rm --force --name "${container_name}"

A  => .github/workflows/main.yml +111 -0
@@ 1,111 @@
# This is a basic workflow to help you get started with Actions

name: Lint

# Controls when the workflow will run
on:
  # Triggers the workflow on push or pull request events but only for the main branch
  push:
    branches: [main]
  pull_request:
    branches: [main]
    types: [opened, synchronize, ready_for_review, edited]

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:

jobs:
  dash:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      - name: Run dash -n
        run: |
          result=0
          for file in $(find . -type f -not -path "*.git*"); do
            if file "$file" | grep -qi shell; then
              echo "### Checking file $file..."
              dash -n $file
              result=$(( result + $? ))
            fi
          done
          exit $result

  shfmt:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      - name: Run shfmt
        run: |
          result=0
          podman pull docker.io/peterdavehello/shfmt:latest
          for file in $(find . -type f -not -path "*.git*"); do
            if file "$file" | grep -qi shell; then
              echo "### Checking file $file..."
              podman run --rm -v "$PWD:/mnt" docker.io/peterdavehello/shfmt:latest shfmt -d -s -ci -sr -kp /mnt/$file
              result=$(( result + $? ))
            fi
          done
          exit $result


  shellcheck:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      # Exclude from bashate the following rules:
      #   - SC2310 we don't want to exit if errors happen inside a check, that's why we have a check...
      #   - SC2311 don't care if we inherit errexit inside substitutions, we do checks for that.
      #   - SC2312 we already check errors and adding "|| true" everywhere hinders readability.
      - name: Run shellcheck
        run: |
          result=0
          podman pull docker.io/koalaman/shellcheck:stable
          for file in $(find . -type f -not -path "*.git*"); do
            if file "$file" | grep -qi shell; then
              echo "### Checking file $file..."
              podman run --rm -v "$PWD:/mnt" docker.io/koalaman/shellcheck:stable -s sh -a -o all -Sstyle -Calways -x -e SC2310,SC2311,SC2312  $file
              result=$(( result + $? ))
            fi
          done
          exit $result

  bashate:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      # Exclude from bashate the following rules:
      #   - E002 we use tab indentation as suggested by shfmt.
      #   - E003 we use tab indentation as suggested by shfmt.
      #   - E010 for readability allow if/then and for/do to be on different lines.
      #   - E011 for readability allow if/then and for/do to be on different lines.
      - name: Run bashate
        run: |
          sudo pip3 install -U bashate
          for file in $(find . -type f -not -path "*.git*"); do
            if file "$file" | grep -qi shell; then
              echo "### Checking file $file..."
               bashate -i E002,E003,E010,E011 --max-line-length 120 $file
              result=$(( result + $? ))
            fi
          done
          exit $result

  markdownlint:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      - name: Run markdownlint
        run: |
          sudo npm install -g markdownlint-cli
          markdownlint $(find . -name '*.md' | grep -vF './.git')

A  => .gitignore +1 -0
@@ 1,1 @@
tags

A  => .markdownlint.yaml +9 -0
@@ 1,9 @@
---
MD013:
  line_length: 120
  code_blocks: false
  tables: false
  headings: false
  headers: false
MD033: false
MD041: false

A  => CODE_OF_CONDUCT.md +9 -0
@@ 1,9 @@
# Code of Conduct

Let's just all be nice to each other and ourselves. Do we really need this?

Just follow them:

![wholesome](https://i.kym-cdn.com/photos/images/newsfeed/001/407/983/841.jpg)

## Let's just all be wholesome to each other please

A  => CONTRIBUTING.md +98 -0
@@ 1,98 @@
# Contributing to Distrobox

We greatly appreciate your input! We want to make contributing to this project
as easy and transparent as possible, whether it's:

- Reporting a bug
- Discussing the current state of the code
- Submitting a fix
- Proposing new features

## Creating a Pull Requests

Pull requests are the best way to propose changes to the codebase
We actively welcome your pull requests:

1. Fork the repo and create your branch from `main`.
2. If you've added code that should be tested, add tests.
3. If you've changed APIs, update the documentation.
4. Ensure the test suite passes.
5. Make sure your code lints.
6. Issue that pull request!

## Any contributions you make will be under the GPLv3 Software License

In short, when you submit code changes, your submissions are understood to be
under the same [GPLv3 License](https://choosealicense.com/licenses/gpl-3.0/) that
covers the project.
Feel free to contact the maintainers if that's a concern.

## Suggestions

Suggestions are welcome, be sure:

- it is not already being discussed in the [issue tracker](https://github.com/89luca89/distrobox/issues)
  - If it has and is marked as OPEN, go ahead and share your own
    thoughts about the topic!
  - If it has and is marked as CLOSED, please read the ticket and depending on
    whether the suggestion was accepted or not consider if it is worth opening
    a new issue or not.
- Consider if the suggestion is not too out of scope of the project.
- Mark them with a [Suggestion] in the title

## Report bugs using Github's [issues](https://github.com/89luca89/distrobox/issues)

We use GitHub issues to track public bugs.
Report a bug by
[opening a new issue](https://github.com/89luca89/distrobox/issues); it's that easy!

### Write bug reports with detail, background, and sample code

**A good bug report** should have:

- Check that the bug is not already discussed in the [issue tracker](https://github.com/89luca89/distrobox/issues)
- See our [documentation](https://github.com/89luca89/distrobox/tree/main/docs)
  if there are some steps that could help you solve your issue
- Mark them with an [Error] in the title
- A quick summary and/or background
- Steps to reproduce
  - Be specific!
  - Provide logs (terminal output, runs with verbose mode)
- What you expected would happen
- What actually happens
- Notes (possibly including why you think this might be happening, or stuff you
  tried that didn't work)

## Use a Consistent Coding Style

- use `shellcheck` to check for posix compliance and bashisms using:
  - `shellcheck -s sh -o all -Cnever -Sstyle -a -f gcc -x`
  - install from: [HERE](https://github.com/koalaman/shellcheck)
    following [this](https://github.com/koalaman/shellcheck#installing)
- use `shfmt` to style the code using:
  - `shfmt -s`
  - install from [HERE](https://github.com/mvdan/sh) using `go install mvdan.cc/sh/v3/cmd/shfmt@latest`
- Legibility of the code is more important than code golfing, try to be
  expressive in the code
- Error checking is important! Ensure to LBYL (Look Before You Leap), check for
  variables and for code success exit codes
- Don't hesitate to comment your code! We're placing high importance on this to
  maintain the code readable and understandeable
- Update documentation to reflect your changes - Manual pages can be found in
  directory `docs`

If you are using Visual Studio Code, there are [plugins](https://marketplace.visualstudio.com/items?itemName=timonwong.shellcheck)
that include all this functionality and throw a warning if you're doing
something wrong.
If you are using Vim or Emacs there are plenty of linters and checkers that will
integrate with the 2 tools listed above.

## License

By contributing, you agree that your contributions will be licensed under
its GPLv3 License.

## References

This document was adapted from the open-source contribution guidelines
for [Facebook's Draft](https://github.com/facebook/draft-js/blob/a9316a723f9e918afde44dea68b5f9f39b7d9b00/CONTRIBUTING.md)

A  => COPYING.md +675 -0
@@ 1,675 @@
# GNU GENERAL PUBLIC LICENSE

Version 3, 29 June 2007

Copyright (C) 2007 Free Software Foundation, Inc.
<https://fsf.org/>

Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.

## Preamble

The GNU General Public License is a free, copyleft license for
software and other kinds of works.

The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom
to share and change all versions of a program--to make sure it remains
free software for all its users. We, the Free Software Foundation, use
the GNU General Public License for most of our software; it applies
also to any other work released this way by its authors. You can apply
it to your programs, too.

When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.

To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you
have certain responsibilities if you distribute copies of the
software, or if you modify it: responsibilities to respect the freedom
of others.

For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.

Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.

For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.

Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the
manufacturer can do so. This is fundamentally incompatible with the
aim of protecting users' freedom to change the software. The
systematic pattern of such abuse occurs in the area of products for
individuals to use, which is precisely where it is most unacceptable.
Therefore, we have designed this version of the GPL to prohibit the
practice for those products. If such problems arise substantially in
other domains, we stand ready to extend this provision to those
domains in future versions of the GPL, as needed to protect the
freedom of users.

Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish
to avoid the special danger that patents applied to a free program
could make it effectively proprietary. To prevent this, the GPL
assures that patents cannot be used to render the program non-free.

The precise terms and conditions for copying, distribution and
modification follow.

### TERMS AND CONDITIONS

#### 0. Definitions

"This License" refers to version 3 of the GNU General Public License.

"Copyright" also means copyright-like laws that apply to other kinds
of works, such as semiconductor masks.

"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.

To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of
an exact copy. The resulting work is called a "modified version" of
the earlier work or a work "based on" the earlier work.

A "covered work" means either the unmodified Program or a work based
on the Program.

To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.

To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user
through a computer network, with no transfer of a copy, is not
conveying.

An interactive user interface displays "Appropriate Legal Notices" to
the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.

#### 1. Source Code

The "source code" for a work means the preferred form of the work for
making modifications to it. "Object code" means any non-source form of
a work.

A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.

The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.

The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.

The Corresponding Source need not include anything that users can
regenerate automatically from other parts of the Corresponding Source.

The Corresponding Source for a work in source code form is that same
work.

#### 2. Basic Permissions

All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.

You may make, run and propagate covered works that you do not convey,
without conditions so long as your license otherwise remains in force.
You may convey covered works to others for the sole purpose of having
them make modifications exclusively for you, or provide you with
facilities for running those works, provided that you comply with the
terms of this License in conveying all material for which you do not
control copyright. Those thus making or running the covered works for
you must do so exclusively on your behalf, under your direction and
control, on terms that prohibit them from making any copies of your
copyrighted material outside their relationship with you.

Conveying under any other circumstances is permitted solely under the
conditions stated below. Sublicensing is not allowed; section 10 makes
it unnecessary.

#### 3. Protecting Users' Legal Rights From Anti-Circumvention Law

No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.

When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such
circumvention is effected by exercising rights under this License with
respect to the covered work, and you disclaim any intention to limit
operation or modification of the work as a means of enforcing, against
the work's users, your or third parties' legal rights to forbid
circumvention of technological measures.

#### 4. Conveying Verbatim Copies

You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.

You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.

#### 5. Conveying Modified Source Versions

You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these
conditions:

- a) The work must carry prominent notices stating that you modified
    it, and giving a relevant date.
- b) The work must carry prominent notices stating that it is
    released under this License and any conditions added under
    section 7. This requirement modifies the requirement in section 4
    to "keep intact all notices".
- c) You must license the entire work, as a whole, under this
    License to anyone who comes into possession of a copy. This
    License will therefore apply, along with any applicable section 7
    additional terms, to the whole of the work, and all its parts,
    regardless of how they are packaged. This License gives no
    permission to license the work in any other way, but it does not
    invalidate such permission if you have separately received it.
- d) If the work has interactive user interfaces, each must display
    Appropriate Legal Notices; however, if the Program has interactive
    interfaces that do not display Appropriate Legal Notices, your
    work need not make them do so.

A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.

#### 6. Conveying Non-Source Forms

You may convey a covered work in object code form under the terms of
sections 4 and 5, provided that you also convey the machine-readable
Corresponding Source under the terms of this License, in one of these
ways:

- a) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by the
    Corresponding Source fixed on a durable physical medium
    customarily used for software interchange.
- b) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by a
    written offer, valid for at least three years and valid for as
    long as you offer spare parts or customer support for that product
    model, to give anyone who possesses the object code either (1) a
    copy of the Corresponding Source for all the software in the
    product that is covered by this License, on a durable physical
    medium customarily used for software interchange, for a price no
    more than your reasonable cost of physically performing this
    conveying of source, or (2) access to copy the Corresponding
    Source from a network server at no charge.
- c) Convey individual copies of the object code with a copy of the
    written offer to provide the Corresponding Source. This
    alternative is allowed only occasionally and noncommercially, and
    only if you received the object code with such an offer, in accord
    with subsection 6b.
- d) Convey the object code by offering access from a designated
    place (gratis or for a charge), and offer equivalent access to the
    Corresponding Source in the same way through the same place at no
    further charge. You need not require recipients to copy the
    Corresponding Source along with the object code. If the place to
    copy the object code is a network server, the Corresponding Source
    may be on a different server (operated by you or a third party)
    that supports equivalent copying facilities, provided you maintain
    clear directions next to the object code saying where to find the
    Corresponding Source. Regardless of what server hosts the
    Corresponding Source, you remain obligated to ensure that it is
    available for as long as needed to satisfy these requirements.
- e) Convey the object code using peer-to-peer transmission,
    provided you inform other peers where the object code and
    Corresponding Source of the work are being offered to the general
    public at no charge under subsection 6d.

A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.

A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal,
family, or household purposes, or (2) anything designed or sold for
incorporation into a dwelling. In determining whether a product is a
consumer product, doubtful cases shall be resolved in favor of
coverage. For a particular product received by a particular user,
"normally used" refers to a typical or common use of that class of
product, regardless of the status of the particular user or of the way
in which the particular user actually uses, or expects or is expected
to use, the product. A product is a consumer product regardless of
whether the product has substantial commercial, industrial or
non-consumer uses, unless such uses represent the only significant
mode of use of the product.

"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to
install and execute modified versions of a covered work in that User
Product from a modified version of its Corresponding Source. The
information must suffice to ensure that the continued functioning of
the modified object code is in no case prevented or interfered with
solely because modification has been made.

If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).

The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or
updates for a work that has been modified or installed by the
recipient, or for the User Product in which it has been modified or
installed. Access to a network may be denied when the modification
itself materially and adversely affects the operation of the network
or violates the rules and protocols for communication across the
network.

Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.

#### 7. Additional Terms

"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.

When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.

Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders
of that material) supplement the terms of this License with terms:

- a) Disclaiming warranty or limiting liability differently from the
    terms of sections 15 and 16 of this License; or
- b) Requiring preservation of specified reasonable legal notices or
    author attributions in that material or in the Appropriate Legal
    Notices displayed by works containing it; or
- c) Prohibiting misrepresentation of the origin of that material,
    or requiring that modified versions of such material be marked in
    reasonable ways as different from the original version; or
- d) Limiting the use for publicity purposes of names of licensors
    or authors of the material; or
- e) Declining to grant rights under trademark law for use of some
    trade names, trademarks, or service marks; or
- f) Requiring indemnification of licensors and authors of that
    material by anyone who conveys the material (or modified versions
    of it) with contractual assumptions of liability to the recipient,
    for any liability that these contractual assumptions directly
    impose on those licensors and authors.

All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.

If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.

Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions; the
above requirements apply either way.

#### 8. Termination

You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).

However, if you cease all violation of this License, then your license
from a particular copyright holder is reinstated (a) provisionally,
unless and until the copyright holder explicitly and finally
terminates your license, and (b) permanently, if the copyright holder
fails to notify you of the violation by some reasonable means prior to
60 days after the cessation.

Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.

Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.

#### 9. Acceptance Not Required for Having Copies

You are not required to accept this License in order to receive or run
a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.

#### 10. Automatic Licensing of Downstream Recipients

Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.

An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.

You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.

#### 11. Patents

A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".

A contributor's "essential patent claims" are all patent claims owned
or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.

Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.

In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.

If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.

If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.

A patent license is "discriminatory" if it does not include within the
scope of its coverage, prohibits the exercise of, or is conditioned on
the non-exercise of one or more of the rights that are specifically
granted under this License. You may not convey a covered work if you
are a party to an arrangement with a third party that is in the
business of distributing software, under which you make payment to the
third party based on the extent of your activity of conveying the
work, and under which the third party grants, to any of the parties
who would receive the covered work from you, a discriminatory patent
license (a) in connection with copies of the covered work conveyed by
you (or copies made from those copies), or (b) primarily for and in
connection with specific products or compilations that contain the
covered work, unless you entered into that arrangement, or that patent
license was granted, prior to 28 March 2007.

Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.

#### 12. No Surrender of Others' Freedom

If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under
this License and any other pertinent obligations, then as a
consequence you may not convey it at all. For example, if you agree to
terms that obligate you to collect a royalty for further conveying
from those to whom you convey the Program, the only way you could
satisfy both those terms and this License would be to refrain entirely
from conveying the Program.

#### 13. Use with the GNU Affero General Public License

Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.

#### 14. Revised Versions of this License

The Free Software Foundation may publish revised and/or new versions
of the GNU General Public License from time to time. Such new versions
will be similar in spirit to the present version, but may differ in
detail to address new problems or concerns.

Each version is given a distinguishing version number. If the Program
specifies that a certain numbered version of the GNU General Public
License "or any later version" applies to it, you have the option of
following the terms and conditions either of that numbered version or
of any later version published by the Free Software Foundation. If the
Program does not specify a version number of the GNU General Public
License, you may choose any version ever published by the Free
Software Foundation.

If the Program specifies that a proxy can decide which future versions
of the GNU General Public License can be used, that proxy's public
statement of acceptance of a version permanently authorizes you to
choose that version for the Program.

Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.

#### 15. Disclaimer of Warranty

THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND
PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE
DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR
CORRECTION.

#### 16. Limitation of Liability

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR
CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT
NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM
TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER
PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

#### 17. Interpretation of Sections 15 and 16

If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.

END OF TERMS AND CONDITIONS

### How to Apply These Terms to Your New Programs

If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these
terms.

To do so, attach the following notices to the program. It is safest to
attach them to the start of each source file to most effectively state
the exclusion of warranty; and each file should have at least the
"copyright" line and a pointer to where the full notice is found.

        <one line to give the program's name and a brief idea of what it does.>
        Copyright (C) <year>  <name of author>

        This program is free software: you can redistribute it and/or modify
        it under the terms of the GNU General Public License as published by
        the Free Software Foundation, either version 3 of the License, or
        (at your option) any later version.

        This program is distributed in the hope that it will be useful,
        but WITHOUT ANY WARRANTY; without even the implied warranty of
        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
        GNU General Public License for more details.

        You should have received a copy of the GNU General Public License
        along with this program.  If not, see <https://www.gnu.org/licenses/>.

Also add information on how to contact you by electronic and paper
mail.

If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:

        <program>  Copyright (C) <year>  <name of author>
        This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
        This is free software, and you are welcome to redistribute it
        under certain conditions; type `show c' for details.

The hypothetical commands \`show w' and \`show c' should show the
appropriate parts of the General Public License. Of course, your
program's commands might be different; for a GUI interface, you would
use an "about box".

You should also get your employer (if you work as a programmer) or
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. For more information on this, and how to apply and follow
the GNU GPL, see <https://www.gnu.org/licenses/>.

The GNU General Public License does not permit incorporating your
program into proprietary programs. If your program is a subroutine
library, you may consider it more useful to permit linking proprietary
applications with the library. If this is what you want to do, use the
GNU Lesser General Public License instead of this License. But first,
please read <https://www.gnu.org/licenses/why-not-lgpl.html>.

A  => distrobox +101 -0
@@ 1,101 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-3.0-only
#
# This file is part of the distrobox project:
#    https://github.com/89luca89/distrobox
#
# Copyright (C) 2021 distrobox contributors
#
# distrobox is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 3
# as published by the Free Software Foundation.
#
# distrobox is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with distrobox; if not, see <http://www.gnu.org/licenses/>.

# POSIX
set -o errexit
set -o nounset

trap '[ "$?" -ne 0 ] && printf "\nAn error occurred\n"' EXIT

# Dont' run this command as sudo.
if [ "$(id -u)" -eq 0 ]; then
	printf >&2 "Running %s as sudo is not supported.\n" "${0}"
	printf >&2 "Please check the documentation on:\n"
	printf >&2 "\tman distrobox-compatibility\t"
	printf >&2 "or consult the documentation page on:\n"
	printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
	exit 1
fi

version="1.2.15"

# Print usage to stdout.
# Arguments:
#   None
# Outputs:
#   print usage with examples.
show_help() {
	cat << EOF
distrobox version: ${version}

Choose one of the available commands:
	create
	enter
	list
	stop
	rm
EOF
}

if [ $# -eq 0 ]; then
	show_help
	exit
fi

distrobox_path="$(dirname "${0}")"
distrobox_command="${1}"
shift

# Simple wrapper to the distrobox utilities.
# We just detect the 1st argument and launch the matching distrobox utility.
case "${distrobox_command}" in
	create)
		"${distrobox_path}"/distrobox-create "$@"
		;;
	enter)
		"${distrobox_path}"/distrobox-enter "$@"
		;;
	list)
		"${distrobox_path}"/distrobox-list "$@"
		;;
	stop)
		"${distrobox_path}"/distrobox-stop "$@"
		;;
	rm)
		"${distrobox_path}"/distrobox-rm "$@"
		;;
	-V | --version)
		printf "distrobox: %s\n" "${version}"
		exit 0
		;;
	help | --help | -h)
		if command -v man > /dev/null; then
			man distrobox
			exit 0
		fi
		show_help
		exit 0
		;;
	*) # Default case: If no more options then break out of the loop.
		printf >&2 "Error: invalid command\n"
		show_help
		exit 1
		;;
esac

A  => distrobox-create +584 -0
@@ 1,584 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-3.0-only
#
# This file is part of the distrobox project:
#    https://github.com/89luca89/distrobox
#
# Copyright (C) 2021 distrobox contributors
#
# distrobox is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 3
# as published by the Free Software Foundation.
#
# distrobox is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with distrobox; if not, see <http://www.gnu.org/licenses/>.

# POSIX
# Expected env variables:
#	HOME
#	USER
# Optional env variables:
#	DBX_CONTAINER_CUSTOM_HOME
#	DBX_CONTAINER_IMAGE
#	DBX_CONTAINER_MANAGER
#	DBX_CONTAINER_NAME
#	DBX_NON_INTERACTIVE

trap '[ "$?" -ne 0 ] && printf "\nAn error occurred\n"' EXIT

# Dont' run this command as sudo.
if [ "$(id -u)" -eq 0 ]; then
	printf >&2 "Running %s as sudo is not supported.\n" "${0}"
	printf >&2 "Please check the documentation on:\n"
	printf >&2 "\tman distrobox-compatibility\t"
	printf >&2 "or consult the documentation page on:\n"
	printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
	exit 1
fi

# Defaults
container_clone=""
container_image=""
container_image_default="registry.fedoraproject.org/fedora-toolbox:35"
container_init_hook=""
container_manager="autodetect"
container_manager_additional_flags=""
container_name=""
container_user_custom_home=""
container_user_gid="$(id -rg)"
container_user_home="${HOME:-"/"}"
container_user_name="${USER}"
container_user_uid="$(id -ru)"
non_interactive=0
# Use cd + dirname + pwd so that we do not have relative paths in mount points
# We're not using "realpath" here so that symlinks are not resolved this way
# "realpath" would break situations like Nix or similar symlink based package
# management.
distrobox_entrypoint_path="$(cd "$(dirname "${0}")" && pwd)/distrobox-init"
distrobox_export_path="$(cd "$(dirname "${0}")" && pwd)/distrobox-export"
# In case init or export are not in the same path as create, let's search
# in PATH for them.
[ ! -e "${distrobox_entrypoint_path}" ] && distrobox_entrypoint_path="$(command -v distrobox-init)"
[ ! -e "${distrobox_export_path}" ] && distrobox_export_path="$(command -v distrobox-export)"
dryrun=0
init=0
verbose=0
version="1.2.15"

# Source configuration files, this is done in an hierarchy so local files have
# priority over system defaults
# leave priority to environment variables.
config_files="
	/usr/share/distrobox/distrobox.conf
	/etc/distrobox/distrobox.conf
	${HOME}/.config/distrobox/distrobox.conf
	${HOME}/.distroboxrc
"
for config_file in ${config_files}; do
	# shellcheck disable=SC1090
	[ -e "${config_file}" ] && . "${config_file}"
done
[ -n "${DBX_CONTAINER_CUSTOM_HOME}" ] && container_user_custom_home="${DBX_CONTAINER_CUSTOM_HOME}"
[ -n "${DBX_CONTAINER_IMAGE}" ] && container_image="${DBX_CONTAINER_IMAGE}"
[ -n "${DBX_CONTAINER_MANAGER}" ] && container_manager="${DBX_CONTAINER_MANAGER}"
[ -n "${DBX_CONTAINER_NAME}" ] && container_name="${DBX_CONTAINER_NAME}"
[ -n "${DBX_NON_INTERACTIVE}" ] && non_interactive="${DBX_NON_INTERACTIVE}"

# Print usage to stdout.
# Arguments:
#   None
# Outputs:
#   print usage with examples.
show_help() {
	cat << EOF
distrobox version: ${version}

Usage:

	distrobox-create --image registry.fedoraproject.org/fedora-toolbox:35 --name fedora-toolbox-35
	distrobox-create --clone fedora-toolbox-35 --name fedora-toolbox-35-copy
	distrobox-create --image alpine my-alpine-container
	distrobox create --image fedora:35 --name test --volume /opt/my-dir:/usr/local/my-dir:rw --additional-flags "--pids-limit -1"
	distrobox create --image fedora:35 --name test --additional-flags "--env MY_VAR-value"
	distrobox create --image alpine:latest --name test --init-hooks "touch /var/tmp/test1 && touch /var/tmp/test2"
	distrobox create -i docker.io/almalinux/8-init --init --name test

	DBX_NON_INTERACTIVE=1 DBX_CONTAINER_NAME=test-alpine DBX_CONTAINER_IMAGE=alpine distrobox-create

Options:

	--image/-i:		image to use for the container	default: registry.fedoraproject.org/fedora-toolbox:35
	--name/-n:		name for the distrobox		default: fedora-toolbox-35
	--yes/-Y:	non-interactive, pull images without asking
	--clone/-c:		name of the distrobox container to use as base for a new container
				this will be useful to either rename an existing distrobox or have multiple copies
				of the same environment.
	--home/-H		select a custom HOME directory for the container. Useful to avoid host's home littering with temp files.
	--volume		additional volumes to add to the container
	--additional-flags/-a:	additional flags to pass to the container manager command
	--init-hooks		additional commands to execute during container initialization
	--init/-I		use init system (like systemd) inside the container.
				this will make host's processes not visible from within the container.
	--help/-h:		show this message
	--dry-run/-d:		only print the container manager command generated
	--verbose/-v:		show more verbosity
	--version/-V:		show version

Compatibility:

	for a list of compatible images and container managers, please consult the man page:
		man distrobox-compatibility
	or consult the documentation page on: https://github.com/89luca89/distrobox/blob/main/docs/compatibility.md
EOF
}

# Parse arguments
while :; do
	case $1 in
		-h | --help)
			# Call a "show_help" function to display a synopsis, then exit.
			show_help
			exit 0
			;;
		-v | --verbose)
			verbose=1
			shift
			;;
		-V | --version)
			printf "distrobox: %s\n" "${version}"
			exit 0
			;;
		-d | --dry-run)
			shift
			dryrun=1
			;;
		-I | --init)
			shift
			init=1
			;;
		-i | --image)
			if [ -n "$2" ]; then
				container_image="$2"
				shift
				shift
			fi
			;;
		-n | --name)
			if [ -n "$2" ]; then
				container_name="$2"
				shift
				shift
			fi
			;;
		-c | --clone)
			if [ -n "$2" ]; then
				container_clone="$2"
				shift
				shift
			fi
			;;
		-H | --home)
			if [ -n "$2" ]; then
				container_user_custom_home="$2"
				shift
				shift
			fi
			;;
		-Y | --yes)
			non_interactive=1
			shift
			;;
		--volume)
			if [ -n "$2" ]; then
				container_manager_additional_flags="${container_manager_additional_flags} ${1} ${2}"
				shift
				shift
			fi
			;;
		-a | --additional-flags)
			if [ -n "$2" ]; then
				container_manager_additional_flags="${container_manager_additional_flags} ${2}"
				shift
				shift
			fi
			;;
		--init-hooks)
			if [ -n "$2" ]; then
				container_init_hook="$2"
				shift
				shift
			fi
			;;
		--) # End of all options.
			shift
			break
			;;
		*) # Default case: If no more options then break out of the loop.
			# If we have a flagless option and container_name is not specified
			# then let's accept argument as container_name
			if [ -n "$1" ]; then
				container_name="$1"
				shift
			else
				break
			fi
			;;
	esac
done

set -o errexit
set -o nounset
# set verbosity
if [ "${verbose}" -ne 0 ]; then
	set -o xtrace
fi

# We cannot have both a clone AND an image name.
if [ -n "${container_clone}" ] && [ -n "${container_image}" ]; then
	printf >&2 "Error: Invalid arguments, choose only one between clone or image name.\n"
	exit 2
fi

# If no clone option and no container image, let's choose a default image to use.
# Fedora toolbox is a sensitive default
if [ -z "${container_clone}" ] && [ -z "${container_image}" ]; then
	container_image="${container_image_default}"
fi

# If no container_name is declared, we build our container name starting from the
# container image specified.
#
# Examples:
#	alpine -> alpine
#	ubuntu:20.04 -> ubuntu-20.04
#	registry.fedoraproject.org/fedora-toolbox:35 -> fedora-toolbox-35
#	ghcr.io/void-linux/void-linux:latest-full-x86_64 -> void-linux-latest-full-x86_64
if [ -z "${container_name}" ]; then
	container_name="$(basename "${container_image}" | sed -E 's/[:.]/-/g')"
fi

# We depend on a container manager let's be sure we have it
# First we use podman, else docker
case "${container_manager}" in
	autodetect)
		if command -v podman > /dev/null; then
			container_manager="podman"
		elif command -v docker > /dev/null; then
			container_manager="docker"
		else
			container_manager="not_found"
		fi
		;;
	podman)
		container_manager="podman"
		;;
	docker)
		container_manager="docker"
		;;
	*)
		printf >&2 "Invalid input %s.\n" "${container_manager}"
		printf >&2 "The available choices are: 'autodetect', 'podman', 'docker'\n"
		container_manager="not_found"
		;;
esac

# Be sure we have a container manager to work with.
if ! command -v "${container_manager}" > /dev/null; then
	# Error: we need at least one between docker or podman.
	if [ "${dryrun}" -eq 0 ]; then
		printf >&2 "Missing dependency: we need a container manager.\n"
		printf >&2 "Please install one of podman or docker.\n"
		printf >&2 "You can follow the documentation on:\n"
		printf >&2 "\tman distrobox-compatibility\n"
		printf >&2 "or:\n"
		printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
		exit 127
	fi
fi
# add  verbose if -v is specified
if [ "${verbose}" -ne 0 ]; then
	container_manager="${container_manager} --log-level debug"
fi

# Clone a container as a snapshot.
# Arguments:
#   None
# Outputs:
#   prints the image name of the newly cloned container
clone_container() {
	# We need to clone a container.
	# to do this we will commit the container and create a new tag. Then use it
	# as image for the new container.
	#
	# to perform this we first ensure the source container exists and that the
	# source container is stopped, else the clone will not work,
	container_source_status="$(${container_manager} inspect --type container \
		"${container_clone}" --format '{{.State.Status}}')"
	# If the container is not already running, we need to start if first
	if [ "${container_source_status}" = "running" ]; then
		printf >&2 "Container %s is running.\nPlease stop it first.\n" "${container_clone}"
		printf >&2 "Cannot clone a running container.\n"
		return 1
	fi

	# Now we can extract the container ID and commit it to use as source image
	# for the new container.
	container_source_id="$(${container_manager} inspect --type container \
		"${container_clone}" --format '{{.Id}}')"
	container_commit_tag="${container_clone}:$(date +%F)"

	# Commit current container state to a new image tag
	printf >&2 "Duplicating %s...\n" "${container_clone}"
	if ! ${container_manager} container commit \
		"${container_source_id}" "${container_commit_tag}" > /dev/null; then

		printf >&2 "Cannot clone container: %s\n" "${container_clone}"
		return 1
	fi

	# Return the image tag to use for the new container creation.
	printf "%s" "${container_commit_tag}"
	return 0

}

# Generate Podman or Docker command to execute.
# Arguments:
#   None
# Outputs:
#   prints the podman or docker command to create the distrobox container
generate_command() {
	# Set the container hostname the same as the container name.
	result_command="${container_manager} create"
	# use the host's namespace for ipc, network, pid, ulimit
	result_command="${result_command}
		--hostname \"${container_name}.$(uname -n)\"
		--ipc host
		--name \"${container_name}\"
		--network host
		--privileged
		--security-opt label=disable
		--user root:root"

	if [ "${init}" -eq 0 ]; then
		result_command="${result_command}
			--pid host"
	fi
	# Mount useful stuff inside the container.
	# We also mount host's root filesystem to /run/host, to be able to syphon
	# dynamic configurations from the host.
	#
	# Mount user home, dev and host's root inside container.
	# This grants access to external devices like usb webcams, disks and so on.
	#
	# Mount also the distrobox-init utility as the container entrypoint.
	result_command="${result_command}
		--env \"SHELL=${SHELL:-"/bin/bash"}\"
		--env \"HOME=${container_user_home}\"
		--volume \"${container_user_home}\":\"${container_user_home}\":rslave
		--volume \"${distrobox_entrypoint_path}\":/usr/bin/entrypoint:ro
		--volume \"${distrobox_export_path}\":/usr/bin/distrobox-export:ro
		--volume /:/run/host:rslave
		--volume /dev:/dev:rslave
		--volume /sys:/sys:rslave
		--volume /tmp:/tmp:rslave"

	# This fix is needed as on Selinux systems, the host's selinux sysfs directory
	# will be mounted inside the rootless container.
	#
	# This works around this and allows the rootless container to work when selinux
	# policies are installed inside it.
	#
	# Ref. Podman issue 4452:
	#    https://github.com/containers/podman/issues/4452
	if [ -e "/sys/fs/selinux" ]; then
		result_command="${result_command}
			--volume /sys/fs/selinux"
	fi

	# This fix is needed as systemd (or journald) will try to set ACLs on this
	# path. For now overlayfs and fuse.overlayfs are not compatible with ACLs
	#
	# This works around this using an unnamed volume so that this path will be
	# mounted with a normal non-overlay FS, allowing ACLs and preventing errors.
	#
	# This work around works in conjunction with:
	#	- distrobox-init:488-489
	#	- distrobox-init:463-464
	#	- distrobox-init:498-503
	# So that we can use pre/post hooks for package managers to present to the
	# systemd install script a blank path to work with, and mount the host's
	# journal path afterwards.
	result_command="${result_command}
			--volume /var/log/journal"

	# In some systems, for example using sysvinit, /dev/shm is a symlink
	# to /run/shm, instead of the other way around.
	# Resolve this detecting if /dev/shm is a symlink and mount original
	# source also in the container.
	if [ -L "/dev/shm" ]; then
		result_command="${result_command}
			--volume $(realpath /dev/shm):$(realpath /dev/shm)"
	fi

	# If you are using NixOS, or have Nix installed, /nix is a volume containing
	# you binaries and many configs.
	# /nix needs to be mounted if you want to execute those binaries from within
	# the container. Therefore we need to mount /nix as a volume, but only if it exists.
	if [ -d "/nix" ]; then
		result_command="${result_command}
        --volume /nix:/nix"
	fi

	# If we have a custom home to use,
	#	1- override the HOME env variable
	#	2- expor the DISTROBOX_HOST_HOME env variable pointing to original HOME
	# 	3- mount the custom home inside the container.
	if [ -n "${container_user_custom_home}" ]; then
		result_command="${result_command}
		--env \"HOME=${container_user_custom_home}\"
		--env \"DISTROBOX_HOST_HOME=${container_user_home}\"
		--volume ${container_user_custom_home}:${container_user_custom_home}:rslave"
	fi

	# Mount also the /var/home dir on ostree based systems
	# do this only if $HOME was not already set to /var/home/username
	if [ "${container_user_home}" != "/var/home/${container_user_name}" ] &&
		[ -d "/var/home/${container_user_name}" ]; then

		result_command="${result_command}
		--volume \"/var/home/${container_user_name}\":\"/var/home/${container_user_name}\":rslave"
	fi

	# Mount also the XDG_RUNTIME_DIR to ensure functionality of the apps.
	if [ -d "/run/user/${container_user_uid}" ]; then
		result_command="${result_command}
		--volume /run/user/${container_user_uid}:/run/user/${container_user_uid}:rslave"
	fi

	# These are dynamic configs needed by the container to function properly
	# and integrate with the host
	#
	# We're doing this now instead of inside the init because some distros will
	# have symlinks places for these files that use absolute paths instead of
	# relative paths. Those symlinks will result broken inside the container so
	# we need to resolve them now on the host.
	host_links="/etc/host.conf /etc/hosts /etc/resolv.conf /etc/localtime"
	for host_link in ${host_links}; do
		# Check if the file exists first
		if [ -f "${host_link}" ] && [ -r "${host_link}" ]; then
			result_command="${result_command}
			--volume \"$(realpath "${host_link}")\":\"${host_link}\":ro"
		fi
	done

	# These flags are not supported by docker, so we use them only if our
	# container manager is podman.
	if [ -z "${container_manager#*podman*}" ]; then
		result_command="${result_command}
		--userns keep-id
		--ulimit host
		--annotation run.oci.keep_original_groups=1
		--mount type=devpts,destination=/dev/pts"
		if [ "${init}" -eq 1 ]; then
			result_command="${result_command}
				--systemd=always"
		fi
	fi

	# Add additional flags
	result_command="${result_command} ${container_manager_additional_flags}"

	# Now execute the entrypoint, refer to `distrobox-init -h` for instructions
	result_command="${result_command} ${container_image}
		/usr/bin/entrypoint -v --name \"${container_user_name}\"
		--user ${container_user_uid}
		--group ${container_user_gid}
		--home \"${container_user_custom_home:-"${container_user_home}"}\"
		--init \"${init}\"
		-- '${container_init_hook}'
		"
	# use container_user_custom_home if defined, else fallback to normal home.

	# Return generated command.
	printf "%s" "${result_command}"
}

# Check that we have a complete distrobox installation or
# entrypoint and export will not work.
if [ -z "${distrobox_entrypoint_path}" ] || [ -z "${distrobox_export_path}" ]; then
	printf >&2 "Error: no distrobox-init found in %s\n" "${PATH}"
	exit 127
fi

# dry run mode, just generate the command and print it. No creation.
if [ "${dryrun}" -ne 0 ]; then
	if [ -n "${container_clone}" ]; then
		container_image="${container_clone}"
	fi
	cmd="$(generate_command)"
	cmd="$(echo "${cmd}" | tr '[:blank:]\n' ' ' | tr -s ' ')"
	printf "%s\n" "${cmd}"
	exit 0
fi

# Check if the container already exists.
# If it does, notify the user and exit.
if ${container_manager} inspect --type container "${container_name}" > /dev/null 2>&1; then
	printf "Distrobox named '%s' already exists.\n" "${container_name}"
	printf "To enter, run:\n"
	printf "\tdistrobox-enter --name %s\n" "${container_name}"
	exit 0
fi

# if we are using the clone flag, let's set the image variable
# to the output of container duplication
if [ -n "${container_clone}" ]; then
	container_image="$(clone_container)"
fi
# First, check if the image exists in the host.
# If not prompt to download it.
if ! ${container_manager} inspect --type image "${container_image}" > /dev/null 2>&1; then
	if [ "${non_interactive}" -eq 0 ]; then
		# Prompt to download it.
		printf >&2 "Image %s not found.\n" "${container_image}"
		printf >&2 "Do you want to pull the image now? [Y/n]: "
		read -r response
		response="${response:-"Y"}"
	else
		response="yes"
	fi

	# Accept only y,Y,Yes,yes,n,N,No,no.
	case "${response}" in
		y | Y | Yes | yes | YES)
			# Pull the image
			${container_manager} pull "${container_image}"
			;;
		n | N | No | no | NO)
			printf >&2 "next time, run this command first:\n"
			printf >&2 "\t%s pull %s\n" "${container_manager}" "${container_image}"
			exit 0
			;;
		*) # Default case: If no more options then break out of the loop.
			printf >&2 "Invalid input.\n"
			printf >&2 "The available choices are: y,Y,Yes,yes,YES or n,N,No,no,NO.\nExiting.\n"
			exit 1
			;;
	esac
fi

# Generate the create command and run it
cmd="$(generate_command)"
# Eval the generated command. If successful display an helpful message.
# shellcheck disable=SC2086
if eval ${cmd}; then
	printf "Distrobox '%s' successfully created.\n" "${container_name}"
	printf "To enter, run:\n"
	printf "\tdistrobox-enter %s\n" "${container_name}"
fi

A  => distrobox-enter +420 -0
@@ 1,420 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-3.0-only
#
# This file is part of the distrobox project:
#    https://github.com/89luca89/distrobox
#
# Copyright (C) 2021 distrobox contributors
#
# distrobox is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 3
# as published by the Free Software Foundation.
#
# distrobox is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with distrobox; if not, see <http://www.gnu.org/licenses/>.

# POSIX
# Expected env variables:
#	HOME
#	USER
#	SHELL
# Optional env variables:
#	DBX_CONTAINER_NAME
#	DBX_CONTAINER_MANAGER

trap '[ "$?" -ne 0 ] && printf "\nAn error occurred\n"' EXIT

# Dont' run this command as sudo.
if [ "$(id -u)" -eq 0 ]; then
	printf >&2 "Running %s as sudo is not supported.\n" "${0}"
	printf >&2 "Please check the documentation on:\n"
	printf >&2 "\tman distrobox-compatibility\t"
	printf >&2 "or consult the documentation page on:\n"
	printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
	exit 1
fi

# Defaults
container_command=""
container_shell="${SHELL:-"bash"}"
# Work around for shells that are not in the container's file system, nor PATH.
# For example in hosts that do not follow FHS, like NixOS or for shells in custom
# exotic paths.
container_shell="$(basename "${container_shell}")l"
container_manager="autodetect"
container_name="fedora-toolbox-35"
container_manager_additional_flags=""

# Use cd + dirname + pwd so that we do not have relative paths in mount points
# We're not using "realpath" here so that symlinks are not resolved this way
# "realpath" would break situations like Nix or similar symlink based package
# management.
distrobox_enter_path="$(cd "$(dirname "$0")" && pwd)/distrobox-enter"
dryrun=0
headless=0
verbose=0
version="1.2.15"

# Source configuration files, this is done in an hierarchy so local files have
# priority over system defaults
# leave priority to environment variables.
config_files="
	/usr/share/distrobox/distrobox.conf
	/etc/distrobox/distrobox.conf
	${HOME}/.config/distrobox/distrobox.conf
	${HOME}/.distroboxrc
"
for config_file in ${config_files}; do
	# shellcheck disable=SC1090
	[ -e "${config_file}" ] && . "${config_file}"
done
[ -n "${DBX_CONTAINER_MANAGER}" ] && container_manager="${DBX_CONTAINER_MANAGER}"
[ -n "${DBX_CONTAINER_NAME}" ] && container_name="${DBX_CONTAINER_NAME}"

# Print usage to stdout.
# Arguments:
#   None
# Outputs:
#   print usage with examples.
show_help() {
	cat << EOF
distrobox version: ${version}

Usage:

	distrobox-enter --name fedora-toolbox-35 -- bash -l
	distrobox-enter my-alpine-container -- sh -l
	distrobox-enter --additional-flags "--preserve-fds" --name test -- bash -l
	distrobox-enter --additional-flags "--env MY_VAR=value" --name test -- bash -l
	MY_VAR=value distrobox-enter --additional-flags "--preserve-fds" --name test -- bash -l

Options:

	--name/-n:		name for the distrobox						default: fedora-toolbox-35
	--/-e:			end arguments execute the rest as command to execute at login	default: bash -l
	--no-tty/-T:		do not instantiate a tty
	--additional-flags/-a:	additional flags to pass to the container manager command
	--help/-h:		show this message
	--dry-run/-d:		only print the container manager command generated
	--verbose/-v:		show more verbosity
	--version/-V:		show version
EOF
}

# Parse arguments
while :; do
	case $1 in
		-h | --help)
			# Call a "show_help" function to display a synopsis, then exit.
			show_help
			exit 0
			;;
		-v | --verbose)
			shift
			verbose=1
			;;
		-T | -H | --no-tty)
			shift
			headless=1
			;;
		-V | --version)
			printf "distrobox: %s\n" "${version}"
			exit 0
			;;
		-d | --dry-run)
			shift
			dryrun=1
			;;
		-n | --name)
			if [ -n "$2" ]; then
				container_name="$2"
				shift
				shift
			fi
			;;
		-a | --additional-flags)
			if [ -n "$2" ]; then
				container_manager_additional_flags="${container_manager_additional_flags} ${2}"
				shift
				shift
			fi
			;;
		-e | --exec | --)
			shift
			container_command=$*
			break
			;;
		*) # Default case: If no more options then break out of the loop.
			# If we have a flagless option and container_name is not specified
			# then let's accept argument as container_name
			if [ -n "$1" ]; then
				container_name="$1"
				shift
			else
				break
			fi
			;;
	esac
done

set -o errexit
set -o nounset
# set verbosity
if [ "${verbose}" -ne 0 ]; then
	set -o xtrace
fi

# We depend on a container manager let's be sure we have it
# First we use podman, else docker
case "${container_manager}" in
	autodetect)
		if command -v podman > /dev/null; then
			container_manager="podman"
		elif command -v docker > /dev/null; then
			container_manager="docker"
		else
			container_manager="not_found"
		fi
		;;
	podman)
		container_manager="podman"
		;;
	docker)
		container_manager="docker"
		;;
	*)
		printf >&2 "Invalid input %s.\n" "${container_manager}"
		printf >&2 "The available choices are: 'autodetect', 'podman', 'docker'\n"
		container_manager="not_found"
		;;
esac

# Be sure we have a container manager to work with.
if ! command -v "${container_manager}" > /dev/null; then
	# Error: we need at least one between docker or podman.
	if [ "${dryrun}" -eq 0 ]; then
		printf >&2 "Missing dependency: we need a container manager.\n"
		printf >&2 "Please install one of podman or docker.\n"
		printf >&2 "You can follow the documentation on:\n"
		printf >&2 "\tman distrobox-compatibility\n"
		printf >&2 "or:\n"
		printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
		exit 127
	fi
fi
# Small performance optimization, using podman socket shaves
# about half the time to access informations.
#
# Accessed file is /run/user/USER_ID/podman/podman.sock
#
# This is not necessary on docker as it is already handled
# in this way.
if [ -z "${container_manager#*podman*}" ] &&
	[ -S "/run/user/$(id -ru)/podman/podman.sock" ] &&
	systemctl --user status podman.socket > /dev/null; then

	container_manager="${container_manager} --remote"
fi
# add  verbose if -v is specified
if [ "${verbose}" -ne 0 ]; then
	container_manager="${container_manager} --log-level debug"
fi

# Generate Podman or Docker command to execute.
# Arguments:
#   None
# Outputs:
#   prints the podman or docker command to enter the distrobox container
generate_command() {
	result_command="${container_manager} exec"
	result_command="${result_command}
		--interactive
		--user=\"${USER}\""

	# For some usage, like use in service, or launched by non-terminal
	# eg. from desktop files, TTY can fail to instantiate, and fail to enter
	# the container.
	# To work around this, --headless let's you skip these 2 flags and make it
	# work in tty-less situations.
	# Disable tty also if we're NOT in a tty (test -t 0).
	if [ "${headless}" -eq 0 ] && [ -t 0 ]; then
		result_command="${result_command}
		--tty"
	fi

	# Entering container using our user and workdir.
	# Start container from working directory. Else default to home. Else do /.
	# Since we are entering from host, drop at workdir through '/run/host'
	# which represents host's root inside container. Any directory on host
	# even if not explicitly mounted is bound to exist under /run/host.
	# Since user $HOME is very likely present in container, enter there directly
	# to avoid confusing the user about shifted paths.
	# pass distrobox-enter path, it will be used in the distrobox-export tool.
	workdir="$(echo "${PWD:-${HOME:-"/"}}" | sed -e 's/"/\\\"/g')"
	if [ -n "${workdir##*"${HOME}"*}" ]; then
		workdir="/run/host/${workdir}"
	fi
	result_command="${result_command}
		--workdir=\"${workdir}\"
		--env=\"DISTROBOX_ENTER_PATH=${distrobox_enter_path}\""

	# Loop through all the environment vars
	# and export them to the container.
	set +o xtrace
	# disable logging fot this snippet, or it will be too talkative.
	for i in $(printenv | grep '=' | grep -Ev ' |"' |
		grep -Ev '^(HOST|HOSTNAME|HOME|PATH|SHELL|USER|XDG_.*_DIRS|_)'); do
		# We filter the environment so that we do not have strange variables,
		# multiline or containing spaces.
		# We also NEED to ignore the HOME variable, as this is set at create time
		# and needs to stay that way to use custom home dirs.
		result_command="${result_command} --env=\"${i}\""
	done

	# Start with the $PATH set in the container's config
	container_paths="${container_path:-""}"
	# Ensure the standard FHS program paths are in PATH environment
	standard_paths="/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin"
	# add to the PATH after the existing paths, and only if not already present
	for standard_path in ${standard_paths}; do
		if [ -n "${container_paths##*:"${standard_path}"*}" ]; then
			container_paths="${container_paths}:${standard_path}"
		fi
	done
	# Ensure the $PATH entries from the host are appended as well
	for standard_path in $(
		IFS=:
		for p in ${PATH}; do echo "${p}"; done
	); do
		if [ -n "${container_paths##*:"${standard_path}"*}" ]; then
			container_paths="${container_paths}:${standard_path}"
		fi
	done
	result_command="${result_command} --env=\"PATH=${container_paths}\""

	# Ensure the standard FHS program paths are in XDG_DATA_DIRS environment
	standard_paths="/usr/local/share /usr/share"
	container_paths="${XDG_DATA_DIRS:=}"
	# add to the XDG_DATA_DIRS only after the host's paths, and only if not already present.
	for standard_path in ${standard_paths}; do
		if [ -n "${container_paths##*:"${standard_path}"*}" ]; then
			container_paths="${container_paths}:${standard_path}"
		fi
	done
	result_command="${result_command} --env=\"XDG_DATA_DIRS=${container_paths}\""

	# Ensure the standard FHS program paths are in XDG_CONFIG_DIRS environment
	standard_paths="/etc/xdg"
	container_paths="${XDG_CONFIG_DIRS:=}"
	# add to the XDG_CONFIG_DIRS only after the host's paths, and only if not already present.
	for standard_path in ${standard_paths}; do
		if [ -n "${container_paths##*:"${standard_path}"*}" ]; then
			container_paths="${container_paths}:${standard_path}"
		fi
	done
	result_command="${result_command} --env=\"XDG_CONFIG_DIRS=${container_paths}\""

	# re-enable logging if it was enabled previously.
	if [ "${verbose}" -ne 0 ]; then
		set -o xtrace
	fi

	# Add additional flags
	result_command="${result_command} ${container_manager_additional_flags}"

	# Run selected container with specified command.
	result_command="${result_command} ${container_name} ${container_command:-${container_shell}}"

	# Return generated command.
	printf "%s" "${result_command}"
}

container_path="${PATH}"
# dry run mode, just generate the command and print it. No execution.
if [ "${dryrun}" -ne 0 ]; then
	cmd="$(generate_command)"
	cmd="$(echo "${cmd}" | tr '[:blank:]\n' ' ' | tr -s ' ')"
	printf "%s\n" "${cmd}"
	exit 0
fi

# Inspect the container we're working with.
container_status="unknown"
eval "$(${container_manager} inspect --type container "${container_name}" --format \
	'container_status={{.State.Status}};
	{{range .Config.Env}}{{if slice . 0 6 | eq "SHELL="}}container_shell={{slice . 6 | printf "%q"}}{{end}}{{end}};
	{{range .Config.Env}}{{if slice . 0 5 | eq "PATH="}}container_path={{slice . 5 | printf "%q"}}{{end}}{{end}}')"
container_exists="$?"
# Set SHELL as a login shell
container_shell="${container_shell} -l"
# Does the container exists? check if inspect reported errors
if [ "${container_exists}" -gt 0 ]; then
	# If not, prompt to create it first
	printf >&2 "Cannot find container %s, does it exist?\n" "${container_name}"
	printf >&2 "\nTry running first:\n"
	printf >&2 "\tdistrobox-create <name-of-container> --image <remote>/<docker>:<tag>\n"
	exit 1
fi

# If the container is not already running, we need to start if first
if [ "${container_status}" != "running" ]; then
	# If container is not running, start it first
	# Here, we save the timestamp before launching the start command, so we can
	# be sure we're working with this very same session of logs later.
	log_timestamp="$(date +%FT%T.%N%:z)"
	${container_manager} start "${container_name}" > /dev/null

	printf >&2 "Starting container %s\n" "${container_name}"
	printf >&2 "run this command to follow along:\n"
	printf >&2 "\t%s logs -f %s\n" "${container_manager}" "${container_name}"

	# Wait for container to start successfully.
	# We will probe the container logs every 1s to check if we have either:
	# Error or container_setup_done
	#
	# In the end, print eventual Warnings that occurred.
	while :; do

		# Check if the container is going in error status at any time during the first init
		if [ "$(${container_manager} inspect \
			--type container "${container_name}" \
			--format "{{.State.Status}}")" != "running" ]; then

			container_manager_log="$(${container_manager} logs "${container_name}")"
			printf >&2 "%s\n" "${container_manager_log}"
			exit 1
		fi

		container_manager_log="$(${container_manager} logs -t \
			--since "${log_timestamp}" \
			"${container_name}" 2> /dev/null)"
		case "${container_manager_log}" in
			*"Error"*)
				printf >&2 "%s\n" "${container_manager_log}"
				exit 1
				;;
			*"container_setup_done"*)
				break
				;;
			*)
				printf >&2 "."
				sleep 1
				;;
		esac
	done
	printf >&2 "\ndone!\n"
	# Print eventual warnings in the log.
	${container_manager} logs -t \
		--since "${log_timestamp}" \
		"${container_name}" 2> /dev/null | grep "Warning" >&2 || :
fi

# Generate the exec command and run it
cmd="$(generate_command)"
# shellcheck disable=SC2086
eval ${cmd}

A  => distrobox-export +486 -0
@@ 1,486 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-3.0-only
#
# This file is part of the distrobox project:
#    https://github.com/89luca89/distrobox
#
# Copyright (C) 2021 distrobox contributors
#
# distrobox is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 3
# as published by the Free Software Foundation.
#
# distrobox is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with distrobox; if not, see <http://www.gnu.org/licenses/>.

# POSIX
# Expected env variables:
#	HOME
#	USER
#	DISTROBOX_ENTER_PATH
#	DISTROBOX_HOST_HOME

trap '[ "$?" -ne 0 ] && printf "\nAn error occurred\n"' EXIT

# Defaults
export_action=""
exported_app=""
exported_app_label=""
exported_bin=""
exported_delete=0
exported_service=""
extra_flags=""
# Use DBX_HOST_HOME if defined, else fallback to HOME
#	DBX_HOST_HOME is set in case container is created
#	with custom --home directory
host_home="${DISTROBOX_HOST_HOME:-"${HOME}"}"
is_sudo=""
verbose=0
version="1.2.15"

# We depend on some commands, let's be sure we have them
base_dependencies="basename grep sed find"
for dep in ${base_dependencies}; do
	if ! command -v "${dep}" > /dev/null; then
		printf >&2 "Missing dependency: %s\n" "${dep}"
		exit 127
	fi
done

# Print usage to stdout.
# Arguments:
#   None
# Outputs:
#   print usage with examples.
show_help() {
	cat << EOF
distrobox version: ${version}

Usage:

	distrobox-export --app mpv [--extra-flags "flags"] [--delete] [--sudo]
	distrobox-export --service syncthing.service [--extra-flags "flags"] [--delete] [--sudo]
	distrobox-export --bin /path/to/bin --export-path ~/.local/bin [--extra-flags "flags"] [--delete] [--sudo]

Options:

	--app/-a:		name of the application to export
	--bin/-b:		absolute path of the binary to export
	--service/-s:		name of the service to export
	--delete/-d:		delete exported application or service
	--export-label/-el:	label to add to exported application name.
				Defaults to (on \$container_name)
	--export-path/-ep:	path where to export the binary
	--extra-flags/-ef:	extra flags to add to the command
	--sudo/-S:		specify if the exported item should be ran as sudo
	--help/-h:		show this message
	--verbose/-v:		show more verbosity
	--version/-V:		show version
EOF
}

# Parse arguments
while :; do
	case $1 in
		-h | --help)
			# Call a "show_help" function to display a synopsis, then exit.
			show_help
			exit 0
			;;
		-v | --verbose)
			shift
			verbose=1
			;;
		-V | --version)
			printf "distrobox: %s\n" "${version}"
			exit 0
			;;
		-a | --app)
			if [ -n "$2" ]; then
				export_action="app"
				exported_app="$2"
				shift
				shift
			fi
			;;
		-b | --bin)
			if [ -n "$2" ]; then
				export_action="bin"
				exported_bin="$2"
				shift
				shift
			fi
			;;
		-s | --service)
			if [ -n "$2" ]; then
				export_action="service"
				exported_service="$2"
				shift
				shift
			fi
			;;
		-S | --sudo)
			is_sudo="sudo"
			shift
			;;
		-el | --export-label)
			if [ -n "$2" ]; then
				exported_app_label="$2"
				shift
				shift
			fi
			;;
		-ep | --export-path)
			if [ -n "$2" ]; then
				dest_path="$2"
				shift
				shift
			fi
			;;
		-ef | --extra-flags)
			if [ -n "$2" ]; then
				extra_flags="$2"
				shift
				shift
			fi
			;;
		-d | --delete)
			exported_delete=1
			shift
			;;
		*) # Default case: If no more options then break out of the loop.
			break ;;
	esac
done

set -o errexit
set -o nounset
# set verbosity
if [ "${verbose}" -ne 0 ]; then
	set -o xtrace
fi

# Check we're running inside a container and not on the host
if [ ! -f /run/.containerenv ] && [ ! -f /.dockerenv ]; then
	printf >&2 "You must run %s inside a container!\n" " $(basename "$0")"
	exit 126
fi

# We're working with HOME, so we must run as USER, not as root.
if [ "$(id -u)" -eq 0 ]; then
	printf >&2 "You must not run %s as root!\n" " $(basename "$0")"
	exit 1
fi

# Ensure the foundamental variables are set and not empty, we will not proceed
# if they are not all set.
if [ -z "${exported_app}" ] &&
	[ -z "${exported_bin}" ] &&
	[ -z "${exported_service}" ]; then
	printf >&2 "Error: Invalid arguments.\n"
	printf >&2 "Error: missing export target. Run\n"
	printf >&2 "\tdistrobox-export --help\n"
	printf >&2 "for more informations.\n"
	exit 2
fi
# Ensure we're not receiving more than one action at time.
if [ -n "${exported_app}" ] && [ -n "${exported_bin}" ] ||
	[ -n "${exported_app}" ] && [ -n "${exported_service}" ] ||
	[ -n "${exported_bin}" ] && [ -n "${exported_service}" ]; then
	printf >&2 "Error: Invalid arguments, choose only one action below.\n"
	printf >&2 "Error: You can only export one thing at time.\n"
	exit 2
fi
# Ensure we have the export-path set when exporting a binary.
if [ -n "${exported_bin}" ] && [ -z "${dest_path}" ]; then
	printf >&2 "Error: Missing argument export-path.\n"
	exit 2
fi

# We can assume this as we set it the same as container name during creation.
container_name=$(uname -n | cut -d'.' -f1)
# Prefix to add to an existing command to work throught the container
container_command_prefix="${DISTROBOX_ENTER_PATH:-"distrobox-enter"} -n ${container_name} -- \"${is_sudo} "
if [ -z "${exported_app_label}" ]; then
	exported_app_label=" (on ${container_name})"
fi

# Print generated script from template
# Arguments:
#	none it will use the ones set up globally
# Outputs:
#   print generated script.
generate_script() {
	cat << EOF
#!/bin/sh
# distrobox_binary
# name: ${container_name}
if [ ! -f /run/.containerenv ]; then
    ${DISTROBOX_ENTER_PATH:-"distrobox-enter"} -n ${container_name} -- \
		${is_sudo} ${exported_bin} ${extra_flags} \$@
else
    ${exported_bin} \$@
fi
EOF
	return $?
}

# Export binary to destination directory.
# the following function will use generate_script to create a shell script in
# dest_path that will execute the exported binary in the selected distrobox.
#
# Arguments:
#	none it will use the ones set up globally
# Outputs:
#	a generated_script in dest_path
#	or error code.
export_binary() {
	# Ensure the binary we're exporting is installed
	if [ ! -f "${exported_bin}" ]; then
		printf >&2 "Error: cannot find %s.\n" "${exported_bin}"
		return 127
	fi
	# generate dest_file path
	dest_file="${dest_path}/$(basename "${exported_bin}")"

	# If we're deleting it, just do it and exit
	if [ "${exported_delete}" -ne 0 ]; then
		if [ ! -f "${dest_file}" ]; then
			printf >&2 "Error: cannot find %s in %s.\nWas it exported?.\n" \
				"$(basename "${exported_bin}")" "${dest_path}"
			return 1
		fi
		if grep -q "distrobox_binary" "${dest_file}"; then
			if rm -f "${dest_file}"; then
				printf "%s from %s removed successfully from %s.\nOK!\n" \
					"${exported_bin}" "${container_name}" "${dest_path}"
				return 0
			fi
		else
			printf >&2 "Error: %s exists but it's not a distrobox exported file.\n" "${dest_file}"
			printf >&2 "Error: cannot delete: %s.\n" "${dest_file}"
			return 2
		fi
	fi

	# test if we have writing rights on the file
	if ! touch "${dest_file}"; then
		printf >&2 "Error: cannot create destination file %s.\n" "${dest_file}"
		return 1
	fi

	# create the script from template and write to file
	if generate_script > "${dest_file}"; then
		chmod +x "${dest_file}"
		printf "%s from %s exported successfully in %s.\nOK!\n" \
			"${exported_bin}" "${container_name}" "${dest_path}"
		return 0
	fi
	# Unknown error.
	printf >&2 "A problem occurred.\n"
	return 3
}

# Export graphical application to the host.
# the following function will scan the distrobox for desktop and icon files for
# the selected application. It will then put the needed icons in the host's icons
# directory and create a new .desktop file that will execute the selected application
# in the distrobox.
#
# Arguments:
#	none it will use the ones set up globally
# Outputs:
#	needed icons in /run/host/$host_home/.local/share/icons
#	needed desktop files in /run/host/$host_home/.local/share/applications
#	or error code.
export_application() {
	# Ensure the app we're exporting is installed
	if ! command -v "${exported_app}" > /dev/null; then
		printf >&2 "Error: trying to export a non-installed application.\n"
		return 127
	fi

	# Find desktop file for the application to export
	desktop_files=$(grep -ril "${exported_app}" \
		/usr/share/applications/* \
		/var/lib/flatpak/exports/share/applications/* 2> /dev/null || :)
	icon_files=$(find \
		/usr/share/icons \
		/usr/share/pixmaps \
		/var/lib/flatpak/exports/share/icons -iname "*${exported_app}*" 2> /dev/null || :)
	# Check that we found some desktop files first.
	if [ -z "${desktop_files}" ]; then
		printf >&2 "Error: cannot find any desktop files.\n"
		printf >&2 "Error: trying to export a non-installed application.\n"
		return 127
	fi

	# create applications dir if not existing
	if [ ! -d "/run/host/${host_home}/.local/share/applications" ]; then
		mkdir -p "/run/host/${host_home}/.local/share/applications"
	fi

	# copy icons in home directory
	for icon_file in ${icon_files}; do

		icon_home_directory="$(dirname "${icon_file}" |
			sed "s|/usr/share/|\/run\/host\/${host_home}/.local/share/|g" |
			sed "s|/var/lib/flatpak/exports/share|\/run\/host\/${host_home}/.local/share/|g" |
			sed "s|pixmaps|icons|g")"

		# check if we're exporting or deleting
		if [ "${exported_delete}" -ne 0 ]; then
			# we need to remove, not export
			rm -rf "${icon_home_directory:?}"/"$(basename "${icon_file:?}")"
		else
			# we wanto to export the application's icons
			mkdir -p "${icon_home_directory}"
			cp -r "${icon_file}" "${icon_home_directory}"
		fi
	done

	# create desktop files for the distrobox
	for desktop_file in ${desktop_files}; do
		desktop_original_file="$(basename "${desktop_file}")"
		desktop_home_file="${container_name}-$(basename "${desktop_file}")"
		# check if we're exporting or deleting
		if [ "${exported_delete}" -ne 0 ]; then
			if [ ! -f "/run/host/${host_home}/.local/share/applications/${desktop_home_file}" ]; then
				printf >&2 "Error: trying to remove a non-exported application.\n"
				return 1
			fi
			rm -f "/run/host/${host_home}/.local/share/applications/${desktop_original_file}"
			rm -f "/run/host/${host_home}/.local/share/applications/${desktop_home_file}"
		else
			# Add commmand_prefix
			# Add extra flags
			# Add closing quote
			# If a TryExec is present, we have to fake it as it will not work
			# throught the container separation
			sed "s|^Exec=|Exec=${container_command_prefix} |g" "${desktop_file}" |
				sed "s|\(%.*\)|${extra_flags} \1|g" |
				sed 's|^Exec=.*|&"|g' |
				sed "s|^TryExec=.*|TryExec=true|g" |
				sed "s|Name.*|& ${exported_app_label}|g" \
					> "/run/host/${host_home}/.local/share/applications/${desktop_home_file}"
			if ! grep -q "StartupWMClass" "/run/host/${host_home}/.local/share/applications/${desktop_home_file}"; then
				printf "StartupWMClass=%s\n" "${exported_app}" >> \
					"/run/host/${host_home}/.local/share/applications/${desktop_home_file}"
			fi
			# in the end we add the final quote we've opened in the "container_command_prefix"
		fi
	done

	if [ "${exported_delete}" -ne 0 ]; then
		printf "Application %s successfully un-exported.\nOK!\n" "${exported_app}"
		printf "%s will disappear from your applications list in a few seconds.\n" "${exported_app}"
	else
		printf "Application %s successfully exported.\nOK!\n" "${exported_app}"
		printf "%s will appear in your applications list in a few seconds.\n" "${exported_app}"
	fi

}

# Export systemd service to the host.
# the following function will export a selected systemd unit from the distrobox
# to the host. It will modify the original unit to include the container_command_prefix.
#
# Arguments:
#	none it will use the ones set up globally
# Outputs:
#	new systemd unit in /run/host/$host_home/.config/systemd/user/
#	or error code.
export_service() {

	# find the service file in the common
	service_file=$(find \
		/etc/systemd/system/ /lib/systemd/system/ /usr/lib/systemd/system/ \
		"${host_home}"/.config/systemd/user/ \
		-type f -name "${exported_service}*" 2> /dev/null | tail -1)
	# Check that we found some service files first.
	if [ -z "${service_file}" ]; then
		printf >&2 "Error: cannot find any service file for %s.\n" "${exported_service}"
		printf >&2 "Error: trying to export a non-installed service.\n"
		return 127
	fi

	# this is the output file we will produce.
	exported_service_file="${container_name}-$(basename "${service_file}")"
	exported_service_fullpath="/run/host/${host_home}/.config/systemd/user/${exported_service_file}"

	# If we're deleting it, just do it and exit
	if [ "${exported_delete}" -ne 0 ]; then
		if [ ! -f "${exported_service_fullpath}" ]; then
			printf >&2 "Error: cannot find service %s.\nWas it exported?.\n" "${exported_service_file}"
			return 1
		fi
		rm -f "${exported_service_fullpath}"
		printf "Service %s successfully removed.\nOK!\n" "${exported_service_file}"
		return 0
	fi
	# Check if it is already exported
	if [ -f "${exported_service_fullpath}" ] &&
		grep -q "${container_command_prefix}" "${exported_service_fullpath}"; then

		printf "Service %s is already exported.\n\n" "${exported_service_file}"
		printf "\nTo check the status, run:\n\tsystemctl --user status %s \n" "${exported_service_file}"
		printf "\nTo start it, run:\n\tsystemctl --user start %s \n" "${exported_service_file}"
		printf "\nTo start it at login, run:\n\tsystemctl --user enable %s \n" "${exported_service_file}"
		return 0
	fi

	# Create temp file with random name
	temp_file="$(mktemp -u)"
	# Replace all Exec occurrencies
	if [ ! -d "/run/host/${host_home}/.config/systemd/user/" ]; then
		mkdir -p "/run/host/${host_home}/.config/systemd/user/"
	fi
	cat "${service_file}" > "${exported_service_fullpath}" 2> /dev/null
	for exec_cmd in ExecStart ExecStartPre ExecStartPost ExecReload ExecStop ExecStopPost; do
		# Save to temp file
		cat "${exported_service_fullpath}" > "${temp_file}" 2> /dev/null
		# Add prefix only if not present
		if ! grep "${exec_cmd}" "${temp_file}" | grep -q "${container_command_prefix}"; then
			# Add commmand_prefix
			# Add extra flags
			# Add closing quote
			sed "s|^${exec_cmd}=|${exec_cmd}=${container_command_prefix}|g" "${temp_file}" |
				sed "s|^${exec_cmd}=.*|& ${extra_flags}|g" |
				sed "s|^${exec_cmd}=.*|&\"|g" > "${exported_service_fullpath}"
			# in the end we add the final quote we've opened in the "container_command_prefix"
		fi
	done
	# Cleanup
	rm -f "${temp_file}"

	printf "Service %s successfully exported.\nOK\n" "${exported_service_file}"
	printf "%s will appear in your services list in a few seconds.\n\n" "${exported_service_file}"
	printf "\nTo check the status, run:\n\tsystemctl --user status %s \n" "${exported_service_file}"
	printf "\nTo start it, run:\n\tsystemctl --user start %s \n" "${exported_service_file}"
	printf "\nTo start it at login, run:\n\tsystemctl --user enable %s \n" "${exported_service_file}"

	return 0
}

# Main routine
case "${export_action}" in
	app)
		export_application
		;;
	bin)
		export_binary
		;;
	service)
		export_service
		;;
	*)
		printf >&2 "Invalid arguments, choose an action below.\n"
		show_help
		exit 2
		;;
esac

A  => distrobox-init +693 -0
@@ 1,693 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-3.0-only
#
# This file is part of the distrobox project:
#    https://github.com/89luca89/distrobox
#
# Copyright (C) 2021 distrobox contributors
#
# distrobox is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 3
# as published by the Free Software Foundation.
#
# distrobox is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with distrobox; if not, see <http://www.gnu.org/licenses/>.

# POSIX
# Expected env variables:
#	HOME
#	USER
#	SHELL

trap '[ "$?" -ne 0 ] && printf "Error: An error occurred\n"' EXIT

# Defaults
init=0
init_hook=""
verbose=0
version="1.2.15"
# Print usage to stdout.
# Arguments:
#   None
# Outputs:
#   print usage with examples.
show_help() {
	cat << EOF
distrobox version: ${version}

Usage:

	distrobox-init --name ${USER} --user $(id -ru) --group $(id -rg) --home ${HOME}

Options:

	--name/-n:		user name
	--user/-u:		uid of the user
	--group/-g:		gid of the user
	--home/-d:		path/to/home of the user
	--help/-h:		show this message
	--init/-I:		whether to use or not init
	--verbose/-v:		show more verbosity
	--version/-V:		show version
	--:			end arguments execute the rest as command to execute during init
EOF
}

# Parse arguments
while :; do
	case $1 in
		-h | --help)
			# Call a "show_help" function to display a synopsis, then exit.
			show_help
			exit 0
			;;
		-v | --verbose)
			shift
			verbose=1
			;;
		-V | --version)
			printf "distrobox: %s\n" "${version}"
			exit 0
			;;
		-n | --name)
			if [ -n "$2" ]; then
				container_user_name="$2"
				shift
				shift
			fi
			;;
		-i | --init)
			if [ -n "$2" ]; then
				init="$2"
				shift
				shift
			fi
			;;
		-d | --home)
			if [ -n "$2" ]; then
				container_user_home="$2"
				shift
				shift
			fi
			;;
		-u | --user)
			if [ -n "$2" ]; then
				container_user_uid="$2"
				shift
				shift
			fi
			;;
		-g | --group)
			if [ -n "$2" ]; then
				container_user_gid="$2"
				shift
				shift
			fi
			;;
		--)
			shift
			init_hook=$*
			break
			;;
		*) # Default case: If no more options then break out of the loop.
			break ;;
	esac
done

set -o errexit
set -o nounset
# set verbosity
if [ "${verbose}" -ne 0 ]; then
	set -o xtrace
fi

# Check we're running inside a container and not on the host
if [ ! -f /run/.containerenv ] && [ ! -f /.dockerenv ]; then
	printf >&2 "You must run %s inside a container!\n" " $(basename "$0")"
	printf >&2 "distrobox-init should only be used as an entrypoint for a distrobox!\n\n"
	printf >&2 "This is not intended to be used manually, but instead used by distrobox-enter\n"
	printf >&2 "to set up the container's entrypoint.\n"
	exit 126
fi

# Ensure the foundamental variables are set and not empty, we will not proceed if
# they are not all set.
[ -z "${container_user_gid}" ] && printf "Error: Invalid arguments, missing user gud\n" && exit 2
[ -z "${container_user_home}" ] && printf "Error: Invalid argument, missing user home\n" && exit 2
[ -z "${container_user_name}" ] && printf "Error: Invalid arguments, missing username\n" && exit 2
[ -z "${container_user_uid}" ] && printf "Error: Invalid arguments, missing user uid\n" && exit 2

# Bind mount or error.
# Arguments:
#   source_dir
#	target_dir
#	mount_flags -> optional
# Outputs:
#   No output if all ok
#	Error if not
mount_bind() (
	source_dir="$1"
	target_dir="$2"
	mount_flags="$3"

	# if source dir doesn't exist, just exit normally
	! [ -d "${source_dir}" ] && ! [ -f "${source_dir}" ] && return 0

	# if the source_dir exists, then create the target_dir
	if [ -d "${source_dir}" ]; then
		# exit if not successful
		if ! mkdir -p "${target_dir}"; then
			printf "Warning: cannot create mount target directory: %s\n" "${target_dir}"
			return 1
		fi
	# if instead it's a file, create it with touch
	elif [ -f "${source_dir}" ]; then
		# exit if not successful
		if ! touch "${target_dir}"; then
			printf "Warning: cannot create mount target file: %s\n" "${target_dir}"
			return 1
		fi
	fi

	# Add mountflags if needed, if no are specificed, use rslave as default.
	if [ "${mount_flags}" = "" ]; then
		mount_flags="rslave"
	fi
	# bind mount source_dir to target_dir, return error if not successful
	if ! mount --rbind -o "${mount_flags}" "${source_dir}" "${target_dir}"; then
		printf "Warning: failed to bind mount %s to %s\n" "${source_dir}" "${target_dir}"
		return 1
	fi

	return 0
)

# Extract shell name from the $SHELL environment variable
# If not present as package in the container, we want to install it.
shell_pkg="$(basename "${SHELL:-"bash"}")"
# Check if dependencies are met for the script to run.
if ! command -v find || ! command -v mount || ! command -v passwd ||
	! command -v sudo || ! command -v useradd || ! command -v usermod ||
	! ls /etc/profile.d/*vte* ||
	! command -v "${shell_pkg}"; then

	# Detect the available package manager
	# install minimal dependencies needed to bootstrap the container:
	#	the same shell that's on the host
	#	sudo, mount, find
	#	passwd, groupadd and useradd
	if command -v apk; then
		# Check if shell_pkg is available in distro's repo. If not we
		# fall back to bash, and we set the SHELL variable to bash so
		# that it is set up correctly for the user.
		if ! apk add "${shell_pkg}"; then
			SHELL="/bin/bash"
			shell_pkg="bash"
		fi
		apk add \
			"${shell_pkg}" \
			findutils \
			ncurses \
			procps \
			shadow \
			sudo \
			util-linux \
			vte3

	elif command -v apt-get; then
		export DEBIAN_FRONTEND=noninteractive
		apt-get update
		# Check if shell_pkg is available in distro's repo. If not we
		# fall back to bash, and we set the SHELL variable to bash so
		# that it is set up correctly for the user.
		if ! apt-get install -y "${shell_pkg}"; then
			SHELL="/bin/bash"
			shell_pkg="bash"
		fi
		apt-get install -y \
			"${shell_pkg}" \
			findutils \
			libnss-myhostname \
			libvte-common \
			ncurses-base \
			passwd \
			procps \
			sudo \
			util-linux

	elif command -v dnf; then
		# Check if shell_pkg is available in distro's repo. If not we
		# fall back to bash, and we set the SHELL variable to bash so
		# that it is set up correctly for the user.
		if ! dnf install -y "${shell_pkg}"; then
			SHELL="/bin/bash"
			shell_pkg="bash"
		fi
		dnf install -y \
			"${shell_pkg}" \
			findutils \
			ncurses \
			passwd \
			procps-ng \
			shadow-utils \
			sudo \
			util-linux \
			vte-profile

	elif command -v emerge; then
		# update repos
		emerge --sync
		# Check if shell_pkg is available in distro's repo. If not we
		# fall back to bash, and we set the SHELL variable to bash so
		# that it is set up correctly for the user.
		if ! emerge --ask=n --autounmask-continue "${shell_pkg}"; then
			SHELL="/bin/bash"
			shell_pkg="bash"
		fi
		emerge --ask=n --autounmask-continue \
			"${shell_pkg}" \
			findutils \
			ncurses \
			procps \
			shadow \
			sudo \
			util-linux \
			vte-profile

	elif command -v pacman; then
		# Check if shell_pkg is available in distro's repo. If not we
		# fall back to bash, and we set the SHELL variable to bash so
		# that it is set up correctly for the user.
		pacman --noconfirm -Syyu
		if ! pacman -Sy --noconfirm "${shell_pkg}"; then
			SHELL="/bin/bash"
			shell_pkg="bash"
		fi
		pacman -Sy --noconfirm \
			"${shell_pkg}" \
			findutils \
			ncurses \
			procps-ng \
			shadow \
			sudo \
			util-linux \
			vte-common

	elif command -v slackpkg; then
		slackpkg update
		# Check if shell_pkg is available in distro's repo. If not we
		# fall back to bash, and we set the SHELL variable to bash so
		# that it is set up correctly for the user.
		if ! yes | slackpkg install -default_answer=yes -batch=yes "${shell_pkg}"; then
			SHELL="/bin/bash"
			shell_pkg="bash"
		fi
		yes | slackpkg install -default_answer=yes -batch=yes \
			"${shell_pkg}" \
			libvte-2 \
			findutils \
			ncurses \
			procps \
			shadow \
			sudo \
			util-linux

	elif command -v swupd; then
		# Here we do not handle shell_pkg as shells are already all bundled
		# together in "shells"
		swupd bundle-add \
			shells \
			sudo \
			findutils \
			procps-ng

	elif command -v xbps-install; then
		# Check if shell_pkg is available in distro's repo. If not we
		# fall back to bash, and we set the SHELL variable to bash so
		# that it is set up correctly for the user.
		if ! xbps-install -Sy "${shell_pkg}"; then
			SHELL="/bin/bash"
			shell_pkg="bash"
		fi
		xbps-install -Sy \
			"${shell_pkg}" \
			findutils \
			ncurses-base \
			procps-ng \
			shadow \
			sudo \
			util-linux

	elif command -v yum; then
		# Check if shell_pkg is available in distro's repo. If not we
		# fall back to bash, and we set the SHELL variable to bash so
		# that it is set up correctly for the user.
		if ! yum install -y "${shell_pkg}"; then
			SHELL="/bin/bash"
			shell_pkg="bash"
		fi
		yum install -y \
			"${shell_pkg}" \
			findutils \
			ncurses \
			passwd \
			procps \
			shadow-utils \
			sudo \
			util-linux \
			vte-profile

	elif command -v zypper; then
		# Check if shell_pkg is available in distro's repo. If not we
		# fall back to bash, and we set the SHELL variable to bash so
		# that it is set up correctly for the user.
		if ! zypper install -y "${shell_pkg}"; then
			SHELL="/bin/bash"
			shell_pkg="bash"
		fi
		zypper install -y \
			"${shell_pkg}" \
			findutils \
			libvte-2* \
			ncurses \
			procps \
			shadow \
			sudo \
			util-linux

	else
		printf "Error: could not find a supported package manager.\n"
		printf "Error: could not set up base dependencies.\n"
		# Exit as command not found
		exit 127
	fi

fi
# We'll also bind mount in READ-ONLY useful directories from the host
HOST_MOUNTS_RO="
	/etc/machine-id
	/var/lib/flatpak
	/var/lib/systemd/coredump
	/var/log/journal"
for host_mount_ro in ${HOST_MOUNTS_RO}; do
	mount_bind /run/host"${host_mount_ro}" "${host_mount_ro}" ro
done

# We'll also bind mount READ-WRITE useful mountpoints to pass external drives and libvirt from
# the host to the container
HOST_MOUNTS="
	/media
	/mnt
	/run/libvirt
	/run/media
	/run/systemd/journal
	/run/systemd/seats
	/run/systemd/sessions
	/run/systemd/users
	/run/udev
	/srv
	/var/lib/libvirt
	/var/mnt"
for host_mount in ${HOST_MOUNTS}; do
	if ! mount_bind /run/host"${host_mount}" "${host_mount}" rw; then
		printf "Warning: Cannot bind mount %s to /run/host%s\n" "${host_mount}" "${host_mount}"
	fi
done

# Find all the user's socket and mount them inside the container
# this will allow for continuity of functionality between host and container
#
# for example using `podman --remote` to control the host's podman from inside
# the container or accessing docker and libvirt sockets.
host_sockets="$(find /run/host/run -name 'user' \
	-prune -o -name 'nscd' \
	-prune -o -name 'system_bus_socket' \
	-prune -o -type s -print \
	2> /dev/null || :)"
for host_socket in ${host_sockets}; do
	container_socket="$(printf "%s" "${host_socket}" | sed 's|/run/host||g')"
	# Check if the socket already exists or the symlink already esists
	if [ ! -S "${container_socket}" ] && [ ! -L "${container_socket}" ]; then
		# link it.
		rm -f "${container_socket}"
		mkdir -p "$(dirname "${container_socket}")"
		if ! ln -s "${host_socket}" "${container_socket}"; then
			printf "Warning: Cannot link socket %s to %s\n" "${host_socket}" "${container_socket}"
		fi
	fi
done

# In case of an RPM distro, we can specify that our bind_mount directories
# are in fact net shares. This prevents conflicts during package installations.
if [ -d "/usr/lib/rpm/macros.d/" ]; then
	# Loop through all the environment vars
	# and export them to the container.
	set +o xtrace
	net_mounts=""
	for net_mount in \
		${HOST_MOUNTS_RO} ${HOST_MOUNTS} \
		'/dev' '/proc' '/sys' '/tmp' \
		'/etc/host.conf' '/etc/hosts' '/etc/resolv.conf' '/etc/localtime' \
		'/usr/share/zoneinfo'; do

		net_mounts="${net_mount}:${net_mounts}"

	done
	# re-enable logging if it was enabled previously.
	if [ "${verbose}" -ne 0 ]; then
		set -o xtrace
	fi
	net_mounts=${net_mounts%?}
	cat << EOF > /usr/lib/rpm/macros.d/macros.distrobox
%_netsharedpath ${net_mounts}
EOF

fi

# In case of an DEB distro, we can specify that our bind_mount directories
# have to be ignored. This prevents conflicts during package installations.
if [ -d "/etc/dpkg/dpkg.cfg.d/" ]; then
	# Loop through all the environment vars
	# and export them to the container.
	set +o xtrace
	printf "" > /etc/dpkg/dpkg.cfg.d/00_distrobox
	for net_mount in ${HOST_MOUNTS_RO} ${HOST_MOUNTS}; do
		printf "path-exclude %s/*\n" "${net_mount}" >> /etc/dpkg/dpkg.cfg.d/00_distrobox
	done
	# re-enable logging if it was enabled previously.
	if [ "${verbose}" -ne 0 ]; then
		set -o xtrace
	fi

	# Also we put a hook to clear some critical paths that do not play well
	# with read only filesystems, like systemd.
	if [ -d "/etc/apt/apt.conf.d/" ]; then
		cat << EOF > /etc/apt/apt.conf.d/00_distrobox
DPkg::Pre-Invoke {"if mountpoint /var/log/journal; then umount /var/log/journal; fi";};
DPkg::Post-Invoke {"if [ -e /run/host/var/log/journal ]; then mount --rbind -o ro /run/host/var/log/journal /var/log/journal; fi";};
EOF
	fi
fi

if [ -d "/usr/share/libalpm/scripts" ]; then
	set +o xtrace
	printf "#!/bin/sh\n" > /usr/share/libalpm/scripts/00_distrobox_pre_hook.sh
	printf "#!/bin/sh\n" > /usr/share/libalpm/scripts/02_distrobox_post_hook.sh
	for net_mount in ${HOST_MOUNTS_RO}; do
		printf "if mountpoint %s; then umount %s; fi\n" "${net_mount}" "${net_mount}" >> \
			/usr/share/libalpm/scripts/00_distrobox_pre_hook.sh
		printf "if [ -e /run/host/%s ]; then mount --rbind -o ro /run/host/%s %s; fi\n" \
			"${net_mount}" "${net_mount}" "${net_mount}" >> /usr/share/libalpm/scripts/02_distrobox_post_hook.sh
	done
	# re-enable logging if it was enabled previously.
	if [ "${verbose}" -ne 0 ]; then
		set -o xtrace
	fi
	# in case we're not using an init image, neutralize systemd post installation hooks
	# so that we do not encounter problems along the way.
	cat << EOF > /usr/share/libalpm/scripts/01_distrobox_post_hook.sh
#!/bin/sh
if [ ! -e /run/systemd/system ]; then
	echo -e '#!/bin/sh\nexit 0' > /usr/share/libalpm/scripts/systemd-hook;
fi
EOF
	chmod +x /usr/share/libalpm/scripts/00_distrobox_pre_hook.sh
	chmod +x /usr/share/libalpm/scripts/01_distrobox_post_hook.sh
	chmod +x /usr/share/libalpm/scripts/02_distrobox_post_hook.sh

	cat << EOF > /usr/share/libalpm/hooks/00-distrobox-pre.hook
[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = *

[Action]
Description = Distrobox pre-hooks...
When = PreTransaction
Exec = /usr/share/libalpm/scripts/00_distrobox_pre_hook.sh
EOF

	cat << EOF > /usr/share/libalpm/hooks/00-distrobox-post.hook
[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = *

[Action]
Description = Distrobox post-hooks 1...
When = PostTransaction
Exec = /usr/share/libalpm/scripts/01_distrobox_post_hook.sh
EOF

	cat << EOF > /usr/share/libalpm/hooks/99-distrobox-post.hook
[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = *

[Action]
Description = Distrobox post-hooks 2...
When = PostTransaction
Exec = /usr/share/libalpm/scripts/02_distrobox_post_hook.sh
EOF

fi

mkdir -p /etc/sudoers.d
# Do not check fqdn when doing sudo, it will not work anyways
if ! grep -q 'Defaults !fqdn' /etc/sudoers.d/sudoers; then
	printf "Defaults !fqdn\n" >> /etc/sudoers.d/sudoers
fi
# Ensure passwordless sudo is set up for user
if ! grep -q "${container_user_name} ALL = (root) NOPASSWD:ALL" /etc/sudoers.d/sudoers; then
	printf "%s ALL = (root) NOPASSWD:ALL\n" "${container_user_name}" >> /etc/sudoers.d/sudoers
fi

# If not existing, ensure we have a group for our user.
if ! grep -q "^${container_user_name}:" /etc/group; then
	if ! groupadd --force --gid "${container_user_gid}" "${container_user_name}"; then
		# It may occur that we have users with unsupported user name (eg. on LDAP or AD)
		# So let's try and force the group creation this way.
		printf "%s:x:%s:" "${container_user_name}" "${container_user_gid}" >> /etc/group
	fi
fi
# Let's add our user to the container. if the user already exists, enforce properties.
if ! grep -q "^${container_user_name}:" /etc/passwd; then
	if ! useradd \
		--home-dir "${container_user_home}" \
		--no-create-home \
		--shell "${SHELL:-"/bin/bash"}" \
		--uid "${container_user_uid}" \
		--gid "${container_user_gid}" \
		"${container_user_name}"; then

		printf "Warning: there was a problem setting up the user\n"
		printf "Warning: trying manual addition\n"
		printf "%s:x:%s:%s:%s:%s:%s" \
			"${container_user_name}" "${container_user_uid}" \
			"${container_user_gid}" "${container_user_name}" \
			"${container_user_home}" "${SHELL:-"/bin/bash"}" >> /etc/passwd
		printf "%s::1::::::" "${container_user_name}" >> /etc/shadow
	fi
else
	# This situation is presented when podman or docker already creates the user
	# for us inside container. We should modify the user's prepopulated shadowfile
	# entry though as per user's active preferences.
	if ! usermod \
		--home "${container_user_home}" \
		--shell "${SHELL:-"/bin/bash"}" \
		--uid "${container_user_uid}" \
		--gid "${container_user_gid}" \
		"${container_user_name}"; then

		printf "Warning: there was a problem setting up the user\n"
	fi
fi

# We generate a random password to initialize the entry for the user and root.
temporary_password="$(cat /proc/sys/kernel/random/uuid)"
printf "%s\n%s\n" "${temporary_password}" "${temporary_password}" | passwd root
printf "%s:%s" "${container_user_name}" "${temporary_password}" | chpasswd -e
# Delete password for root and user
printf "%s:" "root" | chpasswd -e
printf "%s:" "${container_user_name}" | chpasswd -e

# If we do not have profile files in the home, we should copy the
# skeleton files, if present.
# Ensure we copy only if the dotfile is not already present.
if [ -d "/etc/skel" ]; then
	skel_files="$(find /etc/skel/ -type f || :)"
	for skel_file in ${skel_files}; do
		if [ ! -f "${container_user_home}/$(basename "${skel_file}")" ] &&
			[ ! -L "${container_user_home}/$(basename "${skel_file}")" ]; then

			cp "${skel_file}" "${container_user_home}"
			chown "${container_user_uid}":"${container_user_gid}" \
				"${container_user_home}/$(basename "${skel_file}")"

		fi
	done
fi

# Themes and icons integration works using a bind mount inside the container
# of the host's themes and icons directory. This ensures that the host's home will
# not be littered with files and directories and broken symlinks.
#
# bind mount distrobox directory for themes and icons
mkdir -p "${container_user_home}/.local/share/themes"
mkdir -p "${container_user_home}/.local/share/icons"
mkdir -p "${container_user_home}/.local/share/fonts"
# Fix permissions for home directories
chown "${container_user_uid}":"${container_user_gid}" "${container_user_home}/.local"
chown "${container_user_uid}":"${container_user_gid}" "${container_user_home}/.local/share"
chown "${container_user_uid}":"${container_user_gid}" "${container_user_home}/.local/share/themes"
chown "${container_user_uid}":"${container_user_gid}" "${container_user_home}/.local/share/icons"
chown "${container_user_uid}":"${container_user_gid}" "${container_user_home}/.local/share/fonts"
if ! mount_bind "/run/host/usr/share/themes" "${container_user_home}/.local/share/themes" rw; then
	printf "Warning: Cannot bind mount /run/host/usr/share/themes to %s/.local/share/themes\n" "${container_user_home}"
	printf "Warning: Themes integration with the host is disabled.\n"
fi
if ! mount_bind "/run/host/usr/share/icons" "${container_user_home}/.local/share/icons" rw; then
	printf "Warning: Cannot bind mount /run/host/usr/share/icons to %s/.local/share/icons\n" "${container_user_home}"
	printf "Warning: Icons integration with the host is disabled.\n"
fi
if ! mount_bind "/run/host/usr/share/fonts" "${container_user_home}/.local/share/fonts" rw; then
	printf "Warning: Cannot bind mount /run/host/usr/share/fonts to %s/.local/share/fonts\n" "${container_user_home}"
	printf "Warning: Fonts integration with the host is disabled.\n"
fi

# execute eventual init hooks if specified
# shellcheck disable=SC2086
eval ${init_hook}

printf "container_setup_done\n"

if [ "${init}" -eq 0 ]; then
	# Keepalive loop
	sleep infinity
else
	# some of this directories are needed by
	# the init system. If they're mounts, there might
	# be problems. Let's unmount them.
	HOST_MOUNTS_RO_INIT="
		/run/systemd/journal
		/run/systemd/seats
		/run/systemd/sessions
		/run/systemd/system
		/run/systemd/users
		/var/lib/systemd/coredump
		/var/log/journal"
	for host_mount in ${HOST_MOUNTS_RO_INIT}; do
		if mountpoint "${host_mount}"; then umount "${host_mount}"; fi
	done
	# Now we can launch init
	exec /sbin/init
fi

A  => distrobox-list +179 -0
@@ 1,179 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-3.0-only
#
# This file is part of the distrobox project:
#    https://github.com/89luca89/distrobox
#
# Copyright (C) 2021 distrobox contributors
#
# distrobox is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 3
# as published by the Free Software Foundation.
#
# distrobox is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with distrobox; if not, see <http://www.gnu.org/licenses/>.

# POSIX
# Optional env variables:
#	DBX_CONTAINER_MANAGER

# Dont' run this command as sudo.
if [ "$(id -u)" -eq 0 ]; then
	printf >&2 "Running %s as sudo is not supported.\n" "${0}"
	printf >&2 "Please check the documentation on:\n"
	printf >&2 "\tman distrobox-compatibility\t"
	printf >&2 "or consult the documentation page on:\n"
	printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
	exit 1
fi

# Defaults
verbose=0
version="1.2.15"
container_manager="autodetect"

# Source configuration files, this is done in an hierarchy so local files have
# priority over system defaults
# leave priority to environment variables.
config_files="
	/usr/share/distrobox/distrobox.conf
	/etc/distrobox/distrobox.conf
	${HOME}/.config/distrobox/distrobox.conf
	${HOME}/.distroboxrc
"
for config_file in ${config_files}; do
	# shellcheck disable=SC1090
	[ -e "${config_file}" ] && . "${config_file}"
done
[ -n "${DBX_CONTAINER_MANAGER}" ] && container_manager="${DBX_CONTAINER_MANAGER}"

# Print usage to stdout.
# Arguments:
#   None
# Outputs:
#   print usage with examples.
show_help() {
	cat << EOF
distrobox version: ${version}

Usage:

	distrobox-list

Options:

	--help/-h:		show this message
	--verbose/-v:		show more verbosity
	--version/-V:		show version
EOF
}

# Parse arguments
while :; do
	case $1 in
		-h | --help)
			# Call a "show_help" function to display a synopsis, then exit.
			show_help
			exit 0
			;;
		-v | --verbose)
			verbose=1
			shift
			;;
		-V | --version)
			printf "distrobox: %s\n" "${version}"
			exit 0
			;;
		--) # End of all options.
			shift
			break
			;;
		*) # Default case: If no more options then break out of the loop.
			break ;;
	esac
done

set -o errexit
set -o nounset
# set verbosity
if [ "${verbose}" -ne 0 ]; then
	set -o xtrace
fi

# We depend on a container manager let's be sure we have it
# First we use podman, else docker
case "${container_manager}" in
	autodetect)
		if command -v podman > /dev/null; then
			container_manager="podman"
		elif command -v docker > /dev/null; then
			container_manager="docker"
		else
			container_manager="not_found"
		fi
		;;
	podman)
		container_manager="podman"
		;;
	docker)
		container_manager="docker"
		;;
	*)
		printf >&2 "Invalid input %s.\n" "${container_manager}"
		printf >&2 "The available choices are: 'autodetect', 'podman', 'docker'\n"
		container_manager="not_found"
		;;
esac

# Be sure we have a container manager to work with.
if ! command -v "${container_manager}" > /dev/null; then
	# Error: we need at least one between docker or podman.
	printf >&2 "Missing dependency: we need a container manager.\n"
	printf >&2 "Please install one of podman or docker.\n"
	printf >&2 "You can follow the documentation on:\n"
	printf >&2 "\tman distrobox-compatibility\n"
	printf >&2 "or:\n"
	printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
	exit 127
fi
# add  verbose if -v is specified
if [ "${verbose}" -ne 0 ]; then
	container_manager="${container_manager} --log-level debug"
fi

# List containers using custom format that inclused MOUNTS
# we do this as we can detect the custom mounts done by distrobox to distringuish
# between a normal podman or docker container and a distrobox one.
container_list=$(${container_manager} ps -a --no-trunc --format \
	"{{.ID}}|{{.Image}}|{{.Names}}|{{.State}}|{{.Mounts}}")
IFS='
'
# Header of the output
printf " %-12s | %-25s | %-30s | %-30s\n" "ID" "NAME" "STATUS" "IMAGE"
for container in ${container_list}; do

	# Check if the current container has a custom mount point for distrobox.
	if [ -z "${container##*distrobox*}" ]; then

		# Extract the information for the single container to pretty print it
		container_id="$(printf "%s" "${container}" | cut -d'|' -f1 | cut -c1-12)"
		container_image="$(printf "%s" "${container}" | cut -d'|' -f2)"
		container_name="$(printf "%s" "${container}" | cut -d'|' -f3)"
		container_status="$(printf "%s" "${container}" | cut -d'|' -f4)"

		# If the container is Up and Running, print it in green
		if [ -z "${container_status##*Up*}" ] || [ -z "${container_status##*running*}" ]; then
			printf "\033[32m %-12s | %-25s | %-30s | %-30s\n\033[0m" \
				"${container_id}" "${container_name}" "${container_status}" "${container_image}"
		# Else, print it in yellow
		else
			printf "\033[33m %-12s | %-25s | %-30s | %-30s\n\033[0m" \
				"${container_id}" "${container_name}" "${container_status}" "${container_image}"
		fi
	fi
done

A  => distrobox-rm +234 -0
@@ 1,234 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-3.0-only
#
# This file is part of the distrobox project:
#    https://github.com/89luca89/distrobox
#
# Copyright (C) 2021 distrobox contributors
#
# distrobox is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 3
# as published by the Free Software Foundation.
#
# distrobox is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with distrobox; if not, see <http://www.gnu.org/licenses/>.

# POSIX
# Optional env variables:
#	DBX_CONTAINER_MANAGER
#   DBX_CONTAINER_NAME
#   DBX_NON_INTERACTIVE

# Dont' run this command as sudo.
if [ "$(id -u)" -eq 0 ]; then
	printf >&2 "Running %s as sudo is not supported.\n" "${0}"
	printf >&2 "Please check the documentation on:\n"
	printf >&2 "\tman distrobox-compatibility\t"
	printf >&2 "or consult the documentation page on:\n"
	printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
	exit 1
fi

# Defaults
container_manager="autodetect"
container_name="fedora-toolbox-35"
force=0
non_interactive=0
verbose=0
version="1.2.15"

# Source configuration files, this is done in an hierarchy so local files have
# priority over system defaults
# leave priority to environment variables.
config_files="
	/usr/share/distrobox/distrobox.conf
	/etc/distrobox/distrobox.conf
	${HOME}/.config/distrobox/distrobox.conf
	${HOME}/.distroboxrc
"
for config_file in ${config_files}; do
	# shellcheck disable=SC1090
	[ -e "${config_file}" ] && . "${config_file}"
done
[ -n "${DBX_CONTAINER_MANAGER}" ] && container_manager="${DBX_CONTAINER_MANAGER}"
[ -n "${DBX_CONTAINER_NAME}" ] && container_name="${DBX_CONTAINER_NAME}"
[ -n "${DBX_NON_INTERACTIVE}" ] && non_interactive="${DBX_NON_INTERACTIVE}"

# Print usage to stdout.
# Arguments:
#   None
# Outputs:
#   print usage with examples.
show_help() {
	cat << EOF
distrobox version: ${version}

Usage:

	distrobox-rm --name container-name [--force]
	distrobox-rm container-name [-f]

Options:

	--name/-n:		name for the distrobox
	--force/-f:		force deletion
	--help/-h:		show this message
	--verbose/-v:		show more verbosity
	--version/-V:		show version
EOF
}

# Parse arguments
while :; do
	case $1 in
		-h | --help)
			# Call a "show_help" function to display a synopsis, then exit.
			show_help
			exit 0
			;;
		-v | --verbose)
			verbose=1
			shift
			;;
		-V | --version)
			printf "distrobox: %s\n" "${version}"
			exit 0
			;;
		-f | --force)
			force=1
			shift
			;;
		-n | --name)
			if [ -n "$2" ]; then
				container_name="$2"
				shift
				shift
			fi
			;;
		-Y | --yes)
			non_interactive=1
			shift
			;;
		--) # End of all options.
			shift
			break
			;;
		*) # Default case: If no more options then break out of the loop.
			# If we have a flagless option and container_name is not specified
			# then let's accept argument as container_name
			if [ -n "$1" ]; then
				container_name="$1"
				shift
			else
				break
			fi
			;;
	esac
done

set -o errexit
set -o nounset
# set verbosity
if [ "${verbose}" -ne 0 ]; then
	set -o xtrace
fi

# We depend on a container manager let's be sure we have it
# First we use podman, else docker
case "${container_manager}" in
	autodetect)
		if command -v podman > /dev/null; then
			container_manager="podman"
		elif command -v docker > /dev/null; then
			container_manager="docker"
		else
			container_manager="not_found"
		fi
		;;
	podman)
		container_manager="podman"
		;;
	docker)
		container_manager="docker"
		;;
	*)
		printf >&2 "Invalid input %s.\n" "${container_manager}"
		printf >&2 "The available choices are: 'autodetect', 'podman', 'docker'\n"
		container_manager="not_found"
		;;
esac

# Be sure we have a container manager to work with.
if ! command -v "${container_manager}" > /dev/null; then
	# Error: we need at least one between docker or podman.
	printf >&2 "Missing dependency: we need a container manager.\n"
	printf >&2 "Please install one of podman or docker.\n"
	printf >&2 "You can follow the documentation on:\n"
	printf >&2 "\tman distrobox-compatibility\n"
	printf >&2 "or:\n"
	printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
	exit 127
fi
# add  verbose if -v is specified
if [ "${verbose}" -ne 0 ]; then
	container_manager="${container_manager} --log-level debug"
fi

# Inspect the container we're working with.
container_status="$(${container_manager} inspect --type container \
	"${container_name}" --format '{{.State.Status}}')"
container_exists="$?"
# Does the container exist? check if inspect reported errors
if [ "${container_exists}" -gt 0 ]; then
	# If not, prompt to create it first
	printf >&2 "Cannot find container %s, does it exist?\n" "${container_name}"
	exit 1
fi

# If the container is not already running, we need to start if first
if [ "${container_status}" = "running" ]; then
	if [ "${force}" -ne 0 ]; then
		printf >&2 "Stopping container %s\n" "${container_name}"
		if ! ${container_manager} stop "${container_name}"; then
			printf >&2 "Could not stop container %s\n" "${container_name}"
			printf >&2 "Please stop container %s before deletion\n" "${container_name}"
			printf >&2 "Run:\n\t%s stop %s" "${container_manager}" "${container_name}"
			exit 1
		fi
	else
		printf >&2 "Please stop container %s before deletion\n" "${container_name}"
		printf >&2 "Run:\n\t%s stop %s\n" "${container_manager}" "${container_name}"
		printf >&2 'or use the "--force" flag'
		exit 1
	fi
fi
if [ "${non_interactive}" -eq 0 ] && [ "${force}" -eq 0 ]; then
	# Prompt to download it.
	printf "Do you really want to delete %s? [Y/n]: " "${container_name}"
	read -r response
	response="${response:-"Y"}"
else
	response="yes"
fi

# Accept only y,Y,Yes,yes,n,N,No,no.
case "${response}" in
	y | Y | Yes | yes | YES)
		# Remove the container
		${container_manager} rm "${container_name}"
		;;
	n | N | No | no | NO)
		printf "Aborted.\n"
		exit 0
		;;
	*) # Default case: If no more options then break out of the loop.
		printf >&2 "Invalid input.\n"
		printf >&2 "The available choices are: y,Y,Yes,yes,YES or n,N,No,no,NO.\nExiting.\n"
		exit 1
		;;
esac

A  => distrobox-stop +209 -0
@@ 1,209 @@
#!/bin/sh
# SPDX-License-Identifier: GPL-3.0-only
#
# This file is part of the distrobox project:
#    https://github.com/89luca89/distrobox
#
# Copyright (C) 2021 distrobox contributors
#
# distrobox is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 3
# as published by the Free Software Foundation.
#
# distrobox is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with distrobox; if not, see <http://www.gnu.org/licenses/>.

# POSIX
# Optional env variables:
#	DBX_CONTAINER_MANAGER
#   DBX_CONTAINER_NAME
#   DBX_NON_INTERACTIVE

# Dont' run this command as sudo.
if [ "$(id -u)" -eq 0 ]; then
	printf >&2 "Running %s as sudo is not supported.\n" "${0}"
	printf >&2 "Please check the documentation on:\n"
	printf >&2 "\tman distrobox-compatibility\t"
	printf >&2 "or consult the documentation page on:\n"
	printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
	exit 1
fi

# Defaults
container_manager="autodetect"
container_name="fedora-toolbox-35"
non_interactive=0
verbose=0
version="1.2.15"

# Source configuration files, this is done in an hierarchy so local files have
# priority over system defaults
# leave priority to environment variables.
config_files="
	/usr/share/distrobox/distrobox.conf
	/etc/distrobox/distrobox.conf
	${HOME}/.config/distrobox/distrobox.conf
	${HOME}/.distroboxrc
"
for config_file in ${config_files}; do
	# shellcheck disable=SC1090
	[ -e "${config_file}" ] && . "${config_file}"
done
[ -n "${DBX_CONTAINER_MANAGER}" ] && container_manager="${DBX_CONTAINER_MANAGER}"
[ -n "${DBX_CONTAINER_NAME}" ] && container_name="${DBX_CONTAINER_NAME}"
[ -n "${DBX_NON_INTERACTIVE}" ] && non_interactive="${DBX_NON_INTERACTIVE}"

# Print usage to stdout.
# Arguments:
#   None
# Outputs:
#   print usage with examples.
show_help() {
	cat << EOF
distrobox version: ${version}

Usage:

	distrobox-stop --name container-name
	distrobox-stop container-name

Options:

	--name/-n:		name for the distrobox
	--yes/-Y:		non-interactive, stop without asking
	--help/-h:		show this message
	--verbose/-v:		show more verbosity
	--version/-V:		show version
EOF
}

# Parse arguments
while :; do
	case $1 in
		-h | --help)
			# Call a "show_help" function to display a synopsis, then exit.
			show_help
			exit 0
			;;
		-v | --verbose)
			verbose=1
			shift
			;;
		-V | --version)
			printf "distrobox: %s\n" "${version}"
			exit 0
			;;
		-n | --name)
			if [ -n "$2" ]; then
				container_name="$2"
				shift
				shift
			fi
			;;
		-Y | --yes)
			non_interactive=1
			shift
			;;
		--) # End of all options.
			shift
			break
			;;
		*) # Default case: If no more options then break out of the loop.
			# If we have a flagless option and container_name is not specified
			# then let's accept argument as container_name
			if [ -n "$1" ]; then
				container_name="$1"
				shift
			else
				break
			fi
			;;
	esac
done

set -o errexit
set -o nounset
# set verbosity
if [ "${verbose}" -ne 0 ]; then
	set -o xtrace
fi

# We depend on a container manager let's be sure we have it
# First we use podman, else docker
case "${container_manager}" in
	autodetect)
		if command -v podman > /dev/null; then
			container_manager="podman"
		elif command -v docker > /dev/null; then
			container_manager="docker"
		else
			container_manager="not_found"
		fi
		;;
	podman)
		container_manager="podman"
		;;
	docker)
		container_manager="docker"
		;;
	*)
		printf >&2 "Invalid input %s.\n" "${container_manager}"
		printf >&2 "The available choices are: 'autodetect', 'podman', 'docker'\n"
		container_manager="not_found"
		;;
esac

# Be sure we have a container manager to work with.
if ! command -v "${container_manager}" > /dev/null; then
	# Error: we need at least one between docker or podman.
	printf >&2 "Missing dependency: we need a container manager.\n"
	printf >&2 "Please install one of podman or docker.\n"
	printf >&2 "You can follow the documentation on:\n"
	printf >&2 "\tman distrobox-compatibility\n"
	printf >&2 "or:\n"
	printf >&2 "\thttps://github.com/89luca89/distrobox/blob/main/docs/compatibility.md\n"
	exit 127
fi
# add  verbose if -v is specified
if [ "${verbose}" -ne 0 ]; then
	container_manager="${container_manager} --log-level debug"
fi

# Inspect the container we're working with.
container_exists="$?"
# Does the container exist? check if inspect reported errors
if [ "${container_exists}" -gt 0 ]; then
	printf >&2 "Cannot find container %s, does it exist?\n" "${container_name}"
	exit 1
fi

if [ "${non_interactive}" -eq 0 ]; then
	# Prompt to download it.
	printf "Do you really want to stop %s? [Y/n]: " "${container_name}"
	read -r response
	response="${response:-"Y"}"
else
	response="yes"
fi

# Accept only y,Y,Yes,yes,n,N,No,no.
case "${response}" in
	y | Y | Yes | yes | YES)
		# Stop the container
		${container_manager} stop "${container_name}"
		;;
	n | N | No | no | NO)
		printf "Aborted.\n"
		exit 0
		;;
	*) # Default case: If no more options then break out of the loop.
		printf >&2 "Invalid input.\n"
		printf >&2 "The available choices are: y,Y,Yes,yes,YES or n,N,No,no,NO.\nExiting.\n"
		exit 1
		;;
esac

A  => docs/CNAME +1 -0
@@ 1,1 @@
distrobox.privatedns.org
\ No newline at end of file

A  => docs/README.md +325 -0
@@ 1,325 @@
![distrobox-logo](https://user-images.githubusercontent.com/598882/157771834-7423cf9b-8311-4e90-8a79-cd0eff6bd632.png)
<sub>logo credits [j4ckr3d](https://github.com/j4ckr3d)<sub>

# Distrobox

![Lint](https://github.com/89luca89/distrobox/actions/workflows/main.yml/badge.svg)
[![CI](https://github.com/89luca89/distrobox/actions/workflows/compatibility.yml/badge.svg)](https://github.com/89luca89/distrobox/actions/workflows/compatibility.yml)
[![GitHub](https://img.shields.io/github/license/89luca89/distrobox?color=blue)](../COPYING.md)
[![GitHub release (latest by date)](https://img.shields.io/github/v/release/89luca89/distrobox)](https://github.com/89luca89/distrobox/releases/latest)
[![Packaging status](https://repology.org/badge/tiny-repos/distrobox.svg)](https://repology.org/project/distrobox/versions)
[![Github issue needs help](https://img.shields.io/github/issues-raw/89luca89/distrobox/help%20wanted?color=blue&label=Help%20Wanted%20Issues)](https://github.com/89luca89/distrobox/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22)
[![GitHub issues by-label](https://img.shields.io/github/issues-raw/89luca89/distrobox/bug?color=red&label=Open%20Bug%20Reports)](https://github.com/89luca89/distrobox/issues?q=is%3Aissue+is%3Aopen+label%3A%22bug%22)

Use any Linux distribution inside your terminal. Enable both backward and forward
compatibility with software and freedom to use whatever distribution you’re more
comfortable with.
Distrobox uses `podman` or `docker` to create containers using the Linux distribution
of your choice.
The created container will be tightly integrated with the host, allowing sharing
of the HOME directory of the user, external storage, external USB devices and
graphical apps (X11/Wayland), and audio.

---

![overview](https://user-images.githubusercontent.com/598882/144294862-f6684334-ccf4-4e5e-85f8-1d66210a0fff.png)

---

- [Distrobox](#distrobox)
  - [What it does](#what-it-does)
    - [See it in action](#see-it-in-action)
  - [Why?](#why)
    - [Aims](#aims)
- [Installation](#installation)
  - [Uninstallation](#uninstallation)
- [Compatibility](compatibility.md)
  - [Supported container managers](compatibility.md#supported-container-managers)
  - [Host Distros](compatibility.md#host-distros)
  - [Containers Distros](compatibility.md#containers-distros)
- [Usage](usage/usage.md)
  - [Outside the distrobox](usage/usage.md#outside-the-distrobox)
    - [distrobox-create](usage/distrobox-create.md)
    - [distrobox-enter](usage/distrobox-enter.md)
    - [distrobox-list](usage/distrobox-list.md)
    - [distrobox-rm](usage/distrobox-rm.md)
    - [distrobox-stop](usage/distrobox-stop.md)
  - [Inside the distrobox](usage/usage.md#inside-the-distrobox)
    - [distrobox-export](usage/distrobox-export.md)
    - [distrobox-init](usage/distrobox-init.md)
  - [Configure distrobox](#configure-distrobox)
- [Useful tips](useful_tips.md)
  - [Execute complex commands directly from distrobox-enter](useful_tips.md#execute-complex-commands-directly-from-distrobox-enter)
  - [Create a distrobox with a custom HOME directory](useful_tips.md#create-a-distrobox-with-a-custom-home-directory)
  - [Mount additional volumes in a distrobox](useful_tips.md#mount-additional-volumes-in-a-distrobox)
  - [Use a different shell than the host](useful_tips.md#use-a-different-shell-than-the-host)
  - [Duplicate an existing distrobox](useful_tips.md#duplicate-an-existing-distrobox)
  - [Export to the host](useful_tips.md#export-to-the-host)
  - [Execute commands on the host](useful_tips.md#execute-commands-on-the-host)
  - [Enable SSH X-Forwarding when SSH-ing in a distrobox](useful_tips.md#enable-ssh-x-forwarding-when-ssh-ing-in-a-distrobox)
  - [Use distrobox to install different flatpaks from the host](useful_tips.md#use-distrobox-to-install-different-flatpaks-from-the-host)
  - [Using podman inside a distrobox](useful_tips.md#using-podman-inside-a-distrobox)
  - [Using docker inside a distrobox](useful_tips.md#using-docker-inside-a-distrobox)
  - [Using init system inside a distrobox](useful_tips.md#using-init-system-inside-a-distrobox)
  - [Using distrobox as main cli](useful_tips.md#using-distrobox-as-main-cli)
  - [Improve distrobox-enter performance](useful_tips.md#improve-distrobox-enter-performance)
  - [Slow creation on podman and image size getting bigger with distrobox-create](useful_tips.md#slow-creation-on-podman-and-image-size-getting-bigger-with-distrobox-create)
  - [Container save and restore](useful_tips.md#container-save-and-restore)
  - [Check used resources](useful_tips.md#check-used-resources)
  - [Build a Gentoo distrobox container](distrobox_gentoo.md)
  - [Build a Dedicated distrobox container](distrobox_custom.md)
- [Posts](posts/posts.md)
  - [Run latest GNOME and KDE Plasma using distrobox](posts/run_latest_gnome_kde_on_distrobox.md)
  - [Integrate VSCode and Distrobox](posts/integrate_vscode_distrobox.md)
  - [Execute a command on the Host](posts/execute_commands_on_host.md)
- [Featured Articles](featured_articles.md)
  - [Run Distrobox on Fedora Linux - Fedora Magazine](https://fedoramagazine.org/run-distrobox-on-fedora-linux/)
  - [DistroBox – Run Any Linux Distribution Inside Linux Terminal - TecMint](https://www.tecmint.com/distrobox-run-any-linux-distribution/)
  - [Distrobox - How to quickly deploy a Linux distribution with GUI applications via a container](https://www.techrepublic.com/article/how-to-quickly-deploy-a-linux-distribution-with-gui-applications-via-a-container/)
  - [Using Distrobox To Augment The Package Selection On Clear Linux - Phoronix](https://www.phoronix.com/scan.php?page=news_item&px=Distrobox-Clear-Linux)
  - [Benchmark: benefits of Clear Linux containers (distrobox) - Phoronix](https://www.phoronix.com/forums/forum/phoronix/latest-phoronix-articles/1305326-clear-linux-container-performance-continues-showing-sizable-gains)
  - [Distrobox - A great item in the Linux toolbelt - phmurphy's blog](https://phmurphy.com/posts/distrobox-toolbelt/)
  - [Running Other Linux Distros with Distrobox on Fedora Linux - bandithijo's blog](featured_articles.md)
  - [Day-to-day differences between Fedora Silverblue and Ubuntu - castrojo's blog](https://www.ypsidanger.com/day-to-day-advantages-of-fedora-silverblue/)
  - [Podcasts](featured_articles.md#podcasts)

---

## What it does

Simply put it's a fancy wrapper around `podman` or `docker` to create and start
containers highly integrated with the hosts.

The distrobox environment is based on an OCI image.
This image is used to create a container that seamlessly integrates with the
rest of the operating system by providing access to the user's home directory,
the Wayland and X11 sockets, networking, removable devices (like USB sticks),
systemd journal, SSH agent, D-Bus,
ulimits, /dev and the udev database, etc...

It implements the same concepts introduced by <https://github.com/containers/toolbox>
but in a simplified way using POSIX sh and aiming at broader compatibility.

All the props go to them as they had the great idea to implement this stuff.

It is divided into 6 commands:

- `distrobox-create` - creates the container
- `distrobox-enter`  - to enter the container
- `distrobox-list` - to list containers created with distrobox
- `distrobox-rm` - to delete a container created with distrobox
- `distrobox-stop` - to stop a running container created with distrobox
- `distrobox-init`   - the entrypoint of the container (not meant to be used manually)
- `distrobox-export` - it is meant to be used inside the container,
  useful to export apps and services from the container to the host

It also includes a little wrapper to launch commands with `distrobox COMMAND`
instead of calling the single files.

### See it in action

Thanks to [castrojo](https://github.com/castrojo), you can see Distrobox in
action in this explanatory video on his setup with Distrobox, Toolbx,
Fedora Silverblue on his project [ublue](https://github.com/castrojo/ublue)
(check it out!)

[![Video](https://user-images.githubusercontent.com/598882/153680522-f5903607-2854-4cfb-a186-cba7403745bd.png)](https://www.youtube.com/watch?v=Q2PrISAOtbY)

## Why

- Provide a mutable environment on an immutable OS, like Endless OS,
  Fedora Silverblue, OpenSUSE MicroOS or SteamOS3
- Provide a locally privileged environment for sudoless setups
  (eg. company-provided laptops, security reasons, etc...)
- To mix and match a stable base system (eg. Debian Stable, Ubuntu LTS, RedHat)
  with a bleeding-edge environment for development or gaming
  (eg. Arch, OpenSUSE Tumbleweed or Fedora with latest Mesa)
- Leverage high abundance of curated distro images for docker/podman to
  manage multiple environments

Refer to the compatiblity list for an overview of supported host's distro
[HERE](compatibility.md#host-distros) and container's distro [HERE](compatibility.md#containers-distros).

### Aims

This project aims to bring **any distro userland to any other distro**
supporting podman or docker.
It has been written in POSIX sh to be as portable as possible and not have
problems with dependencies and glibc version's compatibility.

Refer [HERE](compatibility.md#supported-container-managers) for a list of
supported container managers and minimum supported versions.

It also aims to enter the container **as fast as possible**, every millisecond
adds up if you use the container as your default environment for your terminal:

These are some sample results of `distrobox-enter` on the same container on my
weak laptop from 2015 with 2 core cpu:

```sh
Total time for 100 container enters:

  ~$ time (for i in {1..100}; do distrobox-enter --name fedora-toolbox-35 -- whoami; done)
  real 0m36.209s
  user 0m6.520s
  sys 0m4.803s

Mean:

36.209s/100 = ~0.362ms mean time to enter the container
```

I would like to keep it always below the
[Doherty Treshold](https://lawsofux.com/doherty-threshold/) of 400ms.

#### Security implications

Isolation and sandboxing is **not** the main aim of the project, on the contrary
it aims to tightly integrate the container with the host.
The container will have complete access to your home, pen drives and so on,
so do not expect it to be highly sandboxed like a plain
docker/podman container or a flatpak.

⚠️ **BE CAREFUL**: if you use docker, the daemon runs as root by default, so
**root inside the docker container can modify system stuff outside the container**,
if you have security concern for this, **use podman that runs in rootless mode**.
Rootless docker is still not working as intended and will be included in the future
when it will be complete.

That said, it is in the works to implement some sort of decoupling with the host,
as discussed here: [#28 Sandboxed mode](https://github.com/89luca89/distrobox/issues/28)

---

# Basic usage

Create a new distrobox:

`distrobox create -n test`

Enter created distrobox:

`distrobox enter test`

Execute a command in a distrobox:

`distrobox enter test -- command-to-execute`

List running distroboxes:

`distrobox list`

Stop a running distrobox:

`distrobox stop test`

Remove a distrobox

`distrobox rm test`

You can check [HERE for more advanced usage](usage/usage.md)
and check a [comprehensive list of useful tips HERE](useful_tips.md)

# Configure Distrobox

Configuration files can be placed in the following paths, from the least important
to the most important:

- /usr/share/distrobox/distrobox.conf
- /etc/distrobox/distrobox.conf
- ${HOME}/.config/distrobox/distrobox.conf
- ${HOME}/.distroboxrc

Example configuration file:

```conf
container_user_custom_home="/home/.local/share/container-home-test"
container_image="registry.opensuse.org/opensuse/toolbox:latest"
container_manager="docker"
container_name="test-name-1"
non_interactive="1"
```

Alternatively it is possible to specify preferences using ENV variables:

- DBX_CONTAINER_MANAGER
- DBX_CONTAINER_IMAGE
- DBX_CONTAINER_NAME
- DBX_NON_INTERACTIVE

---

# Installation

Distrobox is packaged in the following distributions, if your distribution is
on this list, you can refer to your repos for installation:

[![Packaging status](https://repology.org/badge/vertical-allrepos/distrobox.svg)](https://repology.org/project/distrobox/versions)

Thanks to the maintainers for their work: [M0Rf30](https://github.com/M0Rf30),
[alcir](https://github.com/alcir), [dfaggioli](https://github.com/dfaggioli),
[AtilaSaraiva](https://github.com/AtilaSaraiva)

Else, if you like to live your life dangerously, or you want the latest release,
you can trust me and simply run this in your terminal:

```sh
curl -s https://raw.githubusercontent.com/89luca89/distrobox/main/install | sudo sh
```

or if you want to select a custom directory to install without sudo:

```sh
curl -s https://raw.githubusercontent.com/89luca89/distrobox/main/install | sh -s -- --prefix ~/.local
```

Alternatively you can clone the project using `git clone` or using the latest
release [HERE](https://github.com/89luca89/distrobox/releases/latest).

Enter the directory and run `./install`, by default it will attempt to install
in `~/.local` but if you run the script as root, it will default to `/usr/local`.
You can specify a custom directory with the `--prefix` flag
such as `./install --prefix ~/.distrobox`.

Prefix explained: main distrobox files get installed to `${prefix}/bin` whereas
the manpages get installed to `${prefix}/share/man`.

Check the [Host Distros](compatibility.md#host-distros) compatibility list for
distro-specific instructions.

## Dependencies

Distrobox depends on a container manager to work, you can choose to install
either podman or docker.
Please look in the [Compatibility Table](compatibility.md#host-distros) for your
distribution notes.

---

## Uninstallation

If you installed distrobox using the `install` script in the default install
directory use this:

```sh
curl -s https://raw.githubusercontent.com/89luca89/distrobox/main/uninstall | sudo sh
```

or if you specified a custom path:

```sh
curl -s https://raw.githubusercontent.com/89luca89/distrobox/main/uninstall | sh -s -- --prefix ~/.local
```

Else if cloned the project using `git clone` or using the latest archive release
from [HERE](https://github.com/89luca89/distrobox/releases/latest),

enter the directory and run `./uninstall`, by default it will assume the install
directory was `/usr/local` if ran as root or `~/.local`,
you can specify another directory if needed with `./uninstall --prefix ~/.local`

---

![distrobox-box](https://user-images.githubusercontent.com/598882/144294113-ab3c62b0-4ff0-488f-8e85-dfecc308e561.png)

---

A  => docs/_config.yml +5 -0
@@ 1,5 @@
---
theme: jekyll-theme-slate
title: Distrobox
description: Use any linux distribution inside your terminal
show_downloads: true

A  => docs/assets/css/style.scss +17 -0
@@ 1,17 @@
@import "{{ site.theme }}";

body {
   transform: scale(1.2);
   transform-origin: 0 0;
   // add prefixed versions too.
}

// body {
//   margin: 0;
//   padding: 0;
//   background: #151515 url("../images/bkg.png") 0 0;
//   color: #eaeaea;
//   font-size: 25px;
//   line-height: 1.5;
//   font-family: Monaco, "Bitstream Vera Sans Mono", "Lucida Console", Terminal, monospace
// }

A  => docs/compatibility.md +166 -0
@@ 1,166 @@
- [Distrobox](README.md)
  - [Supported container managers](#supported-container-managers)
  - [Host Distros](#host-distros)
    - [New Host Distro support](#new-host-distro-support)
  - [Containers Distros](#containers-distros)
    - [New Distro support](#new-distro-support)
    - [Older Distributions](#older-distributions)

---

# Compatibility

This project **does not need a dedicated image**. It can use any OCI images from
docker-hub, quay.io, or any registry of your choice.

Granted, they may not be as featureful as expected (some of them do not even have
`which`, `mount`, `less` or `vi`) but that's all doable in the container itself
after bootstrapping it.

The main concern is having basic Linux utilities (`mount`), basic user management
utilities (`usermod, passwd`), and `sudo` correctly set.

## Supported container managers

`distrobox` can run on either `podman` or `docker`

It depends either on `podman` configured in `rootless mode`
or on `docker` configured without sudo (follow [THIS instructions](https://docs.docker.com/engine/install/linux-postinstall/))

- Minimum podman version: **2.1.0**
- Minimum docker version: **18.06.1**

Follow the official installation guide here:

- <https://podman.io/getting-started/installation>
- <https://docs.docker.com/engine/install>
- <https://docs.docker.com/engine/install/linux-postinstall/>

## Host Distros

Distrobox has been successfully tested on:

|    Distro  |    Version    | Notes |
| --- | --- | --- |
| Alpine Linux | 3.14<br>3.15 | To setup rootless podman, look [HERE](https://wiki.alpinelinux.org/wiki/Podman) |
| Arch Linux | | `distrobox` and `distrobox-git` are available in AUR (thanks [M0Rf30](https://github.com/M0Rf30)!).<br>To setup rootless podman, look [HERE](https://wiki.archlinux.org/title/Podman) |
| Manjaro | | To setup rootless podman, look [HERE](https://wiki.archlinux.org/title/Podman) |
| CentOS | 8<br>8 Stream<br>9 Stream | `distrobox` is available in epel repos. (thanks [alcir](https://github.com/alcir)!) |
| RedHat | 8<br>9beta  | `distrobox` is available in epel repos. (thanks [alcir](https://github.com/alcir)!) |
| Debian | 11<br>Testing<br>Unstable | |
| Fedora | 34<br>35<br>36 | `distrobox` is available in default repos.(thanks [alcir](https://github.com/alcir)!) |
| Fedora Silverblue/Kinoite | 34<br>35<br>36 | `distrobox` is available in default repos.(thanks [alcir](https://github.com/alcir)!) |
| Gentoo | | To setup rootless podman, look [HERE](https://wiki.gentoo.org/wiki/Podman) |
| Ubuntu | 18.04<br>20.04<br>21.10 | Older versions based on 20.04 or earlier may need external repos to install newer Podman and Docker releases.<br>Please follow their installation guide: [Podman](https://podman.io/getting-started/installation) [Docker](https://docs.docker.com/engine/install/ubuntu/)<br> Derivatives like Pop_OS!, Mint and Elementary OS should work the same. |
| EndlessOS | 4.0.0 | |
| openSUSE | Tumbleweed<br>MicroOS | `distrobox` is available in default repos (thanks [dfaggioli](https://github.com/dfaggioli)!)<br>For Tumbleweed, do: `zypper install distrobox`.<br>For MicroOS enter in a [transactional update](https://kubic.opensuse.org/documentation/transactional-update-guide/transactional-update.html) shell like this: `tukit --continue execute /bin/bash` (or `transactional-update shell --continue`, if you have `transactional-update` installed). Once inside: `zypper install distrobox`. Then exit the shell (`CTRL+D` is fine) and reboot the system. |
| openSUSE | Leap 15.4<br>Leap 15.3<br>Leap 15.2 | Packages are available [here](https://software.opensuse.org/download/package?package=distrobox&project=home%3Adfaggioli%3Amicroos-desktop) (thanks [dfaggioli](https://github.com/dfaggioli)!)<br>To install on openSUSE Leap 15.4, do:<br>`zypper addrepo https://download.opensuse.org/repositories/home:dfaggioli:microos-desktop/15.4/home:dfaggioli:microos-desktop.repo && zypper refresh && zypper install distrobox`.<br>For earlier versions, the procedure is the same, the link to the repository (i.e., the last argument of the `zypper addrepo` command) is the only thing that changes: [Leap 15.3](https://download.opensuse.org/repositories/home:dfaggioli:microos-desktop/openSUSE_Leap_15.3/home:dfaggioli:microos-desktop.repo), [Leap 15.2](https://download.opensuse.org/repositories/home:dfaggioli:microos-desktop/openSUSE_Leap_15.2/home:dfaggioli:microos-desktop.repo). |
| SUSE Linux Enterprise Server | 15&nbsp;Service&nbsp;Pack&nbsp;4<br>15&nbsp;Service&nbsp;Pack&nbsp;3<br>15&nbsp;Service&nbsp;Pack&nbsp;2 | Same procedure as the one for openSUSE (Leap, respective versions, of course). Use the following repository links in the `zypper addrepo` command: [SLE-15-SP4](https://download.opensuse.org/repositories/home:dfaggioli:microos-desktop/15.4/home:dfaggioli:microos-desktop.repo), [SLE-15-SP3](https://download.opensuse.org/repositories/home:dfaggioli:microos-desktop/15.3/home:dfaggioli:microos-desktop.repo), [SLE-15-SP4](https://download.opensuse.org/repositories/home:dfaggioli:microos-desktop/SLE_15_SP2/home:dfaggioli:microos-desktop.repo). |
| Void Linux | glibc | Systemd service export will not work. |
| NixOS | 21.11 | Currently you must have your default shell set to Bash, if it is not, make sure you edit your configuration.nix so that it is. <br>Also make sure to mind your executable paths. Sometimes a container will not have nix paths, and sometimes it will not have its own paths. <br> Distrobox is available in Nixpkg collection (thanks [AtilaSaraiva](https://github.com/AtilaSaraiva)!)<<br>To setup Docker, look [HERE](https://nixos.wiki/wiki/Docker) <br>To setup Podman, look [HERE](https://nixos.wiki/wiki/Podman) and [HERE](https://gist.github.com/adisbladis/187204cb772800489ee3dac4acdd9947) |
| Windows WSL2 | | **NOTE WSL2 support is preliminary, and there are many bugs present, any help in improving support is appreciated** <br> Currently you must work around some incompatibility between WSL2 and Podman, namely [THIS](https://github.com/containers/podman/issues/12236). <br>Install into WSL2 any of the supported distributions in this list. <br> Ensure you have an entry in the `fstab` for the `/tmp` folder:<br> `echo 'tmpfs /tmp tmps defaults 0 0' >> /etc/fstab`.<br>Then reboot the WSL machine `wsl --shutdown` <br>Note that `distrobox export` is not supported on WSL2 and will not work. |

### Compatibility notes

If your container is not able to connect to your host xserver, make sure to
install `xhost` on the host machine and run `xhost +si:localuser:$USER`.
If you wish to enable this functionality on future reboots add it to your `~/.xinitrc`
or somewhere else tailored to your use case where it would be ran on every startup.

#### Non shared mounts

Note also that in some distributions, root filesystem is **not** mounted as a shared mount,
this will give an error like:

```sh
$ distrobox-enter 
Error response from daemon: path /sys is mounted on /sys but it is not a shared or slave mount
Error: failed to start containers: ...
```

To resolve this, use this command:

```sh
 mount --make-rshared /
```

To make it permanent, you can place it in `/etc/rc.local`.

### List of distributions including distrobox in their repositories

[![Packaging status](https://repology.org/badge/vertical-allrepos/distrobox.svg)](https://repology.org/project/distrobox/versions)

### New Host Distro support

If your distro of choice is not on the list, open an issue requesting support
for it, we can work together to check if it is possible to add support for it.

Or just try using it anyway, if it works, open an issue
and it will be added to the list!

---

## Containers Distros

Distrobox guests tested successfully with the following container images:

|    Distro  |    Version | Images    |
| --- | --- | --- |
| AlmaLinux | 8     | docker.io/library/almalinux:8    |
| AlmaLinux (UBI) | 8     | docker.io/almalinux/8-base<br>docker.io/almalinux/8-init    |
| Alpine Linux    | 3.14<br>3.15 | docker.io/library/alpine:latest    |
| AmazonLinux | 2  | docker.io/library/amazonlinux:2.0.20211005.0    |
| AmazonLinux | 2022  | public.ecr.aws/amazonlinux/amazonlinux:2022 |
| Archlinux     | | docker.io/library/archlinux:latest    |
| ClearLinux |      | docker.io/library/clearlinux:latest<br>docker.io/library/clearlinux:base    |
| CentOS | 7 | quay.io/centos/centos:7  |
| CentOS Stream | 8<br>9 | quay.io/centos/centos:stream8<br>quay.io/centos/centos:stream9  |
| RedHat (UBI) | 7<br>8 | registry.access.redhat.com/ubi7/ubi<br>registry.access.redhat.com/ubi7/ubi-init<br>registry.access.redhat.com/ubi8/ubi<br>registry.access.redhat.com/ubi8/ubi-init  |
| Debian | 7<br>8<br>9<br>10<br>11 | docker.io/debian/eol:wheezy<br>docker.io/library/debian:8<br>docker.io/library/debian:9<br>docker.io/library/debian:10<br>docker.io/library/debian:stable<br>docker.io/library/debian:stable-backports    |
| Debian | Testing    | docker.io/library/debian:testing <br> docker.io/library/debian:testing-backports    |
| Debian | Unstable | docker.io/library/debian:unstable    |
| Neurodebian | nd100 | docker.io/library/neurodebian:nd100 |
| Fedora | 34<br>35<br>36<br>37<br>Rawhide | registry.fedoraproject.org/fedora-toolbox:34<br> docker.io/library/fedora:34<br>registry.fedoraproject.org/fedora-toolbox:35<br>docker.io/library/fedora:35<br>docker.io/library/fedora:36<br>registry.fedoraproject.org/fedora:37<br>docker.io/library/fedora:rawhide    |
| Mageia | 8 | docker.io/library/mageia |
| Opensuse | Leap | registry.opensuse.org/opensuse/leap:latest    |
| Opensuse | Tumbleweed | registry.opensuse.org/opensuse/tumbleweed:latest <br> registry.opensuse.org/opensuse/toolbox:latest    |
| Oracle Linux | 7<br>8 | container-registry.oracle.com/os/oraclelinux:7<br>container-registry.oracle.com/os/oraclelinux:8    |
| Rocky Linux | 8 | docker.io/rockylinux/rockylinux:8    |
| Scientific Linux | 7 | docker.io/library/sl:7    |
| Slackware | 14.2 | docker.io/vbatts/slackware:14.2    |
| Ubuntu | 14.04<br>16.04<br>18.04<br>20.04<br>21.10<br>22.04 | docker.io/library/ubuntu:14.04<br>docker.io/library/ubuntu:16.04<br>docker.io/library/ubuntu:18.04<br>docker.io/library/ubuntu:20.04<br>docker.io/library/ubuntu:21.10<br>docker.io/library/ubuntu:22.04    |
| Kali Linux | rolling | docker.io/kalilinux/kali-rolling:latest |
| Void Linux | | ghcr.io/void-linux/void-linux:latest-full-x86_64 <br> ghcr.io/void-linux/void-linux:latest-full-x86_64-musl |
| Gentoo Linux | rolling | You will have to [Build your own](distrobox_gentoo.md) to have a complete Gentoo docker image |

Note however that if you use a non-toolbox preconfigured image (e.g.
images pre-baked to work with <https://github.com/containers/toolbox),>
the **first** `distrobox-enter` you'll perform
can take a while as it will download and install the missing dependencies.

A small time tax to pay for the ability to use any type of image.
This will **not** occur after the first time, **subsequent enters will be much faster.**

NixOS is not a supported container distro, and there are currently no plans to
bring support to it. If you are looking for unprivlaged NixOS environments,
we suggest you look into [nix-shell](https://nixos.org/manual/nix/unstable/command-ref/nix-shell.html).

### New Distro support

If your distro of choice is not on the list, open an issue requesting support
for it, we can work together to check if it is possible to add support for it.

Or just try using it anyway, if it works, open an issue
and it will be added to the list!

### Older distributions

For older distributions like CentOS 5, CentOS 6, Debian 6, Ubuntu 12.04,
compatibility is not assured.

Their `libc` version is incompatible with kernel releases after `>=4.11`.
A work around this is to use the `vsyscall=emulate` flag in the bootloader of the
host.

Keep also in mind that mirrors could be down for such old releases, so you will
need to build a [custom distrobox image to ensure basic dependencies are met](./distrobox_custom.md).

A  => docs/distrobox_custom.md +42 -0
@@ 1,42 @@
- [Distrobox](README.md)
  - [Useful tips](useful_tips.md)

---

# Create a dedicated distrobox container

Distrobox wants to be as generic as possible in supporting OCI images,
but sometimes there could be some problems:

- The image you want to use is too old and the package manager mirrors are down
- The image you want to use has not a supported package manager or no package
  manager at all

## Requirements

The only required programs that must be available in the container so that
`distrobox-init` won't start the installation are:

- the $SHELL you use (bash, zsh, fish etc etc)
- findutils
- ncurses
- procps
- shadow
- sudo
- libvte
- util-linux (that provides the mount command)

If all those dependencies are met, then the `distrobox-init`
will simply skip the installation process and work as expected.

To test if all packages requirements are met just run this in the container:

```shell
if ! command -v mount || ! command -v mount || ! command -v passwd ||
 ! command -v sudo || ! command -v useradd || ! command -v usermod ||
 ! command -v "${SHELL}"; then

 echo "Missing dependencies"

fi
```

A  => docs/distrobox_gentoo.md +35 -0
@@ 1,35 @@
- [Distrobox](README.md)
  - [Useful tips](useful_tips.md)

---

# Gentoo as a distrobox container

## Image

You need to build your own image. The official resource is [here](https://github.com/gentoo/gentoo-docker-images#using-the-portage-container-in-a-multi-stage-build)
but here is a simple Dockerfile:

``` Dockerfile
FROM registry.hub.docker.com/gentoo/portage:latest
FROM registry.hub.docker.com/gentoo/stage3:systemd
COPY --from=portage /var/db/repos/gentoo /var/db/repos/gentoo
```

Build it using either podman or docker:

```shell
podman build . -t gentoo-distrobox
```

or

```shell
docker build . -t gentoo-distrobox
```

and it's ready to be used:

```shell
distrobox create --image localhost/gentoo-distrobox:latest
```

A  => docs/featured_articles.md +24 -0
@@ 1,24 @@
- [Distrobox](README.md)
  - [Featured articles](#featured-articles)
  - [Podcasts](#podcasts)

---

## Featured articles

- [Run Distrobox on Fedora Linux - Fedora Magazine](https://fedoramagazine.org/run-distrobox-on-fedora-linux/)
- [DistroBox – Run Any Linux Distribution Inside Linux Terminal - TecMint](https://www.tecmint.com/distrobox-run-any-linux-distribution/)
- [Distrobox - How to quickly deploy a Linux distribution with GUI applications via a container](https://www.techrepublic.com/article/how-to-quickly-deploy-a-linux-distribution-with-gui-applications-via-a-container/)
- [Using Distrobox To Augment The Package Selection On Clear Linux - Phoronix](https://www.phoronix.com/scan.php?page=news_item&px=Distrobox-Clear-Linux)
- [Benchmark: benefits of Clear Linux containers (distrobox) - Phoronix](https://www.phoronix.com/forums/forum/phoronix/latest-phoronix-articles/1305326-clear-linux-container-performance-continues-showing-sizable-gains)
- [Distrobox - A great item in the Linux toolbelt - phmurphy's blog](https://phmurphy.com/posts/distrobox-toolbelt/)
- Running Other Linux Distros with Distrobox on Fedora Linux - bandithijo's blog:
  [ORIGINAL](https://bandithijo.github.io/blog/menjalankan-distro-linux-lain-dengan-distrobox-di-fedora-linux)
  or [TRANSLATED](https://bandithijo-github-io.translate.goog/blog/menjalankan-distro-linux-lain-dengan-distrobox-di-fedora-linux?_x_tr_sl=id&_x_tr_tl=en&_x_tr_hl=it&_x_tr_pto=wapp)
- [Day-to-day differences between Fedora Silverblue and Ubuntu - castrojo's blog](https://www.ypsidanger.com/day-to-day-advantages-of-fedora-silverblue/)

## Podcasts

- [Linux After Dark – Episode 07](https://linuxafterdark.net/linux-after-dark-episode-07/)
- [Linux Lads - Season 7 - Episode 1](https://linuxlads.com/episodes/season-7-episode-1)
- [Late Night Linux - Episode 39](https://latenightlinux.com/linux-downtime-episode-39/)

A  => docs/posts/execute_commands_on_host.md +117 -0
@@ 1,117 @@
- [Distrobox](../README.md)
  - [Execute a command on the Host](execute_commands_on_host.md)
    - [The easy one](#the-easy-one)
    - [The not so easy one](#the-not-so-easy-one)
  - [Integrate host with container seamlessly](#integrate-host-with-container-seamlessly)

---

# Execute a command on the host

It may be needed to execute commands back on the host. Be it the filemanager, an
archive manager, a container manager and so on.

Here are a couple of solutions.

## The easy one

Install `flatpak-spawn` inside the container, this example is running on a
Fedora Distrobox:

```shell
~$ distrobox create --image fedora:35 --name fedora-distrobox
~$ distrobox enter --name fedora-distrobox
user@fedora-distrobox:~$ sudo dnf install -y flatpak-spawn
```

With `flatpak-swpan` we can easily execute commands on the host using:

```shell
user@fedora-distrobox:~$ flatpak-spawn --host bash -l
~$  # We're back on host!
```

## The not so easy one

Alternatively you may don't have `flatpak-spawn` in the repository of your container,
or simply want an alternative.

We can use `chroot` to enter back into the host, and execute what we need!

Create an executable file with this content:

```shell
#!/bin/sh

result_command="sudo -E chroot --userspec=$(id -u):$(id -g) /run/host/ /usr/bin/env "
for i in $(printenv | grep "=" | grep -Ev ' |"' | grep -Ev "^(_)"); do
 result_command="$result_command $i"
done

exec ${result_command} sh -c " cd ${PWD} && $@"
```

in `~/.local/bin/host-exec` and make it executable with `chmod +x ~/.local/bin/host-exec`

Now we can simply use this to exec stuff back on the host:

```shell
user@fedora-distrobox:~$ host-exec bash -l
~$  # We're back on host!
```

# Integrate host with container seamlessly

Another cool trick we can pull, is to use the handy `command_not_found_handle` function
to try and execute missing commands in the container on the host.

Place this in your `~/.profile`:

```shell
command_not_found_handle() {
 # don't run if not in a container
 if [ ! -e /run/.containerenv ] &&
  [ ! -e /.dockerenv ]; then
  exit 127
 fi

 if command -v flatpak-spawn >/dev/null 2>&1; then
  flatpak-spawn --host "${@}"
 elif command -v host-exec >/dev/null 2>&1; then
  host-exec "$@"
 else
  exit 127
 fi
}

if [ -n "${ZSH_VERSION-}" ]; then
 command_not_found_handler() {
  command_not_found_handle "$@"
 }
fi
```

And restart your terminal. Now when a command does not exist on your container,
it will be automatically executed back on the host:

```shell
user@fedora-distrobox:~$ which podman
/usr/bin/which: no podman in [...]
user@fedora-distrobox:~$ podman version # <-- this is automatically executed on host.
Client:
Version:      3.4.2
API Version:  3.4.2
Go Version:   go1.16.6
Built:        Thu Jan  1 01:00:00 1970
OS/Arch:      linux/amd64

Server:
Version:      3.4.2
API Version:  3.4.2
Go Version:   go1.16.6
Built:        Thu Jan  1 01:00:00 1970
OS/Arch:      linux/amd64
```

This is also useful to open `code`, `xdg-open`, or `flatpak` from within the container
seamlessly.

A  => docs/posts/integrate_vscode_distrobox.md +172 -0
@@ 1,172 @@
- [Distrobox](../README.md)
  - [Integrate VSCode and Distrobox](integrate_vscode_distrobox.md)
    - [The easy one](#the-easy-one)
    - [The not so easy one](#the-not-so-easy-one)
      - [First step, install it](#first-step--install-it)
      - [Second step, extensions](#second-step--extensions)
      - [Third step, podman wrapper](#third-step--podman-wrapper)
      - [Fourth step, configure the container](#fourth-step--configure-the-container)
    - [Final Result](#final-result)

---

# Integrate VSCode and Distrobox

VScode doesn't need presentations, and it's a powerful tool for development.
You may want to use it, but how to handle the dualism between host and container?

In this experiment we will use [VSCodium](https://vscodium.com/) as an opensource
alternative to VSCode.

Here are a couple of solutions.

## The easy one

Well, you could just install VSCode in your Distrobox of choice, and export it!

For example using an Arch Linux container:

```shell
~$ distrobox create --image archlinux:latest --name arch-distrobox
~$ distrobox enter --name arch-distrobox
user@arch-distrobox:~$
```

Download the deb file
[HERE](https://github.com/VSCodium/vscodium/releases), or in Arch case just install

```shell
user@arch-distrobox:~$ sudo pacman -S code
```

Now that we have installed it, we can export it:

```shell
user@ubuntu-distrobox:~$ distrobox-export --app code
```

And that's really it, you'll have VSCode in your app list, and it will run from
the Distrobox itself, so it will have access to all the software and tools inside
it without problems.

![image](https://user-images.githubusercontent.com/598882/149206335-1a2d0edd-8b2f-437d-aae0-44b9723d2c30.png)
![image](https://user-images.githubusercontent.com/598882/149206414-56bdbc5a-3728-45ef-8dd4-2e168a0d7ccc.png)

## The not so easy one

Alternatively you may want to install VSCode on your host. We will explore how
to integrate VSCode installed via **Flatpak** with Distrobox.

Note that this integration process is inspired by the awesome project [toolbox-vscode](https://github.com/owtaylor/toolbox-vscode)
so many thanks to @owtaylor for the heavy lifting!

### First step, install it

```shell
~$ flatpak install --user app/com.visualstudio.code
```

### Second step, extensions

Now we want to install VSCode [Remote Container extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers)

![image](https://user-images.githubusercontent.com/598882/149207447-76a82e91-dd3f-43fa-8c52-9c2e85ae8fee.png)

### Third step, podman wrapper

Being in a Flatpak, we will need access to host's `podman` (or `docker`) to be
able to use the containers. Place this in your `~/.local/bin/podman-host`

```shell
#!/bin/bash
set -x
if [ "$1" == "exec" ]; then
 # Remove 'exec' from $@
 shift
 script='
     result_command="podman exec"
        for i in $(printenv | grep "=" | grep -Ev " |\"" |
            grep -Ev "^(HOST|HOSTNAME|HOME|PATH|SHELL|USER|_)"); do

            result_command=$result_command --env="$i"
     done

        exec ${result_command} "$@"
    '
 exec flatpak-spawn --host sh -c "$script" - "$@"
else
 exec flatpak-spawn --host podman "$@"
fi
```

Open VSCode settings (Ctrl+,) and head to `Remote>Containers>Docker Path` and
set it to the path of `podman-exec`, like in the example

![image](https://user-images.githubusercontent.com/598882/149208525-5ad630c9-fcbc-4ee6-9d77-e50d2c782a56.png)

This will give a way to execute host's container manager from within the
flatpak app.

### Fourth step, configure the container

We need not to deploy a configuration for our container. We should create one for
each Distrobox we choose to integrate with VSCode:

```json
{
  "name" : // PUT YOUR DISTROBOX NAME HERE
  "remoteUser": "${localEnv:USER}",
  "settings": {
    "remote.containers.copyGitConfig": false,
    "remote.containers.gitCredentialHelperConfigLocation": "none",
    "terminal.integrated.profiles.linux": {
      "capsh": {
        "path": "/usr/sbin/capsh",
        "args": [
          "--caps=",
          "--",
          "-c",
          "exec \"$@\"",
          "/bin/sh",
          "${localEnv:SHELL}",
          "-l"
        ]
      }
    },
    "terminal.integrated.defaultProfile.linux": "capsh"
  },
  "remoteEnv": {
    "COLORTERM": "${localEnv:COLORTERM}",
    "DBUS_SESSION_BUS_ADDRESS": "${localEnv:DBUS_SESSION_BUS_ADDRESS}",
    "DESKTOP_SESSION": "${localEnv:DESKTOP_SESSION}",
    "DISPLAY": "${localEnv:DISPLAY}",
    "LANG": "${localEnv:LANG}",
    "SHELL": "${localEnv:SHELL}",
    "SSH_AUTH_SOCK": "${localEnv:SSH_AUTH_SOCK}",
    "TERM": "${localEnv:TERM}",
    "VTE_VERSION": "${localEnv:VTE_VERSION}",
    "XDG_CURRENT_DESKTOP": "${localEnv:XDG_CURRENT_DESKTOP}",
    "XDG_DATA_DIRS": "${localEnv:XDG_DATA_DIRS}",
    "XDG_MENU_PREFIX": "${localEnv:XDG_MENU_PREFIX}",
    "XDG_RUNTIME_DIR": "${localEnv:XDG_RUNTIME_DIR}",
    "XDG_SESSION_DESKTOP": "${localEnv:XDG_SESSION_DESKTOP}",
    "XDG_SESSION_TYPE": "${localEnv:XDG_SESSION_TYPE}"
  }
}
```

And place it under `${HOME}/.var/app/com.visualstudio.code/config/Code/User/globalStorage/ms-vscode-remote.remote-containers/nameConfigs/your-distrobox-name.json`

## Final Result

After that, we're good to go! Open VSCode and Attach to Remote Container:

![image](https://user-images.githubusercontent.com/598882/149210561-2f1839ae-9a57-42fc-a122-21652588e327.png)

And let's choose our Distrobox

![image](https://user-images.githubusercontent.com/598882/149210690-8bcb9a0d-1dc5-4937-9494-8c6aa6b26fd5.png)

And we're good to go! We have our VSCode remote session inside our Distrobox container!

![image](https://user-images.githubusercontent.com/598882/149210881-749a8146-c69d-4382-bbef-91e4b477b7ba.png)

A  => docs/posts/posts.md +9 -0
@@ 1,9 @@
- [Distrobox](../README.md)

---

## Latest posts

- [Run latest GNOME or KDE using distrobox](run_latest_gnome_kde_on_distrobox.md)
- [Integrate VSCode and Distrobox](integrate_vscode_distrobox.md)
- [Execute a command on the Host](execute_commands_on_host.md)

A  => docs/posts/run_latest_gnome_kde_on_distrobox.md +175 -0
@@ 1,175 @@
- [Distrobox](../README.md)
  - [Run latest GNOME and KDE Plasma using distrobox](run_latest_gnome_kde_on_distrobox.md)
    - [Using a stable-release distribution](#using-a-stable-release-distribution)
      - [Initializing the distrobox](#initializing-the-distrobox)
      - [Running Latest GNOME](#running-latest-gnome)
        - [Generate session file - GNOME](#generate-session-file---gnome)
      - [Running Latest Plasma](#running-latest-plasma)
        - [Generate session file - Plasma](#generate-session-file---plasma)
        - [Add a couple of fixes](#add-a-couple-of-fixes)
    - [Using apps from host](#using-apps-from-host)

---

# Using a stable-release distribution

Lots of people prefer to run a distribution following a stable-LTS release cycle
like Debian, UbuntuLTS or CentOS family (Almalinux, Rocky Linux).
This ensures great stability on one hand, but package staling on the other.

One way to counter this effect is to use a pet-container managed by Distrobox
to run packages from much newer distributions without giving up on core base os stability.

## Initializing the distrobox

For this experiment we'll use Fedora Rawhide as our distrobox, and Centos 8 Stream
as our host, so:

```shell
distrobox create --name fedora-rawhide --image registry.fedoraproject.org/fedora:rawhide
```

and

```shell
distrobox enter fedora-rawhide
```

## Running Latest GNOME

First we need to change a couple of bits in the distrobox container to make host's
systemd session accessible from within the host:

```shell
~$ distrobox enter fedora-rawhide
user@fedora-rawhide:~$ rm -rf /run/systemd/system
user@fedora-rawhide:~$ ln -s /run/host/run/systemd/system /run/systemd
```

Then we can proceed to install GNOME in the container:

```shell
user@fedora-rawhide:~$ sudo dnf groupinstall GNOME
```

And let's grab a coffee while it finishes :-)

After the `dnf` process finishes, we have GNOME installed in our container,
now how do we use it?

### Generate session file - GNOME

First in the host we need a reliable way to fix the permissions problem of the
`/tmp/.X11-unix` directory. This directory should either belong to `root` or
`$USER`. But in a rootless container, host's `root` is not mapped inside the
container so we need to change the ownership from `root` to `$USER` each time.

Let's add:

```shell
chown -R $USER:$USER /tmp/.X11-unix
```

to `/etc/profile.d/fix_tmp.sh` file.

This is needed for the XWayland session to work properly which right now is
necessary to run gnome-shell even on wayland.

Then we need to add a desktop file for the session on the host's file system,
so that it appears on your login manager (Be it SSDM or GDM)

```shell
[Desktop Entry]
Name=GNOME on Wayland (fedora-rawhide distrobox)
Comment=This session logs you into GNOME
Exec=/usr/local/bin/distrobox-enter -n fedora-rawhide -- /usr/bin/gnome-session --builtin
Type=Application
DesktopNames=GNOME
X-GDM-SessionRegisters=true
```

This file should be placed under `/usr/local/share/wayland-sessions/distrobox-gnome.desktop`

Let's log out and voilá!

![image](https://user-images.githubusercontent.com/598882/148703229-82905d23-f3d0-41bc-a048-d12cdf8066d0.png)
![Screenshot from 2021-12-25 19-56-52](https://user-images.githubusercontent.com/598882/147391814-cb49e7b8-64bc-4975-a8d1-93f6fb23f28b.png)
![Screenshot from 2021-12-25 20-03-16](https://user-images.githubusercontent.com/598882/147391867-ca29576b-8fb9-448c-a181-579482fb448d.png)

We now are in a GNOME 42 session inside Fedora Rawhide while our main OS remains
Centos.

## Running Latest Plasma

We can do the same with Plasma also, let's first set up the host's systemd session
sharing with the container:

```shell
~$ distrobox enter fedora-rawhide
user@fedora-rawhide:~$ rm -rf /run/systemd/system
user@fedora-rawhide:~$ ln -s /run/host/run/systemd/system /run/systemd
```

Then we can proceed to install Plasma in the container:

```shell
user@fedora-rawhide:~$ sudo dnf groupinstall KDE
```

### Generate session file - Plasma

We need to add a desktop file for the session on the host's file system,
so that it appears on your login manager (Be it SSDM or GDM)

```shell
[Desktop Entry]
Exec=/usr/local/bin/distrobox-enter -- /usr/libexec/plasma-dbus-run-session-if-needed /usr/bin/startplasma-wayland
DesktopNames=KDE
Name=Plasma on Wayland (fedora-rawhide distrobox)
X-KDE-PluginInfo-Version=5.23.3
```

This file should be placed under `/usr/local/share/wayland-sessions/distrobox-plasma.desktop`

### Add a couple of fixes

To make Plasma work we need a couple more fixes to run both on the host and in the container.

First in the host we need a reliable way to fix the permissions problem of the
`/tmp/.X11-unix` directory. This directory should either belong to `root` or
`$USER`. But in a rootless container, host's `root` is not mapped inside the
container so we need to change the ownership from `root` to `$USER` each time.

Let's add:

```shell
chown -R $USER:$USER /tmp/.X11-unix
```

to `/etc/profile.d/fix_tmp.sh` file.

We also need to add a process in autostart on which Plasma shell relies on a
process called `kactivitymanagerd`. Not having host's systemd at disposal we
can start it simply adding it to the ~/.profile file, add:

```shell
if [ -f /usr/libexec/kactivitymanagerd ]; then
  /usr/libexec/kactivitymanagerd & disown
fi
```

to `~/.profile` file.

Let's log out and voilá!

![image](https://user-images.githubusercontent.com/598882/148704789-3d799a85-51cc-4de7-9ee3-f54add4949bc.png)
![image](https://user-images.githubusercontent.com/598882/148705044-7271af0c-0675-42f8-9f45-ad20ec53deca.png)

We now are in latest KDE Plasma session inside Fedora Rawhide while our main OS remains
Centos.

# Using apps from host

Now that we're in a container session, we may want to still use some of the host's
apps. Refer to [T