Show HN: Plash – Build and run containers

(github.com)

66 points | by ihucos 2013 days ago

9 comments

  • anarcat 2012 days ago
    I find the first item in the README a bit misleading:

        Security: plash containers run completely unprivileged.
    
    What this actually means is that plash containers run as the current user, so not as root. But they provide no isolation whatsoever, which I would expect from containers (and which Docker provides, to a certain extent). The README does mention this, but only much later:

        - Plash processes have the same operating system access rights than the process
          that started it. There is no security relevant isolation feature. Exactly as
          with running programs "normally", don't run programs you do not trust with
          plash and try to avoid using plash with the root user.
    
    rootless containers are still a little ways off it seems...
    • ihucos 2011 days ago
      Oh boy, I am since one hour thinking about how to formulate it so its really crystal clear, maybe someone have a suggestion.

      In my head isolation and containerization are two completely different problems. If you really want "complete" isolation in plash you'd just had to setuid/setgid/setgroups away from the namespaced root user. Then as far as the kernel is concerned you would be a different user and if you are the only process with this uid you are completely isolated. Maybe I'll add an flag for that.

      EDIT:

      I am not happy with it at all but changed it:

        - Security: Traditional per user isolation. Containers run completely unprivileged.
      
      Containerisation and sandboxing are two different things. Sandboxing in major container software is fundamentally broken !111
      • ofrzeta 2011 days ago
        So for you isolation and sandboxing are the same but both are different from containers? What's the function of containers then?

        Also I don't quite understand how you claim isolation/sandboxing but also offer "natural interaction with the host operating system".

        • ihucos 2011 days ago
          Yeah I don't know, the terms a a little mixed up.

          For me isolation and sandboxing is not the same. A function of a container is to provide a more well defined environment, usually for other application to run more reliable. That by itself says nothing about security. My claim of "natural interaction with the host operating system" is archived by just having containers being "normal" processes. You can see plash containers with top, kill them with `kill`, or set them a different nice value. They also have automagically environment variables like DISPLAY exported to them, so most graphical interfaces will work (you can e.G. run gimp or firefox). I did not invent any new sandboxing/security-related-isolation mechanisms. Since it's just processes, the usual rules for processes apply, like that you can't kill a process from another user, access rights for the filesystem are enforced and so on.

          • mbreese 2011 days ago
            So (for you) containers are more about not polluting the host OS and application configuration, rather than how you define how it works with the host OS?

            What about the difference between isolation and sandboxing?

            Isolation is keeping processes from interfering with each other, and sandboxing is keeping processes from interfering with the host OS?

            Something like that?

            • ihucos 2011 days ago
              Maybe let me try something like this:

              Thread < Process < Plash < Container < Full virtualization < Dedicated Hardware

              Plash is conceptually somewhere between containers as they existed until now and operating system processes. Technically a plash container is just a process. Security wise exactly the same rules that apply for UNIX processes, apply for plash containers. Which is why I say that they are much more secure than the stuff that major container systems have to do to create that extra layer of - buzzword alarm - isolation.

              So whatever which term means what, the security concept of plash is really easy to understand: a plash container is just a process. You started plash with your user PinaColada - great, your plash container has PinaColada access rights, if it wants it can delete your PinaColad's home folder, but not system folders.

              You want to create and AppArmor for a plash container like you could also do it with other processes? That would work.

              You really like bubblewrap? wrap plash with it (not tried, but should work)

              Virtually everything you can do with processes, you can do with plash.

    • bthornbury 2012 days ago
      https://github.com/projectatomic/bubblewrap

      This is the most promising one I've seen.

      • austinjp 2011 days ago
        I'm unclear on their readme. Right at the bottom, they seem to suggest that once runC implements rootless containers, it will be a superior solution since it conforms to the Open Containers Initiative.

        Checking runC's GitHub, they merged a rootless container branch into their master branch a year ago. A related blog post says it's now inside Docker so very well used.

        So does Docker now provide containers that can guarantee immunity from (certain) privilege escalation attacks?

        Would you move to Docker/runC?

        • ihucos 2011 days ago
          > So does Docker now provide containers that can guarantee immunity from (certain) privilege escalation attacks?

          In my opinion the isolation mechanism of major container software like docker is flawed and thinking about it gives me headaches. One problem is that you need a daemon running as root. It's better if you don't have to leave the user space at all. To be fair plash relies on fuse and newuidmap/newgidmap which are suid, so there is at least a little bit happening with root access rights. But it's comparably very little and there is nothing self-baked running as root.

          There are many details that for me are unclear in docker, one out of the of the tip of my head, is that the usage of a overlay mount is disabled by non-root users (also inside user maps) because the kernel does not want to guarantee that a bogus setup can cause a security issue.

          > Would you move to Docker/runC?

          Never :-) The whole point of this is to not use Docker/runC. One of the core aspects of plash is that containers should just be normal processes. Processes is an interface that existed since decades, for containers I need to learn a new tool just to kill one or list all that are running (use ps/kill in plash)

      • jquery_dev 2011 days ago
        That's what opam (ocaml package manager) uses for linux sandboxing
  • miduil 2011 days ago
    Really cool, I like the documentation on the website - would be nice if the README was actual HTML though.

    Does that mean I can build container images within a running container (for example the GitLab-CI) without doing a stunt like docker-in-docker or fakechroot/fakeroot?

    What are you using instead of fakeroot? I've seen people like [zwischenzugs][0] using User Namespaces - which makes it impossible to be run within a container. Author also points out that kaniko still requires you to use root, not sure if the situation has changed with gVisor support, at least a related issue [1] hasn't been marked as resolved.

    Have you investigated into creating reproducible containers?

    Thank you in advance!

    [0]: https://zwischenzugs.com/2018/04/23/unprivileged-docker-buil...

    [1]: https://github.com/GoogleContainerTools/kaniko/issues/105

    Edit: Why the downvote? Am I misunderstanding something?

    • ihucos 2011 days ago
      Thank you :-)

      > Does that mean I can build container images within a running container (for example the GitLab-CI) without doing a stunt like docker-in-docker or fakechroot/fakeroot?

      Sure, plash's unit tests involve building and they run inside a plash instance at travis CI.

      I'll have lunch now and then continue with the reply after.

      • ihucos 2011 days ago
        To continue the reply...

        plash uses along others linux namespaces and chroot. So inside a linux namespace you can actually use the vanilla chroot:

          ihucos@macbook:~/plash$ # get an example rootfs
          ihucos@macbook:~/plash$ mkdir /tmp/m
          ihucos@macbook:~/plash$ plash mount --from ubuntu -- /tmp/m
          ihucos@macbook:~/plash$ 
          ihucos@macbook:~/plash$ unshare --map-root --user --mount
          root@macbook:~/plash# chroot /tmp/m
          root@macbook:/# type apt
          apt is /usr/bin/apt
          root@macbook:/# exit
        
        > Have you investigated into creating reproducible containers?

        Interesting topic. I wanted to, but did not come very far. Maybe now that I "finished" plash and have more time haha.

        btw: I just tested and you can just run unprivileged plash containers inside a unprivileged plash process! But you need to install unionfs-fuse in the first container. When/If I port plash to C maybe that dependency can be statically linked or something like that, lets see.

        > Really cool, I like the documentation on the website - would be nice if the README was actual HTML though.

        Thanks, the README is not in markup so it's one little dependency less when I have to migrate out from Github at some point (M$)

        EDIT:

        > Edit: Why the downvote? Am I misunderstanding something?

        It wasn't me, I think they where great questions!

      • miduil 2011 days ago
        I think you can already build Docker images via Docker within travis CI, because they somehow provide you (semi?-)privileged access to the required Linux cgroup and namespace features.

        If you are running within a regular Docker container commands such as

             sysctl -w kernel.unprivileged_userns_clone=1
        
        are not possible, due to /sys being read-only.

        Am I doing something wrong?

        • ihucos 2011 days ago
          > I think you can already build Docker images via Docker within travis CI, [...]

          The nice think about plash is that you don't have to worry about "official" support.

          > [...] due to /sys being read-only.

          Dammit, no, so yeah, apparently unfortunately for regular docker containers (not privileged ones) you need to disable unsharing in plash (export PLASH_NO_UNSHARE=1). In that case the only requirements are chroot, a rudimentary mount binary and overlay OR unionfs-fuse and root access. So it should even run in BSD/Minix/macOS and stuff like that, BUT the mountpoints will not get cleaned up. For an instance running for a while that would be a problem, for a temporary docker container not.

  • etaioinshrdlu 2011 days ago
    How is this different from gVisor? Not complaining, this looks very awesome. I am just interested.

    This is going to be a great world when we have arbitrary nesting of containers, finally we will have closure :) I think "docker compose" is a big lie.

    • ihucos 2011 days ago
      gVisor is primarly focused on isolation, plash actually only wants to containerize processes and leaves optional isolation to other tools if required (potentially gVisor).

      To quote gVisor:

        Containers are not a sandbox. While containers have revolutionized how we develop, package, and deploy applications, running untrusted or potentially malicious code without additional isolation is not a good idea.
      
      I think the approach gVisor uses is basically the same that is used to run python on Googles web hosting platform. As I understand it, with gVisor a process does not directly talk to the kernel but actually to another process.

      > This is going to be a great world when we have arbitrary nesting of containers, finally we will have closure :)

      Yep. With plash you can do that (In plash unprivileged containers inside unprivileged containers also works, but may need some looking into it).

      > I think "docker compose" is a big lie.

      I also have strong feelings about docker compose. It's really reinventing everything but now for containers. With plash you can just use supervisord, the init of your operating system and other established means of managing background processes.

  • projectramo 2012 days ago
    Will this run alongside virtual box? (In other words, does it need hyper-V turned on on a windows box?
    • ihucos 2011 days ago
      Hey,

      Yeah, that should work. It usually uses linux namespaces/overlay/unionfs/mount/chroot there are no dependencies on hyper-V.

      In the worst case scenario plash would also be happy with not cleaning up mountpoints (PLASH_NO_UNSHARE=1) and using unionfs-fuse. During development I run it on FreeBSD and macOS. So its quite portable. Feel free to send me an mail (mail at irae me) for support.

      EDIT: Running it natively on a non Linux-System is probably not what you think, since you can't run a linux root file system for example on top of the macOS kernel. Experimenting with the FreeBSD linux abi emulation layer did not yield usable results for me.

  • gravypod 2012 days ago
    How would you use this to build a docker container within a docker container? This would be an interesting use case for continuous integration where you might have ephemeral building workers.
    • ihucos 2011 days ago
      I think the simplest would be like this:

        ihucos@macbook:~$ docker run --privileged --volume /var/lib/plash -ti python bash
        root@d2a59ae96bc2:/# pip3 install plash
        Collecting plash
          Downloading https://files.pythonhosted.org/packages/41/9a/a3a7c6fd104ff197b7656a51e1b396eee42bde3a578d70eb1c5d524e8e0f/plash-1.1359-py3-none-any.whl (749kB)
          100% || 757kB 2.0MB/s 
        Installing collected packages: plash
        Successfully installed plash-1.1359
        root@d2a59ae96bc2:/# plash init
        root@d2a59ae96bc2:/# plash -A
        plash: fetching 100%
        plash: extracting...
        d2a59ae96bc2:/# type apk
        apk is /sbin/apk
        d2a59ae96bc2:/# printf hello from alpine
        hellod2a59ae96bc2:/# root@d2a59ae96bc2:/# exit
        exit
      
      ohh yeah, you would need to save to builded container somewhere or pipe it out from docker (but docker does not differentiate stderr and stdout). In any case to import the container builded with plash back to the docker:

        ihucos@macbook:~$ plash export-tar --eval-file /tmp/plashscript | docker import -
        + touch /hello
        --:
        sha256:8e26d9d222bb4840feb3aeb475522e76aa8fa835049eac08121961694203e99e
    • dlor 2011 days ago
      Check out kaniko, we built it for that exact use case: github.com/GoogleContainerTools/kaniko
  • bthornbury 2012 days ago
    Some comparisons between the cli of plash and equivalent commands in docker (only because I'm already familiar with it) would be pretty helpful.
    • ihucos 2011 days ago
      Yep true. I am still trying to figure out how to write good documentation/tutorials. I will definitely write some general recipes in the README for common tasks, some also doable in other container software like mounting containers, importing from docker, exporting to docker, using an image published in github etc. I'll shortly ping you via PM afterwards.
    • ihucos 2008 days ago
      check it out, there are some recipes now.
  • naasking 2011 days ago
    Unfortunate name choice. There's already a Plash [1,2] project for the Principle Least Authority Shell.

    [1] http://www.cs.jhu.edu/~seaborn/plash/html/

    [2] http://plash.beasts.org/index.html

  • 0n34n7 2011 days ago
    Any reason for not using markdown in your README? Not rendering well on my phone at all.
    • ihucos 2011 days ago
      Not particular strong ones. I actually imagined that .txt is more accessible, maybe the wrapping must be tighter. I like it because its very WYSIWYG. The UTF-8 art looks better there than in a code block. And it's one little dependency less, if for example at some point development should migrate to another platform.
  • axtn 2012 days ago
    Are there any plans to be backwards-compatible with Dockerfiles and ‘docker-build’?
    • ihucos 2011 days ago
      Good morning,

      it certainly would be very nice. I explored this a little bit but on the end had to focus on stability of the core components. It wouldn't be anything too hard, but quite a lot of work to implement all the syntax quirks, keeping up with new commands, etc. So right now at least I personally don't have concrete plans to implement it. What you can do right now is use images from a local docker installation:

      $ plash --from-docker busybox -- printf hi