Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package distrobox for openSUSE:Factory checked in at 2026-04-28 11:59:01 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/distrobox (Old) and /work/SRC/openSUSE:Factory/.distrobox.new.11940 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "distrobox" Tue Apr 28 11:59:01 2026 rev:33 rq:1349673 version:1.8.2.5 Changes: -------- --- /work/SRC/openSUSE:Factory/distrobox/distrobox.changes 2026-03-27 16:53:48.730260295 +0100 +++ /work/SRC/openSUSE:Factory/.distrobox.new.11940/distrobox.changes 2026-04-28 12:02:48.953568451 +0200 @@ -1,0 +2,27 @@ +Mon Apr 27 18:03:10 UTC 2026 - Alessio Biancalana <[email protected]> + +- Drop fix-distrobox-to-newer-zypper.patch since it was merged upstream +- Update to 1.8.2.5: + * docs: remove bluefin-cli and powershell ublue images by @renner0e in https://github.com/89luca89/distrobox/pull/1997 + * docs: update documentation regarding VSCode integration by @ludrol in https://github.com/89luca89/distrobox/pull/1996 + * enter: show container command on dry run by @balanza in https://github.com/89luca89/distrobox/pull/2000 + * fix: expose correct dryrun command by @balanza in https://github.com/89luca89/distrobox/pull/2006 + * fix: setup_zypper: use drop-in config file if possible by @dannyhpy in https://github.com/89luca89/distrobox/pull/2007 + * docs: update README with sandboxing alternatives by @Gerharddc in https://github.com/89luca89/distrobox/pull/2009 + * feat: add ALT Linux compatibility improvements by @liannnix in https://github.com/89luca89/distrobox/pull/1989 + * fix: Pass -xdev to /bin/find by @danielzgtg in https://github.com/89luca89/distrobox/pull/1998 + * add Docker Desktop on macOS compatibility by @ericcurtin in https://github.com/89luca89/distrobox/pull/2019 + * init: chmod shadow files to 0400 for container storage compatibility by @89luca89 in https://github.com/89luca89/distrobox/pull/2020 + * chore(ci): v2 release candidate workflow by @balanza in https://github.com/89luca89/distrobox/pull/2031 + * docs(posts): announcing Distrobox v2 by @balanza in https://github.com/89luca89/distrobox/pull/2032 + * build(deps): bump actions/checkout from 4 to 6 by @dependabot[bot] in https://github.com/89luca89/distrobox/pull/2045 + * build(deps): bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in https://github.com/89luca89/distrobox/pull/2044 + * build(deps): bump actions/download-artifact from 4 to 8 by @dependabot[bot] in https://github.com/89luca89/distrobox/pull/2043 + * build(deps): bump actions/setup-go from 5 to 6 by @dependabot[bot] in https://github.com/89luca89/distrobox/pull/2042 + * docs: issue template notice for distrobox v2 by @balanza in https://github.com/89luca89/distrobox/pull/2049 + * init: also clean empty unversioned .so stubs during nvidia setup by @edodusi in https://github.com/89luca89/distrobox/pull/2024 + * fix(enter): su argument order in unshare_groups path (legacy) by @Aromatic05 in https://github.com/89luca89/distrobox/pull/2055 + * fix(enter): correct order for su commands in unshare-groups by @dottorblaster in https://github.com/89luca89/distrobox/pull/2067 + * chore: bump to v1.8.2.5 by @dottorblaster in https://github.com/89luca89/distrobox/pull/2072 + +------------------------------------------------------------------- Old: ---- distrobox-1.8.2.4.tar.gz fix-distrobox-to-newer-zypper.patch New: ---- distrobox-1.8.2.5.tar.gz ----------(Old B)---------- Old: - Drop fix-distrobox-to-newer-zypper.patch since it was merged upstream - Update to 1.8.2.5: ----------(Old E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ distrobox.spec ++++++ --- /var/tmp/diff_new_pack.wfEhsI/_old 2026-04-28 12:02:49.533592480 +0200 +++ /var/tmp/diff_new_pack.wfEhsI/_new 2026-04-28 12:02:49.537592645 +0200 @@ -17,15 +17,13 @@ Name: distrobox -Version: 1.8.2.4 +Version: 1.8.2.5 Release: 0 Summary: Use any linux distribution inside your terminal License: GPL-3.0-only URL: https://github.com/89luca89/distrobox Source: https://github.com/89luca89/distrobox/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz Source1: distrobox.conf -# https://github.com/89luca89/distrobox/pull/2007 -Patch0: fix-distrobox-to-newer-zypper.patch Patch1: 0001-add-newline-when-appending-tty-group-via-printf-bsc-.patch Requires: %{_bindir}/basename Requires: %{_bindir}/find ++++++ distrobox-1.8.2.4.tar.gz -> distrobox-1.8.2.5.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/.github/ISSUE_TEMPLATE/bug_report.md new/distrobox-1.8.2.5/.github/ISSUE_TEMPLATE/bug_report.md --- old/distrobox-1.8.2.4/.github/ISSUE_TEMPLATE/bug_report.md 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/.github/ISSUE_TEMPLATE/bug_report.md 2026-04-27 14:25:31.000000000 +0200 @@ -7,6 +7,17 @@ --- +################################################################################# +# +# Please be aware that at the moment, we are only discussing bugs relative to Distrobox v2. +# If you are reporting a bug on Distrobox v1, we encourage you to verify that the bug isn't +# already fixed in v2. +# +# For more information, read the Distrobox v2 announcement: +# https://distrobox.it/posts/announcing_distrobox_next/ +# +################################################################################# + Please, before opening a bug: - make sure you've read the documentation. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/.github/workflows/release.yml new/distrobox-1.8.2.5/.github/workflows/release.yml --- old/distrobox-1.8.2.4/.github/workflows/release.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/distrobox-1.8.2.5/.github/workflows/release.yml 2026-04-27 14:25:31.000000000 +0200 @@ -0,0 +1,61 @@ +name: Release + +on: + push: + tags: + - "2.0.0-rc.*" + +permissions: + contents: write + +jobs: + build: + runs-on: ubuntu-latest + strategy: + matrix: + include: + - goos: linux + goarch: amd64 + - goos: linux + goarch: arm64 + steps: + - uses: actions/checkout@v6 + + - uses: actions/setup-go@v6 + with: + go-version-file: go.mod + + - name: Build + env: + CGO_ENABLED: "0" + GOOS: ${{ matrix.goos }} + GOARCH: ${{ matrix.goarch }} + run: | + go build -o distrobox-${{ matrix.goos }}-${{ matrix.goarch }} ./cmd/distrobox + + - uses: actions/upload-artifact@v7 + with: + name: distrobox-${{ matrix.goos }}-${{ matrix.goarch }} + path: distrobox-${{ matrix.goos }}-${{ matrix.goarch }} + + release: + needs: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + + - uses: actions/download-artifact@v8 + with: + path: artifacts + merge-multiple: true + + - name: Create Release + env: + GH_TOKEN: ${{ github.token }} + run: | + version="${GITHUB_REF_NAME}" + gh release create "${version}" \ + --title "${version}" \ + --generate-notes \ + --prerelease \ + artifacts/* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox new/distrobox-1.8.2.5/distrobox --- old/distrobox-1.8.2.4/distrobox 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox 2026-04-27 14:25:31.000000000 +0200 @@ -22,7 +22,7 @@ set -o errexit set -o nounset -version="1.8.2.4" +version="1.8.2.5" # show_help will print usage to stdout. # Arguments: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-assemble new/distrobox-1.8.2.5/distrobox-assemble --- old/distrobox-1.8.2.4/distrobox-assemble 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-assemble 2026-04-27 14:25:31.000000000 +0200 @@ -38,7 +38,7 @@ tmpfile="$(mktemp -u)" tmp_download_file="$(mktemp -u)" verbose=0 -version="1.8.2.4" +version="1.8.2.5" # initializing block of variables used in the manifest additional_flags="" additional_packages="" @@ -466,13 +466,16 @@ result_command="${result_command} --additional-flags $(sanitize_variable "${flag}")" done fi + if [ "${dryrun}" -ne 0 ]; then + result_command="${result_command} --dry-run" + fi # Execute the distrobox-create command + eval "${result_command}" + if [ "${dryrun}" -ne 0 ]; then - echo "${result_command}" return fi - eval "${result_command}" # If we need to start immediately, do it, so that the container # is ready to be entered. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-create new/distrobox-1.8.2.5/distrobox-create --- old/distrobox-1.8.2.4/distrobox-create 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-create 2026-04-27 14:25:31.000000000 +0200 @@ -107,7 +107,7 @@ [ "${container_user_uid}" -eq 0 ] && rootful=1 || rootful=0 userns_nolimit=0 verbose=0 -version="1.8.2.4" +version="1.8.2.5" app_cache_dir=${XDG_CACHE_HOME:-"${HOME}/.cache"}/distrobox @@ -571,6 +571,14 @@ --volume /dev/null:/run/.nopasswd:ro" fi +# Signal rootless mode explicitly so distrobox-init does not rely solely on +# the /etc/shadow heuristic, which gives false positives on Docker Desktop +# (macOS) where the container always has root access to the VM filesystem. +if [ "${rootful}" -eq 0 ]; then + container_manager_additional_flags="${container_manager_additional_flags} + --volume /dev/null:/run/.distrobox.rootless:ro" +fi + # inject additional volumes if specified if [ -n "${container_additional_volumes}" ]; then for volume in ${container_additional_volumes}; do @@ -666,6 +674,14 @@ # prints the podman, docker or lilipod command to create the distrobox container generate_create_command() { + # On macOS, Docker Desktop mounts all paths as private in its Linux VM, + # so rslave/rshared bind propagation is not supported. + if [ "$(uname -s)" = "Darwin" ]; then + rslave="" + else + rslave=":rslave" + fi + # Set the container hostname the same as the container name. result_command="${container_manager} create" result_command="${result_command} ${container_platform}" @@ -711,11 +727,11 @@ --env \"container=${container_manager}\" --env \"TERMINFO_DIRS=/usr/share/terminfo:/run/host/usr/share/terminfo\" --env \"CONTAINER_ID=${container_name}\" - --volume /tmp:/tmp:rslave + --volume /tmp:/tmp${rslave} --volume \"${distrobox_entrypoint_path}\":/usr/bin/entrypoint:ro --volume \"${distrobox_export_path}\":/usr/bin/distrobox-export:ro --volume \"${distrobox_hostexec_path}\":/usr/bin/distrobox-host-exec:ro - --volume \"${container_user_home}\":\"${container_user_home}\":rslave" + --volume \"${container_user_home}\":\"${container_user_home}\"${rslave}" # Due to breaking change in https://github.com/opencontainers/runc/commit/d4b670fca6d0ac606777376440ffe49686ce15f4 # now we cannot mount /:/run/host as before, as it will try to mount RO partitions as RW thus breaking things. @@ -735,25 +751,25 @@ tr ',' '\n' | grep -q "^ro$"; then result_command="${result_command} - --volume ${rootdir}:/run/host${rootdir}:ro,rslave" + --volume ${rootdir}:/run/host${rootdir}:ro${rslave}" continue fi # Else we mount it RW+Rslave result_command="${result_command} - --volume ${rootdir}:/run/host${rootdir}:rslave" + --volume ${rootdir}:/run/host${rootdir}${rslave}" done else # We're either on podman+crun, docker or lilipod, let's keep old behaviour result_command="${result_command} - --volume /:/run/host/:rslave" + --volume /:/run/host/${rslave}" fi if [ "${unshare_devsys}" -eq 0 ]; then result_command="${result_command} - --volume /dev:/dev:rslave - --volume /sys:/sys:rslave" + --volume /dev:/dev${rslave} + --volume /sys:/sys${rslave}" fi # In case of initful containers, we implement a series of mountpoint in order @@ -874,7 +890,7 @@ result_command="${result_command} --env \"HOME=${container_user_custom_home}\" --env \"DISTROBOX_HOST_HOME=${container_user_home}\" - --volume \"${container_user_custom_home}:${container_user_custom_home}:rslave\"" + --volume \"${container_user_custom_home}:${container_user_custom_home}${rslave}\"" fi # Mount also the /var/home dir on ostree based systems @@ -883,7 +899,7 @@ [ -d "/var/home/${container_user_name}" ]; then result_command="${result_command} - --volume \"/var/home/${container_user_name}\":\"/var/home/${container_user_name}\":rslave" + --volume \"/var/home/${container_user_name}\":\"/var/home/${container_user_name}\"${rslave}" fi # Mount also the XDG_RUNTIME_DIR to ensure functionality of the apps. @@ -891,7 +907,7 @@ # systemd user session can be used. if [ -d "/run/user/${container_user_uid}" ] && [ "${init}" -eq 0 ]; then result_command="${result_command} - --volume /run/user/${container_user_uid}:/run/user/${container_user_uid}:rslave" + --volume /run/user/${container_user_uid}:/run/user/${container_user_uid}${rslave}" fi # These are dynamic configs needed by the container to function properly diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-enter new/distrobox-1.8.2.5/distrobox-enter --- old/distrobox-1.8.2.4/distrobox-enter 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-enter 2026-04-27 14:25:31.000000000 +0200 @@ -109,7 +109,7 @@ skip_workdir=0 verbose=0 clean_path=0 -version="1.8.2.4" +version="1.8.2.5" # Source configuration files, this is done in an hierarchy so local files have # priority over system defaults @@ -474,6 +474,42 @@ else container_paths="${PATH}" fi + + # Ensure /usr/local/{s,}bin appears before /usr/{s,}bin in PATH. + # This follows FHS conventions: /usr/local should override /usr, + # and ensures distrobox wrappers in /usr/local/bin are found first. + reordered_paths="" + IFS_OLD="${IFS}" + IFS=":" + for p in ${container_paths}; do + case "${p}" in + /usr/local/bin | /usr/local/sbin) + # skip, will be re-inserted before their /usr counterpart + ;; + /usr/bin) + # insert /usr/local/bin right before /usr/bin + reordered_paths="${reordered_paths:+${reordered_paths}:}/usr/local/bin:${p}" + ;; + /usr/sbin) + # insert /usr/local/sbin right before /usr/sbin + reordered_paths="${reordered_paths:+${reordered_paths}:}/usr/local/sbin:${p}" + ;; + *) + reordered_paths="${reordered_paths:+${reordered_paths}:}${p}" + ;; + esac + done + IFS="${IFS_OLD}" + + # If /usr/bin or /usr/sbin were not in PATH, the corresponding + # /usr/local paths were skipped above. Re-add them if missing. + for lp in /usr/local/bin /usr/local/sbin; do + pattern="(:|^)${lp}(:|$)" + if ! echo "${reordered_paths}" | grep -Eq "${pattern}"; then + reordered_paths="${lp}:${reordered_paths}" + fi + done + container_paths="${reordered_paths}" fi result_command="${result_command} @@ -542,6 +578,75 @@ container_home="${HOME}" container_path="${PATH}" unshare_groups=0 + +# Read the unshare_groups label early so the positional-parameter +# manipulation below picks the correct branch. The full inspect +# happens later, but this single value is needed before then. +unshare_groups="$(${container_manager} inspect --type container \ + --format '{{ index .Config.Labels "distrobox.unshare_groups" }}' \ + "${container_name}" 2> /dev/null || echo 0)" +[ -z "${unshare_groups}" ] && unshare_groups=0 + +################################################################################ +# In this section we will manipulate the positional parameters +# in order to generate our long docker/podman/lilipod command to execute. +# +# We use positional parameters in order to have the shell manage escaping and spaces +# so we remove the problem of we having to handle them. +# +# 1 - handle absence of custom command, we will need to add a getent command to +# execute the right container's user's shell +# 2 - in case of unshared groups (or initful) we need to trigger a proper login +# using `su`, so we will need to manipulate these arguments accorodingly +# 3 - prepend our generated command +# to do this, we use `tac` so we reverse loop it and prepend each argument. +# 4 - now that we're done, we can prepend our container_command +# we will need to use `rev` to reverse it as we reverse loop and prepend each +# argument +################################################################################ +# +# Setup default commands if none are specified +# execute a getent command using the /bin/sh shell +# to find out the default shell of the user, and +# do a login shell with it (eg: /bin/bash -l) +if [ "${container_custom_command}" -eq 0 ]; then + set - "$@" "/bin/sh" "-c" "\$(getent passwd '${container_command_user}' | cut -f 7 -d :) -l" +fi + +# If we have a command and we're unsharing groups, we need to execute those +# command using su $container_command_user +# if we're in a tty, also allocate one +if [ "${unshare_groups:-0}" -eq 1 ]; then + # `su` requires options BEFORE the username: + # su [options] -- user [args...] + # The literal `--` is required because util-linux `su` uses GNU getopt + # with argument reordering: without it, any flag in the user's command + # (e.g. `uname -n`) is parsed as a `su` option and fails. + # The shell snippet '"$0" "$@"' re-executes its arguments verbatim, + # so `args...` become the actual command to run as the target user. + set -- "${container_command_user}" "$@" + set -- "--" "$@" + # shellcheck disable=SC2089,SC2016 + set -- "-c" '"$0" "$@"' "$@" + set -- "-s" "/bin/sh" "$@" + if [ "${headless}" -eq 0 ]; then + set -- "--pty" "$@" + fi + set -- "-m" "$@" + set -- "su" "$@" +fi + +################################################################################ +# Execution section +################################################################################ + +# dry run mode, just generate the command and print it. No execution. +if [ "${dryrun}" -ne 0 ]; then + cmd="$(generate_enter_command | sed 's/\t//g')" + printf "%s %s\n" "${cmd}" "$*" + exit 0 +fi + # Now inspect the container we're working with. container_status="unknown" eval "$(${container_manager} inspect --type container --format \ @@ -551,13 +656,6 @@ {{range .Config.Env}}{{if and (ge (len .) 5) (eq (slice . 0 5) "PATH=")}}container_path={{slice . 5 | printf "%q"}}{{end}}{{end}}' \ "${container_name}")" -# dry run mode, just generate the command and print it. No execution. -if [ "${dryrun}" -ne 0 ]; then - cmd="$(generate_enter_command | sed 's/\t//g')" - printf "%s %s\n" "${cmd}" "$*" - exit 0 -fi - # Check if the container is even there if [ "${container_status}" = "unknown" ]; then # If not, prompt to create it first @@ -669,47 +767,6 @@ printf >&2 "\nContainer Setup Complete!\n" fi -################################################################################ -# Execution section, in this section we will manipulate the positional parameters -# in order to generate our long docker/podman/lilipod command to execute. -# -# We use positional parameters in order to have the shell manage escaping and spaces -# so we remove the problem of we having to handle them. -# -# 1 - handle absence of custom command, we will need to add a getent command to -# execute the right container's user's shell -# 2 - in case of unshared groups (or initful) we need to trigger a proper login -# using `su`, so we will need to manipulate these arguments accorodingly -# 3 - prepend our generated command -# to do this, we use `tac` so we reverse loop it and prepend each argument. -# 4 - now that we're done, we can prepend our container_command -# we will need to use `rev` to reverse it as we reverse loop and prepend each -# argument -################################################################################ -# -# Setup default commands if none are specified -# execute a getent command using the /bin/sh shell -# to find out the default shell of the user, and -# do a login shell with it (eg: /bin/bash -l) -if [ "${container_custom_command}" -eq 0 ]; then - set - "$@" "/bin/sh" "-c" "\$(getent passwd '${container_command_user}' | cut -f 7 -d :) -l" -fi - -# If we have a command and we're unsharing groups, we need to execute those -# command using su $container_command_user -# if we're in a tty, also allocate one -if [ "${unshare_groups:-0}" -eq 1 ]; then - # shellcheck disable=SC2089,SC2016 - set -- "-c" '"$0" "$@"' -- "$@" - set -- "-s" "/bin/sh" "$@" - if [ "${headless}" -eq 0 ]; then - set -- "--pty" "$@" - fi - set -- "-m" "$@" - set -- "${container_command_user}" "$@" - set -- "su" "$@" -fi - # Generate the exec command and run it cmd="$(generate_enter_command | awk '{a[i++]=$0} END {for (j=i-1; j>=0;) print a[j--]}')" # Reverse it so we can reverse loop and prepend the command's arguments diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-ephemeral new/distrobox-1.8.2.5/distrobox-ephemeral --- old/distrobox-1.8.2.4/distrobox-ephemeral 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-ephemeral 2026-04-27 14:25:31.000000000 +0200 @@ -55,7 +55,7 @@ # There's no need for them to pass the --root flag option in such cases. [ "$(id -ru)" -eq 0 ] && rootful=1 || rootful=0 verbose=0 -version="1.8.2.4" +version="1.8.2.5" container_additional_packages="" container_init_hook=" " container_manager_additional_flags="" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-export new/distrobox-1.8.2.5/distrobox-export --- old/distrobox-1.8.2.4/distrobox-export 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-export 2026-04-27 14:25:31.000000000 +0200 @@ -49,7 +49,7 @@ rootful="" sudo_prefix="" verbose=0 -version="1.8.2.4" +version="1.8.2.5" sudo_askpass_path="${dest_path}/distrobox_sudo_askpass" sudo_askpass_script="#!/bin/sh diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-generate-entry new/distrobox-1.8.2.5/distrobox-generate-entry --- old/distrobox-1.8.2.4/distrobox-generate-entry 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-generate-entry 2026-04-27 14:25:31.000000000 +0200 @@ -54,7 +54,7 @@ icon_default="${XDG_DATA_HOME:-${HOME}/.local/share}/icons/terminal-distrobox-icon.svg" verbose=0 online=0 -version="1.8.2.4" +version="1.8.2.5" # Source configuration files, this is done in an hierarchy so local files have # priority over system defaults diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-host-exec new/distrobox-1.8.2.5/distrobox-host-exec --- old/distrobox-1.8.2.4/distrobox-host-exec 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-host-exec 2026-04-27 14:25:31.000000000 +0200 @@ -36,7 +36,7 @@ download_command="" sudo_command="" verbose=0 -version="1.8.2.4" +version="1.8.2.5" # show_help will print usage to stdout. # Arguments: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-init new/distrobox-1.8.2.5/distrobox-init --- old/distrobox-1.8.2.4/distrobox-init 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-init 2026-04-27 14:25:31.000000000 +0200 @@ -74,7 +74,7 @@ rootful=0 upgrade=0 verbose=0 -version="1.8.2.4" +version="1.8.2.5" # show_help will print usage to stdout. # Arguments: @@ -233,7 +233,13 @@ # # if /run/.nopasswd is present, let's treat the init as rootless, this is not # a good thing, users behold! -if stat /run/host/etc/shadow > /dev/null && +# +# if /run/.distrobox.rootless is present, the container was explicitly created +# without --root (distrobox-create mounts this marker for rootless containers). +# Trust it over the shadow heuristic, which gives false positives on Docker +# Desktop (macOS) where the container always has root access to the VM's fs. +if [ ! -e /run/.distrobox.rootless ] && + stat /run/host/etc/shadow > /dev/null && { [ "$(stat -c "%u" /run/host/etc/shadow)" = "0" ] || [ "$(stat -f "%u" /run/host/etc/shadow 2> /dev/null)" = "0" ] } && @@ -969,9 +975,21 @@ control sudo public control sudoreplay public control su wheel - mkdir /etc/tcb/"${container_user_name}" + control pam_mktemp disabled + mkdir -p /etc/tcb/"${container_user_name}" echo "${container_user_name}::::::::" > /etc/tcb/"${container_user_name}"/shadow sed -i 's/*//g' /etc/passwd + + # ALT Linux ships its own su incompatible with util-linux su flags. + # distrobox-enter passes flags like -m, --pty, -s, -c which ALT su rejects. + # runuser (from util-linux, always present) accepts the same flags. + # Place the wrapper in /usr/local/bin so it is found before /bin/su. + mkdir -p /usr/local/bin + cat << 'EOF' > /usr/local/bin/su +#!/bin/sh +exec /usr/sbin/runuser "$@" +EOF + chmod +x /usr/local/bin/su fi # In case the locale is not available, install it @@ -1624,8 +1642,17 @@ # poor out-of-the-box experience (e.g., when trying to run GUI apps). # So, let's enable them. For the same reason, we make sure we install # docs. - sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = false/g' /etc/zypp/zypp.conf - sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = no/g' /etc/zypp/zypp.conf + if [ -d /etc/zypp/zypp.conf.d ]; then + cat << EOF > /etc/zypp/zypp.conf.d/99-distrobox.conf +[main] +solver.onlyRequires = false +rpm.install.excludedocs = no +EOF + else + sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = false/g' /etc/zypp/zypp.conf + sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = no/g' /etc/zypp/zypp.conf + fi + # With recommended packages, something might try to pull in # parallel-printer-support which can't be installed in rootless containers. # Since we very much likely never need it, just lock it @@ -1855,8 +1882,10 @@ # This won't work well on very old distros with su version from util-linux # before version 2.34 or other su implementations but will give an usable # shell nonetheless -if ! su --version | grep -q util-linux || - su --version | awk '{printf "%s\n%s", $4, 2.34}' | sort --check=quiet --version-sort; then +if [ ! -e /usr/local/bin/su ] && { + ! su --version | grep -q util-linux || + su --version | awk '{printf "%s\n%s", $4, 2.34}' | sort --check=quiet --version-sort +}; then cat << EOF > /usr/local/bin/su #!/bin/sh @@ -1937,6 +1966,7 @@ # for example using `podman --remote` to control the host's podman from inside # the container or accessing docker and libvirt sockets. host_sockets="$(find /run/host/run \ + -xdev \ -path /run/host/run/media -prune -o \ -path /run/host/run/timeshift -prune -o \ -name 'user' -prune -o \ @@ -1954,7 +1984,7 @@ # create many problems with package managers thinking they have access to # system dbus, user auth cache misused or query wrong user information. for host_socket in ${host_sockets}; do - container_socket="$(printf "%s" "${host_socket}" | sed 's|/run/host||g')" + container_socket="${host_socket#/run/host}" # Check if the socket already exists or the symlink already exists if [ ! -S "${container_socket}" ] && [ ! -L "${container_socket}" ]; then # link it. @@ -1974,7 +2004,9 @@ # Refresh ldconfig cache, also detect if there are empty files remaining # and clean them. # This could happen when upgrading drivers and changing versions. - find /usr/lib* -empty -iname "*.so.*" -exec sh -c 'rm -rf "$1" || umount "$1" && rm -rf "$1"' sh {} ';' || : + # Use "*.so*" instead of "*.so.*" to also match unversioned .so stubs + # (e.g. libcuda.so, libnvcuvid.so) that block CUDA detection. See #1764. + find /usr/lib* -empty -iname "*.so*" -exec sh -c 'rm -rf "$1" || umount "$1" && rm -rf "$1"' sh {} ';' || : find /usr/ /etc/ -empty -iname "*nvidia*" -exec sh -c 'rm -rf "$1" || umount "$1" && rm -rf "$1"' sh {} ';' || : # First we find all generic config files we might need @@ -2591,6 +2623,13 @@ # Now we're done touch /etc/passwd.done + +# Ensure shadow files are readable by root without relying on CAP_DAC_OVERRIDE, +# which may not be effective on all container storage drivers (e.g. fuse-overlayfs +# in rootless mode, or VMs like Docker Desktop / Colima on macOS). +# Fedora/Arch ship these as mode 000, expecting the capability to bypass DAC. +chmod 0400 /etc/shadow 2> /dev/null || : +chmod 0400 /etc/gshadow 2> /dev/null || : ############################################################################### ############################################################################### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-list new/distrobox-1.8.2.5/distrobox-list --- old/distrobox-1.8.2.4/distrobox-list 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-list 2026-04-27 14:25:31.000000000 +0200 @@ -49,7 +49,7 @@ # There's no need for them to pass the --root flag option in such cases. [ "$(id -ru)" -eq 0 ] && rootful=1 || rootful=0 verbose=0 -version="1.8.2.4" +version="1.8.2.5" container_manager="autodetect" # Source configuration files, this is done in an hierarchy so local files have diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-rm new/distrobox-1.8.2.5/distrobox-rm --- old/distrobox-1.8.2.4/distrobox-rm 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-rm 2026-04-27 14:25:31.000000000 +0200 @@ -60,7 +60,7 @@ verbose=0 rm_home=0 response_rm_home="N" -version="1.8.2.4" +version="1.8.2.5" # Source configuration files, this is done in an hierarchy so local files have # priority over system defaults diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-stop new/distrobox-1.8.2.5/distrobox-stop --- old/distrobox-1.8.2.4/distrobox-stop 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-stop 2026-04-27 14:25:31.000000000 +0200 @@ -58,7 +58,7 @@ # There's no need for them to pass the --root flag option in such cases. [ "$(id -ru)" -eq 0 ] && rootful=1 || rootful=0 verbose=0 -version="1.8.2.4" +version="1.8.2.5" # Source configuration files, this is done in an hierarchy so local files have # priority over system defaults diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/distrobox-upgrade new/distrobox-1.8.2.5/distrobox-upgrade --- old/distrobox-1.8.2.4/distrobox-upgrade 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/distrobox-upgrade 2026-04-27 14:25:31.000000000 +0200 @@ -44,7 +44,7 @@ distrobox_path="$(dirname "$(realpath "${0}")")" rootful=0 verbose=0 -version="1.8.2.4" +version="1.8.2.5" # Source configuration files, this is done in an hierarchy so local files have # priority over system defaults diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/docs/README.md new/distrobox-1.8.2.5/docs/README.md --- old/distrobox-1.8.2.4/docs/README.md 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/docs/README.md 2026-04-27 14:25:31.000000000 +0200 @@ -106,6 +106,8 @@ - [Pre-installing additional package repositories](useful_tips.md#pre-installing-additional-package-repositories) - [Apply resource limitation on the fly](useful_tips.md#apply-resource-limitation-on-the-fly) - [Posts](posts/posts.md) + - [Announcing the next generation of Distrobox](posts/announcing_distrobox_next.md) + - [Distrobox Next architecture](posts/distrobox_next_architecture.md) - [Create a dedicated distrobox container](posts/distrobox_custom.md) - [Execute a command on the Host](posts/execute_commands_on_host.md) - [Install Podman in HOME](posts/install_podman_static.md) @@ -113,7 +115,7 @@ - [Install on Steamdeck](posts/steamdeck_guide.md) - [Integrate VSCode and Distrobox](posts/integrate_vscode_distrobox.md) - [Run Libvirt using distrobox](posts/run_libvirt_in_distrobox.md) - - [Run latest GNOME and KDE Plasma using distrobox](posts/run_latest_gnome_kde_on_distrobox.md) + - [Run latest GNOME and KDE Plasma using distrobox](posts/run_latest_gnome_kde_hyprland_on_distrobox.md) - [Featured Articles](featured_articles.md) - [Articles](featured_articles.md#articles) - [Run Distrobox on Fedora Linux - Fedora Magazine](https://fedoramagazine.org/run-distrobox-on-fedora-linux/) @@ -246,7 +248,10 @@ when it will be complete. That said, it is useful to read the discussion about decoupling with the host, -available here: [#28 Sandboxed mode](https://github.com/89luca89/distrobox/issues/28) +available here: [#28 Sandboxed mode](https://github.com/89luca89/distrobox/issues/28). + +If you are looking for something similar to Distrobox but with sandboxing capabilities, +there are other options to consider which do prioritise isolation such as [Litterbox](https://github.com/Gerharddc/litterbox). --- Binary files old/distrobox-1.8.2.4/docs/assets/png/integrate_vscode_distrobox.png and new/distrobox-1.8.2.5/docs/assets/png/integrate_vscode_distrobox.png differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/docs/compatibility.md new/distrobox-1.8.2.5/docs/compatibility.md --- old/distrobox-1.8.2.4/docs/compatibility.md 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/docs/compatibility.md 2026-04-27 14:25:31.000000000 +0200 @@ -62,6 +62,7 @@ | Fedora | 35 <br> 36 <br> 37 <br> 38 <br> Rawhide | `distrobox` is available in default repos.(thanks [alcir](https://github.com/alcir)!) | | Gentoo | | To setup rootless podman, look [HERE](https://wiki.gentoo.org/wiki/Podman) | | KDE neon | | `distrobox` is available in default repo | +| macOS | | Requires [Docker Desktop](https://docs.docker.com/desktop/install/mac-install/). Support is limited to CLI use only; GUI, sound, and graphics are not supported. Please do not open issues for GUI/sound/graphics-related bugs on macOS. | | Manjaro | | To setup rootless podman, look [HERE](https://wiki.archlinux.org/title/Podman) | | NixOS | 21.11 | Make sure to mind your executable paths. Sometimes a container will not have nix paths, and sometimes it will not have its own paths. <br> Distrobox is available in Nixpkg collection (thanks [AtilaSaraiva](https://github.com/AtilaSaraiva)!)< <br> To setup Docker, look [HERE](https://wiki.nixos.org/wiki/Docker) <br> To setup Podman, look [HERE](https://wiki.nixos.org/wiki/Podman) and [HERE](https://gist.github.com/adisbladis/187204cb772800489ee3dac4acdd9947) | | openSUSE | Leap | `distrobox` is available in default repos (thanks [dfaggioli](https://github.com/dfaggioli)!). <br> Prior to Leap 15.6 ``podman`` logging needs to be configured properly, more details in [this openSUSE bug](https://bugzilla.opensuse.org/show_bug.cgi?id=1199871). | @@ -167,7 +168,7 @@ | Rocky Linux (Toolbox) | 8 <br> 9 | quay.io/toolbx-images/rockylinux-toolbox:8 <br> quay.io/toolbx-images/rockylinux-toolbox:9 <br> quay.io/toolbx-images/rockylinux-toolbox:latest | | Ubuntu (Toolbox) | 16.04 <br> 18.04 <br> 20.04 <br> 22.04 <br> 24.04 | quay.io/toolbx/ubuntu-toolbox:16.04 <br> quay.io/toolbx/ubuntu-toolbox:18.04 <br> quay.io/toolbx/ubuntu-toolbox:20.04 <br> quay.io/toolbx/ubuntu-toolbox:22.04 <br> quay.io/toolbx/ubuntu-toolbox:24.04 <br> quay.io/toolbx/ubuntu-toolbox:latest | | Chainguard Wolfi (Toolbox) | | quay.io/toolbx-images/wolfi-toolbox:latest | -| Ublue | bluefin-cli <br> ubuntu-toolbox <br> fedora-toolbox <br> wolfi-toolbox <br> archlinux-distrobox <br> powershell-toolbox | ghcr.io/ublue-os/bluefin-cli <br> ghcr.io/ublue-os/bluefin-cli <br> ghcr.io/ublue-os/ubuntu-toolbox <br> ghcr.io/ublue-os/fedora-toolbox <br> ghcr.io/ublue-os/wolfi-toolbox <br> ghcr.io/ublue-os/arch-toolbox <br> ghcr.io/ublue-os/powershell-toolbox | +| Ublue | ubuntu-toolbox <br> fedora-toolbox <br> wolfi-toolbox <br> archlinux-distrobox | ghcr.io/ublue-os/ubuntu-toolbox <br> ghcr.io/ublue-os/fedora-toolbox <br> ghcr.io/ublue-os/wolfi-toolbox <br> ghcr.io/ublue-os/arch-toolbox | | | | | | AlmaLinux | 8 <br> 8-minimal <br> 9 <br> 9-minimal | docker.io/library/almalinux:8 <br> docker.io/library/almalinux:9 | | Alpine Linux | 3.20 <br> 3.21 <br> 3.22 <br> edge | docker.io/library/alpine:3.20 <br> docker.io/library/alpine:3.21 <br> docker.io/library/alpine:3.22 <br> docker.io/library/alpine:edge <br> docker.io/library/alpine:latest | diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/docs/posts/announcing_distrobox_next.md new/distrobox-1.8.2.5/docs/posts/announcing_distrobox_next.md --- old/distrobox-1.8.2.4/docs/posts/announcing_distrobox_next.md 1970-01-01 01:00:00.000000000 +0100 +++ new/distrobox-1.8.2.5/docs/posts/announcing_distrobox_next.md 2026-04-27 14:25:31.000000000 +0200 @@ -0,0 +1,96 @@ +- [Distrobox](../README.md) + - [Announcing the next generation of Distrobox](#announcing-the-next-generation-of-distrobox) + - [Try it now](#try-it-now) + - [Why we rewrote Distrobox](#why-we-rewrote-distrobox) + - [Compatibility](#compatibility) + - [During the transition](#during-the-transition) + - [Contributing](#contributing) + - [The many thanks we have to say](#the-many-thanks-we-have-to-say) + +--- + +# Announcing the next generation of Distrobox + +We're releasing Distrobox v2 to the public as a release candidate. This is a complete rewrite in Go. Distrobox v1 +remains the stable version and we recommend using it in production for now. + +The first objective is to reach feature parity between v2 and v1, at which point we can declare v2 stable. The source +code is available now on [the `next` branch](https://github.com/89luca89/distrobox/tree/next). + +## Try it now + +v2.0.0-rc releases are available on [GitHub](https://github.com/89luca89/distrobox/releases/tag/2.0.0-rc.1). + +You can also build from source on the `next` branch: + +```sh +git clone https://github.com/89luca89/distrobox.git +cd distrobox +git checkout next +make build +sudo make install +``` + +Please test it with your usual workflows and report any issues you find. Your feedback is essential to reach stability +quickly. + +## Why we rewrote Distrobox + +Shell's immediate feedback loop was critical to Distrobox's early success. But as the project matured, we hit its +limits: no proper module system for code reuse, no handy test engine, and patterns that are hard to maintain. We also +want to extend Distrobox to new use cases, which would have required a significant refactor of the existing codebase. + +We chose Go because the core team is confident in it. It's popular with a short learning curve, so the community can +jump in and contribute. It has a solid toolchain and standard library that lets us keep external dependencies to a +minimum. And it's straightforward to build for multiple architectures—important for Distrobox's diverse user base. + +We didn't start this effort to improve performance. But first benchmarks show a sensible performance increase on common +usage scenarios. More data to come. + +## Compatibility + +v2 maintains the same interface for CLI command arguments, manifest files, and configuration files. Your scripts and +`.distrobox` folders will work with v2. + +Existing v1 containers work with v2, except for exported bins and apps—those containers must be recreated. v2 ships as +a single binary, so command-specific executables like `distrobox-enter` and `distrobox-create` no longer exist. Use +`distrobox enter`, `distrobox create`, etc. instead. + +## During the transition + +While v2 reaches feature parity and stability, we're making focused choices. + +We do not accept new features on v1 nor v2 until v2 reaches feature parity with v1 and is declared stable. New features +would slow down that milestone. Bugfixes must be submitted against the `next` branch. We'll decide on backports to v1 +case-by-case. + +Before reporting a bug, check whether it's already fixed in v2. For already open PRs on v1, we'll decide case-by-case +with the authors. For open issues on v1, we ask that you verify whether the issue is present on v2 as well. We +prioritize fixing issues on v2 first. We'll consider backporting critical fixes to v1 if the issue makes Distrobox v1 +unusable or insecure. + +We're releasing v2.0.0-rc versions as we progress. Releases are available on GitHub and are published as needed, with +no fixed cadence. v2 will be declared stable when we can assert it covers all the use cases of v1 without relevant +regressions. + +## Contributing + +All contributions must be sent against the `next` branch. Please read the +[architecture document](distrobox_next_architecture.md) before contributing. + +A working Go installation is required to build and test the project. Refer to the +[official Go documentation](https://go.dev/doc/install) to set up your local environment. + +## The many thanks we have to say + +A project like Distrobox would have gone nowhere without the support of its community. Over the years, we received +contributions from more than 200 developers; these people are first of all enthusiastic Distrobox users, and we cannot +be more grateful for that. + +Some of them are now seeing their code disappear to make room for the rewrite. We want to emphasize that the rewrite +itself wouldn't have been possible without their contributions. Please take a moment to acknowledge the +[Distrobox contributors list](https://github.com/89luca89/distrobox/graphs/contributors) — to them go our warmest +thanks. + +We're excited to see where v2 takes Distrobox, and we hope you are excited, too. Try it out, report bugs, and join the +discussion on [Matrix](https://matrix.to/#/%23distrobox:matrix.org) and [Telegram](https://t.me/distrobox_chat_new) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/docs/posts/distrobox_next_architecture.md new/distrobox-1.8.2.5/docs/posts/distrobox_next_architecture.md --- old/distrobox-1.8.2.4/docs/posts/distrobox_next_architecture.md 1970-01-01 01:00:00.000000000 +0100 +++ new/distrobox-1.8.2.5/docs/posts/distrobox_next_architecture.md 2026-04-27 14:25:31.000000000 +0200 @@ -0,0 +1,144 @@ +- [Distrobox](../README.md) + - [Distrobox Go Rewrite: Architecture and Design](#distrobox-go-rewrite-architecture-and-design) + - [Overview](#overview) + - [Directory Structure](#directory-structure) + - [Architecture Layers](#architecture-layers) + - [Dependency Injection Pattern](#dependency-injection-pattern) + - [Configuration System](#configuration-system) + - [Shell Scripts](#shell-scripts) + +--- + +# Distrobox Go Rewrite: Architecture and Design + +This document describes the architecture of the Distrobox Go rewrite, explaining how +different layers interact and the design decisions behind the codebase. It's meant to +help contributors understand the system and know where to make changes. + +## Overview + +The Distrobox Go rewrite is designed with **clear separation of concerns** in mind. +The rewrite followed these principles: + +- CLI layer handles command-line parsing and user interaction; +- Container manager implementations are interchangeable; +- UI components can evolve independently; +- The codebase must remains testable and maintainable; +- Dependencies must be kept at minimum. + +## Directory Structure + +```text +distrobox +├── cmd/distrobox/ +│ └── main.go # Entry point +├── internal/ +│ ├── cli/ # CLI layer (command definitions) +│ │ ├── root.go # Root command with global flags +│ │ ├── create.go, list.go, etc. # Individual commands +│ │ └── helpers.go +│ ├── config/ # Configuration management +│ ├── inside-distrobox/ +│ │ └── assets/ # Embedded shell scripts +├── pkg/ +│ ├── commands/ # Business logic layer +│ │ ├── create.go, list.go, etc. # Command implementations +│ ├── containermanager/ # Container abstraction +│ │ ├── containermanager.go # Interface definitions +│ │ └── providers/ # Implementations +│ │ ├── podman.go +│ │ └── docker.go +│ ├── ui/ # UI components +│ │ ├── progress.go +│ │ ├── printer.go +│ │ └── prompt.go +│ └── manifest/ # Manifest parsing +``` + +## Architecture Layers + +### 1. CLI Layer (`internal/cli/`) + +The CLI layer handles command-line argument parsing, global flag processing, and +command dispatch. It is also responsible for binding the application to the shell's stdin/stdout, +for loading the configuration, and for instantiating the components. + +Among other things, the concerete `ContainerManager` implementation is selected and instantiated in the cli layer. + +### 2. Command Layer (`pkg/commands/`) + +The command layer contains the business logic for each distrobox operation. Commands +are independent of CLI specifics and can be tested and reused independently. + +Commands should be **pure orchestrators**. They coordinate between +the container manager abstraction and UI components, but don't contain low-level +implementation details. + +Each command is implemented by a `Execute` method that takes a context and options struct. + +### 3. Container Manager Layer (`pkg/containermanager/`) + +The container manager is the abstraction over different container runtimes. This design +allows distrobox to work with Docker, Podman, and other container managers without +duplicating logic. + +### 4. UI Layer (`pkg/ui/`) + +The UI layer provides simple components for user interaction and output formatting. +These are instantiated in the CLI layer and passed to commands. + +- **Progress**: Tracks multi-step operations with status indicators +- **Printer**: Formats and displays structured output +- **Prompter**: Gets user confirmation or input + +## Dependency Injection Pattern + +The architecture uses **context-based dependency injection** to pass the container +manager from the root command to all subcommands. + +**Flow:** + +```text +main() + ↓ +LoadConfig() + ↓ +NewRootCommand().Run() + ↓ +beforeAction() [global hooks] + ↓ Creates container manager + ↓ Stores in context + ↓ +Specific command action (e.g., createAction) + ↓ Extracts container manager from context + ↓ Creates UI tools + ↓ Delegates to command layer +``` + +This pattern ensures: + +- Container manager is available to all commands without global state +- UI tools are created fresh for each invocation +- Testing can substitute different implementations via context + +## Configuration System + +Configuration is loaded once at startup in `main()`. Configuration sources (in order of precedence): + +1. Command-line flags +2. Environment variables (prefixed with `DBX_`) +3. Config file (`~/.config/distrobox/distrobox.conf`) +4. Defaults + +This centralized approach makes it easy to understand where values come from and ensures consistency across commands. + +## Shell Scripts + +When a container is created, part of the `Distrobox` application is loaded in the container +as it is meant to be executed inside it: + +- `distrobox-init` serves as the container entrypoint +- `distrobox-export` to expose binaries and applications to the host +- `distrobox-host-exec` to execute host's commands from inside the distrobox + +Such commands are POSIX shell scripts that are included as assets in `internal/inside-distrobox/assets` diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/docs/posts/integrate_vscode_distrobox.md new/distrobox-1.8.2.5/docs/posts/integrate_vscode_distrobox.md --- old/distrobox-1.8.2.4/docs/posts/integrate_vscode_distrobox.md 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/docs/posts/integrate_vscode_distrobox.md 2026-04-27 14:25:31.000000000 +0200 @@ -15,18 +15,21 @@ You may want to use it, but how to handle the dualism between host and container? In this experiment we will use [VSCodium](https://vscodium.com/) as an opensource -alternative to VSCode. +alternative to VSCode. Dev Containers extension works only +for non-opensource version of VS code. There are community made extensions like +[DevPod Containers](https://open-vsx.org/extension/3timeslazy/vscodium-devpodcontainers) that work in VSCodium -Here are a couple of solutions. +This guide has become outdated and you will need to expect that some things broke since then. ## From distrobox -Well, you could just install VSCode in your Distrobox of choice, and export it! +Well, you could just install VSCodium in your Distrobox of choice, and export it! -For example using an Arch Linux container: +For example using an Arch Linux container (We use --home so to not clutter our home directory. +You can change it if you have VSCode configuration in your home directory that you like): ```shell -~$ distrobox create --image archlinux:latest --name arch-distrobox +~$ distrobox create --image archlinux:latest --name arch-distrobox --home ./devcontainer ~$ distrobox enter --name arch-distrobox user@arch-distrobox:~$ ``` @@ -44,6 +47,19 @@ user@ubuntu-distrobox:~$ distrobox-export --app code ``` +For proprietary version you need to use the binary hosted on [AUR](https://aur.archlinux.org/packages/visual-studio-code-bin). + +To enable and install from AUR do: + +```bash +sudo pacman -Syu git base-devel &&\ +git clone https://aur.archlinux.org/yay.git &&\ +cd yay &&\ +makepkg -si &&\ +yay -S visual-studio-code-bin &&\ +distrobox-export --app code +``` + And that's really it, you'll have VSCode in your app list, and it will run from the Distrobox itself, so it will have access to all the software and tools inside it without problems. @@ -51,6 +67,37 @@   +### Manage podman from Distrobox + +We will use the +[podman-remote](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/building_running_and_managing_containers/using-the-container-tools-api) +to manage our containers running on host + +1. Install +[Dev Containers extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers) +in VSCode +2. Make sure that podman sockets is enabled on the host system + ` +ls -l /run/user/$(id -u)/podman/podman.sock + ` + if it isn't, enable it with: + ` +systemctl --user enable --now podman.socket + ` +3. Inside the Distrobox install podman to provide `podman-remote` + ` +sudo pacman -Syu podman + ` +4. Check if it's working by running: + ` +podman-remote info + ` +5. Configure Dev Containers Extension by putting `podman-remote` in +[vscode://settings/dev.containers.dockerPath](vscode://settings/dev.containers.dockerPath) +6. If you click refresh in Dev Containers extension you should see your host's containers + + + ## From flatpak Alternatively you may want to install VSCode on your host. We will explore how @@ -100,10 +147,6 @@ This will give a way to execute host's container manager from within the flatpak app. -**This works for Distrobox both inside and outside a flatpak** -This will act only for containers created with Distrobox, you can still use regular devcontainers -without transparently if needed. - ## Final Result After that, we're good to go! Open VSCode and Attach to Remote Container: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/docs/posts/posts.md new/distrobox-1.8.2.5/docs/posts/posts.md --- old/distrobox-1.8.2.4/docs/posts/posts.md 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/docs/posts/posts.md 2026-04-27 14:25:31.000000000 +0200 @@ -1,13 +1,15 @@ -- [Distrobox](../README.md) +- [Distrobox](./../README.md) --- ## Latest posts -- [Execute a command on the Host](execute_commands_on_host.md) -- [Install Podman in HOME](install_podman_static.md) -- [Install Lilipod in HOME](install_lilipod_static.md) -- [Install on Steamdeck](steamdeck_guide.md) -- [Integrate VSCode and Distrobox](integrate_vscode_distrobox.md) -- [Run Libvirt using distrobox](run_libvirt_in_distrobox.md) -- [Run latest GNOME and KDE Plasma using distrobox](run_latest_gnome_kde_on_distrobox.md) +- [Execute a command on the Host](./execute_commands_on_host.md) +- [Install Podman in HOME](./install_podman_static.md) +- [Install Lilipod in HOME](./install_lilipod_static.md) +- [Install on Steamdeck](./steamdeck_guide.md) +- [Integrate VSCode and Distrobox](./integrate_vscode_distrobox.md) +- [Run Libvirt using distrobox](./run_libvirt_in_distrobox.md) +- [Run latest GNOME and KDE Plasma using distrobox](./run_latest_gnome_kde_hyprland_on_distrobox.md) +- [Announcing the next generation of Distrobox](./announcing_distrobox_next.md) +- [Distrobox Next architecture](./distrobox_next_architecture.md) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/install new/distrobox-1.8.2.5/install --- old/distrobox-1.8.2.4/install 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/install 2026-04-27 14:25:31.000000000 +0200 @@ -22,7 +22,7 @@ next=0 no_color=0 verbose=0 -version=1.8.2.2 +version=1.8.2.5 # show_help will print usage to stdout. # Arguments: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-assemble.1 new/distrobox-1.8.2.5/man/man1/distrobox-assemble.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-assemble.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-assemble.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,7 +1,7 @@ '\" t .\ .\" -.TH "DISTROBOX\-ASSEMBLE" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-ASSEMBLE" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-compatibility.1 new/distrobox-1.8.2.5/man/man1/distrobox-compatibility.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-compatibility.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-compatibility.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,7 +1,7 @@ '\" t .\ .\" -.TH "DISTROBOX" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX" "1" "Mar 2026" "Distrobox" "User Manual" .SH COMPATIBILITY This project \f[B]does not need a dedicated image\f[R]. It can use any OCI images from docker\-hub, quay.io, or any registry of @@ -194,13 +194,10 @@ T{ Ublue T}@T{ -bluefin\-cli ubuntu\-toolbox fedora\-toolbox wolfi\-toolbox -archlinux\-distrobox powershell\-toolbox +ubuntu\-toolbox fedora\-toolbox wolfi\-toolbox archlinux\-distrobox T}@T{ -ghcr.io/ublue\-os/bluefin\-cli ghcr.io/ublue\-os/bluefin\-cli ghcr.io/ublue\-os/ubuntu\-toolbox ghcr.io/ublue\-os/fedora\-toolbox -ghcr.io/ublue\-os/wolfi\-toolbox ghcr.io/ublue\-os/arch\-toolbox -ghcr.io/ublue\-os/powershell\-toolbox +ghcr.io/ublue\-os/wolfi\-toolbox ghcr.io/ublue\-os/arch\-toolbox T} T{ T}@T{ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-create.1 new/distrobox-1.8.2.5/man/man1/distrobox-create.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-create.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-create.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-CREATE" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-CREATE" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-enter.1 new/distrobox-1.8.2.5/man/man1/distrobox-enter.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-enter.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-enter.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-ENTER" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-ENTER" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-ephemeral.1 new/distrobox-1.8.2.5/man/man1/distrobox-ephemeral.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-ephemeral.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-ephemeral.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-EPHEMERAL" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-EPHEMERAL" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-export.1 new/distrobox-1.8.2.5/man/man1/distrobox-export.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-export.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-export.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-EXPORT" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-EXPORT" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-generate-entry.1 new/distrobox-1.8.2.5/man/man1/distrobox-generate-entry.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-generate-entry.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-generate-entry.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-GENERATE\-ENTRY" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-GENERATE\-ENTRY" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-host-exec.1 new/distrobox-1.8.2.5/man/man1/distrobox-host-exec.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-host-exec.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-host-exec.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-HOST\-EXEC" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-HOST\-EXEC" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-init.1 new/distrobox-1.8.2.5/man/man1/distrobox-init.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-init.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-init.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-INIT" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-INIT" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-list.1 new/distrobox-1.8.2.5/man/man1/distrobox-list.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-list.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-list.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-LIST" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-LIST" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-rm.1 new/distrobox-1.8.2.5/man/man1/distrobox-rm.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-rm.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-rm.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-RM" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-RM" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-stop.1 new/distrobox-1.8.2.5/man/man1/distrobox-stop.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-stop.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-stop.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-STOP" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-STOP" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox-upgrade.1 new/distrobox-1.8.2.5/man/man1/distrobox-upgrade.1 --- old/distrobox-1.8.2.4/man/man1/distrobox-upgrade.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox-upgrade.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,6 +1,6 @@ .\ .\" -.TH "DISTROBOX\-UPGRADE" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-UPGRADE" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/distrobox-1.8.2.4/man/man1/distrobox.1 new/distrobox-1.8.2.5/man/man1/distrobox.1 --- old/distrobox-1.8.2.4/man/man1/distrobox.1 2026-02-04 16:47:39.000000000 +0100 +++ new/distrobox-1.8.2.5/man/man1/distrobox.1 2026-04-27 14:25:31.000000000 +0200 @@ -1,7 +1,7 @@ '\" t .\ .\" -.TH "DISTROBOX\-ASSEMBLE" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-ASSEMBLE" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -442,7 +442,7 @@ '\" t .\ .\" -.TH "DISTROBOX" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX" "1" "Mar 2026" "Distrobox" "User Manual" .SH COMPATIBILITY This project \f[B]does not need a dedicated image\f[R]. It can use any OCI images from docker\-hub, quay.io, or any registry of @@ -635,13 +635,10 @@ T{ Ublue T}@T{ -bluefin\-cli ubuntu\-toolbox fedora\-toolbox wolfi\-toolbox -archlinux\-distrobox powershell\-toolbox +ubuntu\-toolbox fedora\-toolbox wolfi\-toolbox archlinux\-distrobox T}@T{ -ghcr.io/ublue\-os/bluefin\-cli ghcr.io/ublue\-os/bluefin\-cli ghcr.io/ublue\-os/ubuntu\-toolbox ghcr.io/ublue\-os/fedora\-toolbox -ghcr.io/ublue\-os/wolfi\-toolbox ghcr.io/ublue\-os/arch\-toolbox -ghcr.io/ublue\-os/powershell\-toolbox +ghcr.io/ublue\-os/wolfi\-toolbox ghcr.io/ublue\-os/arch\-toolbox T} T{ T}@T{ @@ -931,7 +928,7 @@ up the integration independently from the distrobox\[cq]s own flag. .\ .\" -.TH "DISTROBOX\-CREATE" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-CREATE" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1256,7 +1253,7 @@ Void Linux (glibc) .\ .\" -.TH "DISTROBOX\-ENTER" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-ENTER" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1365,7 +1362,7 @@ run distrobox commands involving rootful containers using `doas'. .\ .\" -.TH "DISTROBOX\-EPHEMERAL" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-EPHEMERAL" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1410,7 +1407,7 @@ .EE .\ .\" -.TH "DISTROBOX\-EXPORT" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-EXPORT" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1538,7 +1535,7 @@ \f[CR]distrobox\-export \-\-app atom \-\-extra\-flags \[dq]\-\-foreground\[dq]\f[R] .\ .\" -.TH "DISTROBOX\-GENERATE\-ENTRY" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-GENERATE\-ENTRY" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1586,7 +1583,7 @@ .EE .\ .\" -.TH "DISTROBOX\-HOST\-EXEC" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-HOST\-EXEC" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1658,7 +1655,7 @@ .EE .\ .\" -.TH "DISTROBOX\-INIT" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-INIT" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1703,7 +1700,7 @@ .EE .\ .\" -.TH "DISTROBOX\-LIST" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-LIST" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1751,7 +1748,7 @@ image .\ .\" -.TH "DISTROBOX\-RM" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-RM" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1796,7 +1793,7 @@ .EE .\ .\" -.TH "DISTROBOX\-STOP" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-STOP" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX @@ -1846,7 +1843,7 @@ .EE .\ .\" -.TH "DISTROBOX\-UPGRADE" "1" "Jan 2026" "Distrobox" "User Manual" +.TH "DISTROBOX\-UPGRADE" "1" "Mar 2026" "Distrobox" "User Manual" .SH NAME .IP .EX
