Skip to content
/ bento Public

Bento is a container implementation written in Rust.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

kevinji/bento

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
src
src
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
rustfmt.toml
rustfmt.toml
 
 

Repository files navigation

Bento

Bento is a container implementation written in Rust.

It supports the following features:

  • New root filesystem via pivot_root and umount2
  • New cgroup, IPC, network, mount, PID, UTS, and user (if supported) namespaces
  • Settable UID/GID within container, with allowed UIDs from /etc/subuid and GIDs from /etc/subgid
  • cgroup v2 restrictions on memory, PIDs, and CPU shares
  • rlimit restriction on file descriptors
  • Capabilities dropped to control privileges
  • Seccomp BPF filter to restrict syscalls

It also uses the lddtree crate to automatically find the necessary .so files needed to run a given command by parsing its ELF header.

TODO

  • Fix networking inside the container

References

About

Bento is a container implementation written in Rust.

Topics

rust containers

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages