Playing around with other distros in toolbox

The past few days I have been playing around with using other Linux distributions in toolbox. It’s something I think of every once in a while. Darn I’d really like a package from the AUR or Debian’s libraries would be useful right now. Fedora is close to perfect, but I am sometimes missing little things. In the past, I have used vanilla podman for things like that, but that can be complex, especially for doing rudimentary testing. So, I did some research, did some playing around, and got a few other OSes working in toolbox:

It’s nothing groundbreaking, and I’m sure it has been done better elsewhere, but if anyone has been interested and would like help and/or would like to help me, feel free to take a look.

4 Likes

That’s really great approach from you and thx sharing your toolbooxexmples here in our Fedora community!

I am pretty sure that other users want to help or add their ideas, struggles etc. with you in order to improve step by step getting things done with toolbox!

v/r
Andi

I will have a look at that! Thanks.

I switched from Docker to Podman for my few needs some time ago - which I have been generally very happy about and I have played around with Toolbox a couple of times but is there a general “Rule of Thumb” about when to use a Toolbox VM vs a Podman VM?

1 Like

Okay, to maybe clarify something, Podman, Buildah, and Skopeo were built for and used on Fedora Silverblue specifically for the rootless container requirements. Podman as a more or less direct replacement for most Docker commands. Docker which runs using a daemon, also used cgroups version 1, while Silverblue and Podman were using cgroups v2, which facilitated the Toolbox use through crun over runc. Finally, Toolbox is Podman under the hood, and they both use the crun runtime for the container environment instead of runc which Docker was using until recently. Also, container runtimes are not VM’s in any sense. They rely heavily on the underlying Host and specifically the container feature of the Linux Kernel, while a VM is “machine in memory” with a defined architecture and everything needed to boot up a system because it is a system.

2 Likes

Tailing on what Stephen says, it really depends on what you are doing. If you are doing more traditional development with just a package manager, compiler, and editor, or installing apps not available as flatpaks, then toolbox would probably be the way to go. But if you are doing container-based development, or have the know how to install and use apps with podman, then maybe it will be the way to go. I often find myself mixing and matching!

1 Like

Yes, sorry, I knew that - I was too loose with what I was trying to say . .

No worries, I just think it is necessary to be clear on certain topics especially technical ones where some layer of differentiation is wanted. So honestly, it is not a big thing except when someone who doesn’t fully understand the technology runs with the incorrect information.

1 Like

I myselft too am using toolbox to use a different distro.

More specifically I also use toolbox to have a kali container (kali is a debian based distro): I prepared the image with standard podman comands and official repositories; then created a “container” with toolbox using this image (see instructions below).

I use this kali container via toolbox on a daily basis for maybe 2 years already. Comparing to running a full Kali Virtual Machine, there are many pros as you can guess, but there are also a few drawbacks you have to know:

  • security: it’s definitely less secure that having a full blown VM to run kali (with toolbox you have many things shared with the host: mountpoints, network and so on)
  • one may be root in the container but still missing some capabilities/rights from the outside (eg: cannot bind to ports < 1024, cannot open network interfaces for capturing, and so on)

I installed and used tcpdump&nmap&Cie on my host with rpm-ostree (and java-latest-openjdk for tje BurpSuite :wink:), and run everything else in this kali toolbox. The workflow is great for me:

  • I can update my kali toolbox, install and remove programs as I would do with a normal VM
  • I can save the current state and create a new toolbox image for oneshot usages

When I looked for this, I did not find information on how to achieve this, so I tried and carefully took notes, that I’ve tested several times since then!

→ Here are the instructions:

  1. podman run -ti kalilinux/kali-rolling /bin/bash
  2. […] (e.g. apt update/upgrade, apt-get install kali-linux-headless and so on)
  3. podman ps -a
  4. podman container stop CONTAINER_ID
  5. podman commit CONTAINER_ID my-kali-YYYYMMDD

Then:

  1. toolbox list
  2. toolbox create --image localhost/my-kali-YYYYMMDD --container mykali
  3. toolbox enter mykali

There are chances that these setup instructions work for other distros also available via podman!

I enjoy it so much that I’m thrilled just to share this with you: I hope some of you will enjoy it as well! :innocent: :yum: