Toolbox wishlist item - similar to rebase a toolbox

Every 6 months I find myself installing and configuring all the stuff I had in the previous toolbox (F35) into the new toolbox (F36). In my mind it would be great to be able to do something similar to re-basing (or update) everything that was in the old toolbox to the new one. I would propose something like this in the shell:

$ toolbox create -rebase f35 # update everything in f35, put it in current toolbox f36

I am a hobby C++ programmer and I like to be up to date with compilers, IDE’s and other tools, I find it a little tedious to reinstall and reconfigure all the tools after doing a major revision upgrade of the OS (Kinoite). One of the motivations is to have the latest compiler, and I do sometimes build compilers from source, but it would be better to upgrade the whole lot at once.

I am not sure if it possible to do something like this with podman?

Thanks in advance for any help or discussion, Cheers :smile:


Any container can be defined in a Containerfile/Dockerfile, so just change the first line from FROM fedora-toolbox:35 to FROM fedora-toolbox:36 and rebuild. I have a ~/Toolbox folder with my Containerfile and scripts to build or rebuild the image. The rebuild script just stops and removes the container, deletes the image and calls the build script.

That also means I can add software without having to worry about bloat, I can just dump the image and rebuild it from the file to get rid of extra junk that I added to run a single command or build someone’s project. It’s like using nix except that it doesn’t pin package versions by default and doesn’t involve an entirely new language.

I think this qualifies as “rebasing” because container images are based on layers so when you edit the FROM line it requires rebuilding every subsequent layer. But on Silverblue you’ll still have the same /home/$USER and /etc so it’s a smooth workflow.


Hi porphyrogene,

Thanks for your reply. I hope I haven’t posted in the wrong section - maybe I should have posted in the SilverBlue section because this question may not be related to containers? Or maybe I wasn’t clear enough, but more likely it’s me who doesn’t know what is going on.

What I have is a Kinoite (KDE variant of SilverBlue) toolbox in which I installed compilers g++, clang++, IDE, cmake etc. So what i am after is a new toolbox with all of the F36 stuff that one finds in a brand new toolbox, plus F36 versions of what was in the F35 toolbox.

Where can I find the Containerfile? I am not understanding about having to rebuild all that? It sounds like you have a software project which you rebuild to work with a new OS version, but my situation is different? I would like to have the system install new versions of everything, not rebuild them? Maybe my concept of rebuild is wrong - it is not rebuild in the sense of a C++ project, rather rebuild the container - I am not sure exactly what that means?

I am fairly new to this, I have had SilverBlue since F34, and Kinoite since F35, but I have just used them, not messed around with the details. Maybe I need a more detailed explanation, or a resource to look at? I will do some more research of my own.

Thanks again for any help, sorry if this is all a bit painful.

My response presumed a comfort with building container images from the Containerfile (or Dockerfile, they’re the same) format. I learned that from something called The Docker Book. Apparently that costs money now but I’m sure there are plenty of resources to learn about it for free. Now I use Podman instead Docker. Podman replicated the Docker API, so you can even do alias docker='podman' and it will work perfectly. Learning Docker or Podman are basically the same thing, they just work differently under the hood.

When you run toolbox create on Silverblue 36, it creates a container from an image. That image is created by this file: toolbox/Containerfile at main · containers/toolbox · GitHub. I think Fedora Kinoite uses the same image when you run toolbox create. You can run toolbox list to see what images and containers you are using.

To build my personal toolbox, I use a Containerfile that I wrote. It starts with the fedora-toolbox image and puts my stuff on top of it so I don’t have to manually install everything. I’m still getting set up on Silverblue so it’s pretty minimal.

# I keep this file at /var/home/myname/Toolbox/Containerfile
# Before Silverblue 36, this line said fedora-toolbox:35
FROM fedora-toolbox:36

# Update base packages
RUN sudo dnf -y upgrade

# Run trusted third-party installers
RUN curl --proto '=https' --tlsv1.2 -sSf | sh -s -- -y

# Install RPM package groups
RUN sudo dnf -y group install \
	"Development Tools" \
	"C Development Tools and Libraries"

# Enable third-party repositories
RUN sudo dnf -y copr enable atim/nushell
RUN sudo dnf -y copr enable varlad/helix

# Install packages
RUN sudo dnf -y install \
	bat \
	fzf \
	gnome-tweaks \
	helix \

To use this file, we have to tell podman to build an image from it.

This script will build the container image using commands that are built into the Silverblue base system. Both the image and the container will be named after the user that runs the script.

# /var/home/myname/Toolbox/
podman build --tag $USER ~/Toolbox;
toolbox create --image $USER $USER;

If you run toolbox list you’ll see you now have an image based on the Containerfile and a container based on that image. Running toolbox enter $USER will put you in the container.

When you update the Containerfile, run this script to update the image, then create a new container from it, still named after the user.

# /var/home/myname/Toolbox/
toolbox rm -f $USER;
podman rmi $USER;
sh ~/Toolbox/;

Then just run toolbox enter bob (if your name is bob) and you’re in your toolbox, built from the file. Anything you want in your toolbox you just add to the file and rebuild. You can play around with new packages knowing that you’re able to rebuild from scratch. When Fedora 37 comes out I will use rpm-ostree rebase to upgrade the OS then change the first line of my Containerfile to say FROM fedora-toolbox:37. All of those dnf commands in the Containerfile will then be running on the Fedora 37 operating system and will be installed accordingly, regardless of what base operating system I’m using. I could even start using Fedora 37 in the toolbox container before I upgrade Silverblue.

Hopefully this helps explain my workflow without too much confusion.


I think this is a fairly common point of confusion among a fairly large set of Silverblue users; usually those who have recently migrated from Fedora Workstation or another desktop Linux OS.

@porphyrogene has very nicely described above a typical traditional container-based workflow. Toolbox, being pretty much like a wrapper for Podman, is meant to work in this way.

The trouble with Toolbox is that it’s been kind of marketed to Silverblue users as “a place you can use dnf to install all the tools you want, just like Fedora Workstation”. Then people get confused with why some things (like upgrading to Fedora 36) don’t work “just like Fedora Workstation”.

I think it might be worth an effort by Fedora to improve the messaging of Toolbox to more accurately explain its nature, especially targeted to those who may not be used to working with containers - which is probably a large portion of people who switch to Silverblue.


Great, thanks for an awesome reply. It is clear to me what to do now. :smile: :smile: :smile:

This is a great solution, it will certainly make things easier.

However, it does not quite seem to be the same thing as rebasing. For example, if I had Visual Studio Code (VSC) installed on the host (just for the sake of this example), and in it there is a json file for my keyboard shortcuts. When I rebase from F35 to F36, I get a F36 version of VSC with all of it’s configuration files and setup the same as on F35. Your workflow seems to install a fresh version of the software with it’s default setup.

Now I could put code in the scripts to copy relevant configuration files into the new toolbox, but that could get a little messy if there are numerous applications.

So all this leads back to the proposed one line command in my first post. Perhaps one day Fedora Developers can make “rebasing” a toolbox as easy as rebasing the OS.

The other thing is whether it is possible to do something similar to what the rebase option in rpm-ostree does, but inside a toolbox, with existing tools? If so, hopefully it is not immediately complex.

Thanks again for your detailed instructions and explanation, I will certainly follow them. I will also read up a lot more about podman. Cheers.

When you use toolbox, it mounts the OS host /var/home/myname to the container’s /home/myname so you will still have all of the same stuff whether you’re in the container or not. However, directories like /usr are specific to that container. That’s why I still run the container with toolbox enter instead of the conventional podman run -it container_name /bin/bash.

When you run toolbox enter it’s like running podman run -it --volume /var/home:/home container_name /bin/bash. There are other useful things that it does so they created toolbox so that we don’t have to bother with that and can just say toolbox enter.

I can use nano on the host OS to edit ~/.config/kitty/kitty.conf then go into the container and edit the exact same file with helix and the path is the same. You will keep the same ~/vscode or ~/.config/vscode (wherever that configuration lives) when you rebuild the container. If you want to edit something in the host /etc you can find that at /var/run/host/etc.

So basically, you can use the workflow I described above and everything in your user directory will persist when you rebuild the container or upgrade Kinoite/Silverblue.

Follow up: I think I gave some shoddy advice earlier in this thread.

I’ve been having issues with my host system that seem to have been caused by using these toolbox containers without initializing them properly. Toolbox uses a toolbox init-container command, without which I’ve been borking my GDM setup and having to delete ~/.local before I can log in to Gnome again. You can run man toolbox create and read the Entry Point section.

Instead, do something like this:

# ~/Toolbox/
toolbox create $USER;
toolbox run --container $USER sh ~/Toolbox/;

Then use ~/Toolbox/ to install your stuff. I haven’t had any issues doing it this way.

Thanks again for all of your help, it saves so much time, and helps a lot of people - Cheers

Thanks for your reply, I guess Fedora wanted to make it sound easy to use a toolbox, but you are right it would be good to have more about using containers.

1 Like