[FEAT] make AppImage to work by default

linuxserver / docker-webtop

Ubuntu, Alpine, Arch, and Fedora based Webtop images, Linux in a web browser supporting popular desktop environments.

GNU General Public License v3.0

1.97k stars 205 forks source link

[FEAT] make AppImage to work by default #261

Closed tomaszduda23 closed 1 month ago

tomaszduda23 commented 2 months ago

Is this a new feature request?

[X] I have searched the existing issues

Wanted change

add libfuse2 by default to let AppImage mount file system

Reason for change

many apps is distributed as AppImage

Proposed code change

apt install libfuse2

github-actions[bot] commented 2 months ago

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

thelamer commented 2 months ago

What about /dev/fuse? And how do you run mount inside of the container. This is not just missing package, it is about privving the container way up.

tomaszduda23 commented 2 months ago

It requires following settings. It could be mentioned in documentation.

    cap_add:
      - SYS_ADMIN
    security_opt:
      - apparmor:unconfined
    devices:
      - /dev/fuse:/dev/fuse

thelamer commented 2 months ago

This is basically privileged without all of sys and dev being mounted in, also app images can run in containers with the --appimage-extract-and-run flag. On top of that people can expand the native known working app catalogue with https://github.com/linuxserver/proot-apps, many of these apps are uncompressed app images. I am not going to recommend to people that they run in priv mode to run an appimage.

tomaszduda23 commented 2 months ago

It is an user choice if they prefer convenience or security. I just asked to add extra package.

Looking on this request again... There will be more users which needs extra package for their use cases. I would like to have gdb also due to https://github.com/kasmtech/KasmVNC/issues/204#issuecomment-2364234457. Would you consider to support package install during container start by env variable? E.g.: ADD_EXTRA_PACKAGES: libfuse2 gdb.

If someone need one or two packages they usually don't want to bother with building custom image and updating it each time.

Roxedus commented 2 months ago

Would you consider to support package install during container start by env variable?

https://github.com/linuxserver/docker-mods/tree/universal-package-install

tomaszduda23 commented 2 months ago

https://github.com/linuxserver/docker-mods/tree/universal-package-install

Awesome. It would be worth to mentioned it explicit in documentation next too PRoot Apps.

aptalca commented 2 months ago

https://github.com/linuxserver/docker-webtop?tab=readme-ov-file#docker-mods

tomaszduda23 commented 2 months ago

https://github.com/linuxserver/docker-webtop?tab=readme-ov-file#docker-mods

It is very hard to understand the meaning of this for someone who had no idea that there is such possibility. I added PR which makes it clear. You might consider to merge it. https://github.com/linuxserver/docker-webtop/pull/262