[FEAT] make AppImage to work by default

linuxserver / docker-webtop

Ubuntu, Alpine, Arch, and Fedora based Webtop images, Linux in a web browser supporting popular desktop environments.

GNU General Public License v3.0

1.82k stars 179 forks source link

[FEAT] make AppImage to work by default #261

Open tomaszduda23 opened 2 hours ago

tomaszduda23 commented 2 hours ago

Is this a new feature request?

[X] I have searched the existing issues

Wanted change

add libfuse2 by default to let AppImage mount file system

Reason for change

many apps is distributed as AppImage

Proposed code change

apt install libfuse2

github-actions[bot] commented 2 hours ago

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

thelamer commented 2 hours ago

What about /dev/fuse? And how do you run mount inside of the container. This is not just missing package, it is about privving the container way up.

tomaszduda23 commented 2 hours ago

It requires following settings. It could be mentioned in documentation.

    cap_add:
      - SYS_ADMIN
    security_opt:
      - apparmor:unconfined
    devices:
      - /dev/fuse:/dev/fuse

thelamer commented 2 hours ago

This is basically privileged without all of sys and dev being mounted in, also app images can run in containers with the --appimage-extract-and-run flag. On top of that people can expand the native known working app catalogue with https://github.com/linuxserver/proot-apps, many of these apps are uncompressed app images. I am not going to recommend to people that they run in priv mode to run an appimage.

tomaszduda23 commented 1 hour ago

It is an user choice if they prefer convenience or security. I just asked to add extra package.

Looking on this request again... There will be more users which needs extra package for their use cases. I would like to have gdb also due to https://github.com/kasmtech/KasmVNC/issues/204#issuecomment-2364234457. Would you consider to support package install during container start by env variable? E.g.: ADD_EXTRA_PACKAGES: libfuse2 gdb.

If someone need one or two packages they usually don't want to bother with building custom image and updating it each time.

Roxedus commented 1 hour ago

Would you consider to support package install during container start by env variable?

https://github.com/linuxserver/docker-mods/tree/universal-package-install

tomaszduda23 commented 1 hour ago

https://github.com/linuxserver/docker-mods/tree/universal-package-install

Awesome. It would be worth to mentioned it explicit in documentation next too PRoot Apps.