nucleus-container 0.3.3

Extremely lightweight Docker alternative for agents and production services — isolated execution using cgroups, namespaces, seccomp, Landlock, and gVisor
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

mod capabilities;
mod caps_policy;
mod gvisor;
mod landlock;
mod landlock_policy;
mod policy;
mod seccomp;
mod seccomp_bpf;
mod seccomp_generate;
mod seccomp_trace;
mod state;

pub use crate::oci::*;
pub use capabilities::*;
pub use caps_policy::CapsPolicy;
pub use gvisor::*;
pub use landlock::*;
pub use landlock_policy::LandlockPolicy;
pub use policy::{load_json_policy, load_toml_policy, sha256_hex};
pub use seccomp::*;
pub use seccomp_generate::{generate_from_trace, SeccompProfile};
pub use seccomp_trace::{SeccompDenyLogger, SeccompTraceReader};
pub use state::*;