Expand description
Pelagos - A modern container runtime library for Linux.
This library provides tools for creating and managing lightweight containers using Linux namespaces.
Modules§
- build
- Build engine for creating OCI images from Remfiles (simplified Dockerfiles).
- cgroup
- Cgroups v2 resource management for containers.
- cgroup_
rootless - Rootless cgroup v2 delegation support.
- compose
- Compose model: parse S-expression AST into typed structs, validate, and topo-sort.
- config
- Pelagos daemon/CLI configuration.
- container
- Container process management using Linux namespaces.
- dns
- DNS daemon management — start/stop/update DNS for container name resolution.
- idmap
- Subordinate UID/GID mapping support for rootless containers.
- image
- OCI image store — filesystem layout, layer extraction, and manifest persistence.
- landlock
- Landlock LSM integration — filesystem access control via Linux 5.13+ syscalls.
- lisp
- Lisp interpreter for
.remlcompose files. - mac
- Mandatory Access Control (MAC) helpers for AppArmor and SELinux. Used from the pre_exec hook (to apply profiles at exec time) and from tests / CLI code (to detect whether the LSM is active).
- network
- Native container networking — N1 (loopback) and N2 (veth + bridge).
- notif
SECCOMP_RET_USER_NOTIFsupervisor mode — userspace syscall interception.- oci
- OCI Runtime Specification v1.0.2 implementation.
- paths
- Centralised path resolution for all Pelagos filesystem locations.
- pty
- PTY (pseudoterminal) relay for interactive container sessions.
- seccomp
- Seccomp (Secure Computing Mode) syscall filtering for containers.
- sexpr
- Zero-dependency recursive descent S-expression parser.
- wasm
- Wasm/WASI runtime integration.