Packaging applications in Docker containers
Neatly Bundled
Kaboxer lets users deploy applications that may be difficult to package using Docker containers.
The way distributions deliver software is changing. New package formats such as Flatpak and Snap are becoming more widespread, and containers are becoming increasingly important even for casual desktop users. There are many reasons for this. Developers want to see their software quickly reach users without having to create packages in different formats. Some approaches also allow multiple software versions to be installed simultaneously. Sandboxing as a security feature also plays a role.
In addition, not all software can be easily packaged and kept up-to-date using traditional package formats. This is especially true for distributions such as Kali Linux which ship hundreds of highly specialized applications. Many of these specialized applications are unavailable in the Debian repository. Others are difficult to package because they rely on outdated libraries that hardly any distributions come with anymore. Another reason would be to isolate apps so that they do not interfere with other programs.
Kaboxer [1], a Docker and DEB package-based application developed for Kali Linux, transparently deploys difficult-to-package applications in Docker containers within the Debian packaging system.
Kaboxer
Kali Linux specializes in penetration tests and digital forensics. Based on Debian, Kali Linux uses the Debian package manager. Kaboxer (an abbreviation of Kali Applications Boxer) extends the Debian package system via containers but integrates them into the existing system and controls them transparently via Kaboxer.
The Kaboxer developers emphasize the compatibility of this approach with other Debian variants in the documentation. The developers create Docker images of the applications, which they link in classic Debian packages. During installation, these packages then download the images. To create the DEBs, the Kaboxer team has extended Debian's packaging tool debhelper to include a debhelper_kaboxer
option and adapted the build system to match. As a user, you install the packages in the normal way with:
sudo apt install
Afterward, you will find the applications in the main menu.
Docker Makes It Possible
The Kaboxer developers' decision to use Docker does not exclude other container formats in the future. Docker was initially chosen because its containers come with a large number of parameters for configuration, which means that the images can be easily integrated, both with the host system and across multiple containers.
To ensure this integration, Kaboxer uses existing Docker features such as mount points and port redirects. Menu items are based on .desktop
files created by Kaboxer. All the integration details, as well as the instructions for creating or retrieving the Docker image, are bundled in a single YAML file. The file, in turn, is packaged in one of the DEB files provided by the Kali project. The post-inst
script for these packages downloads the image so that the application it contains can be used immediately afterwards.
Transparently Integrated
After containerizing an app, Kaboxer's next task is to deploy the app so that users can open it with the familiar Debian package management commands. Kaboxer's other tasks include ensuring the persistence of the data created by the user with the respective application, even if the user deletes the corresponding container.
This explains why Kaboxer comes with functions for configuring volumes shared between the host and the container. Additional steps need to be taken for GUI or web applications: GUI applications, for example, need access to the host's X11 socket. For web applications, the HTTP port must be allowed, and the web browser must be launched with the respective URL.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Systemd Fixes Bug While Facing New Challenger in GNU Shepherd
The systemd developers have fixed a really nasty bug amid the release of the new GNU Shepherd init system.
-
AlmaLinux 10.0 Beta Released
The AlmaLinux OS Foundation has announced the availability of AlmaLinux 10.0 Beta ("Purple Lion") for all supported devices with significant changes.
-
Gnome 47.2 Now Available
Gnome 47.2 is now available for general use but don't expect much in the way of newness, as this is all about improvements and bug fixes.
-
Latest Cinnamon Desktop Releases with a Bold New Look
Just in time for the holidays, the developer of the Cinnamon desktop has shipped a new release to help spice up your eggnog with new features and a new look.
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.