Metadata-Version: 2.1
Name: udocker
Version: 1.3.0
Summary: A basic user tool to execute simple docker         containers in batch or interactive systems without root privileges
Home-page: https://github.com/indigo-dc/udocker
Author: Jorge Gomes
Author-email: udocker@lip.pt
License: Apache Software License 2.0
Description: <!---
        [![Build Status](https://jenkins.indigo-datacloud.eu/buildStatus/icon?job=Pipeline-as-code/udocker/master)](https://jenkins.indigo-datacloud.eu/job/Pipeline-as-code/job/udocker/job/master/)
        -->
        [![Build Status](https://jenkins.eosc-synergy.eu/buildStatus/icon?job=indigo-dc/udocker/devel3)](https://jenkins.eosc-synergy.eu/job/indigo-dc/job/udocker/job/devel3/)
        
        ![logo](docs/logo-small.png)
        
        udocker is a basic user tool to execute simple docker containers in user
        space without requiring root privileges. Enables download and execution
        of docker containers by non-privileged users in Linux systems where
        docker is not available. It can be used to pull and execute docker
        containers in Linux batch systems and interactive clusters that are
        managed by other entities such as grid infrastructures or externally
        managed batch or interactive systems.
        
        udocker does not require any type of privileges nor the deployment of
        services by system administrators. It can be downloaded and executed
        entirely by the end user. The limited root functionality provided by
        some of the udocker execution modes is either simulated or provided 
        via user namespaces.
        
        udocker is a wrapper around several tools to mimic a subset of the
        docker capabilities including pulling images and running containers
        with minimal functionality.
        
        ## Documentation
        
        The full documentation is available at:
        
        * [udocker documentation](https://indigo-dc.github.io/udocker/)
          * [Installation manual](https://indigo-dc.github.io/udocker/installation_manual.html)
          * [User manual](https://indigo-dc.github.io/udocker/user_manual.html)
          * [Reference card](https://indigo-dc.github.io/udocker/reference_card.html)
        
        ## How does it work
        udocker is written in Python, it has a minimal set of dependencies so 
        that can be executed in a wide range of Linux systems.
        
        udocker does not make use of docker nor requires its presence.
        
        udocker "executes" the containers by simply providing a chroot like
        environment over the extracted container. The current implementation
        supports different methods to mimic chroot thus enabling execution of
        containers under a chroot like environment without requiring privileges.
        udocker transparently supports several methods to execute the containers
        based on external tools and libraries such as:
        
        * PRoot
        * Fakechroot
        * runc
        * crun
        * Singularity
        
        With the exception of Singularity the tools and libraries to support
        execution are downloaded and deployed by udocker during the installation 
        process. This installation is performed in the user home directory
        and does not require privileges. The udocker related files such as
        libraries, executables, container images and extracted directory
        trees are placed by default under `$HOME/.udocker`.
        
        ## Advantages
        
        * Can be deployed by the end-user
        * Does not require privileges for installation
        * Does not require privileges for execution
        * Does not require compilation, just transfer the Python code
        * Encapsulates several tools and execution methods
        * Includes the required tools already statically compiled to work
          across systems
        * Provides a docker like command line interface
        * Supports a subset of docker commands:
          search, pull, import, export, load, save, login, logout, create and run
        * Understands docker container metadata
        * Allows loading of docker and OCI containers
        * Supports NVIDIA GPGPU applications
        * Runs both on new and older Linux distributions including:
          CentOS 6, CentOS 7, CentOS 8, Ubuntu 14, Ubuntu 16, Ubuntu 18, Ubuntu 20, 
          Ubuntu 21, Alpine, Fedora, etc
        
        ## Python 2 and Python 3
        
        Since v1.2.0 udocker supports Python 2.6, 2.7 and Python >= 3.6. 
        The original udocker v1.1.x for Python 2 only is still available
        [here](https://github.com/indigo-dc/udocker/tree/devel).
        
        ## Syntax
        
        ```
                Commands:
                  search <repo/expression>      :Search dockerhub for container images
                  pull <repo/image:tag>         :Pull container image from dockerhub
                  create <repo/image:tag>       :Create container from a pulled image
                  run <container>               :Execute container
        
                  images -l                     :List container images
                  ps -m -s                      :List created containers
                  name <container_id> <name>    :Give name to container
                  rmname <name>                 :Delete name from container
                  rename <name> <new_name>      :Change container name 
                  clone <container_id>          :Duplicate container
                  rm <container-id>             :Delete container
                  rmi <repo/image:tag>          :Delete image
        
                  import <tar> <repo/image:tag> :Import tar file (exported by docker)
                  import - <repo/image:tag>     :Import from stdin (exported by docker)
                  export -o <tar> <container>   :Export container directory tree
                  export - <container>          :Export container directory tree
                  load -i <imagefile>           :Load image from file (saved by docker)
                  load                          :Load image from stdin (saved by docker)
                  save -o <imagefile> <repo/image:tag>  :Save image with layers to file
        
                  inspect -p <repo/image:tag>   :Return low level information on image
                  verify <repo/image:tag>       :Verify a pulled or loaded image
        
                  protect <repo/image:tag>      :Protect repository
                  unprotect <repo/image:tag>    :Unprotect repository
                  protect <container>           :Protect container
                  unprotect <container>         :Unprotect container
        
                  mkrepo <top-repo-dir>         :Create another repository in location
                  setup                         :Change container execution settings
                  login                         :Login into docker repository
                  logout                        :Logout from docker repository
        
                  help                          :This help
                  run --help                    :Command specific help
                  version                       :Shows udocker version
        
                Options common to all commands must appear before the command:
                  -D                            :Debug
                  --quiet                       :Less verbosity
                  --repo=<directory>            :Use repository at directory
                  --insecure                    :Allow insecure non authenticated https
                  --allow-root                  :Allow execution by root NOT recommended
        ```
        
        ## Examples
        
        Some examples of usage:
        
        Search container images in dockerhub.
        
        ```
        udocker search  fedora
        udocker search  ubuntu
        udocker search  indigodatacloud
        ```
        
        Pull from dockerhub and list the pulled images.
        
        ```
        udocker pull   fedora:29
        udocker pull   busybox
        udocker pull   iscampos/openqcd
        udocker images
        ```
        
        Pull from a registry other than dockerhub.
        
        ```
        udocker search  quay.io/bio
        udocker search  --list-tags  quay.io/biocontainers/scikit-bio
        udocker pull    quay.io/biocontainers/scikit-bio:0.2.3--np112py35_0
        udocker images
        ```
        
        Create a container from a pulled image and run it.
        
        ```
        udocker create --name=myfed  fedora:29
        udocker run  myfed  cat /etc/redhat-release
        ```
        
        The three steps of pulling, creating and running can be achieved in
        a single command, however this will create a new container in each
        invocation consuming additional space and time. Therefore is better
        to pull and create separately and use the identifier returned by
        create or use an alias to execute the container as demonstrated above.
        
        ```
        udocker run  fedora:29  cat /etc/redhat-release
        ```
        
        Execute mounting the host /home/u457 into the container directory /home/cuser.
        Notice that you can "mount" any host directory inside the container.
        Depending on the execution mode the "mount" is implemented differently and
        may have restrictions.
        
        ```
        udocker run -v /home/u457:/home/cuser -w /home/user myfed  /bin/bash
        udocker run -v /var -v /proc -v /sys -v /tmp  myfed  /bin/bash
        ```
        
        Place a script in your host /tmp and execute it in the container. Notice
        that the behavior of `--entrypoint` changed from the previous versions
        for better compatibility with docker.
        
        ```
        udocker run  -v /tmp  --entrypoint="" myfed  /bin/bash -c 'cd /tmp; ./myscript.sh'
        
        udocker run  -v /tmp  --entrypoint=/bin/bash  myfed  -c 'cd /tmp; ./myscript.sh'
        ```
        
        Execute mounting the host /var, /proc, /sys and /tmp in the same container
        directories. Notice that the content of these container directories will
        be obfuscated.
        
        ```
        udocker run -v /var -v /proc -v /sys -v /tmp  myfed  /bin/bash
        ```
        
        Install software inside the container.
        
        ```
        udocker run  --user=root myfed  yum install -y firefox pulseaudio gnash-plugin
        ```
        
        Run as some user. The usernames should exist in the container.
        
        ```
        udocker run --user 1000:1001  myfed  /bin/id
        udocker run --user root   myfed  /bin/id
        udocker run --user jorge  myfed  /bin/id
        ```
        
        Running Firefox.
        
        ```
        udocker run --bindhome --hostauth --hostenv \
           -v /sys -v /proc -v /var/run -v /dev --user=jorge --dri myfed  firefox
        ```
        
        Change execution engine mode from PRoot to Fakechroot and run.
        
        ```
        udocker setup  --execmode=F3  myfed
        
        udocker run --bindhome --hostauth --hostenv \
           -v /sys -v /proc -v /var/run -v /dev --user=jorge --dri myfed  firefox
        ```
        
        Change execution engine mode to accelerated PRoot.
        
        ```
        udocker setup  --execmode=P1  myfed
        ```
        
        Change execution engine to runc.
        
        ```
        udocker setup  --execmode=R1  myfed
        ```
        
        Change execution engine to Singularity. Requires the availability of
        Singularity in the host system.
        
        ```
        ./udocker setup  --execmode=S1  myfed
        ```
        
        Install software running as root emulation in Singularity:
        
        ```
        udocker setup  --execmode=S1  myfed
        udocker run  --user=root myfed  yum install -y firefox pulseaudio gnash-plugin
        ```
        
        ## Security
        
        By default udocker via PRoot offers the emulation of the root user. This 
        emulation mimics a real root user (e.g getuid will return 0). This is just 
        an emulation no root privileges are involved. This feature makes possible 
        the execution of some tools that do not require actual privileges but which 
        refuse to work if the username or id are not root or 0. This enables for 
        instance software installation using rpm, yum or dnf inside the container.
        
        udocker does not offer robust isolation features such as the ones offered
        by docker. Therefore if the containers content is not trusted then these
        containers should not be executed with udocker as they will run inside the 
        user environment. For this reason udocker should not be run by privileged 
        users.
        
        Container images and filesystems will be unpacked and stored in the user 
        home directory under `$HOME/.udocker` or other location of choice. Therefore 
        the containers data will be subjected to the same filesystem protections as 
        other files owned by the user. If the containers have sensitive information 
        the files and directories should be adequately protected by the user.
        
        udocker does not require privileges and runs under the identity of the user
        invoking it.
        
        Users can downloaded udocker and execute it without requiring system
        administrators intervention.
        
        udocker also provides execution with runc, crun and Singularity, these modes
        make use of rootless namespaces and enable a normal user to execute as root 
        with the limitations that apply to user namespaces and to these tools.
        
        When executed by normal unprivileged users, udocker limits privilege 
        escalation issues since it does not use or require system privileges.
        
        ## General Limitations
        
        Since root privileges are not involved any operation that really
        requires such privileges will not be possible. The following  are
        examples of operations that are not possible:
        
        * accessing host protected devices and files
        * listening on TCP/IP privileged ports (range below 1024)
        * mount file-systems
        * the su command will not work
        * change the system time
        * changing routing tables, firewall rules, or network interfaces
        
        If the containers require such privilege capabilities then docker 
        should be used instead.
        
        udocker is not meant to create containers. Creation of containers 
        is better performed using docker and dockerfiles.
        
        udocker does not provide all the docker features, and is not intended
        as a docker replacement.
        
        udocker is mainly oriented at providing a run-time environment for
        containers execution in user space. udocker is particularly suited to 
        run user applications encapsulated in docker containers.
        
        Debugging inside of udocker with the PRoot engine will not work due to
        the way PRoot implements the chroot environment
        
        ## Execution mode specific limitations
        
        udocker offers multiple execution modes leveraging several external tools
        such as PRoot (P mode), Fakechroot (F mode), runC (R mode), crun (R mode) 
        and Singularity (S mode).
        
        When using execution Fakechroot modes such as F2, F3 and F4 the created
        containers cannot be moved across hosts. In this case convert back to a Pn
        mode before transfer.
        This is not needed if the hosts are part of an homogeneous cluster where
        the mount points and directory structure is the same. This limitation
        applies whenever the absolute realpath to the container directory changes.
        
        The default accelerated mode of PRoot (mode P1) may exhibit problems in Linux 
        kernels above 4.0 due to kernel changes and upstream issues, in this case use
        mode P2 or any of the other execution modes.
        
        ```
        ./udocker setup  --execmode=P2  my-container-id
        ```
        
        The Fakechroot modes (Fn modes) require shared libraries compiled against 
        the libc shipped with the container. udocker provides these libraries for 
        several Linux distributions, these shared libraries are installed by 
        udocker under:
        
        ```
        $HOME/.udocker/lib/libfakechroot-*
        ```
         
        The runc and crun modes (R modes) require a kernel with user namespaces enabled.
        
        The singularity mode (S mode) requires the availability of Singularity in 
        the host system. Singularity is not shipped with udocker.
        
        ## Metadata generation
        
        The `codemeta-json` metadata file was initially generated with `codemetapy`
        package:
        
        ```
        codemetapy udocker --with-orcid --affiliation "LIP Lisbon" \
          --buildInstructions "https://https://github.com/indigo-dc/udocker/blob/master/docs/installation_manual.md#3-source-code-and-build" \
          --citation "https://doi.org/10.1016/j.cpc.2018.05.021" \
          --codeRepository "https://github.com/indigo-dc/udocker" \
          --contIntegration "https://jenkins.eosc-synergy.eu/job/indigo-dc/job/udocker/job/master/" --contributor "Mario David" \
          --copyrightHolder "LIP"  --copyrightYear "2016" --creator "Jorge Gomes" \
          --dateCreated "2021-05-26" --maintainer "Jorge Gomes" \
          --readme "https://github.com/indigo-dc/udocker/blob/master/README.md" \
          --referencePublication "https://doi.org/10.1016/j.cpc.2018.05.021" \
          --releaseNotes "https://github.com/indigo-dc/udocker/blob/master/changelog" \
          -O codemeta.json
        ```
        
        Further updates may be needed to add the correct values in
        the metadata file.
        
        ## Contributing
        
        See: [Contributing](CONTRIBUTING.md)
        
        ## Citing
        
        See: [Citing](CITING.md)
        
        When citing udocker please use the following:
        
        * Jorge Gomes, Emanuele Bagnaschi, Isabel Campos, Mario David,
        Luís Alves, João Martins, João Pina, Alvaro López-García, Pablo Orviz, 
        Enabling rootless Linux Containers in multi-user environments: The udocker 
        tool, Computer Physics Communications, Available online 6 June 2018,
        ISSN 0010-4655, https://doi.org/10.1016/j.cpc.2018.05.021
        
        ## Acknowledgements
        
        * Docker https://www.docker.com/
        * PRoot https://proot-me.github.io/
        * Fakechroot https://github.com/dex4er/fakechroot/wiki
        * runC https://runc.io/
        * crun https://github.com/containers/crun
        * Singularity https://www.sylabs.io/
        * Open Container Initiative https://www.opencontainers.org/
        * INDIGO DataCloud https://www.indigo-datacloud.eu
        * DEEP-Hybrid-DataCloud https://deep-hybrid-datacloud.eu
        * EOSC-hub https://eosc-hub.eu
        * EGI-ACE https://www.egi.eu/projects/egi-ace/
        * EOSC-Synergy https://www.eosc-synergy.eu/
        * LIP [https://www.lip.pt](https://www.lip.pt/?section=home&page=homepage&lang=en)
        * INCD [https://www.incd.pt](https://www.incd.pt/?lang=en)
        
        
        This work was performed in the framework of the H2020 project INDIGO-Datacloud
        (RIA 653549) and further developed with co-funding by the projects EOSC-hub
        (Horizon 2020) under Grant number 777536 and DEEP-Hybrid-DataCloud
        (Horizon 2020) under Grant number 777435. Software Quality Assurance is
        performed with the support of by the project EOSC-Synergy (Horizon 2020).
        The authors wish to acknowleadge the support of INCD-Infraestrutura Nacional de
        Computação Distribuída (funded by FCT, P2020, Lisboa2020, COMPETE and FEDER
        under the project number 22153-01/SAICT/2016).
        
        <!---
        <img src="https://wiki.eosc-hub.eu/download/attachments/1867786/eu%20logo.jpeg?version=1&modificationDate=1459256840098&api=v2" height="24">
        <img src="https://wiki.eosc-hub.eu/download/attachments/18973612/eosc-hub-web.png?version=1&modificationDate=1516099993132&api=v2" height="24">
        -->
        
        
        # udocker (1.3.0)
        
          * Prepare to move the stable code for Python 3 and Python 2 >= 2.6 to master
          * Installation procedure changed since 1.1.x series see the `installation_manual`
          * Improve user and installation documentation
          * Extract documentation upon installation
          * Add codemeta.json, metadata for the software
          * Add support for `faccessat2()` in Pn and Fn execution modes
          * Fix support for `newfstatat()` in Pn execution modes
          * Add Fn libraries for Fedora 34 and Ubuntu 21.04
          * Remove broken links in FileUtil.remove()
          * update minimum udocker tools tarball to 1.2.8
          * Cmd and entrypoint metadata and arguments processing changed to mimic docker
          * Improve removal of files and links in install and filebind restore
          * Add follow location option to GetURL()
          * Implement use of `--entrypoint=<cmd>` to force execution of command
            - closes: #306
          * Implement use of `--entrypoint=""` to bypass entrypoint in metadata
            - closes: #306
        
        # udocker (1.2.9)
        
          * method Unshare.unshare os.strerror() takes one argument,
            - closes: #254
          * Add unit test for #254
          * Method chown udocker.utils.fileutil FileUtil
            - closes: #276
          * Several fixes of unit tests and pylint
          * Fix confusion between exit code 0 and inferred False
          * Dereference on `safe_prefixes`
          * untar exclude dev
          * Fix rmi for referenced layers
          * Set default for `PROOT_TMP_DIR`
          * sysdir mountpoint not found and set tmpdir
          * Update installation instructions
          * Improve `oskernel_isgreater()`
          * Improve `osinfo()`
          * Fix repository login/logout
          * Improve keystore logic
          * Fix pull /v2
        
        # udocker (1.2.8b2)
        
          * Fix Rn modes to enable containers execution from readonly dirs
          * Documentation centralized installation and readonly setups
          * Fix handling of dockerhub repository names in /v2
          * Improve documentation and algn with 1.1.8b2
          * Add credits
          * Fix delete of paths with symlinks
            - closes: #267, #265
          * Fix issues with login credentials
            - closes: #310
          * Fix pull images from docker hub in Termux
            - closes: #307 
          * Fix issues on running udocker in googlecolab
            - closes: #286
          * Fix execution with Pn modes in alternate /tmp
            - closes: #284
          * Add conditional delay-directory-restore to untar layers
          * Add exclude of whiteouts on layer untar
          * Add --nobanner to udocker run
        
        # udocker (1.2.7)
        
          * Major restructuring of the code
          * Major restructuring of the unit tests
          * Porting to Python 3, still supports python 2.7
          * all fixes up to previous 1.1.7 version have been applied
          * added scripts tests udocker: `utils/udocker_test.sh utils/udocker_test-run.sh`
        
        # udocker (1.1.7)
        
          * Fix P1 when Linux 4.8.0 SECCOMP is backported, affects newer CentOS 7 
            - closes: #282
          * Check for file ownership on remove wrongly follows symlinks 
            - closes: #266, #267
          * udocker unexpectedly uses P1 exec mode instead of P2
            - closes: #274
          * Allow passing of `PROOT_TMP_DIR` environment variable
            - closes: #284
        
        # udocker (1.1.6)
        
          * Complete fix for of ELF paths in modes Fn for $ORIGIN:$ORIGIN
            - closes: #255
        
        # udocker (1.1.5)
        
          * Preliminary fix for of ELF paths in modes Fn for $ORIGIN:$ORIGIN
          * Add Fn libraries for Ubuntu20, Fedora32, Fedora33
          * Add Fn libraries for Alpine 3.12, 3.13
        
        # udocker (1.1.4-1)
        
          * Fix run --location
          * Fix udocker integrated help
          * Fix naming of containers
          * Improve parsing of image names
          * Documentation improvements
          * `os._exit` from Unshare.unshare()
          * Disable `FAKECHROOT_DISALLOW_ENV_CHANGES` in F4 mode
        
        # udocker (1.1.4)
        
          * Use hub.docker.com as default registry
          * Search using v1 and v2 APIs
          * Implement API /v2/search/repositories
          * Adjust search results to screen size
          * List container size with ps -s
          * List container execution modes with ps -m
          * Added support for nameat() and statx() in Pn and Fn modes
          * Added Fn libraries for Ubuntu18, Ubuntu19, Fedora29, Fedora30, Fedora31, CentOS8
          * Added Fn libraries for Alpine 3.8, 3.9, 3.10, 3.11
          * Added support for sha512 hashes
          * Added support for opaque whiteouts
          * Added search --list-tags to available tags for a given repository
          * Add CLI support for image names in format host/repository:tag
          * Support for fake root in Sn execution modes via --user=root
          * Improve verify of loaded/pulled images
          * Improve handling of mountpoints
          * Added --containerauth to enable direct use of the container passwd and group
          * Added support for file mount bindings in singularity
          * Added `UDOCKER_USE_PROOT_EXECUTABLE` env var to select proot location
          * Added `UDOCKER_USE_RUNC_EXECUTABLE` env var to select runc location
          * Added `UDOCKER_USE_SINGULARITY_EXECUTABLE` env var to select singularity
          * Added `UDOCKER_DEFAULT_EXECUTION_MODE` env var to select default execution mode
          * Added R2 and R3 execution modes for PRoot overlay execution in runc
          * Added setup --purge for cleanup of mountpoints and files 
          * Added setup --fixperms to fix container file permissions
          * Added run --env-file= to load file with environment variables
          * Improve file and directory binding support for Singularity and runc
          * Add command rename for renaming of containers
          * Create processes without shell context
          * Safer parsing of config files and removal of directories
          * Improve installation
          * Improved fix of SECCOMP accelerated mode for P1 mode
          * Added loading and handling of container images in OCI format
          * Fixes for udocker in ARM aarch64
          * Fix processing of --dri in Sn mode
            - closes: #241
          * Improve handling of container and host authentication
            - partially addresses: #239
          * Fixes to address authentication and redirects in pull
            - closes: #225, #230
          * Added minimal support to load OCI images
            - closes: #111
          * Added Pn support for newer distributions
            - closes: #192
          * Improve the installation of udockertools
            - closes: #220, #228
          * Read environment variables from file with --env-file=
            - closes: #212
          * Prepare for pypy
            - closes: #211
          * Fixes for verification of container images
            - closes: #209
          * Fix command line processing for "-" in argument
            - closes: #202
          * Fix file protections on extraction making files u+r
            - closes: #202, #206
          * Fix comparison of kernel versions having non-integers
            - closes: #183
          * Support for both manifest V2 schema 1 and schema 2
            - closes: #218, #225
          * Further improved pathname translation in Fn modes
            - closes: #160
          * Implement save images in docker format
            - closes: #74
          * useradd and groupadd not working in containers
            - closes: #141
          * fix return code when exporting to stdin
            - closes: #202
        
        # udocker (1.1.3)
        
          * Support for nvidia drivers on ubuntu
            - closes: #162
          * Installation improvements
            - closes: #166
          * Fix issue on Fn mode symlink convertion
            - partially addresses: #160
        
        # udocker (1.1.2)
        
          * Improve parsing of quotes in the command line
            - closes: #98
          * Fix version command to exit with 0
            - closes: #107
          * Add kill-on-exit to proot on Pn modes
          * Improve download of udocker utils
          * Handle authentication headers when pulling 
            - closes: #110
          * Handle of redirects when pulling
          * Fix registries table
          * Support search quay.io
          * Fix auth header when no standard Docker registry is used
          * Add registry detection on image name
          * Add --version option
          * Force python2 as interpreter
            - closes: #131
          * Fix handling of volumes in metadata
          * Handle empty metadata
          * Fix http proxy functionality
            - closes: #115
          * Ignore --no-trunc and --all in the images command
            - closes: #108
          * Implement verification of layers in manifest
          * Add --nvidia to support GPUs and related drivers
          * Send download messages to stderr
          * Enable override of curl executable
          * Fix building on CentOS 6
            - closes: #157
          * Mitigation for upstream limitation in runC without tty
            - closes: #132
          * Fix detection of executable with symlinks in container
            - closes: #118
          * Updated runC to v1.0.0-rc5
          * Experimental support for Alpine in Fn modes
          * Improve pathname translation in Fn modes for mounted dirs
            - partially addresses: #160
        
        # udocker (1.1.1)
        
          * New execution engine using singularity
          * Updated documentation with OpenMPI information and examples
          * Additional unit tests
          * Redirect messages to stderr
          * Improved parsing of quotes in the command line
            - closes: #87
          * Allow override of the HOME environment variable
          * Allow override of libfakechroot.so at the container level
          * Automatic selection of libfakechroot.so from container info
          * Improve automatic install
          * Enable resetting prefix paths in Fn modes in remote hosts
          * Do not set `AF_UNIX_PATH` in Fn modes when the host /tmp is a volume
          * Export containers in both docker and udocker format
          * Import containers docker and udocker format
          * Load, import and export to/from stdin/stdout
          * Clone existing containers
          * Support for TCP/IP port remap in execution modes Pn
          * Fix run with basenames failing
            - closes: #89
          * Allow run as root flag
            - closes: #91
        
        # udocker (1.1.0)
        
          * Support image names prefixed by registry similarly to docker 
          * Add execution engine selection logic
          * Add fr execution engine based on shared library interception
          * Add rc execution engine based on rootless namespaces
          * Improve proot tmp files cleanup on non ext filesystems
          * Improve search returning empty on Docker repositories
          * Improve runC execution portability 
          * Add environment variable `UDOCKER_KEYSTORE`
            - closes: #75
          * Prevent creation of .udocker when `UDOCKER_KEYSTORE` is used
            - closes: #75
        
        # udocker (1.0.4)
        
          * Documentation fixes
        
        # udocker (1.0.3)
        
          * Support for import Docker containers in newer metadata structure
          * Improve the command line parsing
          * Improve temporary file handling and removal
          * Support for additional execution engines to be provided in the future
          * Improved parsing of entrypoint and cmd metadata
            - closes: #53
          * Increase name alias length
            - closes: #52
          * Add support for change dir into volume directories
            - closes: #51
          * Fix deletion of files upon container import
            - closes: #50
          * Fix exporting of host environment variables to the containers
            - closes: #48
          * Change misleading behavior of import tarball from move to copy
            - closes: #44
          * Fix validation of volumes specification
            - closes: #43
        
        # udocker (1.0.2)
        
          * Improve download on repositories that fail authentication on /v2
          * Improve run verification of binaries with recursive symbolic links
          * Improve accelerated seccomp on kernels >= 4.8.0
            - closes: #40
        
        # udocker (1.0.1)
        
          * Minor bugfixes
          * Executable name changed from udocker.py to udocker
          * Added support for login into docker repositories
          * Added support for private repositories
          * Added support for listing of v2 repositories catalog
          * Added checksum verification for sha256 layers
          * Improved download handling for v1 and v2 repositories
          * Improved installation tarball structure
          * Insecure flag fixed
          * Address seccomp change introduced on kernels >= 4.8.0
          * Utilities for packaging
          * Improved verbose levels, messaging and output
            - closes: #24, #23
          * Fully implement support for registry selection --registry parameter
            - closes: #29
          * Provide support for private repositories e.g. gitlab registries
            - closes: #30
          * Provide --insecure command line parameter for SSL requests
            - closes: #31
        
        # udocker (1.0.0)
        
          * Initial version
        
        
Keywords: Linux containers,HPC on cloud,Virtualization
Platform: UNKNOWN
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: End Users/Desktop
Classifier: Intended Audience :: Science/Research
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Natural Language :: English
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.6
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Topic :: System
Classifier: Topic :: Utilities
Description-Content-Type: text/markdown
