Packaging applications in Docker containers
Neatly Bundled
Kaboxer lets users deploy applications that may be difficult to package using Docker containers.
The way distributions deliver software is changing. New package formats such as Flatpak and Snap are becoming more widespread, and containers are becoming increasingly important even for casual desktop users. There are many reasons for this. Developers want to see their software quickly reach users without having to create packages in different formats. Some approaches also allow multiple software versions to be installed simultaneously. Sandboxing as a security feature also plays a role.
In addition, not all software can be easily packaged and kept up-to-date using traditional package formats. This is especially true for distributions such as Kali Linux which ship hundreds of highly specialized applications. Many of these specialized applications are unavailable in the Debian repository. Others are difficult to package because they rely on outdated libraries that hardly any distributions come with anymore. Another reason would be to isolate apps so that they do not interfere with other programs.
Kaboxer [1], a Docker and DEB package-based application developed for Kali Linux, transparently deploys difficult-to-package applications in Docker containers within the Debian packaging system.
Kaboxer
Kali Linux specializes in penetration tests and digital forensics. Based on Debian, Kali Linux uses the Debian package manager. Kaboxer (an abbreviation of Kali Applications Boxer) extends the Debian package system via containers but integrates them into the existing system and controls them transparently via Kaboxer.
The Kaboxer developers emphasize the compatibility of this approach with other Debian variants in the documentation. The developers create Docker images of the applications, which they link in classic Debian packages. During installation, these packages then download the images. To create the DEBs, the Kaboxer team has extended Debian's packaging tool debhelper to include a debhelper_kaboxer
option and adapted the build system to match. As a user, you install the packages in the normal way with:
sudo apt install
Afterward, you will find the applications in the main menu.
Docker Makes It Possible
The Kaboxer developers' decision to use Docker does not exclude other container formats in the future. Docker was initially chosen because its containers come with a large number of parameters for configuration, which means that the images can be easily integrated, both with the host system and across multiple containers.
To ensure this integration, Kaboxer uses existing Docker features such as mount points and port redirects. Menu items are based on .desktop
files created by Kaboxer. All the integration details, as well as the instructions for creating or retrieving the Docker image, are bundled in a single YAML file. The file, in turn, is packaged in one of the DEB files provided by the Kali project. The post-inst
script for these packages downloads the image so that the application it contains can be used immediately afterwards.
Transparently Integrated
After containerizing an app, Kaboxer's next task is to deploy the app so that users can open it with the familiar Debian package management commands. Kaboxer's other tasks include ensuring the persistence of the data created by the user with the respective application, even if the user deletes the corresponding container.
This explains why Kaboxer comes with functions for configuring volumes shared between the host and the container. Additional steps need to be taken for GUI or web applications: GUI applications, for example, need access to the host's X11 socket. For web applications, the HTTP port must be allowed, and the web browser must be launched with the respective URL.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.