toolbox

Run a toolbox subcommand

$ toolbox [subcommand]

$ toolbox help [subcommand]

$ toolbox [[-h|--help]]

$ toolbox --version

toolbox [GLOBAL OPTIONS] COMMAND [OPTIONS] [ARGUMENTS...]

Common Commands:
toolbox create [OPTIONS]: Create a new toolbox container.
toolbox enter [OPTIONS] [COMMAND [ARGUMENTS...]]: Enter an existing toolbox container.
toolbox list: List existing toolbox containers.
toolbox rm [OPTIONS] CONTAINER: Remove a toolbox container.
toolbox run [OPTIONS] COMMAND [ARGUMENTS...]: Run a command inside a toolbox container.
toolbox init: Initialize a toolbox container (usually implicitly done).

--container NAME
    Specify the container name to operate on. If omitted, a default will be used or prompted.

--distro NAME
    Specify the operating system distribution for a new container (e.g., fedora, centos, debian).

--release VERSION
    Specify the release version of the distribution for a new container (e.g., 38 for Fedora).

--image IMAGE
    Specify a custom container image to use for creating a new toolbox container.

--force
    Force an operation, e.g., to remove a running container without confirmation.

The toolbox command provides a simple and convenient way to create, manage, and interact with containerized command-line environments. It's designed primarily for developers and users of immutable Linux operating systems, such as Fedora Silverblue and Kinoite, allowing them to install and use development tools, libraries, and utilities without modifying the host system.

Under the hood, toolbox leverages Podman (or Docker) to create OCI (Open Container Initiative) compliant containers that are tightly integrated with the host user's home directory, devices, and even the D-Bus. This integration makes the container feel like a natural extension of the host, providing a familiar workflow while keeping the host system clean and stable.

While toolbox provides excellent isolation for developer tools, it's not a strong security sandbox for untrusted applications, as containers have significant access to the host's user home directory and certain system resources. It relies on Podman (or Docker) being installed and properly configured on the host system.

Containers can consume significant disk space, especially if many are created or large packages are installed within them. Network connectivity issues might arise if the underlying container engine configuration is not optimal.

Toolbox containers are persistent. Once created, they retain their state, installed software, and configurations across reboots, offering a consistent development environment.

Toolbox containers are designed for deep integration with the host user. They automatically mount the user's home directory, provide access to devices (like GPUs), and allow seamless interaction with the host's D-Bus for graphical applications or system services.

By leveraging Podman's rootless mode, users can create and manage toolbox containers without requiring sudo privileges, enhancing security and ease of use.

The toolbox utility was developed by the Fedora Project team, primarily to cater to the needs of users on atomic and immutable operating systems like Fedora Silverblue and Fedora Kinoite. These operating systems aim for high stability and security by making the root filesystem immutable.

toolbox emerged as a user-friendly solution to allow developers to install and manage their preferred development tools and environments in a mutable, containerized space without compromising the integrity of the host OS. Its development closely tracks the evolution of Podman and Buildah, which form its underlying technology stack.

podman(1), buildah(1), distrobox(1), docker(1), chroot(1)