why does buildkitd need root privilege?

[lgarithm]

I launched a buildkitd with

buildkitd --debug --root tmp --addr tcp://0.0.0.0:9999

and then run

BUILDKIT_HOST=tcp://0.0.0.0:9999 buildctl build --frontend=dockerfile.v0 --local context=. --local dockerfile=.

it failed with

error: failed to solve: rpc error: code = PermissionDenied desc = operation not permitted

and buildkitd prints the following log

DEBU[0001] saved pepcogt875omp04yuoxemwku9 as local.sharedKey:context:.dockerignore: 
DEBU[0001] saved b1ak00yut64moftomnakdvqrd as local.sharedKey:dockerfile:Dockerfile: 
ERRO[0002] /moby.buildkit.v1.Control/Solve returned error: operation not permitted 
DEBU[0002] session finished: <nil>

It would be OK if I launched a buildkitd with sudo.
Can the READMD.md doc mention why does it still need root privilege?

[tonistiigi]

BuildKit executes the build processes in full containers. Privileges are needed both for extracting the root filesystems of containers and for executing the containers with runc.

There are some suggestions for making the ux better in #237 because the BuildKit API itself is mostly safe to be used by unprivileged users. I agree that readme can be improved and on starting buildkitd we should show the permission error right away and not wait for an actual build request to be invoked.

[AkihiroSuda]

In addition to Tonis's work, I'm planning to implement "rootless" mode.

I have a POC runtime that allows running yum in a container without root privilege: https://github.com/AkihiroSuda/runrootless

[AkihiroSuda]

BuildKit in rootless mode: https://twitter.com/_AkihiroSuda_/status/955698849560997888

(Requires opencontainers/runc#1688 to be merged first)

[AkihiroSuda]

https://github.com/jessfraz/img is a daemonless and rootless application of buildkit

[jessfraz]

Is the goal to upstream that stuff after (seems like it :) then I can just update my vendor hahaha