These days, I wanted to build some SUSE documentation, but daps drags quite a few dependencies. Thus I decided to use that occasion to move it to a sandbox. The idea is very similar to what was detailled in my post on containers for GUI apps, but will be made much easier thanks to the recent progresses in virt-sandbox.

Note that this is only possible with recent virt-sandbox. To make sure you have virt-sandbox with all features, install it from the OBS Virtualization repository.

Creating the disk image

Most of this part will be simplified, as I reused the test-base.qcow2 image created in the previous post. I only added it a non-root user. Doing this is pretty straight forward thanks to qemu-img's commit feature.

First create a working overlay image based on test-base.qcow2:

qemu-img create -f qcow2 \
                -o backing_file=$PWD/test-base.qcow2 \

As a non-privileged user, boot a sandbox running this disk image:

virt-sandbox -n daps \
             --privileged \
             -m host-image:/=$PWD/daps.qcow2,format=qcow2 \
             -- \

Note that the --privileged parameter keeps you as root in the sandbox. Otherwise you would be logged in as a user with the same UID as the one you ran virt-sandbox with. You can do the changes you need in the base image. In our case, I will add an unprivileged user.

useradd -m myuser

As we want this change to propagate to the base image, please refrain from installing daps or doing other things that you don't want to see in the base image. Exit the shell to exit the sandbox and get back to your host command.

In order to have working network later in the sandboxes, we have to install util-linux-systemd and dhcp-client as it wasn't done in when creating the base image. For this we need to switch to root and mount the image with libguestfs tools since zypper can't get any network so far.

sudo guestmount -a $PWD/daps.qcow2 -m /dev/sda:/ /mnt
sudo zypper --root /mnt in dhcp-client util-linux-systemd
sudo guestunmount /mnt

We will now commit all the changes made in our overlay image to the base image:

qemu-img commit $PWD/daps.qcow2

Note that you may have to get permissions to write on test-base.qcow2 as we created it as root in the previous post.

Now, we only have to install daps in our now-empty overlay image. To do so, run the following command:

virt-sandbox -n daps \
             --privileged \
             -m host-image:/=$PWD/daps.qcow2,format=qcow2 \
             -N dhcp \
             -- \

Note the -N dhcp argument that will now run dhclient and will provide you network in the sandbox. This network is limited, since it is user networking. For more details on it, report to this page.

In the sandbox, we can now install daps normally:

zypper ar
zypper in daps

Exit the shell to end the sandbox: your disk image is ready.

Running daps

In order to have a smooth user experience with daps, better create a script to run virt-sandbox for you. Create executable ~/bin/daps with content similar to this one:

virt-sandbox \
    -n daps \
    -m host-image:/=/path/to/daps.qcow2,format=qcow2 \
    -m host-bind:/home/myuser=/home/myuser \
    -m ram:/tmp=100MiB \
    -m ram:/run=100MiB \
    -- \
    /usr/bin/daps $@

You can add options to mount your host folders in your sandbox. For example, this will mount /home/myuser at the same place in the sandbox:

-m host-bind:/home/myuser=/home/myuser

Make sure that your documentation sources will be mounted in the sandbox.

When running the daps command on your machine, you will run the daps command within a super tiny KVM machine running with your UID. Note that I didn't add the -N dhcp option in the script since daps doesn't need it, but you may need it for other applications or to update your packages.