Docker Infrastructure:
- Added proper user namespace mapping in Dockerfile.alpine
- Created 'builder' user with host UID/GID mapping at build time
- Removed runtime user mapping (now handled in Dockerfile)
- Set up Rust environment for mapped user instead of root
- Fixed config mount consistency (removed :ro flags for real-time sync)
Container Management:
- Added 15 essential cgroup modules to modules-essential.list
- Complete cgroups v1 and v2 support for container orchestration
- Process control: cgroup_pids, cgroup_freezer, cgroup_cpuset
- Memory management: memcg, hugetlb_cgroup
- Network control: net_cls_cgroup, net_prio_cgroup
- Device access: cgroup_device, devices_cgroup
- Advanced features: cgroup_bpf, cgroup_perf_event, cgroup_debug
Environment Updates:
- Updated RFS Dockerfile to Alpine 3.22 for consistency
- Ensured proper /build directory permissions for mapped user
This enables true rootless operation with full container management
capabilities, fixing permission issues and enabling Zero-OS container
orchestration with complete resource control.
- Changed UID/GID to USER_UID/USER_GID to avoid bash readonly variable error
- Updated both build.sh and docker-compose.yml with new variable names
- Fixes 'UID: readonly variable' error during clean build process
Now './build.sh --clean' should work without variable conflicts.
- Added user mapping (UID:GID) to Docker Compose services to prevent root-owned files
- Export current user's UID/GID in build.sh for Docker Compose
- Enhanced clean build to handle permission issues gracefully:
* Try normal cleanup first
* Fallback to container-based cleanup for root-owned files
* Ultimate fallback to sudo if needed
- Added cleanup for all Docker volumes (build, source, kernel, target caches)
Fixes 'Permission denied' errors when cleaning output files created by Docker containers.
- Add cargo to PATH in dev-shell service
- Add target-cache volume for Rust build caching
- Use login shell to properly source cargo environment
- Keeps existing build infrastructure and caching strategy
