see: https://github.com/rootless-containers/rootlesskit
---------
RootlessKit: Linux-native fakeroot using user namespaces
RootlessKit is a Linux-native implementation of 'fake root' using user_namespaces(7).
The purpose of RootlessKit is to run Docker and Kubernetes as an unprivileged user
(known as 'Rootless mode'), so as to protect the real root on the host from potential
container-breakout attacks.
---------
This is a building block for cross installation of containers and
rootless on-target execution.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
