Restructure flatpak, snap & docker installs

src/SUMMARY.md

@@ -11,7 +11,9 @@
    * [Portability in Mind](install/build.md)
    * [Windows builds](install/windows.md)
    * [Compiling for Android](install/android.md)
-   * [Flathub releases](install/flathub.md)
+   * [Flatpak releases](install/flatpak.md)
+   * [Snap releases](install/snap.md)
+   * [Docker containers](install/docker.md)
    * [Troubleshooting](install/troubleshooting.md)
 * [First Steps](first_steps/intro.md)
    * [Commandline](first_steps/commandline_flags.md)

src/install/build.md

@@ -60,10 +60,8 @@ If you want to build locally:
 $ sys/meson.py --prefix=/home/$USER/r2meson --local --shared --install
 ```
 
-### Docker
+### Docker build
 
 Radare2 repository ships a [Dockerfile](https://github.com/radareorg/radare2/blob/master/dist/docker/Dockerfile) that you can use with Docker.
 
-This dockerfile also used by Remnux distribution from SANS, and is available on the docker [registryhub](https://registry.hub.docker.com/u/remnux/radare2/).
-
-Checkout the Makefile in this directory to understand how to use it without too much hussle
+You can read more regarding the this build process as well as how to run it in the [Docker containers section](docker.md#git-version).

src/install/docker.md

@@ -0,0 +1,115 @@
+## Docker containers
+
+Docker is a software that use OS-level virtualization to deliver software in packages called images and containers when running them.
+Containers bundle their own software and are isolated from the host system, this prevents conflicts with other installed software.
+
+There are several implamentations to run Docker images but radare2 images only have been tested with `docker`, `podman` and `nerdctl`.
+
+### Available images
+
+There are 2 mantained docker images, one for the official releases and one targeted to be build locally from GIT.
+Both can be used similarly.
+
+#### Stable version
+
+This docker image can be found in [Docker Hub](https://hub.docker.com/r/radare/radare2) and contain the latest radare2 stable version.
+This image is based on **Ubuntu** and the same [radare2 snap](https://snapcraft.io/radare2) build.
+The Dockerfile used to build it can be found in [this dedicated repository](https://github.com/radareorg/radare2-snap).
+
+The resulting build includes the following projects:
+
+* [radare2](https://github.com/radareorg/radare2)
+* [r2ghidra](https://github.com/radareorg/r2ghidra)
+* [r2frida](https://github.com/nowsecure/r2frida) (only in supported platforms)
+* [r2dec](https://github.com/wargio/r2dec-js)
+* [r2yara](https://github.com/radareorg/r2yara)
+* [r2pipe](https://pypi.org/project/r2pipe/) (for Python)
+
+To use this docker image you can use either:
+```sh
+docker run -ti radare/radare2
+podman run -ti docker.io/radare/radare2
+nerdctl run -ti radare/radare2
+```
+
+To use the docker image as one shot so it removes everything inside the container on exit just add `--rm` as follows:
+```sh
+docker run --rm -ti radare/radare2
+```
+
+Another example to use for debugging inside the docker:
+```sh
+docker run --tty --interactive --privileged --cap-add=SYS_PTRACE --security-opt seccomp=unconfined --security-opt apparmor=unconfined radare/radare2
+```
+
+#### GIT version
+
+Alternatively there is a version from radare2 GIT aimed to be build locally, also called **r2docker**.
+This will build an image using **Debian** with radare2 from GIT with latest changes.
+The Dockerfile to build can be found inside the `dist/docker` directory in the [radare2](https://github.com/radareorg/radare2) source tree.
+
+To build this other image run the following lines:
+
+```sh
+git clone https://github.com/radareorg/radare2.git
+cd radare2
+make -C dist/docker
+```
+
+This will build an image with the following plugins by default:
+
+* [r2ghidra](https://github.com/radareorg/r2ghidra)
+* [r2frida](https://github.com/nowsecure/r2frida)
+* [r2dec](https://github.com/wargio/r2dec-js)
+
+It is possible to specify more packages using the `R2PM` make variable:
+
+```sh
+make -C dist/docker R2PM=radius2
+```
+
+Also, you can select the architecture (`amd64` / `arm64`) to compile the image by using the `ARCH` make variable.
+
+This Dockerfile also used by Remnux distribution from SANS, and is available on the [Docker Hub](https://hub.docker.com/r/remnux/radare2), but it might not contain latest changes.
+
+
+### Run a container as r2web server
+
+By default both images are intended to be used in a interactive terminal.
+
+But both can also be launched directly to use the radare2 web UI.
+
+The do so it can be launched using the following command:
+```sh
+docker run -p 9090:9090 radare/radare2 r2 -c '=h' -
+```
+
+Or the following docker-compose structure:
+```yaml
+version: "3.8"
+services:
+  radare2:
+    image: radare/radare2
+    command: r2 -c '=h' -
+    network_mode: bridge
+    ports:
+      - "9090:9090"
+```
+
+Or if debugging functionality is required:
+```yaml
+version: "3.8"
+services:
+  radare2:
+    image: radare/radare2
+    command: r2 -c '=h' -
+    network_mode: bridge
+    ports:
+      - "9090:9090"
+    privileged: true
+    cap_add:
+      - SYS_PTRACE
+    security_opt:
+      - "seccomp=unconfined"
+      - "apparmor=unconfined"
+```

src/install/flatpak.md

@@ -0,0 +1,100 @@
+## Flatpak releases
+
+The easiest way to get **iaito** and **radare2** installed in your Linux distro is by using Flatpak.
+
+This method ensures a well-tested, sandboxed environment that doesn't interfere with your system dependencies. In this section, we will guide you through the steps to install and configure iaito using Flatpak.
+
+First, ensure that Flatpak is installed and configured on your system. If Flatpak is not already installed, you can add it through your distribution's package manager. For example, on Debian-based systems, you can install Flatpak with the following command:
+
+```sh
+sudo apt install flatpak
+```
+
+Next, you need to add the Flathub repository, which hosts iaito and many other applications. Run the following command to add Flathub:
+
+```sh
+flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
+```
+
+With Flatpak and the Flathub repository set up, you can install iaito by executing the following command in your terminal:
+
+```sh
+flatpak install flathub org.radare.iaito
+```
+
+During the installation process, you may be prompted to confirm the installation and to enter your user password. Flatpak will handle all necessary dependencies for iaito, ensuring a smooth installation process. Once the installation is complete, you can launch iaito using the following command:
+
+```sh
+flatpak run org.radare.iaito
+```
+
+### CLI Configuration
+
+To allow usage of CLI radare applications you need to define the following aliases:
+```sh
+alias r2='flatpak run --command=r2 org.radare.iaito'
+alias r2agent='flatpak run --command=r2agent org.radare.iaito'
+alias r2p='flatpak run --command=r2p org.radare.iaito'
+alias r2pm='flatpak run --command=r2pm --share=network --devel org.radare.iaito'
+alias r2r='flatpak run --command=r2r org.radare.iaito'
+alias rabin2='flatpak run --command=rabin2 org.radare.iaito'
+alias radare2='flatpak run --command=radare2 org.radare.iaito'
+alias radiff2='flatpak run --command=radiff2 org.radare.iaito'
+alias rafind2='flatpak run --command=rafind2 org.radare.iaito'
+alias ragg2='flatpak run --command=ragg2 org.radare.iaito'
+alias rahash2='flatpak run --command=rahash2 org.radare.iaito'
+alias rarun2='flatpak run --command=rarun2 org.radare.iaito'
+alias rasign2='flatpak run --command=rasign2 org.radare.iaito'
+alias rasm2='flatpak run --command=rasm2 org.radare.iaito'
+alias ravc2='flatpak run --command=ravc2 org.radare.iaito'
+alias rax2='flatpak run --command=rax2 org.radare.iaito'
+```
+
+With this commands, by default no local files will be accesible.
+To allow acces to a folder please use the special permissions procedure explained below or use `zenity` inside the flatpak sandbox to open a dialog using XDG portals.
+Example:
+```console
+$ alias r2='flatpak run --command=r2 org.radare.iaito'
+$ r2 -
+[0x00000000]> o `!zenity --file-selection`
+```
+
+### Sandbox Configuration
+
+To manage the sandbox permissions for iaito, you can use the [Flatseal](https://flathub.org/apps/details/com.github.tchx84.Flatseal) utility. Flatseal allows you to configure Flatpak application permissions easily.
+
+Install Flatseal with the following command:
+
+```sh
+flatpak install flathub com.github.tchx84.Flatseal
+```
+
+Then, run Flatseal to adjust iaito's permissions:
+
+```sh
+flatpak run com.github.tchx84.Flatseal
+```
+
+Alternatively this can be configured via CLI using `flatpak override`, here there are some examples on how to configure it:
+
+* To allow radare plugins to connect to your network or Internet:
+```sh
+flatpak override --user --share=network org.radare.iaito
+```
+
+* To allow some plugins to attach to a usb device:
+```sh
+flatpak override --user --device=all org.radare.iaito
+```
+
+* To allow some plugins to access to an specific folder not selected by the GUI (with optional `:ro` to only allow read only):
+```sh
+flatpak override --user --filesystem=/mnt/hdd:ro org.radare.iaito
+```
+
+* To reset back to default required permissions this command can be used:
+```sh
+flatpak override --user --reset org.radare.iaito
+```
+
+The Flatpak version of iaito comes bundled with several useful plugins: [r2dec](https://github.com/wargio/r2dec-js), [r2ghidra](https://github.com/radareorg/r2ghidra), [r2frida](https://github.com/nowsecure/r2frida), and [r2yara](https://github.com/radareorg/r2yara). These plugins enhance the functionality of radare2, providing additional capabilities for decompilation, integration with Ghidra, dynamic analysis with Frida, and YARA rule matching.

src/install/snap.md

@@ -0,0 +1,25 @@
+## Snap releases
+
+The Snap package system is a cross-platform solution for packaging and distributing software on Linux. Snaps bundle all necessary dependencies, ensuring they work on any Linux distribution. This makes Snap an ideal choice for distributing radare2.
+
+Radare2 is distributed via Snap by building it from the continuous integration (CI) system for each release. This means every new official release is packaged and made available to Snap users automatically. While the builds are automated, they are only done for official releases, not for every git commit. This ensures that Snap users have a stable and tested version of radare2.
+
+Snap packages can run in a sandboxed environment, isolating them from the rest of the system. This enhances security and prevents conflicts with other software. Sandboxed snaps can request permissions for specific resources, but they remain contained within their sandbox, ensuring stability and security.
+
+To use radare2 Snap builds, note that they have different program names to avoid conflicts with other installations. Snap versions of radare2 programs are prefixed with `radare2.`. For example, to run the stable build, use:
+
+```sh
+sudo snap install radare2 --classic
+radare2.radare2 /bin/ls
+radare2.rabin2 -z /bin/sleep
+```
+
+This way, you can maintain a stable version alongside a development version without conflicts.
+
+But to allow using this radare commands without this prefix, it can be solved either by using shell alias or by adding `/snap/radare2/current/bin` to your `PATH` environment.
+Also if `r2pm` gets used it can also be useful to add the user local prefix `~/.local/share/radare2/prefix/bin`.
+
+So as an example could be somthing like this:
+```sh
+PATH="$HOME/.local/share/radare2/prefix/bin:/snap/radare2/current/bin:$PATH"
+```