Documentation

Install it, run it, author policy, read the design.

Project Kennel is pre-release; interfaces and guarantees may change. The authoritative reference is the installed man pages (man kennel, man policy.toml, man kenneld); the guides and the design corpus below live in the repository.

Using it

Deploy on a host, run workloads, author and operate policy.

Install →

Deploy the runtime: the offline release tarball + install.sh, the privhelper, the per-user daemon, the AppArmor userns grant, kernel prerequisites.

Run & author →

Run a workload, the CLI verbs, write and compile a leaf policy, sign it, the detach / reattach model, and kennel review.

Operate a host →

The admin side: /etc/kennel/subkennel allocations, the trust store, org signing keys, deployment config, the audit stream.

Reference templates →

The shipped, signed templates — base-confined, ai-coding-strict, interactive, and the rest — to derive your own policy from.

The policy language

Declarative, signed, version-pinned. The schema is kept exact against the parser.

Config schema →

Every section and field — [exec], [fs], [net], [tty], [trust], [ssh], … — with inheritance and the settled form (man policy.toml).

The CLI →

run (detachable), attach, review, stop, list, and the policy group (man kennel).

The design

The portable contribution: the threat model and the design that answers it, independent of the Linux runtime.

The trust-manifest schema

The masked workspace manifest (.trust-manifest.json, T2.8) is validated against a published JSON Schema — host IDEs read it natively.

# the schema host tooling validates a workspace trust manifest against:
$ curl https://projectkennel.org/schemas/trust-manifest-v1.json

Referenced as the manifest's $id; served at /schemas/trust-manifest-v1.json.