RSS

Show HN: Warren – run isolated instances of any CLI tool (no containers,no root)

0xER1 pts0 comments

GitHub - swadhinbiswas/warren: A rootless, zero-daemon CLI runtime that lets you install and run unlimited · GitHub

/" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

/;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

swadhinbiswas

warren

Public

Notifications<br>You must be signed in to change notification settings

Fork

Star

main

BranchesTags

Go to file

CodeOpen more actions menu

Folders and files<br>NameNameLast commit message<br>Last commit date<br>Latest commit

History<br>8 Commits<br>8 Commits

.github/workflows

.github/workflows

assets

assets

src

src

.gitignore

.gitignore

Cargo.lock

Cargo.lock

Cargo.toml

Cargo.toml

README.md

README.md

install.sh

install.sh

View all files

Repository files navigation

Warren

Install any CLI tool unlimited times. Every instance is its own world.

Warren is a production-grade, rootless, zero-daemon CLI runtime. It lets you install and run unlimited, completely isolated instances of any CLI or TUI application on your Linux machine.

Like a rabbit warren, it creates a network of isolated tunnels—each self-contained yet sharing the same ground. Fast, rootless, and invisible infrastructure.

Why Warren?

Ever needed to log into two different GitHub accounts using the gh CLI? Or test a beta version of a tool without breaking your stable setup? Or maintain separate configurations for work and personal projects?

With Warren, you can:

warren dig gh --as gh-work<br>warren dig gh --as gh-personal

gh-work # Logs into your company GitHub<br>gh-personal # Logs into your personal GitHub

Both instances behave independently. They share the host machine but nothing else.

Non-Goals

Warren is not a container runtime (like Docker), a virtual machine, or a privilege escalation tool.<br>It stays lightweight (single binary), rootless (no sudo ever), zero-daemon (no background processes), and incredibly fast (Features

Isolated Filesystems: Each instance gets its own home/, config/, cache/, data/, and tmp/ directories.

Installer Rewriting: Automatically rewrites paths inside installation scripts on-the-fly to keep them contained.

Rootless by Design: Will absolutely refuse to run as root.

Universal Shell Support: Works seamlessly across Bash, Zsh, Fish, and Nushell.

Zero Overhead: No daemons or containers. Just a thin, native bash launcher script.

Installation

Method 1: The One-Liner (Recommended)

Run the automated install script. This will download the latest binary and automatically configure your shell (bash, zsh, fish, or nushell).

curl -fsSL https://raw.githubusercontent.com/swadhinbiswas/warren/main/install.sh | bash

Method 2: Via Cargo (crates.io)

If you already have Rust installed, you can build and install Warren directly from crates.io:

cargo install warren-cli<br>warren shell install # Sets up your PATH

Quick Start

1. Install a new instance from a remote script:

warren dig "curl -fsSL https://opencode.ai/install | bash" --as opencode-work

2. See what you've installed:

$ warren ls

ALIAS APP VERSION CREATED<br>opencode-work opencode 0.4.2 just now

3. Run your instance:

opencode-work --version<br># or<br>warren run opencode-work -- --version

4. Inspect an instance's isolated footprint:

warren inspect opencode-work

How it Works

Warren achieves total isolation without kernel namespaces or OverlayFS through three simple levers:

Intelligent Rewriting: When you install a tool via a bash script, Warren intercepts it. It scans for hardcoded paths (like /usr/local/bin or ~/.config) and rewrites them to point inside the instance's private directory (~/.warren/instances/).

Environment Injection: Warren generates a lightweight wrapper script in ~/.local/bin. When you run your alias, this script forcibly overrides $HOME, $XDG_CONFIG_HOME, $XDG_DATA_HOME, and $TMPDIR.

Execution: The target application boots up, entirely unaware that its "home directory" is actually a sandbox inside ~/.warren/.

Command Reference

Command<br>Description

warren dig --as<br>Install a new isolated instance

warren run<br>Run an instance explicitly

warren ls<br>List all installed instances

warren inspect<br>View paths, version, and disk usage

warren clone<br>Deep copy an instance

warren export<br>Export an instance to a portable .tar.gz archive

warren...

warren install instance work github opencode

Related Articles

Is AI ruining our skills? Early results are in – and they're not good

Michelangelo1124 ptstools skills during physicians colonoscopies tool

The Anatomy of an AI-Native Org

kiyanwang22 ptstranslated managers business translation language engineering

Apertus – Open Foundation Model for Sovereign AI

T-A16 ptsopen model apertus foundation sovereign fully

How to Earn a Billion Dollars

kingstoned15 ptsmonth become startup growth years billionaire

Italy's Meloni says Trump 'made up' story that she 'begged' him for photo at G7

root-parent13 ptsmeloni trump italy said italian begged
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.