Hi!

First of all, thanks for a great tool!
I'm wondering if there is any future support for Alpine Linux?
Especially for the purpose of testing to run AVML as a privileged container on Alpine Linux in a GKE/Kubernetes cluster and do memory forensics on the host.

The binary is built using x86_64-unknown-linux-musl rather than linking against glibc, which should enable the released binary to execute on Alpine Linux. That said, I do not know if Alpine Linux exposes the necessary capabilities for AVML to acquire memory.

We will add it as an operating system to investigate, though our release testing focuses on Linux distributions accessible in Azure.

As of Alpine 3.8, none of the memory sources AVML supports are accessible when using Alpine as the base OS. AVML requires access to /dev/crash, /proc/kcore, or /dev/mem.

Note, if the scenario you are considering is with alpine as the container distro and another OS is the base operating system, you may be able to use avml by exposing the above files to a privileged container.

Yes this is my scenario since I’ve dockerized AVML.
I’ll give it a go with Alpine and see 🙂