diff --git a/app-containers/runc/Manifest b/app-containers/runc/Manifest
new file mode 100644
index 0000000..52b7076
--- /dev/null
+++ b/app-containers/runc/Manifest
@@ -0,0 +1,3 @@
+DIST runc-1.2.2.tar.gz 2743483 BLAKE2B d1e59aff284dcacdc50a17c4efab09b4bdda5d93ce13822542ea73ec696d3642d4dcc715d2adad308622100b04ef62365d3848be6418db5a325ac574b66e314c SHA512 87066ff0fe7ff6dc0eefd61ba2b194fa96433a091a34e9035350123b7da7dccf7fcec6f52b377c72be853820b4a57154b42bcd58c872263f8b7a16bfc480e5d7
+EBUILD runc-1.2.2.ebuild 1816 BLAKE2B ccc31c5c48d4ebfde40e43ca043c296b5f1b51881114cbf7a0d8cd447a6d0cf412d377b2845a91881fb4779c433b5aa1984174e20f62a3650eb67a70cc749bf6 SHA512 fc450b70c64f03e4641941b84386e2d9eb8e7d7282127fa0f0f87d1e47b60b17f05cc3e7e1e12aa16b2ef0a32d9db6e60ffa9f7b4e4ea756a0ed6213e101579a
+MISC metadata.xml 648 BLAKE2B 20bcbf44cb2f05ba18a8c396ade71345d2edbaab331387b88de8ef7eba0864fcda5d1af5bb304cd0030af5d9dce33baba14a46be97fe704b8496c5d159be68a7 SHA512 ca9a72112531bb91ac254429d4e565f28ea812a3b05ec043235bd47a2a14706aaabfdbae9f2016d6288e79a59a94ec4cc50ed2e69af70613627ec605a536fca8
diff --git a/app-containers/runc/metadata.xml b/app-containers/runc/metadata.xml
new file mode 100644
index 0000000..aad478b
--- /dev/null
+++ b/app-containers/runc/metadata.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<longdescription lang="en">
+		runc is a CLI tool for spawning and running containers according
+		to the OCF (Open Container Format) specification.
+	</longdescription>
+	<maintainer type="person">
+		<email>williamh@gentoo.org</email>
+		<name>William Hubbs</name>
+	</maintainer>
+	<use>
+		<flag name="kmem">
+			Enable Kernel Memory Accounting.
+		</flag>
+	</use>
+	<upstream>
+		<remote-id type="github">opencontainers/runc</remote-id>
+		<remote-id type="cpe">cpe:/a:linuxfoundation:runc</remote-id>
+	</upstream>
+</pkgmetadata>
+
diff --git a/app-containers/runc/runc-1.2.2.ebuild b/app-containers/runc/runc-1.2.2.ebuild
new file mode 100644
index 0000000..4ebe9d4
--- /dev/null
+++ b/app-containers/runc/runc-1.2.2.ebuild
@@ -0,0 +1,75 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+inherit go-module linux-info
+
+# update on bump, look for commit ID on release tag.
+# https://github.com/opencontainers/runc
+RUNC_COMMIT=0b9fa21be2bcba45f6d9d748b4bcf70cfbffbc19
+
+CONFIG_CHECK="~USER_NS"
+
+DESCRIPTION="runc container cli tools"
+HOMEPAGE="https://github.com/opencontainers/runc/"
+MY_PV="${PV/_/-}"
+SRC_URI="https://github.com/opencontainers/${PN}/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
+S="${WORKDIR}/${PN}-${MY_PV}"
+
+LICENSE="Apache-2.0 BSD-2 BSD MIT"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86"
+IUSE="apparmor hardened +kmem +seccomp selinux test"
+
+COMMON_DEPEND="
+	apparmor? ( sys-libs/libapparmor )
+	seccomp? ( sys-libs/libseccomp )"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}
+	!app-emulation/docker-runc
+	selinux? ( sec-policy/selinux-container )"
+BDEPEND="
+	dev-go/go-md2man
+	test? ( "${RDEPEND}" )"
+
+# tests need busybox binary, and portage namespace
+# sandboxing disabled: mount-sandbox pid-sandbox ipc-sandbox
+# majority of tests pass
+RESTRICT+=" test"
+
+src_compile() {
+	# Taken from app-containers/docker-1.7.0-r1
+	CGO_CFLAGS+=" -I${ESYSROOT}/usr/include"
+	CGO_LDFLAGS+=" $(usex hardened '-fno-PIC ' '')
+		-L${ESYSROOT}/usr/$(get_libdir)"
+
+	# build up optional flags
+	local options=(
+		$(usev apparmor)
+		$(usev seccomp)
+		$(usex kmem '' 'nokmem')
+	)
+
+	myemakeargs=(
+		BUILDTAGS="${options[*]}"
+		COMMIT="${RUNC_COMMIT}"
+	)
+
+	emake "${myemakeargs[@]}" runc man
+}
+
+src_install() {
+	myemakeargs+=(
+		PREFIX="${ED}/usr"
+		BINDIR="${ED}/usr/bin"
+		MANDIR="${ED}/usr/share/man"
+	)
+	emake "${myemakeargs[@]}" install install-man install-bash
+
+	local DOCS=( README.md PRINCIPLES.md docs/. )
+	einstalldocs
+}
+
+src_test() {
+	emake "${myemakeargs[@]}" localunittest
+}