Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://qoto.org/users/bonifartius/statuses/111844520435528487">:gnu:+bonifartius 𒂼𒄄 (bonifartius@qoto.org)'s status on Tuesday, 30-Jan-2024 20:34:28 JST</a><a href="https://qoto.org/@bonifartius" title="bonifartius@qoto.org"><img src="https://gnusocial.jp/avatar/7300-48-20240617155137.webp" width="48" height="48" alt=":gnu:+bonifartius 𒂼𒄄" style="position: absolute; left: 0; top: 0;">:gnu:+bonifartius 𒂼𒄄</a><div><a href="https://mastodon.satoshishop.de/@mk/111844183449847092" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/78235" title="mk@mastodon.satoshishop.de">mk</a></li><li><a href="https://gnusocial.jp/user/239051" title="rgbcube@poa.st">RGBCube</a></li></ul></div></section><article><p><a href="https://mastodon.satoshishop.de/@mk">@mk</a> <a href="https://poa.st/users/RGBCube">@RGBCube</a> <a href="https://ak.kyaruc.moe/users/theorytoe">@theorytoe</a> <br>i have to do some drywall now, so i'll keep it short:</p><p>- namespaces are a copy of a plan9 idea to have composable environments, isolation is a side effect.</p><p>- cgroups limit resource usage, might be worthwhile to prevent some daemon going crazy. otoh there already were things in place for that like umask.</p><p>- chroot is no "container feature". postfix chroots by default, so do many other daemons. you still need good user/group structure and appropriately set permissions in any case.</p><p>all of these things are usable without resorting to docker. <a href="https://poa.st/users/RGBCube">@RGBCube</a> explained how a distribution can use the same features with it's packages.</p><p>side note: you using words like "retard" and "faggot" while shilling docker which frequently has pride events borders on the comedic.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2649344#notice-5260418">In conversation</a><time datetime="2024-01-30T20:34:28+09:00" title="Tuesday, 30-Jan-2024 20:34:28 JST">about 10 months ago</time> <span>from <span><a href="https://qoto.org/@bonifartius/111844520435528487" rel="external" title="Sent from qoto.org via ActivityPub">qoto.org</a></span></span><a href="https://qoto.org/@bonifartius/111844520435528487">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
:gnu:+bonifartius 𒂼𒄄 (bonifartius@qoto.org)'s status on Tuesday, 30-Jan-2024 20:34:28 JST:gnu:+bonifartius 𒂼𒄄
in reply to
@mk @RGBCube @theorytoe
i have to do some drywall now, so i'll keep it short:
- namespaces are a copy of a plan9 idea to have composable environments, isolation is a side effect.
- cgroups limit resource usage, might be worthwhile to prevent some daemon going crazy. otoh there already were things in place for that like umask.
- chroot is no "container feature". postfix chroots by default, so do many other daemons. you still need good user/group structure and appropriately set permissions in any case.
all of these things are usable without resorting to docker. @RGBCube explained how a distribution can use the same features with it's packages.
side note: you using words like "retard" and "faggot" while shilling docker which frequently has pride events borders on the comedic.
In conversationabout 10 months ago from qoto.orgpermalink

Public

Embed Notice

HTML Code

Corresponding Notice