Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://qoto.org/users/bonifartius/statuses/111844520435528487">:gnu:+bonifartius 𒂼𒄄 (bonifartius@qoto.org)'s status on Tuesday, 30-Jan-2024 20:34:28 JST</a><a href="https://qoto.org/@bonifartius" title="bonifartius@qoto.org"><img src="https://gnusocial.jp/avatar/7300-48-20240617155137.webp" width="48" height="48" alt=":gnu:+bonifartius 𒂼𒄄" style="position: absolute; left: 0; top: 0;">:gnu:+bonifartius 𒂼𒄄</a><div><a href="https://mastodon.satoshishop.de/@mk/111844183449847092" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/78235" title="mk@mastodon.satoshishop.de">mk</a></li><li><a href="https://gnusocial.jp/user/239051" title="rgbcube@poa.st">RGBCube</a></li></ul></div></section><article><p><a href="https://mastodon.satoshishop.de/@mk">@mk</a> <a href="https://poa.st/users/RGBCube">@RGBCube</a> <a href="https://ak.kyaruc.moe/users/theorytoe">@theorytoe</a> <br>i have to do some drywall now, so i'll keep it short:</p><p>- namespaces are a copy of a plan9 idea to have composable environments, isolation is a side effect.</p><p>- cgroups limit resource usage, might be worthwhile to prevent some daemon going crazy. otoh there already were things in place for that like umask.</p><p>- chroot is no "container feature". postfix chroots by default, so do many other daemons. you still need good user/group structure and appropriately set permissions in any case.</p><p>all of these things are usable without resorting to docker. <a href="https://poa.st/users/RGBCube">@RGBCube</a> explained how a distribution can use the same features with it's packages.</p><p>side note: you using words like "retard" and "faggot" while shilling docker which frequently has pride events borders on the comedic.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2649344#notice-5260418">In conversation</a><time datetime="2024-01-30T20:34:28+09:00" title="Tuesday, 30-Jan-2024 20:34:28 JST">about a year ago</time> <span>from <span><a href="https://qoto.org/@bonifartius/111844520435528487" rel="external" title="Sent from qoto.org via ActivityPub">qoto.org</a></span></span><a href="https://qoto.org/@bonifartius/111844520435528487">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
:gnu:+bonifartius 𒂼𒄄 (bonifartius@qoto.org)'s status on Tuesday, 30-Jan-2024 20:34:28 JST:gnu:+bonifartius 𒂼𒄄
in reply to
@mk @RGBCube @theorytoe
i have to do some drywall now, so i'll keep it short:
- namespaces are a copy of a plan9 idea to have composable environments, isolation is a side effect.
- cgroups limit resource usage, might be worthwhile to prevent some daemon going crazy. otoh there already were things in place for that like umask.
- chroot is no "container feature". postfix chroots by default, so do many other daemons. you still need good user/group structure and appropriately set permissions in any case.
all of these things are usable without resorting to docker. @RGBCube explained how a distribution can use the same features with it's packages.
side note: you using words like "retard" and "faggot" while shilling docker which frequently has pride events borders on the comedic.
In conversationabout a year ago from qoto.orgpermalink

Public

Embed Notice

HTML Code

Corresponding Notice