On Monday, August 26, 2019 10:17:46 PM MST Samuel Sieb wrote: > On 8/26/19 9:39 PM, John Harris wrote: > > > I'm not saying not to use containers. There is a right way to do it, and > > a > > wrong way to do it. A container should be as the name describes, a > > containerized installation of the distro in question, with the utilities > > needed to support a given role. Not something that never gets updated, > > never gets security fixes. Deploying new GNU/Linux based systems without > > engaging a sysadmin or the sysadmin team sounds like a recipe for > > disaster. > > > That may be your use case, but not the way others use them. You can > still use containers how you want. But either do some research about > how containers can be used in different ways or stop telling others that > they're doing it wrong. A common use case is for containers to be throw > away. If something needs updating, a new container is created and > tested and then deployed replacing the existing one. No online updates. > > > > I disagree, and I find your remarks to be quite hostile. The smallest > > viable container can exist without getting rid of required utilities, > > such as the package manager. > > > And you can still use it with the package manager if you want. But > there are completely valid use cases that don't have any use for the > package manager and want the smallest container possible. There was > nothing hostile about the replies to you. They are just telling you > that your case is not the only one and to stop telling them that they > are wrong. > _______________________________________________ > devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List > Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List > Archives: > https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx I'm not telling anyone they can't do anything. However, it's a very bad idea, and if it gets done that way, it's a security issue. It's one thing if it's spawned as needed, then deleted in a few minutes or hours, and another if it's just left installed as-is. No online updates is the exact issue I see with this. That's a security nightmare. If you don't have a package manager there, it simply will not be updated. It'll be installed once, then either left there forever, un-updated, with tons of vulnerabilities piling up. -- John M. Harris, Jr. <johnmh@xxxxxxxxxxxxx> Splentity https://splentity.com/ _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
