On Wed, Dec 29, 2021 at 3:36 PM Stephen John Smoogen <smooge@xxxxxxxxx> wrote: > > > > On Wed, 29 Dec 2021 at 13:51, Gordon Messmer <gordon.messmer@xxxxxxxxx> wrote: >> >> On 12/29/21 09:59, Stephen John Smoogen wrote: >> > The modern day case where /usr is read-only is inside a container and >> > you put an overlay or using some sort of linking to /var which is >> > read-write in case of reboots. >> >> >> Right, that makes sense. >> >> >> > To me this is like saying 'move everything into /usr but because its >> > volitile move it back into /var but in a sub-directory from where it >> > was so you can keep an image running.' In this case, this doesn't >> > sound like any savings and more of a headache of why did it corrupt >> > this time. >> >> >> But this doesn't. Why would you need to move the rpmdb? Users probably >> aren't installing rpm packages in containers at run time (particularly >> if /usr is read-only); installation typically happens when building the >> container image, at which point /usr isn't read-only. >> > Most of the containers I am dealing with are > Grab the base image, > Create a layer, and add the images you want, > Test and deploy the layered image. > Update that image over time. > > Theoretically people should build the thing from scratch every time but instead you get someone downloading the base image which they have gotten an OK to use, then adding the stuff they need, and then running with that for YEARS because the person who built the first one left long ago and no one wants to break the paycheck program again. This is a very, very old problem: I was dealing with it with OS images 20 years ago. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure