On Fri, 2018-01-26 at 11:40 -0500, Colin Walters wrote: > On Fri, Jan 26, 2018, at 10:29 AM, Theodore Ts'o wrote: > > > > The problem is not the userspace API, it's the bike-shedding over > > all of the different ways we could *do* immutability, all of which > > would require separate bits in the on-disk representation of the > > inode. You can have any combination of: > > > > * Immutable data > > * Immutable metadata > > * Immutable xattrs > > Everyone here wants immutable data (*all* of the data I hope), No, no, I don't. In the world today most linux distributions from which we produce containers do have the annoying property of writing stuff where they shouldn't (mostly into /etc). Systemd is working on fixing this and when you can make everything other than your /tmp and /var/tmp read only on your distro, then I will be able to have fully immutable container images. But, until that day comes, I'm going to need a mix of immutable and mutable files on one filesystem. So when container people boast about immutable images, what they actually mean is *mostly* immutable apart from bits we can't fix. What they actually mean is we don't patch the image in situ but instead deploy an upgraded image and when we start each time we start from the pristine state but as the image is running it can mutate slightly. James
