Sun Mar 10 2024 05:19:19 PM EDT from zelgomerWhat you guys described, how do namespaces make any of that easier to implement than chroot?
"Easier" is actually the answer. Yes, you can do the same thing with chroot + network namespace + cgroups + whatever, and then manually set up the OS image and hook things together etc.
LXC sets it all up for you, including the OS install, with one command. If you want to do it the hard way, no one is stopping you.
Let me give you an example. Over in the Citadel Support room someone is saying that an install fails on a particular Linux distribution on an ARM board. I don't have that one. But I can spin up an LXC of that distribution on my NanoPi and run the exact test, replicate the results, write a fix or a workaround, and blow it away. Just like a virtual machine but in a fraction of the time. If I tried that with chroot I almost certainly would not replicate the correct environment.
Sat Mar 16 2024 02:20:08 PM EDT from Nurb432so, is minix development dead at this point?
I will take it one step further: is Andy Tannenbaum dead at this point or is he still kicking around telling us that microkernels are the only way to go?
He wanted Minix to be a teaching platform rather than a "real" OS. He got his wish. And he discovered that no one wanted a teaching platform OS any more than they wanted to write real software in LOGO.
Yes hes still around. Not sure if he is doing anything tho. Would be in his 80s.
And it should not surprise you i support micro kernel concepts.
Sun Mar 17 2024 18:55:10 EDT from IGnatius T Foobar
Sat Mar 16 2024 02:20:08 PM EDT from Nurb432so, is minix development dead at this point?
I will take it one step further: is Andy Tannenbaum dead at this point or is he still kicking around telling us that microkernels are the only way to go?
He wanted Minix to be a teaching platform rather than a "real" OS. He got his wish. And he discovered that no one wanted a teaching platform OS any more than they wanted to write real software in LOGO.
ouch, that xz issue even snuck into NetBSD pkgsrc -> https://mail-index.netbsd.org/netbsd-announce/2024/03/30/msg000368.html
~~~~~~~~~~~~~~~~~~~~~
"Recently, a backdoor was discovered in the xz compression library.
xz/liblzma are included as a part of NetBSD and used by the project
for distribution of new releases and packages.
The version of xz shipped in all stable (and unstable) versions of
NetBSD predates any code changes by the author of the backdoor.
NetBSD is therefore safe and unaffected by the recent discoveries.
It is believed that the attack only targets Linux/glibc, but checking
this allowed us to rule out any other attempts at compromising the
library by the author.
The version of xz shipped in pkgsrc, however, is affected. Using
xz from pkgsrc is a non-default setting on NetBSD, and requires
explicit opt-in. Most users of NetBSD will not install xz from
pkgsrc because the version from the base system is preferred.
However, users of pkgsrc on other platforms will need to take
precautions.
Regardless of NetBSD being affected or not, the discovery of the
backdoor is a wake-up call and further discussion will be happening
internally over how to proceed.
Have I mentioned lately that systemd sucks?
its a backdoor/virus all by itsself.
Mon Apr 01 2024 21:35:30 EDT from zelgomer
Have I mentioned lately that systemd sucks?
Last time something like this happened, people were calling for government involvement/regulation..
Sat Apr 20 2024 11:49:02 EDT from IGnatius T FoobarSome people are using the xz backdoor as an argument that the entire open source model is flawed. As if their favorite software doesn't have deliberate backdoors in the shipped version.