<div dir="ltr">Having just spouted on about snaps/flatpak I saw on the roadmap for AWS Firecracker that snap support is to be included.<div>Sorry that I am conflating snap and flatpak.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 23 Jul 2019 at 07:06, John Hearns <<a href="mailto:hearnsj@googlemail.com" target="_blank">hearnsj@googlemail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Having used Snaps on Ubuntu - which seems to be their preferred method of distributing some applications,<div>I have a slightly different take on the containerisation angle and would de-emphaise that.</div><div><br></div><div>My take is that snaps/flatpak attack the "my distro ships with gcc version 4.1 but I need gcc version 8.0"</div><div>By that I mean that you replace the distro shipped gcc version at your peril - as far as I am concerned tiknering</div><div>with the tested/approved gcc and glibc will end you in a world of hurt.</div><div>(old war story - changing bash to an upgraded version left a big SuSE system unbootable for me).</div><div><br></div><div>So with snaps/flatpak you should be able to give your users and developers up to date applications without fooling with</div><div>the core system utilities. And this is a Good Thing (TM)</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 23 Jul 2019 at 06:47, Chris Samuel <<a href="mailto:chris@csamuel.org" target="_blank">chris@csamuel.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 22/7/19 10:40 pm, Jonathan Aquilina wrote:<br>
<br>
> So in a nut shell this is taking dockerization/ containerization and<br>
> making it more for the every day Linux user instead of the HPC user?<br>
<br>
I don't think this goes as far as containers with isolation, as I think <br>
that's not what they're trying to do. But it does seem they're thinking <br>
along those lines.<br>
<br>
> It would be interesting to have a distro built around such a setup.<br>
<br>
I think this is targeting cross-distro applications. With all the <br>
duplication of libraries, etc, a distro using it would be quite bulky.<br>
<br>
Also may you have a similar security as containers have, whereby when a <br>
vulnerability is found and patched in an application or library you end <br>
up with lots of people out there still running the vulnerable version.<br>
<br>
This is why distros tend to discourage "vendoring" of libraries as that <br>
tends to fossilise vulnerabilities into an application whereas if people <br>
use the version provided in the distro the maintainers only need to fix <br>
it in that one package and everyone who links against it benefits.<br>
<br>
All the best,<br>
Chris<br>
-- <br>
Chris Samuel : <a href="http://www.csamuel.org/" rel="noreferrer" target="_blank">http://www.csamuel.org/</a> : Berkeley, CA, USA<br>
_______________________________________________<br>
Beowulf mailing list, <a href="mailto:Beowulf@beowulf.org" target="_blank">Beowulf@beowulf.org</a> sponsored by Penguin Computing<br>
To change your subscription (digest mode or unsubscribe) visit <a href="https://beowulf.org/cgi-bin/mailman/listinfo/beowulf" rel="noreferrer" target="_blank">https://beowulf.org/cgi-bin/mailman/listinfo/beowulf</a><br>
</blockquote></div>
</blockquote></div>