On Tue, Aug 27, 2019 at 01:22 John Harris wrote: [snip] > No online updates is the exact issue I see with this. That's a security > nightmare. > > If you don't have a package manager there, it simply will not be updated. > It'll be installed once, then either left there forever, un-updated, with > tons > of vulnerabilities piling up. >
IIUC the proposal from Christian to use rpm-ostree as a build stage to produce the runtime container, then you can still do online update, but instead of commiting the result of a dnf update, you commit a new rpm-ostree composed rootfs. Regards, -Tristan
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org