On Fri, Mar 13, 2020 at 4:59 PM Joshua O'Keefe <maj...@nachomountain.com> wrote:
> On Fri, Mar 13, 2020 at 4:14 PM Jim Anderson <jim.ander...@kpu.ca> wrote: > >> I'm really unclear on what this gets you vs. just leaving LaddieAlpha >> running in a screen session or whatnot. >> > > As a pretty old school UNIX guy myself, it took me quite a long while to > warm up to the benefits of containerization. In the specific case of > LaddieAlpha, an apparently closed source (?) binary blob that requires a > heavy runtime I don't want installed, stuffing the whole thing into a > container as a sandbox assures me that it is wholly and entirely unable to > affect anything outside the container and the directory I give it. I do > this with nearly all of the user-facing services that run on the household > server. A problem with any one service is, through the magic of cgroups, > unable to affect any of the others, or the host node itself. You could > accomplish some of the same benefits with a chroot or something like a BSD > jail. Docker's just dead easy to use for the use case. > Source is available for LaddieAlpha and HTERM. http://bitchin100.com/pub-git/ As to "heavy runtime..." shrug. -- John.