[HN Gopher] Show HN: GUI Applications in Podman on Wayland
___________________________________________________________________
Show HN: GUI Applications in Podman on Wayland
Author : moody5bundle
Score : 82 points
Date : 2022-03-26 13:36 UTC (9 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| vanous wrote:
| I have been looking for a way to replace"singularity" (now called
| app-containers). Is it possible to use podman to run a cli
| program inside podman container and it would run the program in
| the container but use local files to work with?
| moody5bundle wrote:
| that is exactly what this is intended for :) look at this
| dockerfile:
| https://github.com/mody5bundle/capps/blob/main/container/san...
| and this "config" lines
| https://github.com/mody5bundle/capps/blob/aec6a118139c2008c3...
| this will start a cheap "sandbox" aka a gnome-terminal window
| with its own filesystem and process tree. you just have to
| change the config file to mount a volume on the paths you want
| and maybe tweak the image to your likings :)
| vanous wrote:
| Awesome, thank you very much, I will give it a spin!
| spinachsalad wrote:
| Haven't you just reinvented Flatpak? ;)
| moody5bundle wrote:
| Flatpak with Dockerfiles and yaml config! :)
| Filligree wrote:
| Is this an advantage?
| deknos wrote:
| well, building stuff with flatpak is not THAT intuitive. no
| package format before docker was from my point of view. on
| the other side, packaging also cleans up and docker-insides
| often are not cleaned up :D
| moody5bundle wrote:
| depends on your use case. I wanted a way of removing
| network access for my text editors and starting ephermal
| firefox instances that are completely independent from each
| other. Its just an easier way to hack around an application
| tbh.
| aaomidi wrote:
| I'm thinking of how this could be used on Windows systems.
|
| But honestly it's just really cool.
| yewenjie wrote:
| I'm curious, how do you limit memory or CPU resources in a
| regular linux system for a process?
| aaomidi wrote:
| Cgroups
|
| For example, systemd integrates with cgroups and you can limit
| resource use for services started with it
| xorcist wrote:
| man ulimit
|
| Not sure what constitutes a regular Linux system but apart from
| the shell command the underlying ulimit syscall getrlimit(2) is
| in the kernel itself. One can set hard and soft limits on a per
| process granularity.
|
| Normally each service has a dedicated uid and limits as well as
| nice levels are set in /etc/security/limits.conf which is read
| on login sessions by pam_limits.
|
| This is in every bsd- and posix-like system and some of the
| soft limits have standardised signals assigned to them. The man
| page has all the details and is easy enough to understand.
| deknos wrote:
| This looks promising. Now you just have to find a way to
| tunnel/interface the xdg-standards and you can replace flatpak...
___________________________________________________________________
(page generated 2022-03-26 23:01 UTC)