[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Running services in containers
|
From: |
Maxim Cournoyer |
|
Subject: |
Re: Running services in containers |
|
Date: |
Mon, 13 Feb 2017 22:01:11 -0800 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Hi again :)
address@hidden (Ludovic Courtès) writes:
> Howdy!
>
> Maxim Cournoyer <address@hidden> skribis:
>
>> Ricardo Wurmus <address@hidden> writes:
>>
>>> Ludovic Courtès <address@hidden> writes:
>>>
>>>> Those who didn’t have the luck to be at FOSDEM missed this not-so-visual
>>>> demo I made of a Shepherd service running in a container. :-)
>>>>
>>>> I’ve polished the thing on my way back and pushed the result, using
>>>> BitlBee as an example:
>>>>
>>>>
>>>> http://git.savannah.gnu.org/cgit/guix.git/commit/?id=63302a4e55241a41eab4c21d7af9fbd0d5817459
>>>>
>>>> http://git.savannah.gnu.org/cgit/guix.git/commit/?id=a062b6ca99ad61c9df473fe49a93d69f9698c59d
>>>>
>>>
>>> This is very cool! I’m amazed at how you got this ready in time for
>>> your talk. I’m sure you didn’t just keep this under wraps for weeks :)
>>>
>>
>> +1. I can see myself experimenting with this for SSH soon. Thanks for
>> providing the bits required to do this and sharing!
>
> SSH may be more difficult because (1) sshd (OpenSSH) already does a good
> job at isolating itself, and (2) user who log in want to have the full
> authority of their account.
>
I'm looking at a very simple use case which shouldn't require access to
much outside of the network: reverse port forwarding. For this specific
use case, I'd rather have a specific instance of SSHD serving that
purpose and not having access to my full system.
> Anyway, it’d be nice to see how much we can get from this!
>
> Ludo’.
Thanks for your response,
Maxim
signature.asc
Description: PGP signature