Sad to hear for my quadlet future, do you remember what things were specifically annoying?
Hey bigdickdonkey, I recently tried and wasn’t able to shit my way through podman, there just wasn’t enough chatter and guides about it. I plan to revisit it when Debian 13 comes out, which will include podman quadlets. I also tried to get podman quadlets to work on Ubuntu 24 and got closer, but still didn’t manage and Ubuntu is squicky.
I read about true user rootless Docker and decided that was too finicky to keep up to date. It needs some annoying stuff to update, from what I could tell. I was planning on many users having their own containers, and that would have gotten annoying to manage. Maybe a single user would be an OK burden.
The podman people make a good argument for running podman as root and using userns to divvy out UIDs to achieve rootless https://www.redhat.com/en/blog/rootless-podman-user-namespace-modes but since podman is on the back burner till there’s more community and Debian 13, I applied that idea to Docker.
So I went with root Docker with the goals of:
Basically it’s the security best practices from this list https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html
This still has risk of the Docker daemon being hacked from the container itself somehow, which podman eliminates, but it’s as close to the podman ideal I can get within my knowledge now.
Most things will run as rootless+read-only+cap_drop with minor messing. Automatic ripping machine would not, but that project is a wild ride of required permissions. Everything else has succumbed, but I’ve needed to sometimes have a “pre launch container” to do permission changes or make somewhere like /opt writable.
I would transition one app stack at a time to the best security practices, and it’s easier since you don’t need to change container managers. Hope this helps!
They’re also often used to connect a portable generator’s 120V outlet to a house’s 120V outlet, thus energizing the house circuit during a power outage. But they have no way to lock in so can fall out and become a naughty cattle prod or if the person forgot to disconnect their circuit breaker from the mains they’ll kill a person fixing the power because that lineperson won’t be expecting live wires.
Basically as you said, if you do everything right you escape with your life. But if you do it wrongk, house fire or murder!
I saw https://sh.itjust.works/post/27423240 that states that somehow a mod here is blocking certain posts on that community for this instance somehow. Idk how federation modding works.
Seems bad to selectively cut posts. That seems a doorway to building a bubble for communities or even curtailing discussion about topics, even in other instances. Since we’re federated it should be all or nothing; either defederate if the entire site is unmodded/has goblin users/hosts views against our guidelines or block the just community if it’s against our guidelines if the rest of the place is aight.
That specific community seems to be about “NATO warmongering in a cheeky way” if I had to summarize it in a few words. I can see it is untenable for some but I can’t see why we need to be shielded from selections of that, individual users can just block it if the community’s (hopefully somewhat insincere) thirst for blood is too much.
In short, I oppose our admins moderating other instances’ communities. If they’re against our guidelines block the community or defederate; if they good under our guidelines then just leave it even if it’s “just a hair under crab”, to use a metaphor
First date fit includes underwear??
What wacky shenanigans will Gabe and the gang get up to during their struggle for dignity and freedom from class oppression??
source: idk someone sent it to me, apologies original creator
Ah, I see I am in the presence of a preeminent N64 titty connoisseur
You def get it Ur blasted, leaving the club at close with yo best bitches, and you’re responsible so you get ya ride. The app says ya ride is a Kia Chevy Juke and y’all’s abs cooked but one of yous is tryin hard cause you n yo best bitches don’t wanna get kidnapped Also you hit the club in March so it’s cold af at 4 am
Anyone who thinks someone who has the wherewithal to vote uncommitted to protest the genocide of the Palestinians by Israel in the Democratic-only primary but not realize that the fascist republican party is significantly worse than Biden for the general election is arguing in bad faith.
The whole joke plays into a terminally horny me-me emoji copypasta that people liked to crank out a few years ago - making it “moldy”! The point is the emojis! Here’s one for dickmas that takes it to 11:
MERRY🎅COCKMAS🍆🍆🍆🍆😜😜😜🐓🐓🐓🐓 AND HAPPY 😁 HOE-LIDAYS 😲😲😲😩😩😩 MERRY🎅COCKMAS🍆🍆🍆🍆😜😜😜🐓🐓🐓🐓 AND HAPPY 😁 HOE-LIDAYS 😲😲😲😩😩😩 THIS YEAR 📆 I'M DEFINITELY ✅ ON THE 😈😈😈NAUGHTY😈😈😈LIST📜📝 BECAUSE I'M 👈A GIGANTIC 🏳🌈🌈🏳🌈🌈🏳🌈🌈🏳🌈🌈🎄❄HO-HO-HOMOSEXUAL❄🎄🏳🌈🌈🏳🌈🌈🏳🌈🌈🏳🌈🌈 WHICH IS NOT 🙅♀️❌ VERY CHRISTIAN ⛪🙏 BUT I STILL CAN APPRECIATE 😜 SAINT DICK ✨🎉✨🎉 I CAN'T WAIT FOR 🎅SANTA🎅 TO SLIDE DOWN MY CHIMNEY ⬇🏠😜💦 AND STUFF MY STOCKING 🧦🎁😜 FULL OF DILDOS 😱🍆 AND PENIS PARAPHERNALIA 🍆🍆🍆🍆💦💦💦 BECAUSE I'M JUST A LITTLE 🤏 FESTIVE 🎄🎅🤶⛄❄🎁FAGGOT🏳🌈🌈🏳🌈🌈🍆🍆😜😜😩😩😩💦💦💦
SO TO ALL MY 💋👄💋👄💋SLUTTY 😩😩😩💋💋💋 SANTA'S 🎅🎅🏿🎅🏽🎅🏻 LITTLE HELPERS 😉😉😉👏👏& HORNY 😩😈 CHRISTMAS ELVES ��🏻♂️🧝🏻♂️🧝🏻♂️ REMEMBER LET IT "SNOW" 🌨🌨🌨❄❄❄❄⛄⛄⛄😜😜😜😜😜💦💦💦💦 AND DON'T FORGET TO 🌟✨🌟✨DECORATE✨🌟✨🌟 YOUR "TREE" 😜😜😜🎄🎄🎄🎄🎄🍆🍆🍆🍆🍆 I'LL BE WAITING 🕚🕕🕠 UNDER THE MISTLETOE 🍃🦶 WRAPPED UP IN RIBBON 😳🎁🎀💝 WAITING ⏱ FOR YOU 👆TO UNWRAP 😳🎀 ME SO WE CAN TASTE 👅💦 EACHOTHER'S CANDY CANES 🍬✨🍬✨🍬✨😩😩😩🍆🍆🍆💦💦💦
I’d guzzle that even if Gnor wouldn’t