Do containers have a maintenence problem?

nevj · November 3, 2022, 10:03am

Yes indeed, but thanks… my understanding has increased
Steam just manages game binaries, in a way that allows games to police their licenses and prevent copying.
So I should not really include steam in my comments on container issues.

jexec $JAILNAME /bin/tcsh

Yes that is similar, it just lets you inside the container with a shell.

Does the same… that /bin/bash on the end simple replaces whatever the Dockerfile starts up with bash.

I tried docker inspect 830ca26d8941
it gives a messy JSON output

$ docker inspect 830ca26d8941
[
    {
        "Id": "sha256:830ca26d89413b86b2da43d612335b13eefd3af7e9bf6997564e6c3bc4a9372f",
        "RepoTags": [
            "wfoxdev:v7"
        ],
        "RepoDigests": [],
        "Parent": "sha256:3823d4ba7206af174b41ed4aa9fdfec03d7a0f6acb0855943c47684b50d48542",
        "Comment": "",
        "Created": "2022-09-29T10:41:49.092806374Z",
        "Container": "053972ee249a98484ab2ac9733954852b494053d61880f7cd3193670b20312c6",
        "ContainerConfig": {
            "Hostname": "053972ee249a",
            "Domainname": "",
            "User": "wfox",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "HOME=/home/wfox",
                "LC_ALL=en_AU.UTF-8",
                "LANG=en_AU.UTF-8",
                "LANGUAGE=en_AU.UTF-8",
                "TZ=Australia/Sydney"
            ],
            "Cmd": [
                "/bin/sh",
                "-c",
                "#(nop) ",
                "CMD [\"/bin/sh\" \"-c\" \"/wfox/waterfox/waterfox\"]"
            ],
            "Image": "sha256:3823d4ba7206af174b41ed4aa9fdfec03d7a0f6acb0855943c47684b50d48542",
            "Volumes": null,
            "WorkingDir": "/wfox",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {}
        },
....
....
        "Metadata": {
            "LastTagTime": "2022-09-29T20:41:49.332166483+10:00"
        }
    }
]

That is not quite the same as what you see going into a shell, as @pdecker noted.

nevj · November 3, 2022, 11:22am

Yes that IS a running container.
But it is not executing the normal software on the CMD line of the Dockerfile.
But you can do that interactively, once you get into the bash shell.

If there is some container running on your system, I dont know of any way to intercept it and see what is going on inside?

nevj · November 7, 2022, 5:39am

It has been suggested to me that one possible advantage of Docker containers is that they can be removed cleanly… ie they do not leave behind stray files in your filesystem.
Things like apt purge do not always do a clean removal.
Things installed by hand outside the package system are notoriously difficult to remove.

I do not think this benefit comes with snap or flatpak containers, but someone may correct me on that.