That’s exactly what I did, as can be seen in the log I posted.
But the test of fm showed that somehow it doesn’t realize a running docker is there. So in that respect the test is negative. But the tool looks attractive enough to be a desirable tool to use, if some day it will see the docker which is available to use, so that’s why I posted this kind of bug report.
Starting with other external virtual machines from a new supplier only adds more complication (more administration, more stuff to manage).
I’ve been around when the FUD spreading happened, which later gave rise to the famous Halloween documents, e.g.:
If you never heard about that, please read about these events and documents. (The take of ESR might give a better perspective than the WP article.)
These were no fun at all. A real danger to literally all of open source software!
Maybe that’s why I’m so disgusted each time I try to read the TOS of github (due diligence).
A nebulous legaleese like many such texts. What parts do you even need to read?
In comparison, the MIT license which Frappe uses is short and clear.
github’s TOS are also available as a github repo with over 15000 commits, who can ever follow that?
And their TOS state that they can change anything at any time even without saying it.
All this seems totally crazy to me, and also potentially like one gigantic trap.
And be reassured, I wouldn’t write anything different to begin with on github than I did here.
I also don’t understand why almost everybody flocks to github.
git was meant to be a distributed archive in order to combat the abuse operated by certain centralistic entities. Some people really tried to surreptitiously corrupt the source of Linux! So Linus reacted by writing the git tool. So there should be some resilience. But are we exercising it regularly, to be prepared for mishaps?
Is there a way to be sure we get the code which frappe engineers wrote?
Is there any code signing? Is there a frappe master repo?
Is there an organized vigilance, e.g. ways which check the uncorruptedness of what github delivers?
Same issue. I raised issue but while raising I was wondering if I need to install “docker-compose”
But I did not want just to try to install something without knowing what i am doing.
…-Series:~$ docker-compose versionordocker compose version
or: command not found
Command ‘docker-compose’ not found, but can be installed with:
sudo snap install docker # version 20.10.24, or
sudo apt install docker-compose # version 1.29.2-1
See ‘snap info docker’ for additional versions.
sudo groupadd docker
sudo usermod -aG docker me
newgrp docker
A standard installation of docker engine executes the docker daemon as root.
Using the above commands grants a user the right to control the docker daemon.
Now, what if this user decides to run a container and bind mount / to a directory inside that container? Opening a root shell inside the container would give full write access to the host filesystem.
As easy as:
docker run -it --rm -v /:/host alpine chroot /host
Never give docker access to anyone you wouldn’t give root access to.
This can be mitigated by running the Docker daemon as a non-root user, but this is not the default installation and requires additional configuration steps.
