Stolen from linuxmemes at deltachat

  • Pantherina@feddit.deOP
    link
    fedilink
    arrow-up
    1
    ·
    11 months ago

    Yes I have do the same, layer small packages, use Flatpaks and complex stuff like (R + rstudio + COPR + Modules) or (QGis + grass + python + plugins) or IDEs in a distrobox.

    At least in Distrobox you can also create rootful containers which could run an entire DE, or run libvirtd in there and use virt-manager in a rootless box, connected over ssh. Totally works but its a bit complicated. But for software with systemd or USB access this is needed.

    Flatpaks share libraries, but they are sometimes not packaged well, contrary to distro packages, which on the other hand may pull in loots of dependencies.

    Would be interesting to run all packages in a rootful distrobox and have Fedora RPMs on the other hand.

    There are some hardening problems though, that I dont really understand, with user namespaces being blocked in the hardened kernel. On Arch there is bubblewrap-suid which fixes that in a way I also dont understand yet, but Podman, Distrobox, Toolbox, Docker etc dont work yet, and may not work too.