this post was submitted on 12 Feb 2024
47 points (96.1% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54500 readers
442 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Those steps are outdated. I specifically had to lookup spotify's directions for installing on Ubuntu as the public key has changed I think. It's also just sort of freezes, it doesn't close or anything. There is a message about the GPU drivers I don't really understand and probably can't fix as that's a kernel issue.
Spotify is just an electron app. You can disable any GPU access just like you can with chrome via a flag.
My point is, unless spotify is trying to call a heretofore unimplemented syscall, it can be made to run. The linuxulator is basically as good as native.
Yeah tbh I made a mess of the Linux environment. I am gonna reinstall and see what happens. There are other potentially GPU related things going on on this system though so IDK. Like I could disable it for that one application but that wouldn't fix the other issues if that makes sense.
The Linuxulator is cool but I kind of don't trust it. Maybe I will try Linux containers.
My advice is to ditch GhostBSD, you are basically putting yourself further into the corner than you already are by trying to use FreeBSD on the desktop.
Linux binaries run just by a syscall shim. There's not much to trust or distrust. If all the syscalls are implemented and mapped to native FreeBSD syscalls, the thing works. Otherwise, it doesn't.
Oh I am sure the kernel support is great. I am more having issues working with chroots directly. I am much more at home managing docker and lxc which are more isolated. I just broke something trying to remove a couple chroots while stuff was still mounted - I think I nuked /home. You don't really have that issue with docker containers or lxc, it's a simple command to remove.
More isolated in which way? You should probably read up on how all this stuff is actually implemented, it will clarify your understanding of what is going on rather than just throwing commands at the wall and seeing what sticks.
I mean docker and especially lxc do a lot more than just chroot. They use cgroups, namespaces, and other stuff that's beyond my paygrade. LXC remaps user IDs for example. That's without getting into tech like gvisor and runsc that further isolates them by restricting system calls and re implementing some of them to increase security. Obviously there are things like privileged containers which have fewer restrictions, but those are the exception not the rule. From what I understand of chroot it only really restricts what files it can see; there is a reason why android supports chroots + termux but not a full docker install. Chroots to me are mainly used for bootstrapping systems and recovering systems. They aren't meant for real virtualization or server work by themselves if you catch my drift.
I know how docker and lxc work and the difference between them and chroots. But you're talking about persistence of changes breaking things. You are right that chroot only operates on the VFS namespace. Jails are the kind of isolation you are after, and in fact were in FreeBSD before containerization was even a word.
Things like remapping user IDs start to pervert the line between userspace and what the kernel gives a shit about. Linux containerization technologies are many things, but elegant they are not.
You can run a Linux Jail/Container in FreeNAS, right?
I am aware jails exist, I had bastille installed before I bricked my system to play with.
The same as you can in regular FreeBSD, under a bhyve VM running Linux. You can also use the linux ABI in a jail.