[arch-general] Announcing pacpak
pelzflorian (Florian Pelz)
pelzflorian at pelzflorian.de
Wed Feb 22 07:35:28 UTC 2017
Hello,
A while ago I started pacman and pacbub for file system isolation of
pacman packages. pacpak and pacbub are dead now. They were the wrong
approach for user space isolation. It all gets too hacky. It’s not KISS.
I don’t like it anymore and would rather use GNU Guix for isolating
users’ applications.
Note that if you want to fine-tune a sandbox for a single application,
bubblewrap is great. However, what I wanted is that I can install the
GNOME packages in one tree and then create other trees out of it, for
example one with gnome-maps and one with gnome-2048, but without
redownloading all files and wasting disk space. Inheriting from another
filesystem tree is what gets ugly because pacman and Arch packages are
not designed for that – it probably works somewhat except for the pacman
database but it’s too hacky.
Guix is still pretty unstable and containerization support (e.g. `guix
environment --container --ad-hoc coreutils`) currently is ugly too
(compared to bubblewrap) but at least its basic design and intended use
seem right for it.
I am sorry for choosing the wrong path with Flatpak+pacman and
bubblewrap+pacman and being slow at that too. It would have been much
more work than I had hoped for and I don’t want to maintain a cluster of
hacks.
Regards,
Florian
More information about the arch-general
mailing list