Blog: 2024-02-09
Ok rather than any of the nice projects I talked about on 2/7, I now have... the idea of making a ronin alternative, that uses podman instead of qemu. Coincidentally, I can see this converging, as I dig into the implementation of podman and see qemu.
$ podman system connection list Name URI Identity Default podman-machine-default ssh://[email protected]:50117/run/user/501/podman/podman.sock /Users/razzi/.ssh/podman-machine-default true podman-machine-default-root ssh://[email protected]:50117/run/podman/podman.sock /Users/razzi/.ssh/podman-machine-default false $ podman machine list NAME VM TYPE CREATED LAST UP CPUS MEMORY DISK SIZE podman-machine-default* qemu 5 months ago 3 months ago 1 2GiB 100GiB $ podman machine start Starting machine "podman-machine-default" Waiting for VM ... Error: qemu exited unexpectedly with exit code 1, stderr: qemu-system-x86_64: -drive if=virtio,file=/Users/razzi/.local/share/containers/podman/machine/qemu/podman-machine-default_fedora-coreos-38.20230819.2.0-qemu.x86_64.qcow2: Could not open '/Users/razzi/.local/share/containers/podman/machine/qemu/podman-machine-default_fedora-coreos-38.20230819.2.0-qemu.x86_64.qcow2': No such file or directory $ podman machine list NAME VM TYPE CREATED LAST UP CPUS MEMORY DISK SIZE podman-machine-default* qemu 5 months ago 3 months ago 1 2GiB 100GiB $ podman machine rm podman-machine-default The following files will be deleted: /Users/razzi/.ssh/podman-machine-default /Users/razzi/.ssh/podman-machine-default.pub /Users/razzi/.config/containers/podman/machine/qemu/podman-machine-default.ign /Users/razzi/.local/share/containers/podman/machine/qemu/podman-machine-default_fedora-coreos-38.20230819.2.0-qemu.x86_64.qcow2 /Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock /Users/razzi/.config/containers/podman/machine/qemu/podman-machine-default.json
Oh right, I'm thinking of calling this podman-based tool po. Like https://en.wikipedia.org/wiki/B%C5%8D Getting this helpful message upon startup
$ podman machine start
Starting machine "podman-machine-default"
Waiting for VM ...
Mounting volume... /Users:/Users
Mounting volume... /private:/private
Mounting volume... /var/folders:/var/folders
This machine is currently configured in rootless mode. If your containers
require root permissions (e.g. ports < 1024), or if you run into compatibility
issues with non-podman clients, you can switch using the following command:
podman machine set --rootful
API forwarding listening on: /Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock
The system helper service is not installed; the default Docker API socket
address can't be used by podman. If you would like to install it, run the following commands:
sudo /usr/local/Cellar/podman/4.8.2/bin/podman-mac-helper install
podman machine stop; podman machine start
You can still connect Docker API clients by setting DOCKER_HOST using the
following command in your terminal session:
export DOCKER_HOST='unix:///Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock'
Machine "podman-machine-default" started successfully
Sure enough
$ docker ps Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? $ env DOCKER_HOST='unix:///Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock' docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Ok I added a po user but when I switched to it I got no sudo! Looks like it's not installed by default. Here are the packages before any updates/installs
root@123bc29e561f:/# apt list Listing... Done adduser/now 3.134 all [installed,local] apt/now 2.6.1 amd64 [installed,local] base-files/now 12.4+deb12u4 amd64 [installed,local] base-passwd/now 3.6.1 amd64 [installed,local] bash/now 5.2.15-2+b2 amd64 [installed,local] bsdutils/now 1:2.38.1-5+b1 amd64 [installed,local] coreutils/now 9.1-1 amd64 [installed,local] dash/now 0.5.12-2 amd64 [installed,local] debconf/now 1.5.82 all [installed,local] debian-archive-keyring/now 2023.3+deb12u1 all [installed,local] debianutils/now 5.7-0.5~deb12u1 amd64 [installed,local] diffutils/now 1:3.8-4 amd64 [installed,local] dpkg/now 1.21.22 amd64 [installed,local] e2fsprogs/now 1.47.0-2 amd64 [installed,local] findutils/now 4.9.0-4 amd64 [installed,local] gcc-12-base/now 12.2.0-14 amd64 [installed,local] gpgv/now 2.2.40-1.1 amd64 [installed,local] grep/now 3.8-5 amd64 [installed,local] gzip/now 1.12-1 amd64 [installed,local] hostname/now 3.23+nmu1 amd64 [installed,local] init-system-helpers/now 1.65.2 all [installed,local] libacl1/now 2.3.1-3 amd64 [installed,local] libapt-pkg6.0/now 2.6.1 amd64 [installed,local] libattr1/now 1:2.5.1-4 amd64 [installed,local] libaudit-common/now 1:3.0.9-1 all [installed,local] libaudit1/now 1:3.0.9-1 amd64 [installed,local] libblkid1/now 2.38.1-5+b1 amd64 [installed,local] libbz2-1.0/now 1.0.8-5+b1 amd64 [installed,local] libc-bin/now 2.36-9+deb12u4 amd64 [installed,local] libc6/now 2.36-9+deb12u4 amd64 [installed,local] libcap-ng0/now 0.8.3-1+b3 amd64 [installed,local] libcap2/now 1:2.66-4 amd64 [installed,local] libcom-err2/now 1.47.0-2 amd64 [installed,local] libcrypt1/now 1:4.4.33-2 amd64 [installed,local] libdb5.3/now 5.3.28+dfsg2-1 amd64 [installed,local] libdebconfclient0/now 0.270 amd64 [installed,local] libext2fs2/now 1.47.0-2 amd64 [installed,local] libffi8/now 3.4.4-1 amd64 [installed,local] libgcc-s1/now 12.2.0-14 amd64 [installed,local] libgcrypt20/now 1.10.1-3 amd64 [installed,local] libgmp10/now 2:6.2.1+dfsg1-1.1 amd64 [installed,local] libgnutls30/now 3.7.9-2+deb12u1 amd64 [installed,local] libgpg-error0/now 1.46-1 amd64 [installed,local] libhogweed6/now 3.8.1-2 amd64 [installed,local] libidn2-0/now 2.3.3-1+b1 amd64 [installed,local] liblz4-1/now 1.9.4-1 amd64 [installed,local] liblzma5/now 5.4.1-0.2 amd64 [installed,local] libmd0/now 1.0.4-2 amd64 [installed,local] libmount1/now 2.38.1-5+b1 amd64 [installed,local] libnettle8/now 3.8.1-2 amd64 [installed,local] libp11-kit0/now 0.24.1-2 amd64 [installed,local] libpam-modules-bin/now 1.5.2-6+deb12u1 amd64 [installed,local] libpam-modules/now 1.5.2-6+deb12u1 amd64 [installed,local] libpam-runtime/now 1.5.2-6+deb12u1 all [installed,local] libpam0g/now 1.5.2-6+deb12u1 amd64 [installed,local] libpcre2-8-0/now 10.42-1 amd64 [installed,local] libseccomp2/now 2.5.4-1+b3 amd64 [installed,local] libselinux1/now 3.4-1+b6 amd64 [installed,local] libsemanage-common/now 3.4-1 all [installed,local] libsemanage2/now 3.4-1+b5 amd64 [installed,local] libsepol2/now 3.4-2.1 amd64 [installed,local] libsmartcols1/now 2.38.1-5+b1 amd64 [installed,local] libss2/now 1.47.0-2 amd64 [installed,local] libstdc++6/now 12.2.0-14 amd64 [installed,local] libsystemd0/now 252.19-1~deb12u1 amd64 [installed,local] libtasn1-6/now 4.19.0-2 amd64 [installed,local] libtinfo6/now 6.4-4 amd64 [installed,local] libudev1/now 252.19-1~deb12u1 amd64 [installed,local] libunistring2/now 1.0-2 amd64 [installed,local] libuuid1/now 2.38.1-5+b1 amd64 [installed,local] libxxhash0/now 0.8.1-1 amd64 [installed,local] libzstd1/now 1.5.4+dfsg2-5 amd64 [installed,local] login/now 1:4.13+dfsg1-1+b1 amd64 [installed,local] logsave/now 1.47.0-2 amd64 [installed,local] mawk/now 1.3.4.20200120-3.1 amd64 [installed,local] mount/now 2.38.1-5+b1 amd64 [installed,local] ncurses-base/now 6.4-4 all [installed,local] ncurses-bin/now 6.4-4 amd64 [installed,local] passwd/now 1:4.13+dfsg1-1+b1 amd64 [installed,local] perl-base/now 5.36.0-7+deb12u1 amd64 [installed,local] sed/now 4.9-1 amd64 [installed,local] sysvinit-utils/now 3.06-4 amd64 [installed,local] tar/now 1.34+dfsg-1.2 amd64 [installed,local] tzdata/now 2023c-5+deb12u1 all [installed,local] usr-is-merged/now 35 all [installed,local] util-linux-extra/now 2.38.1-5+b1 amd64 [installed,local] util-linux/now 2.38.1-5+b1 amd64 [installed,local] zlib1g/now 1:1.2.13.dfsg-1 amd64 [installed,local]
Merrily proceeding along, I installed doas and enabled `permit po as root` into /etc/doas.conf
I modified this to be `permit nopass po as root`; no nano or vim, just used echo again.
Then I thought "I'll set up fish" but I got a huge dependency tree:
po@123bc29e561f:/$ doas apt install fish Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: bsdextrautils bzip2 ca-certificates file fish-common groff-base krb5-locales libbsd0 libexpat1 libgdbm-compat4 libgdbm6 libgpm2 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libmagic-mgc libmagic1 libncursesw6 libnsl2 libpcre2-32-0 libperl5.36 libpipeline1 libproc2-0 libpython3-stdlib libpython3.11-minimal libpython3.11-stdlib libreadline8 libsqlite3-0 libssl3 libtirpc-common libtirpc3 libuchardet0 libx11-6 libx11-data libxau6 libxcb1 libxdmcp6 lynx lynx-common mailcap man-db media-types netbase openssl perl perl-modules-5.36 procps psmisc python3 python3-minimal python3.11 python3.11-minimal readline-common xsel xz-utils Suggested packages: bzip2-doc doc-base groff gdbm-l10n gpm krb5-doc krb5-user sensible-utils apparmor less perl-doc libterm-readline-gnu-perl | libterm-readline-perl-perl make libtap-harness-archive-perl python3-doc python3-tk python3-venv python3.11-venv python3.11-doc binutils binfmt-support readline-doc The following NEW packages will be installed: bsdextrautils bzip2 ca-certificates file fish fish-common groff-base krb5-locales libbsd0 libexpat1 libgdbm-compat4 libgdbm6 libgpm2 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libmagic-mgc libmagic1 libncursesw6 libnsl2 libpcre2-32-0 libperl5.36 libpipeline1 libproc2-0 libpython3-stdlib libpython3.11-minimal libpython3.11-stdlib libreadline8 libsqlite3-0 libssl3 libtirpc-common libtirpc3 libuchardet0 libx11-6 libx11-data libxau6 libxcb1 libxdmcp6 lynx lynx-common mailcap man-db media-types netbase openssl perl perl-modules-5.36 procps psmisc python3 python3-minimal python3.11 python3.11-minimal readline-common xsel xz-utils 0 upgraded, 58 newly installed, 0 to remove and 0 not upgraded. Need to get 29.0 MB of archives. After this operation, 135 MB of additional disk space will be used. Do you want to continue? [Y/n]
Lunchtime!
Ok here's this snippet of a blog post I was thinking about earlier
But you can’t stop a gold rush
When you think about it, OpenSea would actually be much “better” in the immediate sense if all the web3 parts were gone. It would be faster, cheaper for everyone, and easier to use. For example, to accept a bid on my NFT, I would have had to pay over $80-$150+ just in ethereum transaction fees. That puts an artificial floor on all bids, since otherwise you’d lose money by accepting a bid for less than the gas fees. Payment fees by credit card, which typically feel extortionary, look cheap compared to that.
I'm finding a lot of packages have a lot of unnecessary "requires". Now installing with
$ doas apt install --no-install-recommends neofetch
po@123bc29e561f:/$ doas apt install --no-install-recommends neofetch Reading package lists... Done Building dependency tree... Done Reading state information... Done Recommended packages: chafa caca-utils imagemagick jp2a libsixel-bin w3m-img pciutils The following NEW packages will be installed: neofetch 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
I think I'll make this the default in my config. Downloaded 81.8kB, versus installing recommended packages as well:
0 upgraded, 156 newly installed, 0 to remove and 0 not upgraded. Need to get 71.2 MB of archives. After this operation, 254 MB of additional disk space will be used.
And neofetch works just fine without recommends:
po@123bc29e561f:/$ neofetch
_,met$$$$$gg. po@123bc29e561f ,g$$$$$$$$$$$$$$$P. --------------- ,g$$P" """Y$$.". OS: Debian GNU/Linux 12 (bookworm) x86_64 ,$$P' `$$$. Host: KVM/QEMU (Standard PC (Q35 + ICH9, 2009) pc-q35-8.2)',$$P ,ggs. `$$b: Kernel: 6.6.13-200.fc39.x86_64 `d$$' ,$P"' . $$$ Uptime: 9 hours, 42 mins
$$P d$' , $$P Packages: 101 (dpkg) $$: $$. - ,d$$' Shell: bash 5.2.15 $$; Y$b._ _,d$P' Resolution: 1280x800 Y$$. `.`"Y$$$$P"' CPU: 06/45 (2) @ 2.300GHz `$$b "-.__ Memory: 363MiB / 1964MiB `Y$$ `Y$$. `$$b. `Y$$b. `"Y$b._ `"""
Cool, was able to generate a dependency tree of fish to see why lynx was included, like so:
debtree fish | dot -Tpdf > out.pdf
And get it out of podman (tab completion gave me the container name):
podman cp wonderful_robinson:/home/po/out.pdf .
Here's the jpeg render:
