Received: from 7of9.schinagl.nl (7of9.connected.by.freedominter.net [185.238.129.13]) by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id D3D2F7812D5 for <~alpine/devel@lists.alpinelinux.org>; Tue, 21 Jun 2022 18:56:45 +0000 (UTC) Received: from [10.2.12.24] (unknown [10.2.12.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by 7of9.schinagl.nl (Postfix) with ESMTPSA id 546CA1843E22 for <~alpine/devel@lists.alpinelinux.org>; Tue, 21 Jun 2022 20:56:45 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=schinagl.nl; s=7of9; t=1655837805; bh=R/Ib1ksdPDnfZK4o/jywzrJP+717c/5qHMkYGi4tZg0=; h=Date:Reply-To:Subject:To:References:From:In-Reply-To; b=qp+SqrcIFcuHbM5tlrv+rmByGPnpLziG/zBg1gqd5Cbjk6OWRRNqLNtjbEYOwgYu4 8VEpYN8ss3Ag7ioDE6SmajUOFXZd+O/O5oA31+PlK2U1AvDZJv/rYq+mNBxDVyVOrc MqlmkMQIq3NjSx7eM24VKq7C+FtevXKwRLRqOns0= Message-ID: <3b2c5b5e-5d05-5de1-88ef-9d44a3d1418c@schinagl.nl> Date: Tue, 21 Jun 2022 20:56:44 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0 Reply-To: oliver+list@schinagl.nl Subject: Re: Native Alpine GLibc support (NEW) Content-Language: en-US To: ~alpine/devel@lists.alpinelinux.org References: <20220621095653.71773d59@ncopa-desktop.lan> From: Olliver Schinagl In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Hey Tomas, On 21-06-2022 10:54, Tomas Kolda wrote: > Ășt 21. 6. 2022 v 10:43 odesĂ­latel Dominique Martinet > napsal: >> >> (With that said, I agree improving musl might be better, but.. any >> reason to stick to alpine for this particular usecase? I don't know what >> you need to rebuild your JNI dependencies but it might be even less work >> to slim down another distro's container) >> > We are using Redhat UBI minimal 8 as well. But there is so many > packages with many vulnerabilities so security scans are showing many > issues. Even if it is sometimes false positives it still does not look > good to customers. > > I tried many distros, but Alpine install to different root (-p > /newroot) allows me to have just a tiny bit of packages (only what I > need) with zero issues. > > So yes we can do that. I just like the simplicity that is already available. I have also thought of a glibc-based alpine (like). For most things, muslc is great; for some things, glibc is needed/desired. So why stick with alpine? TBH, because alpine is really amazing. I'm migrated from gentoo/ubuntu/debian to Arch Linux on my desktop/laptop; and while Arch shares quite a few similarities with Alpine, yet, strangely enough Alpine is still far superior. How? Well for one, the team is amazing. But technically also, security updates are often quickly addressed, plenty of package, ease of packaging. There's just so many things Alpine does 'better' then all of the distro's it has learned from. So if not alpine, what distro then? That's a good question, one I haven't been able to answer. Void seems to kind of offer however what we'd be after, musl OR glibc at least. But void is even more understaffed, slower, 'smaller', so stepping that direction is also not helpful, and lacks the alpine awesomeness :) Just some thoughts ... Olliver