Received: from 7of9.schinagl.nl (7of9.connected.by.freedominter.net [185.238.129.13])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id D3D2F7812D5
	for <~alpine/devel@lists.alpinelinux.org>; Tue, 21 Jun 2022 18:56:45 +0000 (UTC)
Received: from [10.2.12.24] (unknown [10.2.12.24])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by 7of9.schinagl.nl (Postfix) with ESMTPSA id 546CA1843E22
	for <~alpine/devel@lists.alpinelinux.org>; Tue, 21 Jun 2022 20:56:45 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=schinagl.nl; s=7of9;
	t=1655837805; bh=R/Ib1ksdPDnfZK4o/jywzrJP+717c/5qHMkYGi4tZg0=;
	h=Date:Reply-To:Subject:To:References:From:In-Reply-To;
	b=qp+SqrcIFcuHbM5tlrv+rmByGPnpLziG/zBg1gqd5Cbjk6OWRRNqLNtjbEYOwgYu4
	 8VEpYN8ss3Ag7ioDE6SmajUOFXZd+O/O5oA31+PlK2U1AvDZJv/rYq+mNBxDVyVOrc
	 MqlmkMQIq3NjSx7eM24VKq7C+FtevXKwRLRqOns0=
Message-ID: <3b2c5b5e-5d05-5de1-88ef-9d44a3d1418c@schinagl.nl>
Date: Tue, 21 Jun 2022 20:56:44 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.10.0
Reply-To: oliver+list@schinagl.nl
Subject: Re: Native Alpine GLibc support (NEW)
Content-Language: en-US
To: ~alpine/devel@lists.alpinelinux.org
References: <CAGFcrM=KPg5AZie-ux055SVAZu08EmSJ3s-Q_Map5j5CmGaaKA@mail.gmail.com>
 <20220621095653.71773d59@ncopa-desktop.lan> <YrGEhsJi+AJ+eUVx@codewreck.org>
 <CAGFcrM=RUOpE+NfBS0k-My-Sk81okHJHBF0cnO4Z9_VLzuyYeQ@mail.gmail.com>
From: Olliver Schinagl <oliver@schinagl.nl>
In-Reply-To: <CAGFcrM=RUOpE+NfBS0k-My-Sk81okHJHBF0cnO4Z9_VLzuyYeQ@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit

Hey Tomas,

On 21-06-2022 10:54, Tomas Kolda wrote:
> út 21. 6. 2022 v 10:43 odesílatel Dominique Martinet
> <asmadeus@codewreck.org> napsal:
>>
>> (With that said, I agree improving musl might be better, but.. any
>> reason to stick to alpine for this particular usecase? I don't know what
>> you need to rebuild your JNI dependencies but it might be even less work
>> to slim down another distro's container)
>>
> We are using Redhat UBI minimal 8 as well. But there is so many
> packages with many vulnerabilities so security scans are showing many
> issues. Even if it is sometimes false positives it still does not look
> good to customers.
> 
> I tried many distros, but Alpine install to different root (-p
> /newroot) allows me to have just a tiny bit of packages (only what I
> need) with zero issues.
> 
> So yes we can do that. I just like the simplicity that is already available.

I have also thought of a glibc-based alpine (like). For most things, 
muslc is great; for some things, glibc is needed/desired. So why stick 
with alpine?

TBH, because alpine is really amazing. I'm migrated from 
gentoo/ubuntu/debian to Arch Linux on my desktop/laptop; and while Arch 
shares quite a few similarities with Alpine, yet, strangely enough 
Alpine is still far superior. How?

Well for one, the team is amazing.

But technically also, security updates are often quickly addressed, 
plenty of package, ease of packaging. There's just so many things Alpine 
does 'better' then all of the distro's it has learned from. So if not 
alpine, what distro then? That's a good question, one I haven't been 
able to answer.

Void seems to kind of offer however what we'd be after, musl OR glibc at 
least. But void is even more understaffed, slower, 'smaller', so 
stepping that direction is also not helpful, and lacks the alpine 
awesomeness :)

Just some thoughts ...

Olliver