From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Philip Kaludercic Newsgroups: gmane.emacs.devel Subject: Re: [ELPA] new package: tramp-docker Date: Fri, 07 Oct 2022 07:35:48 +0000 Message-ID: <871qrkkrvv.fsf@posteo.net> References: <5674f36a-c276-fd77-b4d2-1525c75a1602@spork.org> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="25464"; mail-complaints-to="usenet@ciao.gmane.io" Cc: Robin Tarsiger , emacs-devel@gnu.org To: Richard Stallman Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Fri Oct 07 09:41:04 2022 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oghyh-0006S3-Fu for ged-emacs-devel@m.gmane-mx.org; Fri, 07 Oct 2022 09:41:03 +0200 Original-Received: from localhost ([::1]:45712 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oghyg-0005dN-Dk for ged-emacs-devel@m.gmane-mx.org; Fri, 07 Oct 2022 03:41:02 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:38018) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oghtr-00046J-4i for emacs-devel@gnu.org; Fri, 07 Oct 2022 03:36:06 -0400 Original-Received: from mout01.posteo.de ([185.67.36.65]:34411) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oghtn-0001EQ-PI for emacs-devel@gnu.org; Fri, 07 Oct 2022 03:36:01 -0400 Original-Received: from submission (posteo.de [185.67.36.169]) by mout01.posteo.de (Postfix) with ESMTPS id 56896240029 for ; Fri, 7 Oct 2022 09:35:57 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017; t=1665128157; bh=zsQBqX8FPBVaAa3GuDDPGAG4w/Gke3drc2V7bjjVMLE=; h=From:To:Cc:Subject:Autocrypt:Date:From; b=XKrEoGBaHwGd3rcu5i8aewfYAFZfaTGCT7m2ldfFUamrfwKPD0FXEMk8a0+p/QYlB uxFSnm0myQyOUUGkIarQNQKGzFBiy6g4Gl7+465zlOPK1Or+Na9R2QxAWgANQWQb9Y 5aNKLqq0LuUIO+5kwP5JuBbdHm0AxF4xshek0EsqpFvV6odikMSP0lXL4DfSsOvR/1 ZaLIDrJ3bOHoBjxOIlTNLyYiMervYpYd5WnIiLrVmrVjbJkvc3XVewqj9TuWNocSHt HfGjpAfVFiY1p5jHzOZwPOzmTUIsw1ZSX1tF9pGqQU02Ysu6QC8AJeXlW4AYzen/PJ YvRMy5CBcZbKw== Original-Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4MkKqJ3vtTz9rxM; Fri, 7 Oct 2022 09:35:53 +0200 (CEST) In-Reply-To: (Richard Stallman's message of "Thu, 06 Oct 2022 18:03:58 -0400") Autocrypt: addr=philipk@posteo.net; prefer-encrypt=nopreference; keydata= mDMEYHHqUhYJKwYBBAHaRw8BAQdAp3GdmYJ6tm5McweY6dEvIYIiry+Oz9rU4MH6NHWK0Ee0QlBo aWxpcCBLYWx1ZGVyY2ljIChnZW5lcmF0ZWQgYnkgYXV0b2NyeXB0LmVsKSA8cGhpbGlwa0Bwb3N0 ZW8ubmV0PoiQBBMWCAA4FiEEDM2H44ZoPt9Ms0eHtVrAHPRh1FwFAmBx6lICGwMFCwkIBwIGFQoJ CAsCBBYCAwECHgECF4AACgkQtVrAHPRh1FyTkgEAjlbGPxFchvMbxzAES3r8QLuZgCxeAXunM9gh io0ePtUBALVhh9G6wIoZhl0gUCbQpoN/UJHI08Gm1qDob5zDxnIHuDgEYHHqUhIKKwYBBAGXVQEF AQEHQNcRB+MUimTMqoxxMMUERpOR+Q4b1KgncDZkhrO2ql1tAwEIB4h4BBgWCAAgFiEEDM2H44Zo Pt9Ms0eHtVrAHPRh1FwFAmBx6lICGwwACgkQtVrAHPRh1Fw1JwD/Qo7kvtib8jy7puyWrSv0MeTS g8qIxgoRWJE/KKdkCLEA/jb9b9/g8nnX+UcwHf/4VfKsjExlnND3FrBviXUW6NcB Received-SPF: pass client-ip=185.67.36.65; envelope-from=philipk@posteo.net; helo=mout01.posteo.de X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:297140 Archived-At: Richard Stallman writes: > [[[ To any NSA and FBI agents reading my email: please consider ]]] > [[[ whether defending the US Constitution against all enemies, ]]] > [[[ foreign or domestic, requires you to follow Snowden's example. ]]] > > > This code is used to access files in Docker or Podman containers that are > > running on the same system as Emacs. It calls the Docker or Podman program > > to spawn a shell inside the container to communicate with. It is similar > > to the su or sudo Tramp methods, in that the connection to the "remote" > > system involves shared kernel resources (unless Docker or Podman itself > > eventually chooses to do something else). > > Thanks for explaining. My overload is such that I just saw this today > -- because I recalled I hadn't seen a reply and decided to search for it. > > Now I understand what this is does, and it will be a convenient > feature. But it raises a couple of possible moral issues. > > 1. Is the Docker program free software? Is the Podman program free > software? If neither of them is free software, is this a feature that > promotes running nonfree software on GNU? Yes, both are free software. > 2. Supposing that one of them is free software, and there is no > problem of that kind, there's another problem that people have > reported to me: in making a container, there is a risk of including > nonfree programs and you can't easily tell if that has happened, let > alone make sure it won't happen. The container-making process tends > to pull in dependencies without checking whether they are free.n To my knowledge there is the danger of either having a build-time or a run-time dependency on a non-free container, though looking through a container index like (https://hub.docker.com/search?q=), it appears that the overwhelming majority of popular software is free software, if only because distribution is easier. That being said, TRAMP+Docker is a popular combination for developing software, so what people often just do is use a distribution image (Ubuntu, Debian, Alpine) as the foundation and then instruct the container to install all the software they need using the distributions package manager, while building their own image. Seems backwards to me, but it appears to be popular. There is a saying that Docker is the final stage of the "works on my machine"-mentality, as what you are ultimately doing is shipping your entire "own" machine. > That is not a reason to refuse to support this access-into-containers > feature, but we should take advantage of this feature and its > documentation to inform people about that problem. I was looking around but couldn't find anything. The "best" I could find was license checking tools that made sure there was no GPL software in a container (to avoid virality), maybe that could be turned on its head for our needs. > 3. Distributing free programs in containers tends to be bad for > the community's control over the program. Because people > don't build the program on the GNU/Linux distros they use, > and don't package it for those distros. > > This too we should use the opportunity to warn people about. I think this could be added to the commentary section.