From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joshua Branson Subject: Re: Help understand some guix concepts Date: Mon, 01 Jan 2018 12:49:54 -0800 Message-ID: <1514839794.3690147.1221084920.0FA74B19@webmail.messagingengine.com> References: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="_----------=_151483979436901470" Content-Transfer-Encoding: 7bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:40404) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eW721-0000Q2-N3 for guix-devel@gnu.org; Mon, 01 Jan 2018 15:50:02 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eW71x-0005gZ-3J for guix-devel@gnu.org; Mon, 01 Jan 2018 15:50:01 -0500 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:51359) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eW71w-0005ej-Pm for guix-devel@gnu.org; Mon, 01 Jan 2018 15:49:57 -0500 Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 0056921B1C for ; Mon, 1 Jan 2018 15:49:54 -0500 (EST) In-Reply-To: List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org This is a multi-part message in MIME format. --_----------=_151483979436901470 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" By no means am I a developer, but I can try to explain some things... A profile is a collection of packages. Each user on the system has a profile of his packages. So Jerry has a profile of Emacs 24, Iceweasel 50, etc. Jill also uses the system, but she has packages Tetris 5.4, Emacs 23, etc. Jerry's packages and Jill's packages are independent of one another and cause no conflicts. There is also a system profile. This is the collection of packages that boots your system. For example if Jerry uses gnome, usually his profile will not contain the gnome program. Instead gnome is found under the system profile. The root filesystem is everything under / right?=20=20 chroot is a way of letting applications thing that they are running with full root privileges when they are not. A container restricts what an application can access. Firefox for example should only be able to access your Downloads directory. It should not be able to read your gpg keys. One can run Firefox in a container to limit the things that Firefox can access. docker I believe is a way of running a web application. Web application development is getting really hard these days. Your application can have js dependencies, python dependencies, etc. Each language has its own package manager, and if one packages gets updated your web application can refuse to work. Docker just freezes everything so that it works. Then you run that frozen image. lxc? No idea.=20 On Mon, Jan 1, 2018, at 11:31 AM, Amirouche Boubekki wrote: > H=C3=A9llo, >=20 > It's a long time I did not read the manual. So I read he manual this > afternoon.>=20 > I have to say that I don't really understand some guix concepts and > how they map to the rest of the world.>=20 > Can someone try to explain to me how the following concepts are > related to each other:>=20 > Environments, profiles, gc roots, root filesystem, chroot, containers, > docker and lxc>=20 > TIA --_----------=_151483979436901470 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="utf-8"
By no means am I a developer, but I can try to explain some thin= gs...

A profile is a collection of packages.  Each user on the system h= as a profile of his packages.  So Jerry has a profile of Emacs 24, Ice= weasel 50, etc.  Jill also uses the system, but she has packages Tetri= s 5.4, Emacs 23, etc.  Jerry's packages and Jill's packages are indepe= ndent of one another and cause no conflicts. 

There is also a system profile.  This is the collection of packag= es that boots your system.  For example if Jerry uses gnome, usually h= is profile will not contain the gnome program.  Instead gnome is found= under the system profile.

The root filesystem is everything under /  right? 

chroot is a way of letting applications thing that they are running wi= th full root privileges when they are not.

A container restricts what an application can access.  Firefox fo= r example should only be able to access your Downloads directory.  It = should not be able to read your gpg keys.  One can run Firefox in a co= ntainer to limit the things that Firefox can access.

docker I believe is a way of running a web application.  Web appl= ication development is getting really hard these days.  Your applicati= on can have js dependencies, python dependencies, etc.  Each language = has its own package manager, and if one packages gets updated your web appl= ication can refuse to work.  Docker just freezes everything so that it= works.  Then you run that frozen image.

lxc?  No idea.


On Mon, Jan 1, 2018, at 11:31 AM, Amirouche Boubekki wrote:
H=C3=A9llo,<= /span>

It's a long time I = did not read the manual. So I read he manual this afternoon.

I have to say that = I don't really understand some guix concepts and how they map to the rest o= f the world.

Can someone try to = explain to me how the following concepts are related to each other:

Environments, profi= les, gc roots, root filesystem, chroot, containers, docker and lxc

TIA

--_----------=_151483979436901470--