Am Mo., 14. Nov. 2022 um 14:46 Uhr schrieb Reinhard Tartler <siret...@gmail.com>: > > > > On Thu, Sep 22, 2022 at 7:00 PM Norbert Lange <nolang...@gmail.com> wrote: >> >> Package: podman >> Version: 4.2.1-0.1 >> Severity: minor >> Tags: patch >> X-Debbugs-Cc: nolang...@gmail.com >> >> Hello, >> >> I am aware of #1000521, I dont see it as resolved. >> >> The problem is that you can run podman as service, and clients >> can connect on for ex. an exposed unix socket. >> >> Practical example is: >> >> - run rootless podman providing an unix socker >> - run an container jenkins/inbound-agent container >> binding that socket >> - provide a binary that takes the same arguments as docker >> while using the socket >> >> Now the issue is, that you have to install podman and its many >> dependencies in the jenkins/inbound-agent container. >> >> Way better would be to use one of the simple remote-only clients, >> this is a single file without any dependencies >> (run ldd on both). >> >> docker provides the docker-ce-cli package, podman the podman-remote >> binary. >> >> Debian should offer the package as independent package, >> so client/server can be updated together. >> Then containers can get a bind-mount to the host's >> /usr/bin/podman-remote binary. > > > Thank you for your patch. I plan on integrating it soon. > > I haven't merged it yet as it would require another round through the NEW > queue, and I'd really like to get 4.3.1 into unstable first. Once we have > 4.3.1 in testing, I'd like to upload your patch, as processing times through > NEW is unpredictable, and I'd like to avoid having other updates to podman > stuck for weeks or months.
Thats fine, my provisional build will work till then. I ended up using a statically built podman-remote, as some of the containers did not have a compatible libc. (nabbed from https://github.com/mgoltzsche/podman-static/blob/master/Dockerfile-remote) so a podman-remote-static package would be a good idea regards Norbert
