Tim Harder <radher...@gentoo.org> wrote: > On 2017-09-23 19:59, Rich Freeman wrote: >> A read-only container > > I doubt bind mounts will scale > > As has been mentioned before, a different way would be to write some > sort of FUSE fs
The problem with both, containers and FUSE, is performance. (For containers with thousands of binds, I haven't tried, but for FUSE I know how unionfs-fuse slows down "normal" operation: only for the reason that the implementation in userspace requires many additional context switches.) Both is fine for testing, but I am afraid not for regular user's emerge operations which usually involve too many file operations, at least for certain packages (e.g. *-sources, texlive-*). It is the big advantage of overlay that it is implemented in kernel and does not involve any time-consuming checks during normal file operations. Indeed, the price you pay is that the actual checking can be done only once only at the very end of the compilation, and so the only information you get is the name and time of violation (paths and filestamps). But concerning performance this "only once" checking is an advantage, of course. Main disadvantages: It requires the user to have overlay support in the kernel and extended attribute support for the file system containing the upper directory.
