[pkg-lxc-devel] LXC in Bookworm

Mason Loring Bliss mason at blisses.org
Tue May 16 16:11:49 BST 2023 

Hello, all! I've noted this in IRC, but this seems like a potentially
better place to talk about it:

I wanted to ask about the current status and talk about my usage, and
possibly suggest a random thing to keep it alive in Bookworm.

To wit, I use LXC heavily here and have plans to use it more heavily still
in future as I migrate away from both FreeBSD jails and heavyweight
libvirt/qemu/kvm VMs. Whether this is popular or not, I use it both without
systemd and without lxc-net. I was dismayed to see that a conflict between
dnsmasq and systemd might lead to LXC leaving Debian for Bookworm, and I
wanted to offer potential options.

Selfishly, I want it to stay. Here's how I use it today:

    https://github.com/ChibaPet/lxc-utils

It works beautifully on its own, and my "notes" there show that it's not
particularly hard to set up networking without lxc-net.

So I wonder if the dnsmasq Depends: could move to lxc-net itself, or if
it's worth including notes on how to set up networking in lxc-net and not
even have that maintain a Depends: on dnsmasq.

Rather than offering up more work for volunteers, I use and depend on this
and would be happy to do legwork to help it all happen.

My basic thinking is that "Depends:" should best be reserved for other
packages without which the package in question won't function, and in this
case it's not LXC itself that actually needs it, and dropping this
dependency would make the package less prone to this sort of thing:

    https://tracker.debian.org/pkg/lxc

Looking at the whole depends list, from Bullseye anyway, I see:

    Depends: liblxc1 (= 1:4.0.6-2+deb11u2), debconf (>= 0.5) | debconf-2.0,
    libc6 (>= 2.27), libcap2 (>= 1:2.10), libgcc-s1 (>= 3.3.1), libseccomp2
    (>= 2.5.0), libselinux1 (>= 3.1~), lsb-base (>= 3.0-6), bridge-utils,
    dnsmasq-base, iptables, iproute2

...and it seems like bridge-utils, iptables, and iproute2 might also be
valid targets to remove from Depends, under the same notion. But dnsmasq is
the one that's a threat right now.

-- 
Mason Loring Bliss    Therewith his sturdie corage soon was quayd,
mason at blisses.org       And all his sences were with suddein dread dismayd.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-lxc-devel/attachments/20230516/0954f465/attachment.sig>

More information about the Pkg-lxc-devel mailing list