On 12/29/21 09:59, Stephen John Smoogen wrote:
> The modern day case where /usr is read-only is inside a container and
> you put an overlay or using some sort of linking to /var which is
> read-write in case of reboots.
Right, that makes sense.
> To me this is like saying 'move everything into /usr but because its
> volitile move it back into /var but in a sub-directory from where it
> was so you can keep an image running.' In this case, this doesn't
> sound like any savings and more of a headache of why did it corrupt
> this time.
But this doesn't. Why would you need to move the rpmdb? Users probably
aren't installing rpm packages in containers at run time (particularly
if /usr is read-only); installation typically happens when building the
container image, at which point /usr isn't read-only.
Most of the containers I am dealing with are
Grab the base image,
Create a layer, and add the images you want,
Test and deploy the layered image.
Update that image over time.
Theoretically people should build the thing from scratch every time but instead you get someone downloading the base image which they have gotten an OK to use, then adding the stuff they need, and then running with that for YEARS because the person who built the first one left long ago and no one wants to break the paycheck program again.