Systemd Introduces "Portable Services" Functionality, Similar To Containers
Lennart is at it again, making complicated things that nobody asked for.
The past several months Lennart Poettering has been working on a "portable services" concept and that big ticket new feature has now landed in Systemd. Portable services are akin to containers but different.
[...] A portable service is ultimately just an OS tree, either inside of a directory tree, or inside a raw disk image containing a Linux file system. This tree is called the "image". It can be "attached" or "detached" from the system. When "attached" specific systemd units from the image are made available on the host system, then behaving pretty much exactly like locally installed system services. When "detached" these units are removed again from the host, leaving no artifacts around (except maybe messages they might have logged).
[...] The primary focus use-case of "portable services" is to extend the host system with encapsulated extensions, but provide almost full integration with the rest of the system, though possibly restricted by effective security knobs. This focus includes system extensions otherwise sometimes called "super-privileged containers".
(Score: 2) by choose another one on Wednesday May 30 2018, @09:21AM
"akin to" in that externally perceived behaviour is indistinguishable
"different from" in that it can't be the same because these are the good guys and those are the bad guys, completely different DNA, just can't tell which is which anymore
...looked from pig to man, and from man to pig, and from pig to man again; but already it was impossible to say which was which