As an example we will look at man 1 bwrap. Bubblewrap allows us to sandbox an application, not too dissimilar to docker. Flatpaks use bubblewrap as part of their sandbox. Bubblewrap can optionally take in a list of syscalls to filter. The filter is expressed as a BPF(Berkley Packet Filter program - remember when I said docker gives you a friendlier interface to seccomp?) program. Below is a short program... - Source: dev.to / 19 days ago

I have already been using bubblewrap[1] to isolate KeePassXC from the network and more (the only access it has is to its own private directory and the Wayland socket). I wouldn't recommend relying on devs or maintainers to do application isolation work for you. [1] <https://github.com/containers/bubblewrap>. - Source: Hacker News / 28 days ago

Recently, I came across Chainguard and wrote the article How to build Docker Images with Melange and Apko. As a fervent supporter of Kubernetes and GitLab CI, I was eager to experiment with building images using Melange in this particular setup. GitLab's shared Runners work seamlessly with Bubblewrap, eliminating the need for additional configurations. This post is intended for enthusiasts like myself, interested... - Source: dev.to / 5 months ago

``` This is basically manually invoking what Flatpak does: https://github.com/containers/bubblewrap This is also useful for more than just security. E.G., you can test how your app would behave on a fresh install by masking your user configuration files. I personally also have a tool that uses it to basically bundle all dependencies from an entire Linux... - Source: Hacker News / 9 months ago

To, say, override the KDE plugins while testing. This is useful for me since it's rather challenging during development to actually get KDE apps to reliably load my plugins on NixOS: I think kio slaves are probably wrapped and getting other environments injected into them. Rather than bother with any tricky hacks, Linux namespaces make it relatively easy to test regardless. Bubblewrap is used internally by Flatpak... - Source: Hacker News / 11 months ago

Https://pkgsrc.org/ from netbsd runs on many systems. - Source: Hacker News / 4 days ago

It seems according to pkgsrc.org that pkgin might follow the PKG_PATH environment variable. You're supposed to set PKG_PATH="http://cdn.NetBSD.org/pub/pkgsrc/packages/NetBSD/$(uname -p)/$(uname -r|cut -f '1 2' -d.)/All/", and according to uname(1), -p gives the processor architecture and -r gives the operating system [kernel] release. Source: over 1 year ago

It seems like pkgsrc.org hasn’t got the news yet. Source: over 1 year ago

I still have a Slackware install that runs some really old stuff I have. I remember working at AN ISP in the 90s and slack was are secure distro. All the important stuff (authentication, configs, etc.) were stored and served from our 'slack pool'. Funny part is now I do a very basic Slackware install that setup pkgsrc (https://pkgsrc.org) on it so I can really experience the best and worst of times! - Source: Hacker News / over 2 years ago

Today the second article on cross-platform package management has been published. It features a short description of what Pkgsrc and Ravenports are and a longer part on how they compare. The test environment and procedure is covered and of course the results are presented. At the end a conclusion is drawn. Source: over 2 years ago