-
Notifications
You must be signed in to change notification settings - Fork 128
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nc: bad port spec 'local:/...' #143
Comments
Unfortunately, we try to keep our enabled options pretty minimal and stick to the BusyBox upstream defaults (since they don't have anything else that resembles "official recommendations" for options to enable/disable in a generic install, and we don't really want to be the arbiters of which configuration options "make the cut" so to speak 😅). Any idea why they don't enable this by default? Does it change the size, complexity, or attack surface significantly or something? |
I understand why we should stick to upstream defaults for everything we can. That is, except for the specific things that the official Docker image should probably include. There are a few other features that this build turns on that upstream does not. I believe that this feature qualifies. I think it hasn't been turned on yet just because no one has thought about turning it on. In this case, I believe that allowing I checked out the lastest from the dist-amd64 branch. Moved over the upstream binary. Built it vanilla.
Then I added
After that, these are the differences in busybox xz size. (Interestingly, my binary was smaller than the upstream, which is why I did a vanilla build first for a control).
So, according to this test, it is only 28 more (compressed) bytes to turn this on. That's just a margin of error to me. Inside the container, the busybox binary ended up being the same size. My test image I just built: 1157408
Official Image: 1157408
Since the binary is the same size, there's no reason not to turn this on in my opinion. I can submit a pull request if that's what's needed to get a change on the horizon. |
This is the part that causes me pause -- "should" according to whom? 😇 More concretely, how do we make this an objective determination so that we don't next week get a request for |
It is according to me. I wrote that. I created this ticket. It is according to my lived experience. I used that word you quote, though I also qualified "should" with "probably," which means presumption. I have used many uncertain words in my earlier suggestions on purpose because I am not an authority on what this project should actually decide to do. It is obvious that I have no authority here. I, as an end-user, submitted this ticket about my real-world experience trying to use the Busybox image in practice and then discovering that I cannot, because it does not have one of the most basic Unix features that I need in a Docker image. Busybox is a monolith binary that does not allow ex-post-facto augmentation, so this change must be done in the official image. It is that, or I have to make my own image from scratch. I genuinely believed that other people out there could use this feature, so I posted this ticket. That is all this is.
How to make an objective determination is up to this project's leaders to decide, not me. I am a mere user who noticed this lack and discrepancy and submitted a ticket. If the leaders of this project cannot decide, then I've got nothing. I am not here to argue about what this project should or shouldn't do. I am only here to make an honest feature suggestion from personal experience to any leaders of this project to accept or reject in their next meeting. In my opinion, this Docker image needs this flag because I definitely need it to implement socket dependencies within Busybox's If there are any Busybox features that "should probably" be turned on that cause no cost at all, then, seriously, why not turn them on? Especially for a Docker image that is supposed to serve everyone in the world and cannot be augmented (with a package manager)? Why fear a tiny change that helps this project solve a decade-old problem at no cost? How many other requests to turn on Busybox compile flags like this does this docker-library project have in the backlog? I don't see any open issues listed. So, this is just a cordial and respectful suggestion. This is not a dispute. I already changed my container solution to use the Alpine image instead, so I have no investment here anymore, anyway. But I will gladly come back to the Busybox image if you guys reconsider. |
I want to have an init script in my tiny Busybox container check to make sure a socket like
/dev/log
both exists and that there is something listening to it before I start any processes that depend on Syslog inside the container or use thelogger
command. The problem is, it the official Busybox images don't seem to have any command-line tool that can check the availability of a local Unix socket.This problem was solved over a decade ago in this old thread:
http://lists.busybox.net/pipermail/busybox/2009-April/069068.html
The problem is that the official busybox image doesn't seem to turn this feature on, even though this may be something that could be needed for some kinds of container logistics. I believe this feature is required for containers that want to run Busybox's
syslogd
in from something that doesn't guarantee startup order, likeinit
.I can understand if this adds too much bloat, because Busybox image is so pleasantly small. But please consider turning on
FEATURE_UNIX_LOCAL=y
in the official Busybox image to allow a container to check a local Unix socket like/dev/log
using thenc
built-in.For what it's worth, the official Alpine image does turn this feature on. My beef is that at this point I don't need any of the extras that Alpine has except for this, so I could be using a 1.35MB Busybox image instead of a 8.24MB Alpine image (because I have to add
busybox-extras
to Alpine).The text was updated successfully, but these errors were encountered: