https://en.wikipedia.org/wiki/1989_Tiananmen_Square_protests_and_massacre

It uses a security feature of Linux called cgroups or control groups to limit access to resources at a kernel level.

It’s used all over the place, including as the basis of Docker.

https://en.wikipedia.org/wiki/Cgroups

There’s a common but persistent misconception that Docker is like running a virtual machine. This is understandable but incorrect.

A better way to think of it is as a security wrapper around an untrusted process.

If you look at your running processes whilst a container is running, you’ll see the processes inside the container running on your “host” machine - remember, it’s not a host - guest situation.

There is no relationship between the user inside the container, unless you start mapping the UID and GID.

The only exception to this is the root user which shares the UID/GID with the actual root user.

See: https://www.howtogeek.com/devops/why-processes-in-docker-containers-shouldnt-run-as-root/

Edit: I suspect, but don’t know for sure, that the root user inside the container is actually the same user as the one running the Docker process, which is typically the root user on the “host”.

1. The Docker container should change the user to an internal one (created by the build stage) and the process should run as that user.
2. The uid and gid can be specified at runtime.

See: https://www.docker.com/blog/understanding-the-docker-user-instruction/

It’s likely not about tennis, unless the CEO is a dick, it’s about an excuse to meet you and evaluate how you are as a human being.

Unless there’s a specific dress code requirement, I’d arrive in comfortable clothes, smart casual, clean and with a smile on my face.

When you’re asked about your lack of racket I’d point out that not only have you never played, you didn’t think it would be prudent to spend money on gear you know nothing about.

Remember, this is about people, not about hitting a tennis ball.

Stayin’ Alive - Bee Gees

… and this is why we use YYYY-MM-DD as the date format.

I think all public funds that generate data and/or software needs to be public.

The notion that maintenance is an issue is a red herring. Proprietary software purchased by government requires ongoing support contracts right until the vendor discontinues the product and leaves the public funds to prop up another billionaire.

Open source would also stimulate the economy since businesses could benefit from the project and use or apply it to their use, something which currently requires more investment with the same vendor.

The open-source alternative to Mailchimp, Brevo, Mailjet, Listmonk, Mailerlite, and Klaviyo, Loop.so, etc.

That’s the first paragraph of the project page.

Not to rain on the parade, but in my experience, having had to email customers in bulk … sending tickets and logistics requirements for large events … I can tell you that self hosting this is a complete and utter waste of time.

You’ll get blocked before the first batch of emails leave your mailer.

Not even paid MailChimp or Campaign Monitor could guarantee delivery.

The problem is not the platform for sending email, it’s the centralised nature of email hosting, much of it is behind Google and Microsoft hosted services.

Excellent idea … one question … what are you going to do while these people are still alive in order to actually … be able to celebrate the dedication … with your sanity in tact … so you know that it’s actually worth celebrating?

… takes one to know one 😇

It is pitch black. You are likely to be eaten by a grue.

This whole thing was already played out on the TV series “The West Wing”, and I’m fairly sure that Aaron Sorkin got it from somewhere else.

https://www.tv-quotes.com/shows/the-west-wing/quote_13962.html

Edit: It appears that the original author is Kent Ashcraft:

Source: https://www-users.york.ac.uk/~ss44/joke/laura.htm#author

This cat is reminding you that every time you smoke a kitten dies.

Catch up on sleep.

I have asked for sources when a post makes an extraordinary claim. It’s rare that I get anything meaningful as a response, but often I learn something or both of us do.

Docker is not virtualisation, although it’s a common misconception.

A better way to think of it is a security wrapper around untrusted processes.

You can prove this for yourself by looking at all the processes running in a Docker host while one or more containers are running, you’ll see all the processes listed.

In other words, you don’t need a CPU capable of virtualisation to run Docker.

Who can see?

My observation was based on personal experience after noticing that an account blocked me.

As a point of reference, on Bluesky, it appears that if you’re blocked, you cannot see the account that blocked you. Essentially they just disappeared. They’ve not visible in search either.

So, unless you create another account, they ceased to exist.

Just to be clear, as far as I can tell, this invisibility is mutual as soon as one account blocks the other.