-
-
Save marvell/7c812736565928e602c4 to your computer and use it in GitHub Desktop.
| apt-get clean autoclean | |
| apt-get autoremove --yes | |
| rm -rf /var/lib/{apt,dpkg,cache,log}/ |
If you remove the apt lists and make apt unusable, you might as well remove apt entirely RUN apt remove apt --autoremove -y --allow-remove-essential to save 10Mb
Hi guys, simple question: what's the meaning of && rm -rf /var/lib/apt/lists/* given by the docker doc, and should I do it in my Dockerfile?
Anyone who is coming to this gist to remove apt-cache in their docker images; I recommend you to install dive tool and check which directories consume more space in your image. For me; /var/lib folder itself was 53MB, where I could have saved a bunch of MBs on other directories.
A tool for exploring each layer in a docker image
https://github.com/wagoodman/dive
A tool for exploring each layer in a docker image https://github.com/wagoodman/dive
@leiless Thanks for introducing that. really nice.
Hi guys, simple question: what's the meaning of
&& rm -rf /var/lib/apt/lists/*given by the docker doc, and should I do it in my Dockerfile?
@ZYinMD ubuntu:22.04 image had it empty and it increased even if I did apt-get clean. removing it would not harm anything.
Uh?
If you have an SSH server on your container, remove your SSH server ASAP. It is not needed to enter inside. That is a FAQ.
If an un-trusted user is able to enter in your container as root, your container is TOTALLY COMPROMISED. NUKE IT ASAP.
Destabilizing APT to make an "un-trusted root user" more hampered, so that they cannot use "APT", is really a nonsense, since I do not know even one kracker that uses "APT" to download "malicious software". A malicious software is directly executed in other low-level ways, like opening a TCP tunnel to a resource, and piping the response to a shell. Trust me, a cracker will not run "apt install supertuxkart" or similar.