Each directive in your Dockerfile adds another layer to the image. So anything you do -- removing files, stripping binaries, etc -- is only going to increase the size of the image. It looks like you're trying to overcome this issue by using a multi-stage build, but that's not doing you any good: those two COPY directives are introducing effectively the same changes introduced by the find command in the previous stage. The way to solve this is by discarding the old layers, generally by creating a new image that reflects the state of the top layer only. This is called "squashing" the image, and there are various ways of doing this. Here's one mechanism that works. For this example, I'm using this Dockerfile (based on your linked example) to build squashtest:base: FROM docker.io/parrotsec/core:base-lts-amd64 RUN export DEBIAN_FRONTEND=noninteractive && apt-get -q -y update --no-allow-insecure-repositories && apt-get -y upgrade --with-new-pkgs && apt-get -y install --no-install-recommends aria2=1.35.0-3 apparmor=2.13.6-10 apparmor-utils=2.13.6-10 auditd=1:3.0-2 curl debsums=3.0.2 gawk=1:5.1.0-1 git iprange=1.0.4+ds-2 jq=1.6-2.1 libdata-validate-domain-perl=0.10-1.1 libdata-validate-ip-perl=0.30-1 libnet-idn-encode-perl=2.500-1+b2 libnet-libidn-perl=0.12.ds-3+b3 libregexp-common-perl=2017060201-1 libtext-trim-perl=1.04-1 libtry-tiny-perl=0.30-1 localepurge=0.7.3.10 locales miller=5.10.0-1 moreutils=0.65-1 p7zip-full=16.02+dfsg-8 pandoc=2.9.2.1-1+b1 preload=0.6.4-5+b1 python3-pip=20.3.4-4+deb11u1 rkhunter=1.4.6-9 symlinks=1.4-4 && apt-get install -y --no-install-recommends --reinstall ca-certificates=* && apt-get -y autoremove && apt-get -y clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && rm -f /var/cache/ldconfig/aux-cache && find -P -O3 /var/log -depth -type f -print0 | xargs -0 truncate -s 0 && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 && localepurge && symlinks -rd / && apt-get -y purge --auto-remove localepurge symlinks && find -P -O3 /etc/ /usr/ -type d -empty -delete Build the base image. docker build -t squashtest:base -f Dockerfile.base . This produces the following: $ docker image ls squashtest:base REPOSITORY TAG IMAGE ID CREATED SIZE squashtest base 58dff2c40a28 About an hour ago 786MB Build a new image squashtest:stripped with stripped binaries using this Dockerfile: FROM squashtest:base RUN find -P -O3 /usr/bin/ /usr/local/bin -type f -not -name strip -and -not -name dbus-daemon -execdir strip -v --strip-unneeded '{}' ; || : Which produces: $ docker image ls squashtest:stripped REPOSITORY TAG IMAGE ID CREATED SIZE squashtest stripped 42aa25ebc0c7 About an hour ago 997MB At this point, the image consists of the following layers: $ docker image inspect squashtest:stripped | jq '.[0].RootFS' { "Type": "layers", "Layers": [ "sha256:7e203d602b1c20e9cf0b06b3dd3383eb36bc2b25f6e8064d9c81326dfdc67143", "sha256:1fc5866a0b6b7a23a246acfd46b4c513b4a188d2db2d8a26191989a4a18c74d3", "sha256:cc3a9d1a7f9222eee31b688d887c79745e20389ecfe0fe208349c73cfd172b4a" ] } We can collapse these into a single layer like this: docker run --rm squashtest:stripped \ tar -C / -cf- --exclude=./dev --exclude=./sys \ --exclude=./proc . | docker import - squashtest:imported This produces: $ docker image ls squashtest:imported REPOSITORY TAG IMAGE ID CREATED SIZE squashtest imported 6f036f16d477 46 seconds ago 626MB We've saved 160MB off the base image. There are other ways to squash a Docker image; there are a number of tools on GitHub ( https://github.com/goldmann/docker-squash , https://github.com/jwilder/docker-squash , https://github.com/qwertycody/Bash_Docker_Squash ) that accomplish something similar. docker build https://docs.docker.com/engine/reference/commandline/build/ if you enable experimental features, but that doesn't appear to accomplish much when I try it. I would argue that for the 160MB we've managed to save here the effort isn't worth it. Unless you're running Docker in an extremely constrained environment, that's going to be nothing but a drop in the bucket (for reference, that's about the size of /bin/ls). In fact, the strip operation in your Dockerfile is mostly pointless: distributions generally strip binaries by default; you can verify this by running file on all the binaries in /usr/bin and /bin on docker.io/parrotsec/core:base-lts-amd64: $ docker run -it --rm docker.io/parrotsec/core:base-lts-amd64 bash # apt -y install file # file /bin/* /usr/bin/* | grep ELF | grep -v stripped That last command returns zero results: all the binaries have been stripped.

Using the following guide, I'm able to use docker on Windows without Docker Desktop. It may not be exactly true to my original question but meets my use case. https://dev.to/bowmanjd/install-docker-on-windows-wsl-without-docker-desktop-34m9 Summarising the guide (in case it disappears from the internet): Install WSL and check it's version 2: https://docs.microsoft.com/en-us/windows/wsl/install-win10#step-2---update-to-wsl-2 Install a Linux distribution: https://aka.ms/wslstore (I went with Ubuntu) Add a non-root user (optional) Upgrade any packages to the latest (e.g. on Ubuntu use sudo apt update && sudo apt upgrade Install docker engine to your Linux distro: https://docs.docker.com/engine/install/ (Ubuntu) Switch over to using iptables sudo update-alternatives --config iptables (Ubuntu) Add your user to the docker group sudo usermod -aG docker $USER Start the docker daemon sudo service docker start Run the hello-world container: docker run --rm hello-world I won't accept my own answer for now, in the hope that someone finds a better way

Quick answer: Changing sudo reboot to sudo shutdown -r +m5 or what ever time delay needed, would prevent the pipeline from failing. It forks the reboot process to the system and lets the Jenkins agent finish this pipeline cleanly. Longer (preventing potential conflicts answer): Depending on how the system is configured, it should prevent new logins to the server while the reboot is scheduled. If the agents are configured to launch via ssh, and configured to be brought offline if not in use, Provided the agent times out, Jenkins should be unable to start a new pipeline on that agent until the reboot completes. From the man page for shutdown (on one of my servers) If the time argument is used, 5 minutes before the system goes down the /run/nologin file is created to ensure that further logins shall not be allowed.

This is because ubuntu16 is no longer supported by Nvidia They have shut this repo down visiting the error page shows they have marked it as unsupported https://nvidia.github.io/libnvidia-container/ubuntu16.04/x86_64 check out the below for supported versions https://nvidia.github.io/libnvidia-container/

I'm not an docker expert, just responding from my experience and limited knowledge. It's expected, yes. That's a matter of opinion. I'd say no, but that's very subjective. Yes. https://docs.docker.com/storage/storagedriver/device-mapper-driver/

The default can be changed under Steam settings > Steam Play. You may need to enable Developer mode to show this. This can be found in Steam settings > System. If you select either Stable or Experimental, it will automatically upgrade to include the fixes in Version 7 for this particular title. Note that: If you're running Steam itself under proton or WINE , the option will not be visible (as Steam believes it's running on a Windows machine).

Two Point Hospital needs at least https://www.protondb.com/app/535930 as of writing to work. You can set the Proton version in the Steam compatibility settings page

Welcome to the arqade! While I don't know how TMNF installs on Linux, I can give you some hints as to how to find the location. I wanted to post this as a comment at first for that reason, but it would have been hard to read. Idea 1 On Windows, downloaded maps for TMNF are put in this dir: C:\Users\\Documents\TmForever\Tracks\Challenges\Downloaded By that logic, you could look if ~/Documents/TmForever/... exists. Idea 2 Create a map using the map editor and save it. It needn't be any good, it just has to have a name. Then, search for it using something like find ~/ -name ".Challenge.Gbx" You might have to fiddle with capitalisation; if all fails, start the search at / and search for * Created maps are stored near the place you'd put your downloaded maps, i.e. .../TmForever/Tracks/Challenges/ My Challenges/.Challenge.Gbx Downloaded/ HTH

if you bind right-key to 'V', then Minecraft will see all right-clicks as the letter V (unless you also bind 'V' to right-click, in which case it will only get right-click input if you press 'V'). If you then bind 'V' to "place block", then you will both place blocks and shield with right-click (which Minecraft thinks is 'V'). There is no way to use a different key for shield and place block, since Minecraft can only bind them to the same key. Changing "place block" also changes the key you shield with, unless you get a mod (in theory; in practice I don't know of any mod that does this, but that would be the only way).

You might want to check out symbolic links. I use them to keep my saves linked between my linux and windows partitions. Basically, you make the .minecraft folder on your system's drive link to the .minecraft folder on your USB drive. ln -s /your/usb/drive/.minecraft /your/hard/drive/.minecraft To force overwrite the destination folder, use -sf instead of -s I don't know if there's actually a way to change the minecraft installation directory, but this should provide a good workaround.

Version 7.1 works best. Lutris Version 7.1 works better than 7.2. It is stable and it does not have the black quad bug, so you can finish your missions. It is the best version, I could play without any problems. Edit: Version 7.1 and 7.2 crashes instant action (skirmish mode). It won't open the menu to select the skirmish map. Sometimes you get a black screen after the mission finished and you can't click okay. Just start the game with an older lutris version, watch the end mission cinematics (or just cheat) and click on okay. Happens rarely, but it happened one or two times.

The idea behind services like this is "crowd sourcing". People can share something others can use, and any users are expected to trust what they use. Well-organized crowd-sourced services tend to https://github.com/flathub/flathub/wiki/App-Submission though they usually have https://github.com/flathub/flathub/wiki/App-Requirements about what can be submitted. And there's usually volunteer community policing of the content that's done by both regular users and those who are moderators or admins. https://flathub.org/apps/details/com.gitlab.davem.ClamTk (and likely others) can at least https://unix.stackexchange.com/q/674565/310780 . https://www.reddit.com/r/Fedora/comments/ljbqdm/is_flatpak_secure/gnfq6v9?context=3 (edited for clarity, length): By default system folders are not accessible by the container that runs the flatpak app. You can customize permissions if you don't trust the maintainer ( https://flathub.org/apps/details/com.github.tchx84.Flatseal for this). For instance, I create a strict policy (no network, only has access to a specific directory, etc). The other question this brings up is what is safer: An "official" package that has full access to your system, or an "unknown" package that lives by default in a container? In the end it's up to each user to avoid, "trust but verify", or lock apps into their own little world and consider it "safe enough" if you can't verify whether they're trustworthy. There are communities like https://discourse.flathub.org/ and https://www.reddit.com/r/flatpak which would be good for discussing specific apps, and the Steam Deck communities could also be good as it concerns them in particular and there's going to be plenty of knowledgeable users with them who will be glad to help.

AMD is notorious for its problematic Linux drivers. It really supports Linux poorly. If you want to play on Linux you really need a Intel system. At the very least you are stuck on your current version of Ubuntu. If you upgrade you have the very real possibility that the new update will have no drivers for the chipset.

Donkey Me seems to be broken on both Windows and Linux in my testing, so to answer your question - No, it does not seem that you can get it working.

https://android.stackexchange.com/questions/246835/vlc-for-android-no-connection-to-local-network#comment330747_246835 clued me into the fact that the phone itself had somehow gotten into a mode whereby the main WiFI icon that is displayed on the phone did not reflect the connection status as it should have IMO. No indication about which WiFI it was connected to was available, until which time that I long-pressed onto that icon, and saw that it listed WiFI networks, but was not connected. Once I connected to my WiFI network, I was able to then see the SMB shares in the VLC app. See annotated screenshot below:

While this doesn't explain why jmtpfs is having trouble or how to fix them, let's for a moment assume that's an https://meta.stackoverflow.com/q/66377/192154 and tackle the real one: How can you properly mount your phone so it is accessible in the Linux file system? As you state that adb pull and adb push are working fine, the first option coming to mind is using https://github.com/spion/adbfs-rootless – which is what I do successfully for about 10 years now and am quite happy with. adbfs sits on top of ADB and utilizes ADB pull/push for file transfers plus other ADB commands (e.g. adb shell ls) for other background information. It works reliably and stable, is transparent to the entire system (so you can access the device from the command line as well as from GUI applications), plus transfers are much faster than via MTP. For setup etc. please refer to my answers /a/89525/16575 , /a/58783/16575 and /a/53278/16575 . An advanced setup for multiple devices connected at the same time plus integration with Midnight Commander you can find in /a/216230/16575 .

This is an answer to the Title (problem X), not the Body (problem Y), of the question. You might consider installing https://arachnoid.com/android/SSHelper/ on your device. This allows the usual scp and rsync commands to work, as well as providing a handy ssh console session. It also allows you to do it all via wi-fi, without the physical USB connection. See https://askubuntu.com/questions/343502/how-to-rsync-to-android .

This issue was caused by my firewall and due to complexity between multiple user profiles. I was able to fix all issues by entirely disabling the firewall setup by the afwall app. However, as a slightly better option, I was able to fix this issue as follows: As the 'Owner' profile, enable Airplane mode. Make sure WiFi and Mobile Data are off if you want to use the phone's own internal DHCP server. Then enable Hotspot In the user's account where afwall is configured, check the box to give "wifi" access to the row named (any app) - Same as selecting all apps - !! WARNING !! Note: I did try to isolate the wifi permissions to a single app, but I found that if every app's "wifi" setting was enabled (except the entry for (any app) of course), then it wouldn't work. But if the "wifi" setting was enabled for the (any app) row, then it worked. So it appears that there is, in fact, a distinction between selecting all apps or selecting the (any app) entry. My guess is this distinction is most relevant when using multiple user profiles. On another handset, I was able to resolve this issue and get an IP address when only enabling the "wifi" permission for the (root) - Apps running as root entry (as opposed to the (any app) entry). YMMV device-to-device, version-to-version, ROM-to-ROM.

You don't need to use any fancy ACLs or attributes for this. Just make the file writable and the directory that it's in read-only. This works because deleting a file only checks for write permission on the parent directory, and completely ignores permissions on the file itself.

You can use Servers Ultimate (com.icecoldapps.serversultimate) from Ice Cold Apps to ran VPN Server on your Android device. But it has limitations: VNC Server: doesn’t work on most devices. ARM based: Caddy, VPN, Port forward, MySQL monitor, Nginx, Traceroute Root needed: Port forwarder, VNC, VPN, SMB Native Permission SMS: start/stop rules Permission coarse location: wifi selector tool