So that the 'algorithmic' model of manipulation and exploitation, looses it's capacity to profile you, psychological manipulate you (sometimes called targeted persuasion or micro‑targeted manipulation) into compliance of their own means and ends.
January 25, 2026 at 7:38 PM
So that the 'algorithmic' model of manipulation and exploitation, looses it's capacity to profile you, psychological manipulate you (sometimes called targeted persuasion or micro‑targeted manipulation) into compliance of their own means and ends.
That is to say, give control back to the individual, to provide a consent model, and allow them to manage their digital data, and the 5W1H of it's usage, as a matter of being a human right.
January 25, 2026 at 7:38 PM
That is to say, give control back to the individual, to provide a consent model, and allow them to manage their digital data, and the 5W1H of it's usage, as a matter of being a human right.
I think you can tackle this issue by extending the protections of the 4A, "secure in your person" to encompass your digital self, and the meta data around it; and in those aims to further legislation that greatly tampers, if not extinguishes, Surveillance Capitalism.
January 25, 2026 at 7:38 PM
I think you can tackle this issue by extending the protections of the 4A, "secure in your person" to encompass your digital self, and the meta data around it; and in those aims to further legislation that greatly tampers, if not extinguishes, Surveillance Capitalism.
OR that you're treading on slippery slopes, infringe on 1A rights: Freedom of association.
January 25, 2026 at 7:38 PM
OR that you're treading on slippery slopes, infringe on 1A rights: Freedom of association.
How could someone effectively use this kind of information? I’m thinking something like a filter list for uBO, pi-hole, or …
December 15, 2025 at 10:05 PM
How could someone effectively use this kind of information? I’m thinking something like a filter list for uBO, pi-hole, or …
I suppose I should of linked the fix, for applehv at least.
Fix relabeling failures with Z/z volumes on Mac by n1hility · Pull Request #22290 · containers/podman
Fixes #19852
Non-Linux systems, such as BSD derived kernels, constrain selinux xatter updates according to file permissions. This is in contrast to Linux selinux attr writes, which are governed by ...
github.com
December 3, 2025 at 4:47 PM
I suppose I should of linked the fix, for applehv at least.
I noticed that -v $(pwd):/VOLUME/:z, you didn't designate the :z or :Z, which has to do with SELinux labels, and being able to 'share' that resource between the containers. Thinking: I wasn't sure how macOS would actually handle that xattr; as it diffs from VM frameworks
github.com/containers/p...
github.com/containers/p...
podman compose it not working on some projects on macOS · Issue #19852 · containers/podman
Issue Description I tried to run https://github.com/change-metrics/monocle#installation using podman compose but I'm not able to make it work issue is around volumes There is a :z flag preventing t...
github.com
December 3, 2025 at 4:36 PM
I noticed that -v $(pwd):/VOLUME/:z, you didn't designate the :z or :Z, which has to do with SELinux labels, and being able to 'share' that resource between the containers. Thinking: I wasn't sure how macOS would actually handle that xattr; as it diffs from VM frameworks
github.com/containers/p...
github.com/containers/p...
I'm also currently trying to unpack this muck as it relates to the resource of networking (tailscale implementation) across this same 3 layer relationship.
November 27, 2025 at 7:47 PM
I'm also currently trying to unpack this muck as it relates to the resource of networking (tailscale implementation) across this same 3 layer relationship.
I don't have a good resource; it seems to be an issue or working with 'bleeding edge', and a lot of constantly moving parts, overcoming/adapting to new abstractions of usage, and previous limitations.
November 27, 2025 at 7:47 PM
I don't have a good resource; it seems to be an issue or working with 'bleeding edge', and a lot of constantly moving parts, overcoming/adapting to new abstractions of usage, and previous limitations.
The context here is mapping a shared resource ie volumes/files & their permissions from MacOS <-> podman-machine <-> Container. You're traversing a 3 layer relationship, not just a two layer 'container user/group', and 'host user/group' relationship in this context.
November 27, 2025 at 7:29 PM
The context here is mapping a shared resource ie volumes/files & their permissions from MacOS <-> podman-machine <-> Container. You're traversing a 3 layer relationship, not just a two layer 'container user/group', and 'host user/group' relationship in this context.
2) Use one "podman-machine" but change the MacOS volume you mount to also be where you are doing, 'pwd'/'work' ie organization through your volume/file structure.
PRO: Simplicity to manage.
PRO: Simplicity to manage.
November 27, 2025 at 6:25 PM
2) Use one "podman-machine" but change the MacOS volume you mount to also be where you are doing, 'pwd'/'work' ie organization through your volume/file structure.
PRO: Simplicity to manage.
PRO: Simplicity to manage.
1a) How you describe: Create multiple podman-machine
1b) set podman-system-connection to the different 'podman-machine' name.
PROS: +compartmentalize your projects, additionally control this dev environment to match actual/prod project env (ie x86 container-host use cases)
NEG: +complexity to manage
1b) set podman-system-connection to the different 'podman-machine' name.
PROS: +compartmentalize your projects, additionally control this dev environment to match actual/prod project env (ie x86 container-host use cases)
NEG: +complexity to manage
November 27, 2025 at 6:25 PM
1a) How you describe: Create multiple podman-machine
1b) set podman-system-connection to the different 'podman-machine' name.
PROS: +compartmentalize your projects, additionally control this dev environment to match actual/prod project env (ie x86 container-host use cases)
NEG: +complexity to manage
1b) set podman-system-connection to the different 'podman-machine' name.
PROS: +compartmentalize your projects, additionally control this dev environment to match actual/prod project env (ie x86 container-host use cases)
NEG: +complexity to manage
I want to be clear that we're trying to address the limitations of this being within MacOS; You cannot dynamically mount arbitrary macOS directories after a podman-machine is created in this environment. How do you want to address this limitation?
November 27, 2025 at 6:25 PM
I want to be clear that we're trying to address the limitations of this being within MacOS; You cannot dynamically mount arbitrary macOS directories after a podman-machine is created in this environment. How do you want to address this limitation?
technically speaking, docker has to do something very similar; create a default VM to run containers within, on MacOS and Windows. This paradigm was similar on say Proxmox, and you typically rolled out your own VM to run docker/podman containers, as proxmox (until recently) only supported LXC native
November 27, 2025 at 3:12 PM
technically speaking, docker has to do something very similar; create a default VM to run containers within, on MacOS and Windows. This paradigm was similar on say Proxmox, and you typically rolled out your own VM to run docker/podman containers, as proxmox (until recently) only supported LXC native
I’m not sure if you’re following. MacOS and Win need an environment to run containers locally. A single ‘podman-machine’ VM is created , and only one can be used at a time for this task. ie your ‘podman run’ commands are actually being executed on this VM, It’s suppose to act kind of invisible.
November 27, 2025 at 3:04 PM
I’m not sure if you’re following. MacOS and Win need an environment to run containers locally. A single ‘podman-machine’ VM is created , and only one can be used at a time for this task. ie your ‘podman run’ commands are actually being executed on this VM, It’s suppose to act kind of invisible.
You might have to look into how you deployed podman-machine, for usage on MacOS. Examples found here: xphyr.net/post/podman_...
Using Podman on Mac OSX
Using Podman as a replacement for Docker Desktop on Mac OSX
xphyr.net
November 26, 2025 at 7:22 PM
You might have to look into how you deployed podman-machine, for usage on MacOS. Examples found here: xphyr.net/post/podman_...
I'd would then like to then use Tailscale SSH to remote manage the podman-machine. I would then sidecar tailscale onto my containers for their individual usages and portability, instead of trying to manage them individually through tailscale serve.
November 26, 2025 at 7:11 PM
I'd would then like to then use Tailscale SSH to remote manage the podman-machine. I would then sidecar tailscale onto my containers for their individual usages and portability, instead of trying to manage them individually through tailscale serve.
I doubt I have the follower base to get any of these things answered; but here's to trying :D Thank You!
November 26, 2025 at 7:02 PM
I doubt I have the follower base to get any of these things answered; but here's to trying :D Thank You!
RTFM, I have read that there are restrictions on what can be used for podman-machine, but I'm struggling to find actual details. It would seem to me that it would be easier to just use something like ublue-os/ucore-minimal; but I don't know if there is anything special about default podman-machine?
November 26, 2025 at 7:02 PM
RTFM, I have read that there are restrictions on what can be used for podman-machine, but I'm struggling to find actual details. It would seem to me that it would be easier to just use something like ublue-os/ucore-minimal; but I don't know if there is anything special about default podman-machine?
I am aware that I will likely need to change my podman-machine to x86_64 since most containerized resources don't support/have aarch64. Am I missing any other nuance here?
November 26, 2025 at 7:02 PM
I am aware that I will likely need to change my podman-machine to x86_64 since most containerized resources don't support/have aarch64. Am I missing any other nuance here?
Podman usage in MacOS requires that you create podman-machine (ie lightweight CoreOS VM, atomic/immutable).
Am I wrong to think that in order to remote manage this setup, I would need to 1) enable podman.socket on this VM, and 2) install Tailscale as a rpm-ostree layer or as a container/Quadlet? HOW
Am I wrong to think that in order to remote manage this setup, I would need to 1) enable podman.socket on this VM, and 2) install Tailscale as a rpm-ostree layer or as a container/Quadlet? HOW
November 26, 2025 at 7:02 PM
Podman usage in MacOS requires that you create podman-machine (ie lightweight CoreOS VM, atomic/immutable).
Am I wrong to think that in order to remote manage this setup, I would need to 1) enable podman.socket on this VM, and 2) install Tailscale as a rpm-ostree layer or as a container/Quadlet? HOW
Am I wrong to think that in order to remote manage this setup, I would need to 1) enable podman.socket on this VM, and 2) install Tailscale as a rpm-ostree layer or as a container/Quadlet? HOW