51
toolbox vs distrobox. Which one to use?
(lemmy.ml)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
Can I ask why you choose to use one of those weird "immutable" distributions in the first place, out of curiosity ?
Not OP. But for me, atomic updates, reproducibility, (to some degree) declarative system configuration, increased security, built-in rollback functionality and their consequences; rock solid system even with relatively up to date packages, possibility to enable automatic updates in background without fearing breakage, (quasi) factory reset feature, setting up a new system in just a fraction of the time required otherwise are the primary reasons why I absolutely adore atomic^[1]^ distros.
I disagree with most of the benefits you list (chief among them "increased security") - not to mention half of them are already supported by traditional package managers - but I was genuinely curious so thanks for the rationale.
I'm curious to hear your objections.
Do you deny that specific protection to some attacks is provided through the chosen model of 'immutability' on at least one of the atomic distros?
Hmm...,:
It has been my pleasure ☺️! I'm also genuinely curious to read your reply to this comment😉.
I really wanted to avoid a debate (doubly so in a thread where some dude just wanted some help), which is why I'm trying not to engage the various answers I got; though just one thing since I apparently can't help myself: Qubes, which you cite, is indeed an example of such improved security done correctly, through an hypervisor and a solid implementation; not cgroups, some duct-tape and the same kernel, and thinking your security has improved. Thanks again, at any rate.
Understandable! Please consider coming back to this at some point (also possible in private) as I'm genuinely curious to hear from you.
There are may layers of security that every companies have different approach based by their users / their target customers.