What's the proper way to install every-day CLI tools on immutable distributions like Fedora Bluefin? (lemmy.world)

submitted 2 days ago by versionc@lemmy.world to c/linux@lemmy.ml

44 comments fedilink hide all child comments

I've read that containers are preferred for development, but they aren't persistent and it doesn't seem like files such as /etc/fstab can be accessed through them when running distrobox (I enjoy editing such files using vim).

It's also a bit annoying having to enter a specific container to run something like btop.

Are you supposed to layer them with rpm-ostree?

all 45 comments

sorted by: hot top controversial new old

[-] gnuplusmatt@reddthat.com 1 points 12 hours ago

I built a systemd-sysext with nmap, screen, iperf etc based on https://github.com/fedora-sysexts/fedora

[-] jaxxed@lemmy.world 1 points 1 day ago

I should add rhat it is very easy to extend the immutable os usong a short dockerfile, if your tooling is so important that you want it in the immutable layers.

[-] jaxxed@lemmy.world 1 points 1 day ago

Distrobox or toolbx are the canonical dev environment approach (persistant containers) but bluefin also comes with linuxbrew for host level tooling. I actually use mise (mise en place) instead.

[-] relaymoth@sh.itjust.works 7 points 1 day ago

Use homebrew for Linux.

[-] PowerCrazy@lemmy.ml 1 points 1 day ago

Isn't the purpose of an immutable OS supposed to be for things like specific services that generally aren't supposed to be logged into? For example a web-proxy, or log-forwarder or maybe some kind of LB front-end?

I didn't think "daily driving" an immutable OS as a user who needs to invoke a shell was its purpose.

[-] aBundleOfFerrets@sh.itjust.works 23 points 2 days ago

Distrobox is pretty shrimple

[-] umbrella@lemmy.ml 3 points 1 day ago* (last edited 1 day ago)

🍤

[-] nutcase2690@lemmy.dbzer0.com 12 points 2 days ago

Yup. I use brew if there is a package already, otherwise you can install in distrobox and use distrobox-export to make an alias easily in your host system

[-] PanArab@lemmy.ml 5 points 2 days ago* (last edited 2 days ago)

Install them in your $HOME

For example $HOME/MY_CLI_TOOLS

Add it to your $PATH

[-] d_k_bo@feddit.org 4 points 1 day ago

~/.local/bin

[-] j0rge@lemmy.ml 14 points 2 days ago

brew install btop vim

https://docs.projectbluefin.io/command-line/#installing-applications

[-] Wfh@lemmy.zip 16 points 2 days ago

I think you're supposed to use brew on uBlue.

[-] LiveLM@lemmy.zip 3 points 2 days ago

Wow, I always thought it was MacOS only, how interesting!

[-] besmtt@lemmy.world 1 points 2 days ago

I've done this, like with gping. It's great.

[-] ms_lane@lemmy.world -2 points 2 days ago* (last edited 2 days ago)

ie. "The Gnome Way"* exported to the OS as a whole.

* Strip all features but allow them back as plugins that aren't supported or secured.

[-] Wfh@lemmy.zip 8 points 2 days ago

I don't think you understand the point of an immutable distro.

[-] curbstickle@anarchist.nexus 14 points 2 days ago* (last edited 2 days ago)

Full caveat - not personally into immutable, 90% of the time I'm in Debian or a derivative. 9% arch or derivative. 1% work requirements made me have to use something else.

So I'm less making a rec on method and more commenting on this:

I've read that containers are preferred for development, but they aren't persistent

They absolutely can be, thats the point of mounting volumes. I don't want to do the same thing more than once, so whether I'm playing with something stupid at home or I'm doing something critical at work, I'm going to make a spot for any and all changes I might want to make to use it again elsewhere, without much effort. That could mean mapping a directory to a volume, setting specific variables in my compose/kompose, having a container grab data from elsewhere every time it starts, or whatever, but the parts I want persistent are, the parts I want variable are.

Keeping whether or not containers are the "right" way on an immutable distro aside, what isn't persistent for you that should be?

[-] Lettuceeatlettuce@lemmy.ml 2 points 1 day ago

I've been loving Incus containers for this very use case. Unlike Docker, Incus containers are by default persistent, and are full system containers, not just applications. So when you launch an Incus Debian 13 container for instance, you get a full Debian 13 installation, but at a fraction of the size of even a small traditional VM.

It's a great happy medium between Ultra-minimal Docker containers designed for single applications, and old-school heavy VMs.

[-] prole@lemmy.blahaj.zone 3 points 1 day ago

what isn't persistent for you that should be?

They don't actually know

[-] jokeyrhyme@lemmy.ml 6 points 2 days ago

I switch back and forth between bazzite and bluefin quite often

on these and other immutable distributions, /usr is read-only, and the recommended is to use installation methods that write to your HOME (or to /var which is where docker and flatpak --system save files)

i really should muck about with container-based development flows

my current preference is flatpak, then whatever per-language package tooling (e.g. cargo for tools written in Rust, npm with a custom HOME prefix for tools written in Node.js, uv for Python projects, etc) when there's no flatpak, then homebrew, then rpm-ostree as a last resort

for editing files in /etc my recommendation would be to set the EDITOR environment variable to point at whatever you like, installed however you like, and edit with sudoedit /etc/fstab, because then your editor is not running with root permissions

you could also point EDITOR at a custom script that mounts the target file into a container running your desired editor

[-] MalReynolds@slrpnk.net 4 points 2 days ago* (last edited 2 days ago)

Layer things that genuinely need (often in boot sequence) low level access like filesystems (e.g. I have mergerfs+snapraid on my desktop). If you're OK with a longer rpm-ostree update, you can layer some self contained things like btop with little risk, perhaps also your preferred shell. Also anything you want in TTYs if something breaks.

vim edit /etc/fstab works fine from within a distrobox, you just need to do sudo vim /run/host/etc/fstab or distrobox-export the binary to your main shell, which means that the container will start, but you don't have to enter it. If you fire a terminal profile into the container by default at login you won't need to start the container when you use an exported command.

Embrace the distrobox experience for development and generally mucking around, use Arch's AUR, archive entire environments, there's lots going for it.

Linux brew is coming along nicely, use it first if there's a formula, but I've been fine with flatpak, distrobox and layers (in that order) for a couple of years now.

[+] Eggymatrix@sh.itjust.works -11 points 1 day ago

If you want to go play with /etc/fstab and you have a concept of "everyday cli tools"an immutable distro is not for you. An immutable distro is made for people that do not use a computer but use a browser.

[-] TaintTaul@programming.dev 8 points 1 day ago

If you want to go play with /etc/fstab and you have a concept of "everyday cli tools"an immutable distro is not for you.

Please don't conflate stuff.

On Fedora Atomic^[And probably most distros that are -perhaps erroneously- referred to as "immutable", though the finer details might be different.], it's possible to:

Change the content of /etc/fstab. Heck, the same applies to everything under /etc. The only difference being that a pristine copy is kept at /usr/etc AND the fact that any changes to /etc are being tracked. Said changes can be accessed with ostree admin config-diff.
Install CLI apps just fine. Refer to this comment for more details.

An immutable distro is made for people that do not use a computer but use a browser.

False. Again.

While I agree that it's a very sane recommendation to the technologically inept, it would be a huge disservice to suggest it can't handle more advanced workloads. Because, quite frankly, there's very little it actually fails at. And most of its user base would vouch for this. And that list of restrictions/limitations is becoming smaller as we speak...

[-] Eggymatrix@sh.itjust.works -2 points 1 day ago

I never said it was impossible, I said it is not for the op. The simple fact they don't see an apparent way to install simple tools or modify fstab would be for me unacceptable, I prefer freeballing my OS, thank you very much. I simply assumed op was more like me and less like you.

[-] j0rge@lemmy.ml 2 points 1 day ago

The terminal motd tells you exactly how to use the packages involved when you open it.

[-] savvywolf@pawb.social 3 points 1 day ago

NixOS would beg to differ. :P

[-] Telorand@reddthat.com 1 points 2 days ago

There's a way to create aliases to the programs in the containers so that you can run them on the host as if they were installed. Look into the Boxy app (should be able to find it as a flatpak) for a GUI way to do it, but you might also look into nix to set up different dev environments. If it's not already a ujust recipe, look into how you can layer it and how to load up different nix configs for your different environments.

[+] Holytimes@sh.itjust.works -6 points 2 days ago

This is the exact reason the entire concept behind a immutable distro is beyond dog shit

Unless your use case is something like a console where modifications are not intended to happen expect as an extreme outlier. They fucking suck, they make no fucking sense, and just create endless problems if you want to do anything with your hardware.

Its basically re fucking inventing the exact problem that shit like ios has.

You don't own a computer with an immutable distro. Your distro is assuming your a child too ignorant and stupid to be trusted to do anything with it.

Its security for the sake of protecting idiots from them selves.

[-] prole@lemmy.blahaj.zone 15 points 1 day ago

You seem really angry about a concept you clearly do not actually understand.

[-] PerogiBoi@lemmy.ca 7 points 1 day ago

Pretty strong and judgemental opinions. Also incorrect 😀

Immutable distros are great for the overwhelming majority of all computer users. Most people want a computer that lets them web browser, game, consume media, and do application based productivity like editing (documents, photos, illustrations, video, etc.). In fact, that was too generous of a description because most people just consume content.

If your distro requires cli for regular usage and requires manual maintenance, it's only suitable for computer adepts, which is a small minority of all computer users. You are not the average computer user. No one on this site is. If you can't see that then you aren't in touch with reality.

[-] TaintTaul@programming.dev 10 points 1 day ago* (last edited 1 day ago)

Just to be very clear: the name "immutable distro" is unfortunately a misnomer. In practice, the restrictions found on so-called ~~"immutable"~~ atomic distros are very tame.

For example, on Fedora Atomic^[The atomic distro I'm most familiar with.], it's mostly a paradigm shift. That is, you can achieve (almost) everything that you can on a traditional distro, the only difference being how.

So, if we would take OP's query as an example, they are not able to do sudo dnf install vim btop. Instead^[Knowing that they're on Bluefin, a derivative.], they have to do brew install vim btop. Additionally, these changes persist, as you'd expect. Please note that this is just one of the ways/methods you can achieve this on Bluefin (and other Fedora Atomic derivatives). Other methods include:

Install within a distrobox and export it.
Simply layer it.
Make a custom image that installs these by default and switch to said custom image.
Install as a sysext.

As you'd expect, each one of these comes with its own set of tradeoffs.

[-] Strit@lemmy.linuxuserspace.show 4 points 2 days ago

To be honest. Immutable distros are not for everyone. Tinkerers especially would not be suited to use them, because of all the "restrictions" in place.

Better to find another distro in that case.

[-] utopiah@lemmy.ml 4 points 2 days ago

I'm not sure.

I'm a professional tinkerer and I run Debian stable. OK ok it's not an immutable distro but my point is that I do tinker, just NOT with my main OS.

I'll tinker in containers, in VMs, in my ~/bin etc but NOT in what hosts all that.

So I would argue that what's important for tinkerers is to establish clear boundaries on what they want to tinker on and what they do NOT want to tinker on, what can change vs what should never.

[-] Strit@lemmy.linuxuserspace.show 1 points 1 day ago

But a simple thing like "install a random cli tool to run on host" is often not easy on immutable distros, so it's usually just more convinient with an oldschool distro in those cases.

[-] j0rge@lemmy.ml 1 points 1 day ago

It's one command in Bluefin, same as everything else.

[-] utopiah@lemmy.ml 0 points 1 day ago

I don't think it actually is. It's only like that the very first time when you haven't you this specific distribution itself. Once you know how the few extra step and understand the core principle, it's trivial.

PS: I did tinker with NixOS, SteamOS and ROCKNIX.

[-] Strit@lemmy.linuxuserspace.show 2 points 1 day ago

Sure. But you have to figure that out first.

I'm just saying. It's not for everyone. I feel too limited when trying immutable stuff, so I stick with my classic. 😀

[-] TaintTaul@programming.dev 2 points 1 day ago

I feel too limited when trying immutable stuff

Is this rooted in experience? Or mostly just on vibes?

[-] partofthevoice@lemmy.zip 1 points 1 day ago

Seems anything you have to “figure out first” is no beuno.

[-] j0rge@lemmy.ml 1 points 1 day ago

Just about everyone who has made meaningful contributions to Bluefin are tinkerers. The entire stack is designed to tinker and customize.

[-] ms_lane@lemmy.world 0 points 2 days ago

That's the neat part - You don't! (unless you want incredibly long update times as every new util is a new overlay!)

[-] prole@lemmy.blahaj.zone 2 points 1 day ago

Incredibly long update time? Yeah... No. Definitely not something in had any issues with due to layered packages.

[-] MonkderVierte@lemmy.zip -1 points 2 days ago

And to create your own image, you need half the repo as dependency and a 20 steps chain.

[-] TaintTaul@programming.dev 2 points 1 day ago

Not in my experience. Though, I suppose I have to thank BlueBuild for the heavy lifting. It's not even restrictive either, even big^[relatively speaking] projects like secureblue depend on it.

this post was submitted on 22 Apr 2026

68 points (97.2% liked)

Linux

64822 readers

909 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz