57
submitted 4 months ago* (last edited 4 months ago) by Guenther_Amanita@slrpnk.net to c/linux@lemmy.ml

Don't get me wrong. I absolutely love Fedora Atomic (Silverblue, Bazzite, Kinoite, Aurora, IOT, etc.), more than any other distro I used, and I plant to continue using it.

It never made any problems on any of my devices, and because it is pretty much indestructible and self-managing, I even planned to install it on my Mum's new laptop, in case her current one (basically a toaster with Mint on it) breaks.

But with the last days, my trust is damaged quite a bit.

First one, where I couldn't update anymore on uBlue, because of faulty key pairs. This is a huge thing for me because uBlue updates in the background, and if I wouldn't have read it here on Lemmy, I would have found out way too late, which is a security risk imo.

And now, my devices weren't able to boot anymore due to some secure boot stuff. Again, if I wouldn't have subscribed the Fedoramagazine, I would have noticed it way too late.
I was able to just boot into an older image and just paste a few commands from the magazine's post, and it was resolved in just seconds (download time not included).

Both instances were only a minor thing for ME.
But both would have been a headache if I wouldn't follow those blogs, which is a thing only nerds (like myself) do.
Nobody else cares about their OS, it is supposed to just work, hence why I use Atomic.

I don't wanna blame the devs (both j0rge/ uBlue and the Fedora team), they were very quick, transparent and offered very simple fixes.
And, being able to just boot into an older image, just in case, is something I am very thankful for, but nothing I want to depend on.

Having to be informed about stuff like this and then having to use the CLI is just a no-go for most people.

Am I over-reacting about this too much? What's your view on those things?

top 42 comments
sorted by: hot top controversial new old
[-] just_another_person@lemmy.world 55 points 4 months ago

They owned up to it, and immediately dealt with the issue.

It's open source, free, and run by volunteers who bust their asses to make these releases happen. I wouldn't worry too much about it if it's been working the other 99% of the time for you, and this one issue has you on the fence about it...

[-] lazorne@lemmy.zip 16 points 4 months ago* (last edited 4 months ago)

I agree, mistakes and vulnerabilites happen in all software commercial and open. Now I can only speak for RetroDECK but, we also make mistakes and need to do minor patches to fix those.

I think Jorge and the team handled it as you should: Be transparent, inform on all channels they can and learn from your mistakes.

Me personally have full confidence in them.

Those that try to hide or shift blame of mistakes are a bigger red flag in my book.

[-] boredsquirrel@slrpnk.net 11 points 4 months ago

What we need is a popup IN THE OS that tells users how to troubleshoot.

Separate from the OS core, updatable individually, like an RSS feed with persistent popups using KDialog etc.

[-] xavier666@lemm.ee 5 points 4 months ago

Those that try to hide or shift blame of mistakes are a bigger red flag in my book.

People, please; look at this.

It's inevitable that mistakes will happen.

[-] 4am@lemm.ee 9 points 4 months ago

Exactly. These kind of things happen from time to time; hell even big corpo OSes mess up. They said they’d taken time to fix their process to prevent this problem happening again.

If it becomes a pattern I’d become concerned. So far, it was inconvenient.

[-] Eeyore_Syndrome@sh.itjust.works 4 points 4 months ago

CLIphobia is a new one to me.

[-] just_another_person@lemmy.world 4 points 4 months ago

A lot of people on here are new to the ecosystem 🤷

[-] DarkDarkHouse@lemmy.sdf.org 9 points 4 months ago

Some of us also are just tired of administering the system and just want to use some applications.

[-] people_are_cute@lemmy.sdf.org -5 points 4 months ago

Fedora is run by RedHat/IBM employees but OK

[-] just_another_person@lemmy.world 7 points 4 months ago

No, that's not at all true.

Red Hat owns the Fedora brand, sponsors the project financially, technically, and with some infrastructure, but does not own the project, nor pay everyone involved. Aside from a project lead here or there, it's all community run. Literally anyone can contribute or volunteer.

[-] people_are_cute@lemmy.sdf.org -1 points 4 months ago* (last edited 4 months ago)

If Red Hat were to stop officially supporting Fedora tomorrow, can you guarantee the project will still survive?

Can Android/AOSP survive if Alphabet were to give up on it tomorrow?

[-] just_another_person@lemmy.world 5 points 4 months ago

Sorry to be rude, but can't you just go read the docs to understand this?

Fedora is a fork of Red Hat, the same way Ubuntu is a fork of debian. Yes, it is now singular to being its own thing. It is also not corporate controlled.

[-] digdilem@lemmy.ml 5 points 4 months ago

Fedora is a fork of Red Hat, the same way Ubuntu is a fork of debian.

I think you've got your ordering and terms a bit confused, there. There's no forking as such going on in the EL ecosystem.

To explain it as simply as I can, as there are quite a few people mixing this up in here.

Fedora is *upstream *of Red Hat (Or RedHat Enterprise Linux (RHEL) to be exact - Redhat is a company owned by IBM that does a bunch of stuff, not just RHEL).

Fedora feeds into CentOS Stream (Essentially a staging area for RHEL). This has no relation to CentOS Linux, which is dead.

RHEL is then built from CS at point releases and sold commercially through licencing.

There are distros such as Rocky, Alma, Oracle Enterprise Linux and possibly some smaller ones that strive to be near exact clones of RHEL (Rocky claims bug-for-bug compatibility, Alma doesn't any more as they build in a different way) - these follow RHEL's point releases, and might be considered a poor and loose definition of forking, but rebuilding is a more accurate term.

All these distros are under the blanket term of "Enterprise Linux" because it's shaped around RHEL, even though most are free. Historically this worked well, as people learned Enterprise skills using Fedora and Centos Linux which turned into careers (including for me). Then Redhat went a bit mad and that all changed.

The only similarity to Debian/Ubuntu is that Ubuntu uses Debian as a base, and builds upon it. Like RHEL, it adds commercially licenced bits to its distro and rebuilds other parts into something unique, and like RHEL, Rocky, Alma and OEL do with Fedora, it feeds back improvements and development into Debian.

[-] just_another_person@lemmy.world -2 points 4 months ago

You're just a coward to admit you were wrong?

[-] boredsquirrel@slrpnk.net -1 points 4 months ago

Says the person with a "Twitter verified badge" as profile pic LOL.

What has this to do with ANYTHING I wrote?

[-] kenkenken@sh.itjust.works 36 points 4 months ago

Fedora is Fedora and uBlue is uBlue, a separate project. Blaming Fedora for uBlue issues is like blaming Ubuntu for Mint issues.

And on Silverblue issues on updated happen from time to time. On immutable distros such issues won't break the system unrecoverable, this is the whole reason for immutables, but there are no promises for lacking of issues.

And you are disappointed because you have encountered two different issues at once. But it is a purely random event, and I have not noticed any changes in frequency.

But saying about Silverblue, I think probably it doesn't get much attention from the Fedora project lately, because few recent releases didn't have any improvements either.

[-] thayer@lemmy.ca 15 points 4 months ago* (last edited 4 months ago)

The beauty of Fedora Atomic is that anyone effected by the recent update (including me) could simply rollback to the previous image and boot as normal in order to troubleshoot. This is exactly why nearly all of my devices are running Silverblue or Kinoite now.

I think it's worth mentioning that significant bugs happen across all major OS platforms.

Recently, Microsoft pushed a patch requiring effected users to manually resize their EFI recovery partition. Shortly after that, it was announced that all Apple Silicon Macs suffered from an unpatchable vulnerability which can defeat encryption. These are just a couple of examples from recent memory...there are many others.

To truly avoid serious software vulnerabilities or bugs is to avoid software entirely. Operating systems are highly complex, multilayered software, and shit happens.

[-] digdilem@lemmy.ml 10 points 4 months ago* (last edited 4 months ago)

As someone who works in an environment with many Windows and Linux VMs, I can pretty accurately state that Windows updates have caused far more critical problems than Linux ones over the past 2 or 3 years. Microsoft's Patch QC has been AWFUL. (Print Nightmare fixes caused ongoing problems that are still breaking printing. You mentioned the EFI change, there's also patching completely failing for machines that had too small a recovery partition. Fine if there was none, or it was large, but all updates fail after that if your machine has a partition that Windows itself silently created.) There's literally dozens of major Windows update failures recently.

As you say, shit happens. Paying for something doesn't make that any less.

[-] PerogiBoi@lemmy.ca 11 points 4 months ago

I’m not. This is the toll one pays for getting absolutely free operating systems and programs without any real catch. No one to our knowledge is making money off of data collected by our use of the OS so if there are some bugs like that, I find it perfectly acceptable given the alternative where I pay a license to have windows installed on one computer and also get my data mined by Microsoft and my data sold to thousands of third parties.

[-] jjlinux@lemmy.ml 11 points 4 months ago

Never mind the fact that paying for a license doesn't guarantee it won't break. In my experience, every Linux distro I've used has been much more solid than all Windows versions since Windows 8.

[-] j0rge@lemmy.ml 8 points 4 months ago

Did you experience the Silverblue issue on a ublue image? We mitigated that last month so you should only have one problem or the other, not both.

[-] Guenther_Amanita@slrpnk.net 1 points 4 months ago

Yeah. I use Aurora on my laptop, but, to be fair, I don't reboot it as often. Maybe every 2-4 weeks I guess.

I saw the announcement about the failing updates, tried to update my system, and that went as announced, failing to verify.
I then executed the script, updated my OS successfully and rebooted.

The system worked fine now for a few days. Yesterday I shut off the device, and today I got greeted by the failed secure boot, having to resort to the image before and fix it.

On my gaming PC I use Bazzite, but I didn't turn the PC on the last days. I only executed the update-fix-script, installed the pending updates, played for half an hour and then shut it off again.
I will keep you up to date with the results once I come home.


Btw, I asked my partner about her opinion on this. She said that problems like this may happen anywhere, no matter which software, and as long as the devs announce that and offer a simple fix, there's nothing one can do about it.

She only suggested a small "news channel" built into the OS.
Do you think that might be possible to integrate, for example into the MOTD in the terminal? I don't know if there are possible solutions out there.

[-] j0rge@lemmy.ml 4 points 4 months ago

She only suggested a small “news channel” built into the OS.

Yeah we're working on that here: https://github.com/ublue-os/bluefin/issues/1485

The failure with secure boot afterwards is news to me, we'll investigate, thanks!

[-] PotatoesFall@discuss.tchncs.de 1 points 4 months ago

oh hey, you're on here. Absolutely stoked to see a co-maintainer of my favorite linux is also on my favorite social media!

Thanks for the fantastic work on uBlue.

[-] boredsquirrel@slrpnk.net 7 points 4 months ago* (last edited 4 months ago)

Upstream Fedora is pretty bad with troubleshooting.

I honestly think the traditional Fedora with dnf is bad. I tried it and it was a pain. But the packages are pretty nice.

The issue is: Fedora is a testing platform. Their kernels are fresh. Fedora Atomic is not a finished product (and also not marketed as such in any way).

uBlue literally uses unreleased quay OCI images of Fedora atomic. They are built, but not used. The official ones are not even signed.


Fedora is not a stable distro at all. So they should focus a lot on

Also, as most problems are because

  • outdated grub (fixed soon with F41 likely, only on atomic)
  • too new kernel
  • weird kernel module stuff
  • rpmfusion sync issues

Many problems can be avoided by using a different Kernel!

Kwizart maintains the official LTS Kernel, built for Fedora, CentOS and RHEL

Replacing the kernel with this may be a solution for many problems

Use my COPR command script

copr enable kwizart/kernel-longterm-6.6
rpm-ostree install kernel-longterm

Not sure if then both are kept.

[-] MalReynolds@slrpnk.net 7 points 4 months ago

My takeaway was add https://universal-blue.discourse.group/tag/announcements.rss to my rss reader (already had fedora) and I'm happy I'll know when I need to, still for those of us who support non-technical users on these platforms it is indeed problematic.

OTOH, this is the first time I've had non-nvidia (sleep broken on my desktop, just rolled back and held updating for a while, no big deal) update problems in two years, which is pretty outstanding for a new rolling distro, and gives me confidence in the architecture. Shit happens I guess, but it was quickly and publicly sorted, also trust building...

[-] boredsquirrel@slrpnk.net 1 points 4 months ago

This should be done out of the box. The implementation depends on the desktop.

Which is why for quality assurance, at most 2 desktops should be supported and prioritized like that.

[-] boredsquirrel@slrpnk.net 4 points 4 months ago

I agree that Fedora Atomic NEEDS a way to have GUI messages via an RSS feed arrive to all users by default.

KDE Plasma has an RSS widget by default I think. Will open a discussion about that.

[-] Vincent@feddit.nl 3 points 4 months ago

Yeah, it all still is more experimental than I'd hope. The whole reason I'm using Silverblue is low maintenance and less risk.

The plus side is that it didn't render my system unusable - I could boot into the old version. But hopefully lessons will have been learned, and this will happen less often in the future.

[-] geoma@lemmy.ml 2 points 4 months ago

I am. Cant boot after update because of secureboot stuff

[-] boredsquirrel@slrpnk.net 2 points 4 months ago

Keep an eye on CentOS bootc

And the CentOS hyperscale SIG (Youtube presentation, newer update) is basically taking CentOS and backporting or just using tons of Fedora packages on there, for better performance.

I think they use the Fedora Kernel which would still be problematic, as the current 6.6 LTS kernel is still way newer than the 5.14 CentOS kernel (with tons of backports).

[-] Sina@beehaw.org 1 points 4 months ago* (last edited 4 months ago)

You are completely right, they've dropped the ball. Of course it's open source, so the devs are not duty bound to keep the system running well. it's just that my trust is shaken that I could just set up grandma's computer with this and not need to maintain it..

These days even Apple and Microsoft struggle with testing their updates and pushing out updates that are not broken or system breaking. Maybe the grans of the world should just become more tech savvy. ;)

Then again if long term Fedora immutable systems only fail like this once every two years, then we are not really worse than needing to deal with Windows Rot.

[-] Iapar@feddit.org 1 points 4 months ago

I think the problem ist accepting that people don't want to understand or be informed about a thing that their life depends on.

Everything gets more technical so there has to be a basic understanding how things work or else you are fucked in one way or the other.

If you walk on the streets you don't have to know the max speed on a highway but you need to know how traffic lights work or you get run over.

[-] bsergay@discuss.online 1 points 4 months ago

Or, be like me, and use secureblue (or any other community image) and don't experience any of these issues.

[-] cerement@slrpnk.net 0 points 4 months ago

on the flip side, Linux, the distros, the desktops are a lot more about community than anything Windows – and Linux projects are a lot more willing to admit they can’t operate in isolation – there’s constant interplay between the projects, the security teams, the kernel hackers, the language devs, the testers, and the users – and they communicate with each other through the blogs and mailing lists and IRC and toots and Fedi communities

[-] GolfNovemberUniform@lemmy.ml -1 points 4 months ago

I don't see atomic systems on desktop computers. They make sense on more embedded and stable systems that still need eventual updates like ATMs and industrial machinery control panels but not desktops. Atomic systems kill customization that is one of the core advantages of Linux. Probably it also has something to do with my not-so-enthusiastic opinion on Flatpak idk.

[-] boredsquirrel@slrpnk.net 4 points 4 months ago

No Atomic systems make all sense.

They are literally the reason why an unstable distro like Fedora is robust.

Customization is all done on the mutable areas, home partition etc. A new user profile equals a new vanilla desktop.

Yes, you cannot mess with the core architecture of the OS. Things need to be centralized.

But you realize, similar to GNOME removing theming, that if you have one way that everyone can test, you have way less bugs.

As a KDE user I would be really fine having way less customizability and more stability. I am very fine with the default in most cases.

A well designed system does not require customization, and to be an OS used by the world, Linux needs good defaults.

[-] GolfNovemberUniform@lemmy.ml 2 points 4 months ago

I agree that this is a very valid reason but I don't think most of the people see their OS that way

[-] boredsquirrel@slrpnk.net 0 points 4 months ago* (last edited 4 months ago)

Which is still irrelevant for OPs thread. It is actually the opposite. The more you diverge from upstream, the more you need to vendor your changes.

That means if your mums PC breaks, you are responsible ;)

[-] boredsquirrel@slrpnk.net 1 points 4 months ago

This is not relevant to the topic about issues with the stability of atomic desktops

[-] GolfNovemberUniform@lemmy.ml 0 points 4 months ago

I'm always surprised by the toxicity of Lemmy. Anyways I think it was relevant to the topic because the OP asked for opinions on atomic systems. Are you arguing because you have a drastically different one?

[-] boredsquirrel@slrpnk.net 1 points 4 months ago

No, I understand your points. I may think you need to specify what you mean by "customizable". A lot of stuff users normally do, like theming, installing random stuff etc, works. You can layer, build your own image etc.

But this is not the point as OP was frustrated about having an OS that even though promising to be reliable still breaks.

And whining about "oh I cant tweak it" is just not at the correct place there.

But of course my answers were kinda harsh, sorry for that. But these issues are really nonissues if your priority is having a working system.

this post was submitted on 06 Jul 2024
57 points (84.3% liked)

Linux

48349 readers
450 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS