[-] poki@discuss.online 14 points 4 months ago* (last edited 4 months ago)

Btrfs snapshots + Snapper have been (somewhat) pioneered by openSUSE Tumbleweed. Yet, they see value in developing openSUSE Aeon (i.e. their attempt at an 'immutable' distro); otherwise they wouldn't be putting resources into it.

Hence, Btrfs snapshots is (at best) only able to fulfil some aspects we've come to expect from 'immutable' distros. But there's more to it than that.

One of the most simple (and, yet, perhaps most defining) feature that 'immutable' distros come with is atomic updates; i.e. updates either occur or not, there's no in-between messed up state caused by energy outage or whatsoever.

There's a lot more to it than that. To mention a few more:

  • reproducibility
  • declariative system management
  • (some) prevention of cruft accumulation, bit rot and configuration drift
  • better security related to read-only part of OS
  • a lot less undefined/hidden/unknown state

Not all 'immutable' distros possess these qualities. Nor are they aspired by all of them. Hence, lumping them up together is actually a blatant oversight that's been committed way too frequently.

Regardless, if you're interested, consider trying out Fedora Atomic^[1]^, NixOS or openSUSE Aeon for yourself and see what it's all about.


  1. Either through Fedora's own images or the ones provided by uBlue.
[-] poki@discuss.online 88 points 4 months ago

Even if that's the case, it's telling of Linux' maturity.

[-] poki@discuss.online 11 points 4 months ago* (last edited 4 months ago)

I'm a big fan of Fedora Atomic. However, even I have to admit that knowing how to install packages through dnf is simply more convenient than knowing and understanding the nuances between rpm-ostree, Toolbx/Distrobox and flatpak. And I haven't even delved into ujust and brew that are found on uBlue images.

Furthermore, even if we would limit ourselves with what Fedora Atomic prescribes, we see the following inconveniences:

  • rpm-ostree ; I know --apply-live exists and I know systemctl soft-reboot exists. But still, if you have to resort to rpm-ostree, then both the speed of update/installation as well as the need to reboot (or live on the edge with --apply-live) are inconvenient compared to dnf.
  • flatpak ; It's inconvenient that I have to alias the installed package if I prefer sane naming conventions when accessing it through the terminal. Furthermore, stuff like the NativeMessaging portal not being available yet for sandboxed browsers and how that prevents any local password manager to interact with them (without hacking your way through; which, once again, is an inconvenience) is inconvenient.
  • Toolbx/Distrobox ; the fact that you'd have to setup quadlets (or simply rely on uBlue images to do it for you) to keep them up to date, up and running is an inconvenience. The fact that distrobox-export has to be resorted to for accessing these directly from your 'App Drawer' is an inconvenience.

The fact that there's no centralized place for upgrading all of the above (unless you rely on an uBlue image) is an inconvenience.

I could go on and on, but these should satisfy in revealing some of the more obnoxious inconveniences.

[-] poki@discuss.online 15 points 4 months ago

Thank you for the reply!

Inconvenient package management

Fair.

manual theme installation

I assume this is based on an experience with Kinoite? Am I right?

anything that involves changes to the system

I'd argue "anything" is too harsh. But yes, there are definitely edge cases that are either very/too cumbersome or outright impossible to achieve on Fedora Atomic.

However, I'd argue that while the associated paradigm shift and learning curve do require some commitment to adjust to, it is a more sane way of running a system for most people.

[-] poki@discuss.online 22 points 4 months ago

I can’t fully agree with you about the smooth user experience on this particular distro because it’s immutable

Could you elaborate on why you think this is the case? FYI, I've been using Fedora Atomic for over two years. So, please don't feel the need to explain me how it works*.

[-] poki@discuss.online 24 points 4 months ago* (last edited 4 months ago)

TLE did a performance test on this distro and it was pretty much the same in terms of FPS as other distros.

Without measuring any 1% lows or 0.1% lows.

I enjoy TLE's content, but that video is far from exhaustive on this.

Unless a better comparison comes out, we should reserve ourselves from making any judgements on this particular subject.

[-] poki@discuss.online 8 points 4 months ago

Would you mind elaborating?

[-] poki@discuss.online 9 points 4 months ago

How about

  • SELinux that's pre-configured and on enforcing mode OOTB
  • Its whole Atomic branch
  • Being the first distro on which new technologies are introduced

All of which are unique.

To be frank, Fedora's unique selling points are very compelling. I wonder if you could name a distro with even more impressive USPs.

[-] poki@discuss.online 26 points 4 months ago

Why does nobody here ever recommend Fedora to noobs?

It does happen. It's simply not the popular choice for the following reasons:

  • Fedora and its predecessors were until relatively recently simply more cumbersome in use compared to Debian and Ubuntu;
    • There was a time (like at least over 10 years ago) in which package managers didn't necessarily know how to resolve dependencies. However, Debian's package manager at the time did it earlier than the package manager found on Fedora's predecessor. Hence, this was a clear reason to prefer Debian or Ubuntu over Fedora('s predecessor).
    • Freezing packages and offering stable releases with two years of support (like Debian does), has been and continues to be a very pleasant way to run your Linux OS. That's why, even in the past, Fedora's slower cousin (i.e. CentOS) was very popular (though being RHEL clone didn't hurt either). Fedora, on the other hand, offers a semi-rolling release cycle of 6 months with only 13 months of support since release. With semi-rolling release, I refer to the fact that some packages are frozen and some are not frozen. Hence, you should expect daily updates. Access to the latest and greatest software is great. However, every update is a possible cause/reason for something to bork/break on your system. It's therefore unsurprising that some prefer the predictability found on other distros. Though, for the sake of completeness, one has to mention that Fedora Atomic does a great job at tackling this problem; especially the uBlue projects.
    • A couple of years back, Fedora switched in quick succession to systemd, Wayland and GTK4. Thankfully, I didn't experience this for myself. But, from what I could gather, it was a mess. Users, perhaps rightfully so, questioned Fedora's decision-making. While Fedora wasn't particular loved, this didn't help to retain new users, nor did it help to cultivate a trusted environment.
  • Due to the previous reason, Fedora has not particularly been a very popular distro. Hence, troubleshooting your issues through Google is less straightforward compared to Linux Mint or Ubuntu. Additionally, as Fedora's user base has primarily been more experienced users compared to the ones found on Linux Mint or Ubuntu, it's unsurprising to find less discussion on elementary stuff. Simply by virtue of Fedora's user base already being past that.
  • Fedora, like Debian and openSUSE, offers a relatively bare bones experiences. It does make a lot of sane decisions for you. However, it doesn't focus on being particularly GUI-friendly or newbie-friendly. By contrast, distros like Bazzite, Linux Mint, ~~Manjaro,~~ MX Linux, Nobara, Pop!_OS and Zorin OS (amongst others), do put thought and effort into streamlining the experience as much as they can; especially for newer users.
  • While Fedora is ~~primarily~~ community-driven, Red Hat's influence is undeniable. As such, people that hate corporate interest and/or Red Hat and/or IBM will favor the use of Arch and Debian.

Having said all of that, I've been using Fedora Atomic for over two years now. Heck, Silverblue was my first distro. And it has been excellent so far. Furthermore, with Bazzite (based on Fedora Atomic) and Nobara (based on Fedora) often mentioned in conversations regarding beginner friendly distros, even if Fedora itself isn't explicitly mentioned, the ecosystem is clearly healthy and will continue to flourish.

37
submitted 4 months ago* (last edited 4 months ago) by poki@discuss.online to c/linux@lemmy.ml

(More) Specifics:

  • Undoing the protection should include filling in a password.
  • The password should be different from the one used with sudo or any other passwords that are used for acquiring elevated privileges.

All (possible) solutions and suggestions are welcome! Thanks in advance!

Edit: Perhaps additional specifications:

  • With 'displace‘, I mean anything involving that resembles the result of mv, cp (move, cut, copy) or whatsoever. The files should remain in their previously assigned locations/places and should not be able to 'pop up' anywhere.
  • I require for the files to be unreadable.
  • I don't care if it's modifiable or not.
  • I don't require this for my whole system! Only for a specific set of files.
[-] poki@discuss.online 13 points 5 months ago* (last edited 5 months ago)

Unfortunate. However, one bad move doesn't justify dismissing systemd altogether.

Do I wish for s6 and dinit to be competitive with systemd? Absolutely. Do I wish for systemd what PipeWire has been for PulseAudio? Yes, please. Do I wish that distros/DEs would be less reliant on systemd? Hell yeah! (Can I please have an rpm-based distro without systemd?)

But, unfortunately, at least for now, systemd is the most robust and (somehow) most polished init we got. And I'm actually grateful for that.

[-] poki@discuss.online 29 points 5 months ago* (last edited 5 months ago)

By default, Fedora Atomic envisions the following in regards to installing packages/software:

  • First, try the Flatpak.
  • If that doesn't work, use Toolbx(/Distrobox).
  • If all else fails, resort to rpm-ostree.

This works pretty fine, but isn't perfect:

  • Flatpak has become pretty good for software with a GUI. However, while it can do CLI, it's underutilized.
  • Toolbx/Distrobox has its merits, but not everyone enjoys consuming CLI through containers.
  • Besides the fact that installing all your CLI tools through rpm-ostree will negatively impact how fast you can update your system, it also requires you to (soft-)reboot before you can access the newly installed package (unless you enjoy living on the edge with --apply-live). This can be pretty cumbersome, especially if you're in flow.

Thus, the situation around CLI on Fedora Atomic became a sore to the eyes. Within the community, there were multiple attempts to tackle this problem:

  • Nix; For some time, this was the perfect solution. Unfortunately, in its current iteration, installing Nix on Fedora Atomic requires SELinux' enforcing mode to be turned off. As turning enforcing mode off is unacceptable for uBlue's maintainers, this was eventually dismissed.
  • Better tooling around Toolbx/Distrobox; There have been made some efforts in this regard, perhaps most notably Ptyxis. But, we're not there yet. Though, some are hopeful of what podmansh will bring to the table.
  • Homebrew; It behaves as any other package manager used for installing packages from the repository on any Linux distro out there. Except, in this case, it's exclusively utilized for CLI. Currently, it's simply the most straightforward in use. You just have to teach people to replace their apt/dnf/ pacman with flatpak (for GUI) and brew (for CLI). Furthermore, it comes with a big and healthy repository. Finally, it utilizes technologies related to the ones found on Fedora Atomic.
  • systemd-sysext; This has only very recently been added to systemd. I wouldn't be surprised if this will play a prominent role going forward. Though, I'm unsure if CLI will benefit most of it.
view more: next ›

poki

joined 5 months ago