[-] throwawayish@lemmy.ml 7 points 10 months ago

Oh wow! This is excellent news! I hope they'll also provide other privacy/security related features like Heads, the removal of the camera and/or microphone modules, pre-installed privacy screen, tamper-evident screws and packaging.

[-] throwawayish@lemmy.ml 7 points 10 months ago* (last edited 10 months ago)

Feels like pointless recreating of everything that is allready available for years.

This seems to be either blatantly false or simply uninformed.

Sure, for years, there have been many different attempts to explore 'immutable'(/'atomic') distros. And while some concepts have become mainstays, like; atomic updates, some degree of immutability during runtime and to a lesser degree; reproducibility, declarative system management and reliance on (OCI) images. There remains a lot to explore still and differentiation in implementation (however minute) is important as it's not always clear what will and will not stick eventually.

As to your claim of Vanilla OS "pointlessly recreating what is already available for years", the only atomic distros that have been usable for years are Fedora Atomic, Guix System and NixOS. Both Guix System and NixOS are radically different from all the others and Fedora Atomic has only relatively^[1]^ recently^[2]^ started to do the things that actually resemble what Vanilla OS 2 Orchid envisions for their system.


  1. https://fedoraproject.org/wiki/Changes/OstreeNativeContainer
  2. https://fedoraproject.org/wiki/Changes/OstreeNativeContainerStable
[-] throwawayish@lemmy.ml 8 points 10 months ago* (last edited 10 months ago)

"ABRoot is utility which provides full immutability and atomicity to a Linux system, by transacting between two root filesystems. Updates are performed using OCI images, to ensure that the system is always in a consistent state. It also allows for local atomic changes thanks to the integrated ABRoot package manager, which generates local OCI images with the user's changes, and then applies them on top of the system's default image."

(From ABRoot's page on Github)

This sounds a lot like what Fedora is trying to achieve with their ostree native containers.

Are there any technical differences between the two? Besides, of course, relying on tools with different names etc*. FWIW, it doesn't seem as if ABRoot (v2) allows one to pin multiple deployments, while this can be done relatively easily through the sudo ostree admin pin [-u] command on Fedora Atomic.

[-] throwawayish@lemmy.ml 8 points 11 months ago

(Perhaps) unrelated background informationxD , I started writing a reply yesterday and it got unwieldy real quick. So, I got discouraged and not long after I fell asleep. In the morning, I was surprised to see that a lot of your questions still weren't answered, so I mustered some motivation and here it is. Don't expect a very thorough response, but you should find enough pointers to make this work.

Preface:

  • Last summer I tried dualbooting Windows 10 and Fedora Silverblue and succeeded. So I will be sharing my experiences based on that. I don't know if doing this with Windows 11 will be different and/or more challenging (or not).

It’s also got an Nvidia GTX 4060 in it, which will probably not be optimal from what I hear (so any tips on that are much appreciated as well!).

Yup, the gist of it would be that Nvidia's proprietary drivers are not found in the native repos of most distros. This also applies to Fedora. However, you should be able to acquire the proprietary drivers by following the instructions found on RPM Fusion. But, Nvidia's proprietary drivers are known to not play nice and might require you to get into the nitty gritty later down the line to save your system. Don't get me wrong; some people never have issues, but unfortunately this doesn't apply to everybody. Therefore, it's very good to approach this cautiously. If, instead, you'd prefer a managed solution; so one in which your input is left to a bare minimum but somehow Nvidia's proprietary drivers are installed and (at times) fixed by some black magic shenanigans (or just good engineering) going on in the background, then look no further than uBlue's Nvidia images. Delving further into what uBlue is and why IMO you should consume Fedora Silverblue through it would be out of scope for this comment.

How would I go about actually shrinking Windows 11 down to make space for Fedora? Is “partitioning” the right word to use here?

So, unfortunately I don't quite remember what I did exactly. But I can't imagine I would do anything beyond the following two scenarios:

  • I just did what I always do and used GParted to shrink the size of the Windows 10 installation.
  • I used Windows' own tool to do the shrinking (assuming they even offer something to that effect).

After I shrink the partition, is it then just a matter of running the installer and using automatic partitioning with the unused space left over after shrinking Windows?

If memory serves me right, automatic partitioning by Fedora's Anaconda installer was for some reason undesirable. I don't remember the specifics, but it's likely either one of the following:

  • It straight up took hold of the entire disk and thus wanted to remove Windows.
  • Issues related to the bootloader; either it just forgot about it or tried to coexist with Windows' bootloader or tried to hijack Windows' bootloader. Nonetheless, all of these might result into some issues later down the line. Therefore, ideally, it should have its own separate bootloader (or at least one it shares with other non-Fedora(-based) distros).

Therefore, I did something slightly different. If I recall correctly, one should adhere to the following instructions:

  1. After you've shrunk the Windows partition, make a new partition (preferably using GParted) with the following specifics:

    • 512MB (in size)
    • Set as file system "fat32"
    • Give the partition the "boot" and "esp" flags
  2. Reboot into Fedora Silverblue/Kinoite's installer and when you get to the screen found below:

    Click here to reveal image of the screen
    First select the disk you'd like to perform the installation on and then select Custom (optional: you're free to choose the "Encrypt my data" option as well). After you've done this, press "Done" in the upper-left corner.

  3. A new screen should appear, in here I selected "Click here to create them automatically.". This should apply the default partitioning on the empty disk space. However there are a couple of things to keep track off:

    • Ensure that nothing from your Windows partitions is touched.
      • This includes the EFI partition of your Windows; if Fedora wants to do anything with it, then ensure it remains untouched.
    • By default, at least in my case, a new EFI partition specifically for Fedora Silverblue wasn't made. This is where the earlier created partition using GParted will play an important role;
      1. Select the earlier created 512MB partition
      2. Mount Point: change it from blank/empty to /boot/efi
      3. File System: Set it to EFI System Partition
      4. Ensure the checkbox with "Reformat" that's found to the right of the selection box for "File System:" is enabled/blue/checked
      5. I don't recall what I did exactly with the selection box under "Device Type:", but it likely was Standard Partition. I didn't encrypt it.
    • (Optional) You should have noticed that this screen also enables one to create partitions. There's a chance I created mine using this instead of GParted, but that would mean I would have departed from my ways. If the method in which the partition is created with GParted didn't work and you don't know why, then it's at least worth trying to create the partition here instead.
  4. After you're done with the previous screen, select "Done" in the upper-left corner. This should prompt a popup screen that summarizes the changes. Ensure that this doesn't do something strange to your Windows partitions and make sure that it looks otherwise as you'd expect. If you're done, then select "Accept Changes".

  5. The rest of the installation should progress like how you'd expect from there.

  6. (Post-install) Depending on how you'd like to have GRUB (read: default bootloader on Fedora) configured, you might have to do a thing or two to ensure you can access both Fedora Silverblue/Kinoite and Windows however suits you best.

I’d also love to know what kind of issues the docs are actually warning about as far as dual-booting. Will Windows wipe the bootloader on update or will Silverblue / Kinoite wipe Windows out somehow? If it’s Silverblue wiping Windows out, that may cause me to go with a different distro - but if Windows wipes Silverblue, it’ll be annoying but not a deal breaker

As long as the EFI partitions are separated, there's nothing to worry about. And if anything, it's Windows that might wipe out whatever Linux distro you're dualbooting.

I plan to use Silverblue / Kinoite for development exclusively, so everything will be on GitHub.

Perhaps it's worth mentioning one of uBlue's most ambitious projects; Project Bluefin, or to be more precise; the Bluefin developer experience.

General tips:

  • Grab a USB with enough capacity (8 GB at the bare minimum), and use Ventoy to create a bootable USB drive out of it. Then, put the .iso files for both GParted and Fedora Silverblue (or uBlue) into the designated location (read: partition called "Ventoy").
  • Regarding Ventoy, ensure to set it up specifically for your needs (GPT vs MBR, SecureBoot or not etc).
  • I recall to have greatly benefited from this excellent video guide on dualboot and multiboot by DorianDotSlash when I did my first dualboot ever. It's very likely that I even watched it in its entirety before doing my most recent Windows 10 + Silverblue dualboot.

Please feel free to inquire if you so desire!

[-] throwawayish@lemmy.ml 6 points 11 months ago* (last edited 11 months ago)

If you want to use Linux on your laptop, is there any reason not to go for 'dedicated' Linux laptops?

FWIW, I haven't seen these Linux-first vendors being mentioned under your post yet: NovaCustom and Star Labs.

[-] throwawayish@lemmy.ml 7 points 11 months ago* (last edited 11 months ago)

A couple of assumptions I will be making:

  • Your hardware is supported; consider to check driver support over at linux-hardware.org. Honestly, most hardware should be well-supported, unless it has been released very recently or is hardware from known troublemakers (i.e. Nvidia GPUs or Broadcom etc).
  • Your 'computer-literacy' is at least (slightly) higher than average.
  • You've primarily used Windows in the past.
  • You prefer asking others instead of finding it out for yourself; the existence of this post supports that. (It's either that or you like to have a second opinion in all cases; but I would have expected more input from you if that was the case 😅.)
  • Your hardware is somewhat modern.
  • You will mostly stick to defaults (at least initially).
  • You're aware that while hundreds of actively maintained distros exist, most of them are either niche or not worth your time in the first place. If, from the remaining ones, the less impactful derivatives are surgically removed, followed by the removal of newbie-unfriendly distros, then only 10-20 distros would remain; most of which have been named in this thread already. And your needs dictate which one out of these would suit you best.
  • You will educate yourself regarding desktop environments like GNOME, KDE Plasma, Cinnamon, Xfce etc. Perhaps you will even boot into a live environment to check them out for yourself; loading a bunch of distros on your USB through Ventoy is excellent for that. This is important as they're arguably the biggest contributor to how you perceive your Linux system. You should also be aware that in almost all cases a second (or heck; even third, fourth etc) desktop environment can be installed on your system and you should be able to switch between them relatively easily. However, in most cases, the one provided on first installation works close to flawless while others that have been tacked on later on are generally less polished.
  • You will educate yourself (eventually) regarding universal package managers (read: AppImage, Flatpak, Nix and Snap) and Distrobox as collectively they've (mostly) ridden the Linux ecosystem of problems related to software not being packaged in the native repos. Don't feel the need to indulge into all of them simultaneously from the get-go. But be aware that they exist and that they enable one to install (almost) any package that has been made available to Linux regardless of their chosen distro.

Any distro I should use?

Typically, distros like Arch, Debian, Fedora, Linux Mint, openSUSE, Pop!_OS and Ubuntu (or their derivatives) will be mentioned in these kinds of queries. And it becomes mostly a popularity poll that measures what the community thinks is the preferred distro for beginners. And honestly, I don't blame them as you haven't really given us a lot to work with. My entry to that popularity poll would be Linux Mint. If you prefer to use GNOME or KDE Plasma instead, then consider either Fedora or openSUSE Tumbleweed. Additionally, Pop!_OS should be considered if Nvidia causes problems on all the others.

Feel free to inquire if you so desire!


EDIT: I just noticed how you mentioned to someone that your use case will be primarily gaming. First of all, gaming is somewhat equal on most distros; especially with the likes of Bazzite-Arch and Conty providing excellent environments for gaming regardless of installed distro. Though, these containers do still rely on the hosts kernel, therefore any perceived difference on same hardware but different kernels might be attributed to said kernels. Newer kernels generally come with improved performance; at least for newer hardware*. Though, perhaps more performance could be gained through other means as well. I will spare you the details, however, as this is potentially another rabbit hole within the initial rabbit hole. Therefore, instead, I will name a couple of distros known for being excellent for gaming purposes: Bazzite, Garuda Linux, Nobara Linux, PikaOS and RegataOS. If you want a no-nonsense system, just go for Bazzite; while initial setup might seem slightly more involved, it's by far the most robust system out of these. This does come at the cost of being 'unique' amongst the others, but I believe it's a great fit for your use case.

[-] throwawayish@lemmy.ml 6 points 1 year ago* (last edited 1 year ago)

I'll assume that you intend to use it as a traditional daily driver, as such Tails and Whonix will not be taken into consideration. Qubes OS will also be dismissed as it's technically not a Linux distro. Though, it's simply the best if you take security seriously.

Within the space of traditional Linux distros, the closest one would probably be Kicksecure. Madaidan even works on the distro, so I'd say it's fair to assume that it upholds some of the values that are mentioned in the article.

Alternatively, packages for Fedora that would set this up automatically

Hehe, wishful thinking 😂. Uhmm..., bummer, but such a thing simply does not exist. Best we've got would be relying on so-called hardening scripts made by people that you don't know but somehow trust for hardening your system. Honestly, I'm also -to a degree- guilty of this as I one day hope to either adopt these scripts or rebase to one of these hardened 'immutable' Fedora images (when they're ready); Madaidan's guidelines have actually been an initial inspiration for the scripts found in the first link, so yeah 🙂. Until then, our best bet would probably be relying on hardening guides like this one; the guide has been carefully written (and is still getting regularly updated) with consideration for all the different major distros one might be using. Alternatively, you might try to implement Madaidan's guidelines directly. But, my previous attempts on Fedora didn't bear the best results. Though your mileage may vary. Special shout out to Brace as it's the closest thing to a package that does the hardening for you and works on multiple distros including Fedora. It's maintained by the same people that have brought us the excellent DivestOS, so it's trustworthy.

[-] throwawayish@lemmy.ml 6 points 1 year ago* (last edited 1 year ago)

Thanks for enlightening us! Fortunately, the answer in my original comment should still satisfy your needs.

[-] throwawayish@lemmy.ml 6 points 1 year ago

DuckDuckGO for the bangs, with a custom !bang made for my favorite SearXNG instance; on which most of my 'googling' actually happens.

[-] throwawayish@lemmy.ml 7 points 1 year ago* (last edited 1 year ago)

Hollow Knight is a masterpiece worth recommending. Furthermore, it satisfies most of your criteria. But you might need one of the better integrated GPUs to run it smoothly on your system.

Hades is another masterpiece worth recommending and perhaps satisfies even more of your criteria. Though, once again, it requires you to have one of the better integrated GPUs.

[-] throwawayish@lemmy.ml 7 points 1 year ago

without using special tools like respin and archiso

What do you exactly mean with this?

  • Can we suggest any package/tool that you have to install?
  • Did you intend to convey a solution that's independent of an existing distro?
  • Do you want the custom distro/iso to only do its thing until installation? Or are you perhaps interested in something more declarative that can continue to exist and be (one of) the primary means to config your system?
  • Could you explain to us how your envisioned solution looks like?

Sorry for asking these questions, but it was either this or a very very long post satisfying all kinds of different criteria. Thanks you in advance for answering any of the questions!

view more: ‹ prev next ›

throwawayish

joined 1 year ago