Hey! I’m currently on Fedora Workstation and I’m getting bored. Nothing in particular. I’ve heard about immutable distros and I’m thinking about Fedora Kinoite. The idea is interesting but idk if it’s worth it. CPU and GPU are AMD. Mostly used for gaming.
Try NixOS.
deleted by creator
You can still tinker!
NixOS is pretty complicated, but in my eyes the next-gen Arch.
And Silverblue is still be able to be tinkered with.
See, on immutable systems, you don’t change the system itself, but the next image.
Similar to PDFs: you shouldn’t change the PDF, but the original document and then export the PDF again. PDFs aren’t bad, but they aren’t designed to be edited, and that’s their pro.And with Project uBlue you can create custom images how you want.
You like Hyprland? There’s an image exactly with that! You see what I mean :)
Immutables are an amazing idea. I just wish Arch (EndeavourOS) had it.
BlendOS is exactly that
No way. It’s arch based?
Yes
Nice. Now, I have a couple of options to look at. Thank you.
Isn’t SteamOS immutable and Arch based? Surely there’s also a more general purpose distribution that does that.
Yup, true
That’s what distrobox is for
There is AstOS although I haven’t tried it personally and I’m not sure how well it works.
Is AstOS still active? I found this AshOS which is similar but I had never tried any of it. Maybe also inactive don’t really know. Thx for mentioning AstOS, I never thought this is possible on Arch distribution.
No idea! AshOS looks pretty cool too. It would be interesting to have a bigger arch based distro pick up something like this. Other than SteamOS I guess.
Please temove the exclamation mark from before your link, you’re linking it as an image.
Ah, I was wondering why it wasn’t showing up… I guess Boost isn’t linking things properly. Thanks for the heads up.
Oh nice. I’m going to look into it more. I have invested so much damn time into my current setup and I don’t want to just migrate. So many apps and games are set up the way I want them. Not a distro-hopper here and you get the picture.
I’m thinking about it as well! I’m on workstation. I’m not sure about the additional benefit for me as a user. Or let’s say for a newbie, should I recommend the immutable version?
I wrote a comment above.
That one may interest you and explains why :)I mean… you can try it in a VM or live USB :)
Been playing with that Bazannite (sp?) Variant, it works fine, but i am still undecided if learning the ins and puts of it are worth the switch from my Pop_os install.
There was a little bit research and learning to do some tasks, but nothing surprising.
it does seem it boots much slower than my pop_os install, but I think I have it installed on an internal Hybrid HDD that i not yet replaced with a SSD, so that may be the cause.
pop_os boots amazingly fast, not sure what they do to it.
and having to reboot to get stuff updated/installed is a bit annoying, the ability to roll back is the trade off I guess.
However I can’t really think of a time that I needed to roll back, perhaps I am just lucky. So the entire roll back feature is something that I don’t know if I will ever actually use.
good luck.
Thanks for the input :)
This is why fedora had a little bar after rebooting when I updated right? What am I a Windows user?!? This is the extent of my understanding of immutable distros and I am furious with them.
No. You don’t see or feel the update with silverblue. You see the update with the normal workstation version. The immutable version fixes that.
I have corrected the one thing I know about immutable distros and am now furious with all others.
I don’t know what you mean with your comment?
The progress bar on Gnome-based distros like Fedora and Ubuntu was their offline install.
This increases the likelihood of a successful update without borking your system.
You can always deactivate that or update via terminal.It has nothing to do with immutable OSs. Actually, most of them even update without you noticing, which is quite convenient imo!
I was mostly joking and I might have been mis-attributing the delay. From the time’s I’ve had Fedora, including with KDE, if I update I have a pause during the next boot where I have to let the install finish before getting back to functional. My belief was that this was because the immutable system could not be running while updating, compared to non-immutable where a standard reboot works with a new kernel et al.
I’ve been using Kinoite for a couple of years now on my Thinkpad. What would you like to know?
How much did you have to adapt to the new app installing workflow? If you know what I mean
If nearly all of your gui apps are available as a flatpak, it’s simple to adapt. While I was using Silverblue I set my terminal up to launch directly into a distrobox, which gave me a regular container to install apps with a regular package manager (e.g. pacman in my case).
If I used Silverblue today I’d use the Nix package manager (with home manager) to install all my cli apps.
I learned quickly that installing apps the traditional way causes pretty major instability. You’re basically rebasing the entire OS via ostree to install one application. After my second nuke and pave due to updates no longer working from me rebasing I took the time to learn toolbox so if a flatpak is not available I can still use an application (containerized) without altering the OS. Toolbox by default pulls in another Fedora install as the app base. I recommend using Alpine instead, much smaller and lighter.
I guess the moral of the story is learn to install applications the correct way, or just don’t use an immutable OS
Noted haha I’ll think about if I want to use Kinoite, Nix is first place rn I think haha
If you’re bored, try Nix. It has all the characteristics of an immutable distro, aims for reproducibility, and is complicated enough to keep you amused for months.
Yeah I was thinking about it. Just feels like it might be too much for just day to day use. Without programming and having to reproduce the system on different machines. At least that’s what the comments say in few places lol
Yah, I get that. But lots of people use Nix as a daily desktop driver because it’s immutable. It’s not hard to set up the first time with some example configs, and if you want to get more complicated, it’s certainly an interesting direction and great time sink.
Frankly, I’d try it in a VM first, so you can snapshot it and play, and see what you think. I don’t use it myself but I’ve set it up a few times and it’s pretty cool to play with, I might get around to putting it on one of my bare metal desktops one day.
deleted by creator
Here’s secure boot for NixOS: https://github.com/nix-community/lanzaboote/
deleted by creator
I believe Universal Blue supports Secure Boot, since they specifically went to make it work for even Nvidia users - I’m assuming it works similarly for the non Nvidia variants or maybe just uses Fedora’s default keys? I’m not too well versed in how SB works.
Then it also comes with Distrobox so you can just spin up an Arch container and use AUR apps through there.
deleted by creator
Ah gotcha, I appreciate the info! I hope that someday a better solution for managing secure boot will work with immutable distros in the future then, so that you have a chance to give it a try (if you want to, of course).
deleted by creator
I’m not sure what you mean exactly but I use Silverblue with secureboot on and a LUKS encrypted drive using a fido2 key. To my knowledge I also could configure the use of TPM to store my key but find that setup not to my liking.
deleted by creator
My (maybe flawed?) thoughts: Why bother with full disk encryption if one could just boot the notebook to undo the encryption?
Using my yubico fido 2 key in combination with a small PIN I can easily decrypt my LUKS drive and know nobody else can decrypt it as long as I have my yubico with me.
What do you think of this?
deleted by creator
Edit: Tumbleweed is not immutable, you learn something new every day, especially from your mistakes 🙃 (it’s still a really nice distro)
Personally really happy with my choice of Immutable Distro: OpenSuse Tumbleweed. To me, who is half a year into using linux, its very convenient to use an immutable system as IF i were to do a wrong command or whatever its super easy to rollback the system (at least on Suse as it uses btrfs-filesystem). Another thing worth mentioning which is also why I chose to go with immutable is that it really teaches you “the good standards” of where to tinker with files and where not to, at least for a beginner like myself this is very nice.
Noted, thanks :)
As you already noted Tumbleweed isn’t immutable, but it is generally delightful! It’s the one I’ve always been most comfortable with in terms of Rolling Releases
Tumbleweed isn’t immutable… Aeon (previously MicroOS Desktop) is.
Oh wow, won’t you look at that! 😅 Well that jsut shows my lack of experience I guess. I swear I heard it somewhere and just believed it was. Or maybe I misread and read that MicroOS and Aeon was, therefore assumed Tumbleweed was… My bad!
Tumbleweed isn’t immutable
Eh, I don’t do anything illicit on the internet neither work at NASA or any other high-security-related job… so I’m in the “Lol” side of this whole story.
Compile your commands, kids.
I personally don’t like them. I just keep my system clean and use distrobox and flatpak
There are many good comments here and from what I’ve read immutable seems best suited to the Enterprise IT environment where you don’t want the user fiddling with the system, and you want built in rollback and quick configuration. As well as user data protection.
But for Linux users at home I don’t see any massive advantage. Especially if you’re running a reliable distro like Mint or Debian, or better yet Linux Mint Debian Edition is the best of both worlds.
If you only turn the PC on to watch YouTube, read a document, scan and print, surf the web or game your system should be 100% ok. Unless you’re running Manjaro or Arch.
What I don’t like about the immutable approach is that it turns my PC into a dumb terminal locked by the distro Devs and updated at their will. It’s ok if I have read only on my Android phone because I don’t need to get into root etc. That’s a good place for immutable.
But I don’t want my Linux box at home to be a just an appliance that someone else essentially has control over.
That’s very much an Apple approach. Don’t let the user see or touch anything. They can just be content to change the wallpaper and add a widget. We’ll decide when and how the OS gets updated, what apps they can and cannot run etc.
Ultimately it infringes on user freedom and the very FOSS principles that set Linux apart from the rest.
In short, fine for Enterprise IT but no good for the average Linux user.
What I don’t like about the immutable approach is that it turns my PC into a dumb terminal locked by the distro Devs and updated at their will.
I think you are misunderstanding how immutable distros work. They can be just as configurable as regular distros and in the case of nixOS it is more configurable than popular distros. The point of immutability is to ensure that the system can’t be broken during when it is running by a bad update or install or by user making configuration errors as these are applied during reboot. If the system is broken then a earlier snapshot is booted so you always have a working system. You can setup a regular distro with this atomicity and snapshots but it is not as easy as using immutable distros. Yes tinkering and using native packages is harder in most immutable distros but immutables never were a catch all solution. Use what suits you. I was just a little upset that you claimed that immutables are not in the spirit of FOSS. You can even make your own images(base OS) in distros like fedora silverblue and update your system with those images instead of using what the maintainers provide. It is what uBlue uses
Thanks for the correction. 👍
Cheers. Hope you don’t shy away from trying immutable distros
I think I’ll spin up a VM and try one
You make a lot of good points, but I have to disagree on the “don’t let the user see or touch anything”. That’s very much not the way immutable distros behave (and I speak mostly about Fedora Silverblue here, I don’t have experience with other immutable systems): you can touch and change anything and often times you have mechanisms put in place by the distro developers to do exactly that. It’s just that the way you make changes is very different from classical distros, that’s all, but you can definitely customize and change whatever you want. I feel the comparison between immutable distros and Apple is really far off: Apple actively prevents users from making changes, while immutable Linux is the opposite – while there may be some technical limitations, the devs try to empower the user as much as possible.
Thanks for replying. It seems that my impression of immutable might be off. I’m glad to hear you actually can make changes.
I assume the must be some kind of core trust can’t be changed? Or does the immutable name refer simply to the ability to roll back?
The immutable part (again, only speaking about Silverblue, I don’t know about others) refers to the inability to make changes online (i.e. without rebooting), but you can eventually change whatever file you want. The way it works is you would make your changes in a copy of the current filesystem and at boot simply mount and use the copy. If something goes wrong, you just mount the original at next boot and you have rolled back.
Fantastic. Thanks for explaining that to me. That actually sounds very good and not at all restrictive. Cool. I can see why things are moving in that direction.
If you do a rollback, I assume your data remains? I assume you might need to reinstall apps which were not in the original? Or does it keep apps, data and settings across a restore?
If you do a rollback, I assume your data remains? I assume you might need to reinstall apps which were not in the original? Or does it keep apps, data and settings across a restore?
In CoreOS (Silverblue),
/etc,/varand/home(which is in fact a symlink towards/var/home) are regular writable partitions, so your data, configs and personal files are not touched by the upgrade/rollback procedure.All the packages (and their dependencies) you’ve installed extra are also upgraded/rolledback when you do a system upgrade.
Fantastic. That’s cool. Thank you 🙏
I think immutable OSes serve two purposes: For the developer who needs to operate multiple environments at the same time, and for the utter novice who could screw something up otherwise.
This audience, us, is the exactly middle ground. We like tinkering. We like setting things up.
So, I don’t think immutable OSes are for us.
Yeah man I don’t know. I used to think I like tinkering(used endeavour for a few months) but I am enjoying the no maintaince life with uBlue very much. Most of the time the system updates on its own and I am not even aware that the system updated. Same with flatpaks which also auto update so they are always on the latest version provided by flathub when I use them. But I also like gnome so maybe I am not the tinker lover I thought I was
Not true in my opinion.
You can still tweak the image to your liking, you just have to approach it differently.One of the many things image based OSs offer is peace of mind.
It’s just great to know my PC will work just as fine tomorrow as it did today, and I don’t have to fix anything.I can definitely see what you’re saying. But if you start to add packages, what do you gain in terms of known stability? Seems to me you might as well then just “be good” about not adding too many packages to a malleable distribution.
If you use the workflow of an immutable system on a traditional one, you have almost all the disadvantages of the first and pretty much no advantages of the second.
The “immutability” (you can still change stuff) is the wrong thing to look at.
I prefer the term “image based”, that fits better. Everytime you update your image system for example, it gets “pulled” or compared to the original image.On a traditional one, you have your original image you once downloaded, and that’s it.
Over time, it will still change due to updates and stuff. An immutable is basically a “fresh install” every time.Most immutables use layering, so you still pull the original image, but after that some stuff gets changed.
It is generally strongly discuraged to install stuff (like GIMP and so on) directly. It should only be the last option, like for drivers.But even when you directly install, you don’t use all the benefits. The OS is still rebuilt every time and package drift barely happens.
And, back to the beginning, the pros and cons.
It’s like with PDFs. Yeah, it sucks that you can’t edit them. But that’s what they’re built for. They can’t be tampered with, but therefore they look the same on every device and you don’t have to worry about fonts, formatting or symbols.And on immutables it’s the same: some stuff is a bit more different/ complicated for some, but at the same time, they’re less buggy, more secure, offer instant rollbacks, can be customized and rolled out super quickly, and much more. Read my other comment for more information, including customization by building custom images :)
What do you mean by bored¿? Because you will be similarly bored by silverblue or kinoite. They are built to be stable and somewhat boring
Idk, I might be just trying to find something to tinker with, immutable is kind of “new flashy” thing :P
Tinkering on silverblue is similar to tinkering on fedora (at least in my experience) just more restrictive in that the read only parts can’t be changed(obviously) and tinkering with packages requires reboots and layering. The good thing is you can rollback to easily undo shit.
