61
submitted 9 months ago by nikodunk@lemmy.ml to c/linux@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] Pantherina@feddit.de 5 points 9 months ago* (last edited 9 months ago)

TL:DR:

Fedora Atomic Desktops is the umbrella term for Distros like

  • Silverblue
  • Kinoite
  • Sericea, Lazurite, ...

They have a different, image-based OS core, which is read-only when used. This is known as "immutable", but you can actually

  • add any repos and apps
  • remove installed apps
  • apply kernel arguments
  • ...

The benefits are

  • reduced entropy in the core OS. "Feature X is broken for you? Well I can't reproduce it". The system is always the same, pretty much. You can reset it to upstream with rpm-ostree reset
  • updates are rock stable, as they are "atomic". Either it works or it fails. Also they are done while the system runs and leaving your running system 100% unmodified. They use BTRFS for its copy-on-write features and also deduplicate files to save space (just like Flatpak does, additionally to shared runtimes!)
  • you can roll back an entire OS version, not only Kernel. This means if a driver fails or any other regression happens, you have a working system, always
  • viruses are a bit harder to install, but not really as /var/home is mounted executable and everything is writable by the user. It is a start though.

Modifications can still be done

  • manual changes using rpm-ostree
  • changing the upstream image, with ublue having made an entire ecosystem allowing to easily create and automatically maintain your own version
  • /etc and /var are completely writable

Apps are installed like this:

  • GUI: preferred Flatpak due to its sandboxing security advantages, isolation from the system, official maintenance (solving the 3rd party distribution issue) (this does not yet include Browsers, which should be installed from official repos)
  • small apps: can be layered using rpm-ostree install. Will be added to the system on every update and work just like on regular Fedora. Slow down updates, pull in often tons of dependencies and thus should be used sparsely
  • Distrobox/Toolbox: use this for big apps like RStudio or QGis, which have a ton of dependencies. I recommend Distrobox a lot, as it has easy GUI creation. In general its just [distrobox/toolbox] enter {name} -- {appname}, for example distrobox enter Fedora -- qgis. Distrobox automates the desktop entry creation, its simply cp /usr/share/applications/appname.desktop ~/.local/share/applications/ && sed -i 's/Exec=/Exec=toolbox enter {name} -- /g' ~/.local/share/applications/appname.desktop (and a bit more, just use Distrobox)

There are also many more solutions. In theory you can make Snaps work, but just don't.

There are kata containers which are really fancy and in future will hopefully allow an isolated environment like on ChromeOS...

or you can run normal VMs (You can run libvirt (qemu qemu-kvm) in a rootful Distrobox, virt-manager in a rootless Distrobox and connect over ssh. Or just layer the packages)

You can use binaries like ffmpeg from the Flatpak runtimes.

Also have a look at secureblue, an ecosystem of Fedora Variants with highly improved Security, while perfectly usable.


And now read the post.

this post was submitted on 31 Jan 2024
61 points (100.0% liked)

Linux

48143 readers
723 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS