Skip Navigation
Btrfs snapshots vs immutable distro?
  • Btrfs snapshots + Snapper have been (somewhat) pioneered by openSUSE Tumbleweed. Yet, they see value in developing openSUSE Aeon (i.e. their attempt at an 'immutable' distro); otherwise they wouldn't be putting resources into it.

    Hence, Btrfs snapshots is (at best) only able to fulfil some aspects we've come to expect from 'immutable' distros. But there's more to it than that.

    One of the most simple (and, yet, perhaps most defining) feature that 'immutable' distros come with is atomic updates; i.e. updates either occur or not, there's no in-between messed up state caused by energy outage or whatsoever.

    There's a lot more to it than that. To mention a few more:

    • reproducibility
    • declariative system management
    • (some) prevention of cruft accumulation, bit rot and configuration drift
    • better security related to read-only part of OS
    • a lot less undefined/hidden/unknown state

    Not all 'immutable' distros possess these qualities. Nor are they aspired by all of them. Hence, lumping them up together is actually a blatant oversight that's been committed way too frequently.

    Regardless, if you're interested, consider trying out Fedora Atomic[1], NixOS or openSUSE Aeon for yourself and see what it's all about.


    1. Either through Fedora's own images or the ones provided by uBlue.
  • Am I overthinking it?
  • OP, it seems as if the fear mongering and misinformation may have reached you through your cautious disposition.

    I've gone through every single comment found below your post and at times I've been dumbfounded and/or astonished by the ludicrous claims that are spouted.

    FFS, someone even expressed a problem found on imperative systems... While Fedora Atomic can be made (relatively) declarative (i.e. the exact opposite of imperative) for over a year now.

    I will leave you with two videos in which the recent conference talks by the very same people that work on Fedora Atomic can be found. Consider watching these if you're interested to know what they're actually currently working on. If you pay attention, you will even notice how they mention common misconceptions that have also been brought up here...

    First watch this one. Then, watch this.

    The only fair criticism that I've found is the required investment and effort to adjust due to the associated paradigm shift and learning curve. However, this is peanuts compared to Guix System or NixOS.

  • Difference between silverblue / universal Blue / Bluefin / Aurora / Bazzite ?
  • is lead by a single person

    Ultimately, (some) decisions are made by a single person. However, the list of maintainers suggests that contributions are welcome.

    > even though there is no evidence that Chromium is not even less secure)

    The double negation makes it hard to understand; but if I would give it a try, then I would get the following:

    "even though there is evidence that Chromium is even less secure)"

    If the above represents your views, could you provide said evidence?

    even though there is no evidence that Chromium is not even less secure

    What's your take on Madaidan's (i.e. security researcher on projects like Kicksecure and Whonix) article on the matter? I'm aware that it's a bit outdated. However, would you be able to confidently claim that nothing found within is relevant today?

  • Why does nobody here ever recommend Fedora to noobs?
  • Thank you, once again, for the reply!

    I just know that it is even “hard” to replicate the configuration of snapper on a system like Void Linux.

    Yeah lol 😅. It's definitely a blessing when it's setup by default. For example, while Fedora Atomic does come with a built-in rollback mechanism through rpm-ostree, Fedora does actually not. Hence, Fedora users are often interested to set it up themselves. And then, they find this gargantuan guide 😂.

    But that might also stem from my lack of knowledge. At least the guides I found didn’t provide the same result.

    To be honest, I wouldn't be surprised if openSUSE Tumbleweed's implementation is simply better. At least, it would make sense if that were the case. So, I will give you that 😉.

    but I think it has the disadvantage of not having such an amazing documentation as other distros.

    Fair. Fedora's documentation isn't that great either 😅. Though, in that regard, I'd argue only Arch and Gentoo have excellent documentation. Granted, I suppose that's a prerequisite if the distro claims to be unopinionated; which both of them do while Fedora and openSUSE don't.

    If you stumble upon something and are looking for a fix online, you won’t find as much resources for it as there are for debian based distros for example.

    I agree. But, for Debian (and Ubuntu), I feel their documentation isn't necessarily better. Instead, their user base is simply more substantial. Hence, there's a pretty good chance that someone has experienced the same issues before you did. And thus, it's easier to find resources on the internet to help with troubleshooting.

    All in all, I have to thank you for this amazing exchange.

    I feel the same. Thank you! And I would also like to thank you for being patient with me 😅. I have got the tendency to write very long answers and not everyone appreciates those 😅. I even noticed how you weren't particularly appreciative in this interaction. So, to be honest, I was very happy when you messaged me back earlier today. I really appreciate you for that!

    I think this is one of the most friendly and informative exchanges I had on lemmy so far. :)

    Thank you for being you! I am really grateful for these wholesome and sweet compliments!

    Sometimes, I question if it's worth pursuing these conversations. But, thankfully, exchanges like these make it worthwhile. My fate in humanity has just been rekindled. From the bottom of my heart, thank you 😊!

  • Am I overthinking it?
  • But to your earlier one, I can get the VPN client working outside of a container. There’s even an RPM file from the vendor, so installing it is just as easy as installing any other package.

    Aight. You know what you ought to do then 😉.

    I appreciate the input!

    It has been my pleasure!

  • Am I overthinking it?
  • We're appreciative of your considerations and reservations. However, some of your views seem unnuanced at best or plain biased at worst.

    The problem is all the apps and things you may wish to do with your OS.

    I'm aware that the rest of the comment goes over this. But, I hope the mention of "all" here is merely an oversight.

    Flatpak is the preferred method of installing apps as it doesn't interfere with the OS, but that is a compromise that means more overhead for running apps including memory and disk space

    While that's technically true, a (relatively) modern device wouldn't even care. I don't recall OP mention their hardware specifications; but if they're perfectly capable of running VMs, then I don't see why they would be bothered by this (almost) unnoticeable amount of overhead.

    its a work in progress

    Sure..., but we're not talking about alpha, beta or even RC software. Like, I'm not sure if you're aware, but you make it sound as if it's very new and/or immature. Fedora Atomic has been in the works for over 10 years. It first released their Fedora Atomic Host (currently known as Fedora CoreOS) in 2014 and later released Fedora Atomic Workstation (currently known as Fedora Silverblue) in 2018. Heck, Fedora has already put so much trust in their Atomic branch that they intend for 2028 that immutable variants are the majority of Fedora Linux in use.

    By contrast, what is it that you base this statement of? That it receives very active development that most other distros would be jealous of? That it rapidly implements all kinds of new features that you're having difficulty keeping track of?

    and with significant compromises at the moment.

    This is a big claim. But I haven't seen enough in your comment to substantiate this. Your two best claims are:

    • Flatpak is the preferred method of installing apps as it doesn't interfere with the OS, but that is a compromise that means more overhead for running apps including memory and disk space, and less integration with the host OS than traditional apps.

    Which is a problem of Flatpak on all platforms. The very same Flatpak that was recommended by people associated with Steam/Valve for Ubuntu. Furthermore, if OP creates their own image, then this isn't even an issue; they can practically bake whatever they want into their image. There are also multiple tools to get this going. I achieved it in a weekend (as a noob) last year, so it ain't hard. Finally, 'over-reliance' on Flatpak is not even a thing on Guix System and NixOS.

    • You can overlay native apps but the more you overlay onto the immutable os, the more complex upgrading gets and the risks of breaking stuff.

    This is not an issue with your own image. If the image itself is busted, then it doesn't come out of the pipeline. Hence, the busted image would not have been delivered to your device in the first place. And, again, layering isn't a thing on Guix System and NixOS. Hence, this problem doesn't exist for them.

    Your VPN may just be the first of many programmes you find you need to overlay.

    Do you (for some reason) imply that layering is necessarily a bad thing?

    If your needs a re very simple then maybe it'll be easy, but if you're using lots of software and tools (particularly if its not available Flatpak) or custom OS config you may find atomic desktops are not yet quite ready for you.

    I have yet to receive substantive evidence from you to support this view of yours. I hope you'll deliver...

    It could be frustrating and off putting if you try linux immutable, find loads of problems and attribute that to linux when its actually the immutable OS that's the cause.

    I could change the word "immutable" in the above sentence to "traditional" and it would have been an equally nonsensical statement.

  • Am I overthinking it?
  • But I’m fully aware that my frustrations are atomic problems

    Are these frustrations solved by layering with rpm-ostree? If so, just go with it. I've always layered over a dozen or so packages and it has worked out fine; it's defaulted to automatic upgrades in the background, so you don't feel much of it anyways.

    I just recently learned that openSUSE users also have a lot of stability due to btrfs snapshots, so maybe that’s really the feature I’m looking for. I don’t know much about it, honestly.

    I love openSUSE and what they do with Btrfs snapshots and Snapper.

    However, in terms of 'robustness' and 'stability', I don't think anything currently out there can hold up to Fedora Atomic, Guix System and NixOS. This is just by design; the leap from traditional to atomic, then reproducible and finally declarative ensures that issues related to hidden/unknown state, accumulation of cruft, bitrot, configuration drift are left behind in the past. If Btrfs snapshots + Snapper would have been sufficient, then openSUSE themselves would never have desired the creation of openSUSE MicroOS (i.e. their attempt at an 'immutable' distro) in the first place.

  • Why does nobody here ever recommend Fedora to noobs?
  • Thank you for reading through that info dump and thank you for your reply!

    I see where you are coming from but I for example never head about Fedora Atomic whilst I am familiar with OpenSUSE MicroOS, GUIX, NixOS.

    Interesting. So, you never heard of Fedora CoreOS, Fedora Silverblue, Fedora Kinoite, uBlue, Aurora, Bazzite and Bluefin?

    ANYWAY, all this immutable talk is anyway pointless, because I was talking about general distributions and not a discussion about immutable distros.

    On the topic which distro adopted what first, my confusion did stem from by what context. As I tried to make clear with my confusion about fedora not being rolling release.

    Thank you for clearing that up!

    To cut all this talk short here my answer to your question:

    Finally 😜.

    The default value of OpenSUSE Tumbleweed is pretty strong because

    Thank you for your answer! First of all, regardless of which distro you would have chosen, I would have respected your answer. Though, depending on your answer, I could have definitely judged you for it 😂. Thankfully, however, you've shown to have great taste; openSUSE Tumbleweed is indeed a formidable distro. Unfortunately, I'd argue it's (somehow) underrated and underappreciated; which is really a pity for how excellent of a distro it is. I hope it will garner a bigger audience, because it simply deserves better. Regardless, openSUSE Tumbleweed is definitely a top contender for best traditional distro IMO and I might have been daily driving it were it not for 'immutable' distros.

    Secondly, while I agree with you generally, I can't deny that the total package deal specifically is what makes openSUSE Tumbleweed special. So, the whole is greater than the sum of its parts.

    • rolling release

    Rolling release distros aren't that rare by themselves. And, as even Arch is an independent distro with a rolling release cycle, it becomes very hard to regard this selling point as unique.

    • zypper having sane args for regular tasks (install, search etc.)

    zypper's args/syntax don't seem very different from dnf and apt in terms of saneness. But, if this is a selling point for you, what prevents dnf (which is found on Fedora) from being a selling point for you?

    • btrfs as default filesystem

    Fedora also ships Btrfs by default, though TIL that Btrfs was first adopted by openSUSE. But, once again, this begs the question why this isn't a selling point (according to you) when it's found on Fedora?

    • optimal snapper integration which leads into

    Snapper also seems to be properly integrated on the derivatives of other distros; e.g. Garuda, Siduction and SpiralLinux to name a couple. So, again, this selling point doesn't seem unique.

    • making a rolling release distro suitable for non-technical people/daily usage without fear of regular updates

    Excellent. This is openSUSE Tumbleweed's USP (if it's combined with the fact that it's a well-funded independent distro, great security standards et cetera et cetera). And if this is precisely what you seek from your distro, then openSUSE Tumbleweed is what you rightfully should stick to.

    But this is just a general recommendation for "distros".

    Fair. I'm not necessarily opposed to it.

    If the requirements get more specific it makes much more sense to make proper recommendations.

    Interesting. Like, in which cases would you recommend something else for example?

  • Impressed by Fedora Sway Atomic!
  • Unfortunately, I don't own any device with Nvidia. Hence, I don't think I'll be able to help out. However, wayblue's maintainers are pretty active. Therefore, consider opening an issue on its GitHub page and perhaps they'll be able to help out.

    I apologize for not being of much help here. Wish ya good luck, though!

    Happy cake day btw!

  • Impressed by Fedora Sway Atomic!
  • It has been my pleasure!

    It used to be called Sericea. However, the obscure names started to become very unwieldy. Therefore, they chose to preserve the naming for earlier established and recognized names (i.e. Silverblue and Kinoite) while Sericea became Sway Atomic instead.

  • Am I overthinking it?
  • If I understand it correctly, layering an application is no more dangerous than a regular install on a non atomic os.

    True~ish.

    There's an important caveat though; for whatever reason, rpm-ostree can outright fail to upgrade (due to conflicts related to layered packages) while an issue like that is more rare on traditional Fedora and dnf. Thankfully, I've never had a problem that I couldn't solve with rpm-ostree reset run on a (previously) pinned deployment (through sudo ostree admin pin <insert number>). However, when used irresponsibly, this (i.e. layering) can outright destroy your otherwise very robust 'immutable' distro.

    It's easier to teach people to be cautious than to teach how they should act accordingly. Hence, uBlue's documentation tends to be more conservative in order to protect (especially newer) users from shooting themselves in the foot.

  • How to prevent files from being displaced? This protection should (somehow) persist through disk cloning.

    (More) Specifics:

    • Undoing the protection should include filling in a password.
    • The password should be different from the one used with sudo or any other passwords that are used for acquiring elevated privileges.

    All (possible) solutions and suggestions are welcome! Thanks in advance!

    Edit: Perhaps additional specifications:

    • With 'displace‘, I mean anything involving that resembles the result of mv, cp (move, cut, copy) or whatsoever. The files should remain in their previously assigned locations/places and should not be able to 'pop up' anywhere.
    • I require for the files to be unreadable.
    • I don't care if it's modifiable or not.
    • I don't require this for my whole system! Only for a specific set of files.
    54
    InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)PO
    poki @discuss.online
    Posts 1
    Comments 118