Misconceptions About Immutable Distributions - eviltoast
  • taanegl@beehaw.org
    link
    fedilink
    arrow-up
    27
    arrow-down
    2
    ·
    edit-2
    1 year ago

    Been using Silverblue for a couple of years and dipped over to NixOS for a project.

    I’m all giddy for immutable systems to take over, because it is truly the safest way a user can run a system. The added bonus being system rollback is built-in by default and not some secondary service.

    • Chewy@discuss.tchncs.de
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      I’m helping a friend out with his laptop from time to time. They’ve used Linux Mint XFCE for many years and it’s set to auto update. Now I got asked to help since the system stopped auto updating with an error message every boot. Seems like an issue with dpkg but I didn’t have time so I don’t know how to.fix it yet.

      Another device is running Fedora Silverblue for a year or two and the only issue was an update failing because of some dependencie issue. But simply removing all overlayed packages and installing them again fixed it in no time.

      I’ve also been using NixOS for a few months on my pc, laptop and server and it’s great. Image based OS aren’t flexible enough for my liking but are great for low maintenance setups.

      • taanegl@beehaw.org
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        They aren’t meant to be “flexible”. Immutable means it’s static, read only. You replace one image with another.

        In the case of Silverblue you install using overlays, like Flatpak or toolbox/podman.

        With NixOS you do get images, but in the form of clojures. BUT it also handles environments on a fundamental level, so you don’t need to reboot to install new system applications or services.

        Have you considered Vanilla OS? There’s also uBlue, but I have hopes for Vanilla because it is user-firsf distro, whereas uBlue is more an off-shoot of Silverblue meant for users, but Ruth and same issues as with Silverblue.

        Vanilla 2.0 is coming up soon and it seems like a great alternative for people with little to no know-how, or people who don’t want to mess around and find out.

        • Chewy@discuss.tchncs.de
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Immutable can be flexible, just like NixOS is with nix shell and other features I don’t yet know about.

          Containers are great but rootless has issues with programs that need capabilties like CAP_NET_RAW, so I also need rootful containers. That’s annoying and is an advantage with nix shell.

          I’m not a fan of A/B root, which I believe VanillaOS uses. Also an advantage of NixOS is it’s big repo… On Fedora I had to package some programs myself in copr (tried out a less well-known wayland compositor) On NixOS I had to too, but it’s far simpler without the need to build on someone else’s infrastructure.

          • taanegl@beehaw.org
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Can be, as in NixOS is pretty much the only one, which I already alluded to.

            But despite you and me, some average users would benifit from immutable systems, even A/B root.

  • Infiltrated_ad8271@kbin.social
    link
    fedilink
    arrow-up
    31
    arrow-down
    6
    ·
    1 year ago

    and follows closest with my political views (I value free software(…)), which Fedora Silverblue is one of the few that provides.

    Reading this, anyone would think that red had is not in the middle of a controversy for violating the GPL license.

    • Guenther_Amanita@feddit.de
      link
      fedilink
      arrow-up
      23
      ·
      edit-2
      1 year ago

      Fedora is, at least in theory, 100% community maintained and owned.
      Red Hat sponsors this project (developers and money), in the hopes, that most of it gets upstreamed to RHEL, acting as a “testing ground”.

      It happened often, and will happen again many times, that the Fedora team decides against interests of RH.

      It’s a great symbiosis: we, as a community, get an extremely well maintained and professional distro, and RH gets feedback.

      Also, side note, the “advertisement” of the RH-ecosystem works. If it weren’t because of CasaOS (the web interface and docker management), I would use Almalinux (RHEL clone) instead of Debian, since I’m just used to Fedora and feel more confident in it.

      • Patch@feddit.uk
        link
        fedilink
        arrow-up
        8
        ·
        1 year ago

        It kinda is. Most of the package maintainers are Red Hat or IBM employees. Red Hat has special roles in the governance structure which no other organisation has. Red Hat provides pretty much all the technical infrastructure (web hosting, repositories, build servers etc.) to the project gratis. Red Hat even own the trademarks to the Fedora name and logo.

        The community governance structure is real and good, but it’s denying reality to pretend that Fedora isn’t tightly bound to Red Hat.

  • QuazarOmega@lemy.lol
    link
    fedilink
    arrow-up
    10
    arrow-down
    2
    ·
    1 year ago

    Always love TheEvilSkeleton’s takes, it feels like I’m reading my own experiences and opinions
    (yes, I am saying they’re literally me, frfr)

      • Laser@feddit.de
        link
        fedilink
        arrow-up
        8
        ·
        1 year ago

        It’s “inspired” by Nix, but they’re otherwise not related in any way.

          • Laser@feddit.de
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            You’re actually right that it seems to use parts of it:

            It uses low-level mechanisms from the Nix package manager, but packages are defined as native Guile modules, using extensions to the Scheme language—which makes it nicely hackable.

            As such, the packages look largely different:

            (define-public hello
              (package
               (name "hello")
               (version "2.10")
               (source (origin
                        (method url-fetch)
                        (uri (string-append "mirror://gnu/hello/hello-" version
                                            ".tar.gz"))
                        (sha256
                         (base32
                          "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i"))))
               (build-system gnu-build-system)
               (synopsis "Hello, GNU world: An example GNU package")
               (description
                "GNU Hello prints the message \"Hello, world!\" and then exits.  It
             serves as an example of standard GNU coding practices.  As such, it supports
             command-line arguments, multiple languages, and so on.")
               (home-page "https://www.gnu.org/software/hello/")
               (license gpl3+)))
            

            vs

            { callPackage
            , lib
            , stdenv
            , fetchurl
            , nixos
            , testers
            , hello
            }:
            
            stdenv.mkDerivation (finalAttrs: {
              pname = "hello";
              version = "2.12.1";
            
              src = fetchurl {
                url = "mirror://gnu/hello/hello-${finalAttrs.version}.tar.gz";
                sha256 = "sha256-jZkUKv2SV28wsM18tCqNxoCZmLxdYH2Idh9RLibH2yA=";
              };
            
            [...]
            
              meta = with lib; {
                description = "A program that produces a familiar, friendly greeting";
                longDescription = ''
                  GNU Hello is a program that prints "Hello, world!" when you run it.
                  It is fully customizable.
                '';
                homepage = "https://www.gnu.org/software/hello/manual/";
                changelog = "https://git.savannah.gnu.org/cgit/hello.git/plain/NEWS?h=v${finalAttrs.version}";
                license = licenses.gpl3Plus;
                maintainers = [ maintainers.eelco ];
                mainProgram = "hello"; 
                platforms = platforms.all;
              };
            })
            

            Also note that NixOS’ repository is one of the biggest among all distributions while Guix System only hosts free software.

    • Guenther_Amanita@feddit.de
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      Why? Can you elaborate further?
      Have you tried uBlue, a custom imaging system for Silverblue?

      Did the non-immutable Fedora irritate you too?

      • drwankingstein@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        regular fedora isn’t bad, but I find that silverblue kept getting in my way when in trying to do things. I’m not the biggest fan of regular Fedora don’t get me wrong. but it does a lot of things right.

        but well in the end I’m just not the biggest fan of any computer system. I just find arch the most tolerable for not getting in my way. I’m actually really looking forward to trying nixOS since I heard it has a lot of flexibility.

        • Guenther_Amanita@feddit.de
          link
          fedilink
          arrow-up
          4
          ·
          edit-2
          1 year ago

          Well, if you like Arch and NixOS the most, I think you’re a tinkerer/ someone, who likes his OS in one definitive way.
          That’s totally fine, I love that!

          But Silverblue is, I think, more catered towards people who love reliability and prefer it over customization.
          I, for example, find SB pretty much perfect how it is.

          … well, actually, not 100%. I use uBlue (main), which is basically a modified image of the Vanilla SB with some minor QOL-tweaks, like a few exchanged apps, automatic updates, and so on.
          You can also create your own images with this project, with effects similar to Nix.
          But if you want your own, individual, config, Nix is just better.


          I’m really excited what immutable distros will bring in the future. I follow them (Nix, SB, VanillaOS, etc.) closely and think, that immutability will be the future of Linux, even if that’s a trope.

          We already containerized everything and never touched the base OS on servers too for decades now, why not on desktop too?
          That’s the main advantage of Linux, and we should use that.

          • drwankingstein@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Ill try and give ublue a go, One of the main issues I generally have with multiple operating systems is that I’m looking for something with a good out of box user experience for the general user. So far, I find that nobara actually gets the closest to this, so it’s what I’ve been recommending. But if ublue is nice and simple and good enough, I might recommend that instead.

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    16
    ·
    edit-2
    1 year ago

    Yes these distros are all about making thing that were easy into complex, “locked down”, “inflexible”, bullshit to justify jobs and payed tech stacks / some property solution existence.

    We had Ansible, containers, ZFS and BTRFS that provided all the required immutability needed already but someone decided that is is time to transform regular machines into MIPS-style shitty devices that have a read-only OSes and a separate partition for configs. All in the hopes of eventually selling some orchestration and/or other proprietary repository / platform / BS like Docker / Kubernetes does.

      • TCB13@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        😂 😂 😂 😂 clearly have not worked a day in your life with immutable MIPS devices. If you did I believe your comment would be able to power half of the planet then.

    • Guenther_Amanita@feddit.de
      link
      fedilink
      arrow-up
      7
      arrow-down
      2
      ·
      edit-2
      1 year ago

      Did you even read the article? You definitely should!
      I did, and especially the “flexibility”-argument should change your mind.
      Just look at NixOS for example. It’s just as configurable as Arch (from what I’ve read), but immutable. And it’s also not more complicated, just different.

      Immutable OSs only restrict you as much as you want them to be.


      Also, the underlying technologies (like OSTree, nix-config, A/B-Root, and so on) aren’t proprietary.
      Just look at uBlue, they’ve utilized OSTree to share system configs.


      While some things really just aren’t possible anymore or require workarounds, it opened the door for many, way more interesting routes.


      Also, you don’t need to be angry.
      Nobody will take anything away from you. Mutable distros will still persist for many many years, maybe forever?

      We should be exited what the future brings!

      • TCB13@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        1 year ago

        Yes I did, the article is very well written and effectively debunks a lot of misconceptions however those distros are still an unnecessary extra step that don’t provide a sufficient gain / improvement over “mutable” distributions and/or properly done setups.

        “just different” is by definition “more complicated” as most people going on the “immutable” hype will have to change entire workflows and tech stacks to end up gaining nothing. Moreover immutable distributions (or the majority / most popular of them) will simply add a ton of extra engineering hours and you can’t debug/fix things as quickly as you would otherwise will.

        As the article said security isn’t even a valid argument for immutable distros and I’ll give you even more reasons. Properly done setups run on container technologies that allow for a more decent way of immutability - typically snapshots. If you’re going bare metal then use ZFS / BTRFS instead of the Ext4 crap and will also be provided you with that. Snapshots can be easily made automatically on schedule, manually, moved between systems etc. and won’t get in the way of your developers.

        Also, the underlying technologies (like OSTree, nix-config, A/B-Root, and so on) aren’t proprietary

        True, but this hype is much like Docker and it will invariably and inevitably lead people down a path that will then require some proprietary solution or dependency somewhere that is only required because the “new” technology itself alone doesn’t deliver as others did in the past.

        As with CentOS’s fiasco or Docker it doesn’t really matter if there are truly open-source and open ecosystems of immutable distributions because in the end people/companies will pick the proprietary / closed option just because “it’s easier to use” or some other specific thing that will be good on the short term and very bad on the long term. This happened with CentOS vs Debian is currently unfolding with Docker vs LXC/RKT and will happen with Ubuntu vs Debian for all those who moved from CentOS to Ubuntu.

        We had good examples of immutable distributions and architectures before as any MIPS router and/or IOT device is usually immutable and there are also reasons why people are moving away from those towards more mutable ARM architectures.

        We should be exited what the future brings!

        We don’t need to see the future to understand what immutable OSes bring to the table - we just have to look at the shit show that was made around MIPS.

    • superguy@lemm.ee
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Yeah, it’s a big reason why I’m never in a hurry to adopt ‘the next big thing’ until it’s proven to be the next big thing or I have an immediate use for it.

      No point in bogging myself down in theory when practicality works just fine.

    • morrowind@lemmy.mlOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Take a look at serpent os. It aims to provide a lot of the same benefits without being locked down

      • TCB13@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I believe this answers it in detail: https://lemmy.world/comment/4574094

        the article is very well written and effectively debunks a lot of misconceptions however those distros are still an unnecessary extra step that don’t provide a sufficient gain / improvement over “mutable” distributions and/or properly done setups. (…) it doesn’t really matter if there are truly open-source and open ecosystems of immutable distributions because in the end people/companies will pick the proprietary / closed option just because “it’s easier to use” or some other specific thing that will be good on the short term and very bad on the long term. This happened with CentOS vs Debian

          • TCB13@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Yes and you did very well on that and I believe as well you can understand my POV on immutable distros after all the posts did. We’re most likely creating the next Docker / Docker Hub / Kubernetes BS by pushing them and immutability was proven by MIPS to be clusterfuck.

  • superguy@lemm.ee
    link
    fedilink
    arrow-up
    2
    arrow-down
    10
    ·
    edit-2
    1 year ago

    Immutability has always struck me as a fad.

    Aside from declaring variables as FINAL or whatever because I know they won’t be changed, the mere idea of using it as a default just seems unnecessarily restrictive to me.

    It feels like people who bog themselves down in theory to solve their problems instead of practicality think immutability is a godsend.

    For everyone else, it doesn’t really matter at best or is an inconvenience at worst.