/etc is completely writeable. This is why we don’t use the term “immutable distros” because Bazzite and the rest of universal blue are neither immutable nor distros.
(This is why Fedora moved to the term Atomic)
- 0 Posts
- 28 Comments
Joined 1 year ago
Cake day: June 9th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
installs all those things and sets things up properly on a standard fedora install?
That’s exactly what all universal blue images do. It’s just that setup is done every single day in github from scratch and stamped out as an image so that the end result gets to your computer as a finished deployment artifact. Leads to better update reliability, built in rollback.
The biggest benefit is that it’s easier for a community to fix the fast moving gamer stuff as a config layer on top of a distro that’s delivered this way than me having to manually figure out what component of my gaming setup changed that week.
2·6 months agobeing a mutable minimal CentOS. So all the linking and making immutable would need to be done.
No it’s designed to be consumed as a base image for ostree enabled OCI containers.
This requires the presence of rpm-ostree and a kernel, which are both missing in the CentOS Stream image.
There are ostree-enabled OCI containers of centos if you know where to look. :D
This should be enough until they start publishing official ones, never used it:
https://quay.io/repository/centos-bootc/centos-bootc-dev?tab=tags
Yeah it’s 2024, this stuff should just be built into the OS! I’m at kubecon so don’t have time to look into it now but it’d be an awesome thing to have, we’d love the help!
bluefin co-maintainer here. espanso is a hard one, we have an open issue on getting it to work because it’d be something awesome to include. We might end up needing to package it but haven’t had a chance to look deeper into the issue.
I’m not a security expert but I do know that the Homebrew is working with openssf on security: https://openssf.org/blog/2023/11/06/alpha-omega-grant-to-help-homebrew-reach-slsa-build-level-2/
Boxkit predates wolfi so it’s still alpine, I’ll probably replace it at some point but most of the forks of boxkit are because people want the premade github actions and they end up replacing it with whatever distro they want anyway. The wolfi connection is because I know the people who work there (including a ublue maintainer) and we have similar goals/ideas on how linux distros should be put together. My ideal dream is a wolfi userspace systemd-sysext on top of fedora base, then we can have our cake and eat it too!
We’re not security experts but lots of us work in the field and that gives us access to peer review from experts when we set things up. We sign every artifact with sigstore so users can verify that the code used in github is what’s on their image, that sort of thing. And most of our practices utilize CNCF governance templates that lots of other projects use.
Been there and done that. It’s better to just not have the host OS break in the first place.
My Ubuntu installs are extremely reliable, both on desktops and servers.
Probably because you’re an experienced user, not everyone has the same skillset.
mozillavpn
I would just overlay this, that’s what it’s there for, there’s no need to do a full new image for VPN stuff.
We use quadlets to manage those containers: https://docs.podman.io/en/latest/markdown/podman-systemd.unit.5.html
As others in the thread have pointed out just having systemd manage them is the way to go, it’s a nice combo!
What package is it?
If you kept a basic minimal Ubuntu host it would be trivial to maintain.
That’s not true for most people.
I just don’t see the point. You want new users to understand containers.
You don’t need to understand containers unless you’re using the system for development – which in Linux land means containers.
Most people aren’t system administrators and they end up with broken computers for the most basic tasks. It’s one of the major reasons why people hate using Linux desktops.
And even if you’re an experienced sysadmin you can’t account for the entropy that accumulates on traditional OSes. 18.04 -> 20.04 -> 22.04 doesn’t end up being the same as a 22.04 clean install. This is a huge problem, especially for people who don’t know how to manage linux systems. And the people who do manage systems at scale don’t want that behavior either.
I go over this in this video: https://www.youtube.com/watch?v=hn5xNLH-5eA
But day to day I’m in an ubuntu container and using “normal” package management, I just don’t do it on the host.
You use containers for your tooling, you purposely don’t touch the host operating system, that’s the entire point.
Yeah those don’t go on your host they go in containers.
Flatcar linux (this is what I use for my NAS/homeserver) and CoreOS are both good.
edit: OpenSUSE has microOS: https://microos.opensuse.org/
I am unsure of the status of KDE offhand, I’m getting a bit north of 5 hours when on a plane and on wifi.
I would love to find some script or tool that can just grab all my logs and chart them out so people can share their results in a more reliable manner because I suck at keeping track of this kind of stuff by hand.
Universal Blue co-maintainer here, this is a temporary situation, efficient downloads are coming, I’m actually at the Red Hat Summit and have been discussing things with the right engineering teams. This involves an intersection of podman, ostree maintainers etc. all aligning on it. It’s definitely a priority for them to fix this.
We’ve pushed pretty hard and pretty fast on the cloud native model, part of it was convincing people that this was a thing that users want, they hear us loud and clear now, it’s going to be an awesome year.