poki

joined 6 months ago
[–] poki 2 points 5 months ago (2 children)

Consider deleting this one if you will ;) .

[–] poki 2 points 5 months ago

I think you're right. Thank you!

[–] poki 14 points 5 months ago* (last edited 5 months ago)

Btrfs snapshots + Snapper have been (somewhat) pioneered by openSUSE Tumbleweed. Yet, they see value in developing openSUSE Aeon (i.e. their attempt at an 'immutable' distro); otherwise they wouldn't be putting resources into it.

Hence, Btrfs snapshots is (at best) only able to fulfil some aspects we've come to expect from 'immutable' distros. But there's more to it than that.

One of the most simple (and, yet, perhaps most defining) feature that 'immutable' distros come with is atomic updates; i.e. updates either occur or not, there's no in-between messed up state caused by energy outage or whatsoever.

There's a lot more to it than that. To mention a few more:

  • reproducibility
  • declariative system management
  • (some) prevention of cruft accumulation, bit rot and configuration drift
  • better security related to read-only part of OS
  • a lot less undefined/hidden/unknown state

Not all 'immutable' distros possess these qualities. Nor are they aspired by all of them. Hence, lumping them up together is actually a blatant oversight that's been committed way too frequently.

Regardless, if you're interested, consider trying out Fedora Atomic^[1]^, NixOS or openSUSE Aeon for yourself and see what it's all about.


  1. Either through Fedora's own images or the ones provided by uBlue.
[–] poki 2 points 5 months ago

We'd rather like to see that anyways 😜.

[–] poki 4 points 5 months ago* (last edited 5 months ago) (3 children)

OP, it seems as if the fear mongering and misinformation may have reached you through your cautious disposition.

I've gone through every single comment found below your post and at times I've been dumbfounded and/or astonished by the ludicrous claims that are spouted.

FFS, someone even expressed a problem found on imperative systems... While Fedora Atomic can be made (relatively) declarative (i.e. the exact opposite of imperative) for over a year now.

I will leave you with two videos in which the recent conference talks by the very same people that work on Fedora Atomic can be found. Consider watching these if you're interested to know what they're actually currently working on. If you pay attention, you will even notice how they mention common misconceptions that have also been brought up here...

First watch this one. Then, watch this.

The only fair criticism that I've found is the required investment and effort to adjust due to the associated paradigm shift and learning curve. However, this is peanuts compared to Guix System or NixOS.

[–] poki 88 points 5 months ago (1 children)

Even if that's the case, it's telling of Linux' maturity.

[–] poki 1 points 5 months ago* (last edited 5 months ago) (15 children)

is lead by a single person

Ultimately, (some) decisions are made by a single person. However, the list of maintainers suggests that contributions are welcome.

~~> even though there is no evidence that Chromium is not even less secure)~~

~~The double negation makes it hard to understand; but if I would give it a try, then I would get the following:~~

~~"even though there is evidence that Chromium is even less secure)"~~

~~If the above represents your views, could you provide said evidence?~~

even though there is no evidence that Chromium is not even less secure

What's your take on Madaidan's (i.e. security researcher on projects like Kicksecure and Whonix) article on the matter? I'm aware that it's a bit outdated. However, would you be able to confidently claim that nothing found within is relevant today?

[–] poki 2 points 5 months ago

Thank you, once again, for the reply!

I just know that it is even “hard” to replicate the configuration of snapper on a system like Void Linux.

Yeah lol 😅. It's definitely a blessing when it's setup by default. For example, while Fedora Atomic does come with a built-in rollback mechanism through rpm-ostree, Fedora does actually not. Hence, Fedora users are often interested to set it up themselves. And then, they find this gargantuan guide 😂.

But that might also stem from my lack of knowledge. At least the guides I found didn’t provide the same result.

To be honest, I wouldn't be surprised if openSUSE Tumbleweed's implementation is simply better. At least, it would make sense if that were the case. So, I will give you that 😉.

but I think it has the disadvantage of not having such an amazing documentation as other distros.

Fair. Fedora's documentation isn't that great either 😅. Though, in that regard, I'd argue only Arch and Gentoo have excellent documentation. Granted, I suppose that's a prerequisite if the distro claims to be unopinionated; which both of them do while Fedora and openSUSE don't.

If you stumble upon something and are looking for a fix online, you won’t find as much resources for it as there are for debian based distros for example.

I agree. But, for Debian (and Ubuntu), I feel their documentation isn't necessarily better. Instead, their user base is simply more substantial. Hence, there's a pretty good chance that someone has experienced the same issues before you did. And thus, it's easier to find resources on the internet to help with troubleshooting.

All in all, I have to thank you for this amazing exchange.

I feel the same. Thank you! And I would also like to thank you for being patient with me 😅. I have got the tendency to write very long answers and not everyone appreciates those 😅. I even noticed how you weren't particularly appreciative in this interaction. So, to be honest, I was very happy when you messaged me back earlier today. I really appreciate you for that!

I think this is one of the most friendly and informative exchanges I had on lemmy so far. :)

Thank you for being you! I am really grateful for these wholesome and sweet compliments!

Sometimes, I question if it's worth pursuing these conversations. But, thankfully, exchanges like these make it worthwhile. My fate in humanity has just been rekindled. From the bottom of my heart, thank you 😊!

[–] poki 2 points 5 months ago (3 children)

Maybe I’m already running in XWayland somehow?

That's definitely possible. Within Firefox, what does about:support reveal on this matter?

[–] poki 2 points 5 months ago (5 children)
[–] poki 2 points 5 months ago

But to your earlier one, I can get the VPN client working outside of a container. There’s even an RPM file from the vendor, so installing it is just as easy as installing any other package.

Aight. You know what you ought to do then 😉.

I appreciate the input!

It has been my pleasure!

 

(More) Specifics:

  • Undoing the protection should include filling in a password.
  • The password should be different from the one used with sudo or any other passwords that are used for acquiring elevated privileges.

All (possible) solutions and suggestions are welcome! Thanks in advance!

Edit: Perhaps additional specifications:

  • With 'displace‘, I mean anything involving that resembles the result of mv, cp (move, cut, copy) or whatsoever. The files should remain in their previously assigned locations/places and should not be able to 'pop up' anywhere.
  • I require for the files to be unreadable.
  • I don't care if it's modifiable or not.
  • I don't require this for my whole system! Only for a specific set of files.
view more: next ›