Was trying to install guix on top of fedora silverblue. It’s kinda working, but not exactly stable…
You must log in or # to comment.
Some updates after sleeping on it and trying some morning debugging:
- It’s actually either service being enabled that prevents login
- It’s a gnome-shell issue. Logging into a tty is fine, and shows that it’s gnome-shell crashing when trying to log-in normally
Maybe it’s time to go back to debian…
I had this with a sunshine service being added as a user service in bazzite. I created a clean new user and it booted, confirming it was user based. Took a bunch of binary searching to work out what the issue was.
I’ve since done my own autostart setup for sunshine and it’s been fine ever since.
Crappy UX!
Yeah, thinking I might have to do something similar to start the services after login. Unfortunately they need to run as root, so it’ll be tricky to avoid having a second password prompt every time I login
Ouch, yeah that’s frustrating. I’m considering doing my own image (prei stall my own apps) which will help with issues like this and allow consistent apps across machines.
Feels like a sledgehammer for a nail though
I recently brought over some ideas from VanillaOS over to my Arch install.
- Install as much as possible via flatpak
- Install a bunch of other stuff in distrobox (with podman backend)
That gives me like 50% (idk fake number) of the features from VanillaOS, but I get to keep control over my system.
Not that I ever had any problems with native
pacmaninstalls though… so… not sure how much benefit I’m really getting from doing this. I guess mypacman -Syucommand runs faster now. That’s something…Not judging but just fyi, that’s like the worst of both worlds tbh. The point of installing independently of the base system is that the system is immutable and easy to roll back to a previous state, if you use a mutable system and also install packages with other means, you’re working around a limitation that isn’t even there and wasting more space to get almost none of the benefits (aside from easier permission control for Flatpaks)
Why are you even running arch at that point, for the DE updates?
Byebye to your storage 😆
I just don’t get these for a bare metal system. Containers? Sounds great. Definitely on board. Bare metal? Debian, standard fedora, or gentoo is what makes sense to me
Fedora Atomic has been working nicely on my personal laptop. Anything funky, I tend to run in a VM w/ libvirt (KVM/QEMU) or a container. Makes it quicker to fix if I break something.
Workstation-as-code is pretty dope for enterprise…
The idea of an immutable, idempotent, declarative workstation, from cradle to grave, tickles me pink.
So… containers that people log into…? Falls under containers
Honestly, my current stance on immutable distros is: why don’t you have a mutable distro and just try to follow the best practices without being forced to?
Install flatpaks, use Distrobox when something is only available as a standard package, but doesn’t actually depend on non-isolated system interaction, etc.
This way, nothing breaks the way it does with immutable distros, but you still have a reasonable level of confidence in your system.
To me, the main advantage of using an atomic distro is that I use my own custom image. It comes with all the packages I need from rpm, and all of my config included. Switching between different machines is a breeze now.
BlueBuild makes creating custom images super easy.
Fair point!
But again, this is mostly useful in a production environment, not as a home user imo.
Yeah, I’m leaning toward this option tbh.
If we got to the point where popular machines had custom images with all the necessary extra drivers etc, it might be a value add. But for now I’m not seeing a huge benefit
I initially tried guix -> switched to nix with home-manager because it’s got a lot better repos -> installed all user packages through nix on Debian -> nixos
Before nixos I used flatpaks for some packages because nixgl seems abandoned.
follow [best practice]
Install flatpaks
Dude. Find a security guy who knows about validation and supply chain risks. Tell that person those two phrases. Learning should commence if they’re any good.
Wow.
We’re talking risk for the system here.
where i get into trouble is when i do a bunch of
nixos-rebuild —switches between restarts and some state ends up hanging around, so next time i do a reboot that ephemeral state is gone and whoops no internetIf you’re not already, just erase your darlings.
Then you can preview what files are lost on reboot (see blogpost).
That was a really good read, thanks for the link!
Its the ghost, the ghost in the machine. Major Kusanagi would be proud
Not specifically a nixos issue, also at least nix gives you rollbacks
Wait, what? I’m legit not familiar with immutable distros, is it like you’re only allowed to modify certain directories?
Kinda. Generally the user files (including custom installed applications) are on a rw partition. Whereas the system files (OS files, root folder, etc) are on a ro partition. When updates are applied to the core system they come as complete images. No compiling from source on the fly.
The advantages to this is that it should be near impossible to break your system. If you need to roll back to a previous version the system just/downloads/mounts the previous image. There is less flexibility in terms of changing system files. But the idea with immutable distros is that you shouldn’t be modifying system files anyways, and there are different ways to accomplish things.
A really good example is Android. Android (non-rooted) is kinda-sorta an immutable distro. Except it uses an A/B partition method, where the active system downloads and installs to the other partition, triggers a flag, then a reboot picks up the flag and boots from the newly installed partition. If anything goes wrong, another flag is triggered and it boots from the “good” partition.
It’s not quite the same, but at a high-level it kinda is.
Edit: article I found about it
https://linuxblog.io/immutable-linux-distros-are-they-right-for-you-take-the-test/
Yes, kind of.
Someone might correct me if I’m wrong but it’s that, plus extra tooling to redirect the stuff that needs to be writable, plus more extra tooling to allow you to temporarily unlock the read-only parts in order to do system updates, plus a system updater that puts the whole system more-or-less under version control.
It’s similar to using Deep Freeze on Windows where outside of specific writeable directories anything that shouldn’t be changed isn’t allowed to change.
Immutable seems like a good idea and it is for security or for a console-like PC but for any sort of intermediate or advanced user, it’s not such a good idea.
From my experience it’s quite the opposite, cause when something breaks in guix/nix/bazzite you basically need to know how the entire subsystem works to troubleshoot it.
You can’t just copy paste some nonsense from superuser to fix it.
Why is that? What do you feel is the downside?
I suppose it depends on the OS. But the Universal Blue OSs, Bazzite, Bluefin, and Aurora are the ultimate tinkerer’s OSs even though they are immutable.
