from KISSmyOSFeddit@lemmy.world to linux@lemmy.ml on 09 Jun 17:05
https://lemmy.world/post/16354242
So I took the plunge and installed Fedora Silverblue because of all that immutable buzz. And it’s the most frustrating change I have made in almost 20 years of my distrohopping.
After installing Silverblue I configured it as usual. I installed necessary flatpaks, played with toolbox and distrobox, installed codecs, configured my bluetooth keyboard and other stuff in /etc and /var. Applied some useful tweaks I found on the web and… well… everything works. Nothing to do anymore. No issues. Nothing breaks, no dependency hell, everything runs smooth. I have nothing to tweak, tinker or configure anymore. So frustrating.
Every update is just… meh. Smooth, new, fresh system not affected by my stupid tweaking and breaking. Booooring.
I don’t have to distrohop anymore. If I want other distros I can just install them in distrobox. Other versions of apps? Something from AUR perhaps…? No problem. What’s the point of distrohopping now? Other DEs? I just rebase my system to other images with almost any DE or WM I want without losing data or messing everything up (damn you, UBlue!).
I don’t even have to reinstall the damn thing cause every time I update the system or rebase it to another image it’s like reinstalling it.
Silverblue killed distrohopping for me. Really frustrating.
threaded - newest
Oh man. I’m so sorry for your loss. May your system break at some vague point in the future in a way that is nigh impossible to diagnose and that no one else seems to have experienced. Godspeed, you unwillingly content penguin!
that the thing, if it breaks, the roolback is there or simply rebase without merging /etc, so basically a factory reset
Is this a First Linux-World Problem? :D
To me, I like how clean and coherent GNOME looks like, but what I don’t like about it, is how hostile it is in regarding of themeing/coloring.
stopthemingmy.app
Thank you. I feel like I’ve found a new way to respect developers that I hadn’t considered before.
Yeah I get the rational, and that DEs shouldn’t theme them apps but I want to have some sort of customization (not just an accent color).
Aren’t a lot of these issues due to gtk not being as theme friendly as Qt?
It is my understanding that a lot of thought and care is put into the design language and appearance of applications and frameworks. However the same level of consideration is not usually afforded to skins and themes, which are often released an never updated again. This can cause usability issues and sometimes even breakages. Of course, people are free to do as they please with their computers.
Screw that.
Yeah. My guess is that for every meticulously hand crafted ui, there’s 10 that just go with the default. If a user wants an icon pack where🤘means home, they’ll be perfectly fine with navigating your application.
Developers can always include an option to disable styling if that would severely break the ui. But personally, I’d rather use a application that looks roughly like every other one in the system, than one that’s so specifically designed that it doesn’t.
I don’t support that some want to push their own theme. Just use the provided theme. You may create your own custom theme but that should be able to be used everywhere. App icons can be part of a theme.
Have you tried Gradience?
Yeah I tried it, but sadly it didn’t really worked well in for example Geary.
Agreed. Been super boring and stable on Aurora.
You got me so good. Been using fedora for a few years now and I’ve been hesitant to hop to silverblue but now, after reading your issues with it I might just have to stay away. I can’t imagine a world of painless updates and rebasing smoothly. If I don’t have things to troubleshoot what else am I gonna do on my PC!
And good resources on how to learn to use Toolbox properly?
Now you have a standard Fedora command line system that shares your home folder but otherwise has its own filesystem.
There’s more options (like using other distro’s), but it’s really not complicated.
To install CLI stuff that needs to access your host system’s root files, use rpm-ostree (but if you need a lot of that, use a non-immutable distro instead).
I actually use neither anymore. My stuff I actually want to work with is in home and I have no need to tinker on this system, cause it just works.
TL;DR Don’t (unless your needs are really basic or you really don’t want to layer more packages)
Distrobox ftw, its website is pretty good to find all its features and it has a neat GUI BoxBuddy too! And also the generic Pods can be useful for more advanced needs.
Extra tip: if you have more time to spend on learning, I think Nix Home Manager will actually be the better solution in the long run, no need to worry about containers breaking in some way after system updates with scattered solutions that are hard to understand and remember, also you get to bring your configuration anywhere
feels like this post was sponsored by Anne Hathaway
I’m still getting things set for Silverblue to be my baremetal hypervisor distro on my laptop. And by that, I mean giving up on Incus, setting up libvirt, and… everything is working like it should. I wasn’t expecting that. Now, I’ve got to find something else to do with my time.
What’d you dislike about Incus that libvirt does easier? I’m on a similar trajectory as you. I have Incus on Debian but I am transitioning to IoT for that machine. I kinda like Incus. I want to attach USB devices to a couple of my containers, it was a learning curve but eventually worked out alright.
For me, I think it’s just not ready for non-Debian distros yet. The docs and packages just aren’t up to parity. I like a lot about Incus and its general direction but libvirt and virt-manager are fully functional at the moment. Passing through devices with virt-manager is dead easy.
I rebase quite often, its the better distrohopping.
Have a look at Fedora Discuss, interesting things there.
discussion.fedoraproject.org/t/119216
What does rebasing mean in this context? I try to google it, but all I get is git rebase.
Any articles about it that are worth reading? Or if you can explain, that would be neat. Thanks!
It’s a command provided by the OS to distrotop between ublue distros. You can basically hop between silverblue, Kionite and Bazzite with a single command.
So, this is only available for Fedora users?
ostree based distros*, the default fedora don’t use ostree so you can’t rebase, bazzite is not fedora but they also use ostree, so you rebase there
I have so much to learn. Last time I was tracking distros and having fun with distro hopping was with Slackware 7, I think.
What is ostree? What is bazzite? Time to google stuff.
Its the same :D
Rebasing refers to an OSTree remote which is like a git repo, but with binaries and producing bootable systems. There are some differences there.
The idea is: there is a remote that has the exact wanted configuration, your system mirrors it. All the package manager does is similar to
git pull.If you rebase, you switch the upstream remote, and your system gets the diffs, downloads them.
The cool thing is, that these updates are atomic, so you stay on the current system and the rebased one is only set as the system you boot in after a reboot. You can still
sudo ostree admin pin 0before rebasing, and your current system will be saved forever to switch back to.Note that /etc is writable so you might still accumulate duplicate or redundant configs.
gitlab.com/fedora/ostree/sig/-/issues
Thanks!
I’ve been considering it for a while but my main setup (knock on wood) has been rock solid with traditional fedora. If I ever end up switching distros silverblue is probably going to be it.
Been worth it to learn it and change my way of thinking.
update: Should’ve knocked harder, fedora 40 broke on my PC so I guess I’m switching to silverblue lmao
I’m honestly so trolled, I hate change & hate the idea that something might be better than my existing Arch install. I hate that security, reliability, and flexibility are improved. I cope by reminding myself that I’m very low on disk space right now, for the needed extra partitions
If you have a spare homelab machine Fedora does an immutable build called IoT (they branded it wrong it’s just a barebones install appropriate for servers also).
What is silver blue, and how does it differ from vanilla Fedora?
It’s an “immutable” Fedora, that is, the system comes as a read only image, kind of like how android works. Anything you do is “layered” on top of that image. This means you have to actually try to break it, because you can undo anything you did to break it by simply not booting with the extra layer(s).
You’re encouraged to install in userspace flatpaks instead of system-wide rpms where possible, as system-wide rpms means adding a layer on top if the image as it is.
Oh I thought Fedora itself was immutable
the default fedora installation isn’t, but fedora atomic is
It’s an immutable/atomic version of Fedora: fedoraproject.org/atomic-desktops/silverblue/
My understanding is that the core system is immutable (read-only) and major upgrades essentially just swap out that whole layer. Updates are atomic, meaning the entire thing either succeeds or fails and you can never end up with a broken half-updated system. UI apps all run using Flatpak.
I’ve never tried it though!
Ew Flatpak. Feels like an OS inside an OS. And it also feels bloated. Like almost one GB just to install an emulator.
The quoted storage figures for Flatpaks are misleading. They don’t use that much. I have 50+ Flatpaks installed and they use barely more than 2.4GB.
And Flatpaks are great. There’s nothing to ew at.
Are you sure they are using 2.4 GiB? because that’s nowhere near what I’ve gotten: imgur.com/MjExYMB (notice flatpak-dedup-checker is being used)
EDIT:
github.com/flatpak/flatpak/issues/994
github.com/flatpak/flatpak/issues/1651
github.com/flatpak/flatpak/issues/46
github.com/flatpak/flatpak.github.io/issues/191
Their numbers sound questionable, but if you weren’t pulling in KDE yours would be significantly lower too.
The whole plasma DE meta package on arch is 1.1 GiB. It will be lower indeed but I don’t think it is that significant? (Unless flatpak has a surprise here lol)
edit: iirc the app that really blew the overall size in that screenshot was libreoffice btw.
It’s actually more than it, you can get to the point of having something like several different OS inside the OS because it might start having several different versions of big dependencies like mesa.
you want your application to work everywhere, that’s why flatpak is needed, no one complains about nix, when they have the same principle, flatpak is just more distro-agnostic and with a more powerful sandbox
It’s immutable (aka. atomic), which means the system files cannot be changed, even by root. System updates come as complete system snapshots of the core filesystem, and everything else exists in containers or filesystem overlays (user directory is still writeable). Containers and the user’s home directory are unaffected by the updates, so the update process is typically much safer overall.
If an update does break something, you can easily do
rpm-ostree rollback, and everything will be working again. On top of that, you can swap between versions with a simplerebasecommand (e.g. swap between Silverblue and Kinoite, Kinoite and Bazzite).This is a definite “well um actually” moment, but technically immutability can be switched off at any time with
chattr, and “true” immutability will not be achieved until full image signing is commonplace. You can see the ideas laid out here: github.com/ostreedev/ostree/issues/2867It does let you do cool things though, like install nix: github.com/…/silverblue-nix-installer.sh
don’t use that use this github.com/DeterminateSystems/nix-installer
up-to-date, full support silverblue, don’t need to unlock the filesystem, full support for selinux too, they create the /etc/nix forlder and mount it on /nix
Yeah, I was just linking the other one because its usage of temporarily disabling immutability is more apparent. That one also disables immutability temporarily to install nix.
Only thing I haven’t figured out, yet, is how to install the Private Internet Access client. It uses a
.runinstall script, and it fails when installing viarpm-ostree(tries to write to/etc) and doesn’t like being installed in a Distrobox (needs systemd).But yeah, I’m currently looking at some other options for my main system to drop Windows, and I’m always comparing to Fedora Atomics, now.
I don’t use PIA, but /opt and /etc are both r/w in Silverblue/Kionite
I’ll have to give that a try, then. Doesn’t work on Bazzite.
Any program with an install script makes assumptions about your system, if it doesn’t work it just isn’t compatible.
Either modify the script, package the software for your distro or find out if someone else has done it.
My first instinct would be to look if it’s in the AUR and install it inside an Arch Toolbox.
Yeah, third-party Linux VPN clients are pretty screwed on silverblue, and probably always will be. Especially since when installed in a container, they require being ran in a rootful container with selinux labeling disabled to enable direct access to /dev/net/tun, and as you’ve quickly found out, most of those weird bash based installers haven’t adapted. It’s best to use generic VPN configs through your DE atm.
why not use fedora’s built-in openvpn client and just add the pia info? That should likely work. …privateinternetaccess.com/…/linux-installing-ope…
or built-in wireguard client? …privateinternetaccess.com/…/linux-manual-connect…
I do use OVPN. PIA didn’t have a standalone WG config apart from their client when I last checked, so I’ll have to look at that second article and see if it’s workable, because the other issue is ease of use (I’m not the only one using it, you see).
Thanks for the info, though! Might solve my last hangup.
you can unlock the file system, don’t remember how tho
Wouldn’t help, because any changes I make would be wiped out on the next update (plus it kind of defeats the purpose of an immutable system). I don’t want to go down that road, primarily because the maintenance needs to be as easy as clicking a button (I’m not the only user, so ease of use is necessary).
The better option would be to have it live in the filesystem overlay, but I can’t seem to get that to work. It’s possible that it could be a flatpak, as ProtonVPN has their client as a flatpak, but PIA doesn’t seem all that interested in throwing any bones to Linux users.
you can unlock your /usr with rpm-ostree usroverlay
Oh, hmm. I’ll have to look at that. I didn’t know you could unlock the overlay for specific folders
Welcome to the very reason I’ll never ever try Silveblue 😄
But well, if that helps, look at the bright side: while it’s true that it’ll almost never give you problems, I think it’s true that the time the problems will happen, they will be pretty hard to solve, so it might break very bad. That’s great, isn’t it?
Don’t tell me that this thing just cannot breaks. If that was even possible, that’d be tremendously evil.
I’m trying to make a TPM chip work out of curiosity and it has been frustrating. Does that help?
That helps, yes. Thank you.
bro, trust me i tried to break it, i booted without kernel parameters, my system didn’t even had a root partition, shit was craze, and it didn’t have a /home, rolled back just fine
-rebase from different fedora versions, i couldn’t even login because of kernel versions(yeah even trying to login as root didn’t work)
but, i read a history that happened a bug in ostree, in the early days, and the devs needed to ask the users to fix it manually, but was when in the start of silverblue
That really sucks, sorry to hear that man. It seems honestly pretty bad and I really have to stay away from this distro.
Only RedHat could have conceived something this evil. Of course is RedHat, who else could it have been?
But…!
This. This is really giving me hope. It kind of confirms what I was saying too. You see? It almost never breaks. But when it breaks, oh man! It breaks very hard indeed.
Never give up mate, that thing is gonna break somehow, sooner or later. It has to.
fedoramagazine.org/manual-action-required-to-upda…
found it lol, apparently was a grub issue not ostree one, the last thing standing between a full atomic system, grub lol
Then kill it. Distrohop again.
Wow I was so confused while reading this haha, got me good there! Happy to hear its working as expected :P
I’m a bit behind on these immutable distros and have a small question. People keep saying you can just switch to another image if you want to switch desktop environments. But how does this solve the problem of the config files of the various DEs (GTK rc files or other theme stuff) messing with each other in the home directory? Because this was always a pain in the ass in normal distros
Switching DEs is not recommended by devs so I assume the configs are still conflicting. Home dir doesn’t get affected by an image rebase most likely.
I’ve switched between Plasma, Cosmic, Sway, and Hyprland without any conflicts. For the Plasma 5->6 transition it did change my config in a way that broke Plasma 5 when I rolled back, so problems are possible.
Basically your mileage may vary.
it’s in the official documentation lol
Your files are a mutable part, they stick around for rebase and rollback. (I believe /etc also.) If it’s only files in a home directory you could try a different DE by making a new user. But yeah I don’t think it has a built-in solution for something like that.
It does not. Your dotfiles will be a bit wrecked when you rebase. See: universal-blue.discourse.group/t/…/4 It’ll also cause random issues like: discussion.fedoraproject.org/t/…/2
It’s mostly plasma fighting gnome, though. I haven’t seen any conflicts with say, sway.
I guess you just have to use home manager on NixOS
yeah, home directory is mutable, but you can simply create another user, the /etc is also mutable(the system do a diff of it every update) but you can see every file that changed there(compared with the remote image) using ostree, or create another deploy where you discart your /etc, so, if you discart your /etc, and create another user, you have fresh install, without needing to reinstall using a pendrive etc
I had an entirely different experience with Bazzite. It would not boot to Wayland after an update, so I had to boot to xorg, reboot, and then wayland would work, until the last update where Wayland just wouldn’t work anymore, so I ended up going back to Fedora Workstation.
Bazzite has been smooth sailing about 80% of the time for me. The rest of the 20% were due to either plasma or runner crashing, requiring me to perform a hard reset using the power button. And then it magically atarted working again. I’ve also had my home folder become read-only on occasion. Very strange.
I loved it wile it works, but I couldn’t go on like that. It’ll be another year before I give it another shot.
Love the irony, but this is painting a little too good a picture
Most times yes, but major updates usually cause some trouble, like from 39 to 40, you couldn’t do it without uninstalling the codecs for Firefox. Firefox that is installed by default as an RPM, because the Flatpak Firefox doesn’t yet have 100% compatibility with all the features that work with the RPM, so as a user you’re pretty much led to get yourself stuck in this hole, not too difficult to fix in the end, but still a pain to find out and fix.
Everything else is 100% true! And I think it will be always hard to beat as an implementation of immutability (second place only to NixOS imo), A/B partitioning doesn’t hold a candle to OSTree
Weird. I use Bazzite which is off of Kinoite and the upgrade from 39 -> 40 was seamless.
Doesn’t Bazzite have the base image modified to have the codecs included already? I think that’s probably why you didn’t experience any disruption there
link: github.com/ublue-os/bazzite/?tab=readme-ov-file#a…
what happened is rpm-fusion was lagging behind the official fedora repos, so, you could have just waited, or enabled the automatic update and forget about it
Is that so? From the issue I read there was no way around it because the two images are fundamentally incompatible once you layer that package, you had to remove the layered package, it seemed from the discussion that they might have “fixed” the base image at some point as a pull request was opened on Pagure. I waited a bit for it to go upstream, but nothing happened for a long time and just went thorugh with the manual intervention, and actually, now that I check it again, the maintainer siosm commented that they can’t accept the PR
oh, i never had that issue, only the rpm-fusion lag, never thought that the codecs needed a different approach
If installing the surface kernel (kind of necessary for my Surface Go 1) and installing a few appimages didn’t look so difficult, I guess I would already be on Silverblue.
I’m kind of the opposite of OP and just having nightmares about breaking my system 😅
That’s why I’m doing clonezilla backup but I think the custom kernel would be a problem if I reinstall on another non-Surface computer. Maybe I should just go back to the normal kernel before doing a backup…
You can make your own silverblue image with your custom kernel ;)
If the kernel is available in a COPR or another third party repo, you can just do a little swapping with rpm-ostree: github.com/openshift/os/blob/master/docs/faq.md#q…
Edit: Just in case this is the project you’re using, here’s specific install instructions for Fedora Silverblue: github.com/…/Installation-and-Setup#fedora-silver…
Seems a bit too complicated for me, even if it probably ain’t.
But I’d probably use it if one day I break my Fedora workstation install.
Oh it’s definitely over-complicated, and contrary to what others say here, Silverblue can definitely have some very difficult to troubleshoot problems (especially when using things outside the direct Fedora ecosystem), which are greatly worsened by rpm-ostree taking 15 years to do anything despite sharing code with the supposedly lighting-quick dnf5. For servers, rpm-ostree is great (it’s in all of RH k8s offerings, see RHCOS), but on desktops, there’s definitely a good reason why RH has to apparent offering and Fedora calls theirs “emerging”. Still miles better than having an unbootable system after updating.
oh, the 15 years to do anything is true, i know when my system is updating in the background just from the sound of my laptop fan lol, but they do a 3-way merge using the remote image, your overlays and your /etc, so it’s a intensive process i guess
I remember having a great experience with it, sorry yours hasn’t been great
AAMOF, I install Fedora Kinoite (Like silverblue but KDE plasma) to people coming from windows, first GNU/Linux Experience.Practically unbreakable. does its work.
As A Matter Of Fact, I had to google that because I’ve never seen anyone use that abbreviation.
I really love Fedora Kinoite. Like you said, everything just works. It’s fantastically boring
I don’t fully understand how silverblue and kinoite are different, but I feel this way with base Fedora KDE. I’ve never broken it even a little bit when that used to be common with Ubuntu based distros for whatever reason.
Silverblue and Kionite are both Ublue distros, one has gnome and other KDE. One nice thing is that you can just swap between gnome and KDE without breaking anything via rebasing.
I wrote a thing about this earlier: Fedora has apparently been infected with an advertising department. Their website has a lot of branding and buzzwords and wanketeering and very few technical details. It never says the word Gnome anywhere. You just have to know “Workstation” and “Silverblue” mean Gnome.
How does that work exactly?
I don’t know tons of the detail but I understand the principle. The immutable part of the system is really just an applied oci container image for any ublue based distro.
Certain mount points are writable and persisted (e.g.
/home), but otherwise you can just reimage the entire system with any compatible (ublue based) image. Then each image is built by layering changes using ostree. So that’s how you get the different distros.Silverblue is ublue with gnome, kinoite is ublue with KDE, Bazzite layers steam, proprietary Nvidia drivers and other stuff mainly gaming related, etc.
System updates (which tend to be regular) are just applying an updated image, so actually updating is effectively the same as rebasing.
You can also yourself add ostree layers on top of the base image, and if you rebase to a different one your layers get reapplied on top.
They are both official Fedora Atomic Images. Universal Blue is another team that makes alternative Fedora Atomic Images like Bluefin, Aurora, and Bazzite.
isn’t the opposite?, fedora started ostree, ublue came after
All the signs of Lennart, but he’s now left.
I’ve been running Bazzite based on silverblue on my desktop for remote gaming and dockering. Everything was amazing until I started doing some mid-level docker stuff because of the rigidity of the distro.
Podman largely works but since it’s rootless it won’t have access to mounted drives easily due to SELinux.
Mounting a drive automatically wasn’t intuitive either and I ended up editing the /etc/fstab manually.
Setting up a swapfile was also tedious, I needed more than 8GB so I made a 32GB swapfile but I still had to run a sudo command on startup since I’m not really confident with creating a systemd service on an immutable distro.
All in all I should have just gone for Nobara or a regular Fedora but that’s because I have a really edge use-case.
That being said I still highly recommend it. It’s stable, easy to “rebase-hop” and everything just works well and it’s very stable. I’d recommend it for pretty much anyone unless you’re going to do some heavy self hosting with multiple HDs.
Installed Aurora the other day (distro based on kinoite) and could not make my bank software run… It is a “local” (ie, only used by banks in my country) software only available for Ubuntu that requires a systemd service. Tried a lot and couldn’t get it to work. The service started, but the browser accused it was not installed.
I’m guessing the service wants to edit something it can’t edit on Silverblue. So the software is simply incompatible with your OS (as stated in the documentation)
In case you haven’t tried that yet, maybe you could run it in a systemd enabled distrobox container.
Thanks for this. I use Distrobox a lot and did not know this.
Is your browser installed as a Flatpak?
Chromium yes. But firefox was shipped with the distro, so I am guessing it is not flatpak, but not sure.
nop, sadly, i unistalled it and installed from flatpak
For what it’s worth, I’m impressed your bank has Linux systemd support
I’m in the same boat, Kinoite (or rather my own blue build of it) killed my distro-hopping. But fans of Arch might be interested in the upcoming immutable arch-based OS: BlendOS
Finally a real world manual.
Arkane linux exist, it’s arch linux, and atomic using btrfs
Thanks! I had not heard about it.
It seems to only consider GNOME as the official DE and seem to not have the “blend” integrations of different distro.
Might not be for me but I appreciate the reply and it might help others.
What an horror ! What are you gonna do ? Use your working system ? That’s sad…
Two days ago my Mint system got borked by a kernel update. I booted from the grub menu with the prior kernel, and rolled back with Timeshift. Pretty painless. You don’t need Atomic/immutable distros for that sort of reliability.
I’m playing with kinoite in a VM, though.
Depends what you break. Sure kernels are easy to fix like you mention, but what if you bork your display manager?
Can’t you run timeshift from a live usb? Never tried, but i believe its possible. Obviously more time consuming and bothersome, but possible.
I actually don’t know whether timeshift can just run easily from a live USB, but I don’t see why not.
But of course that also requires you to have installed and set up timeshift before (which is obviously a good idea)
It’s quite a different deal when the whole operating system it built around a timeshift-like concept.
You need to install a rootkit ASAP.
Congratulations. You have completed Linux. Please prepare a usb installer for Haiku to move on to the next step of your jouney.
Linux click bait Lv.999
lmao same, btw install nix using the nix-installer by deterministic system, now i can instalk any cli application without needing to enter distrobox
Oh, you!
After beginning to wrap my head around atomic immutable OSes, I can’t believe they’re not the standard for most servers. i can’t believe Debian doesn’t have an official atomic and immutable version yet, seems exactly like the kind of stability they aim for
I should give the immutable distros a try when I’m not reliant on VMware. Though all that said, I’ve been using Fedora KDE Spin lately, and it hasn’t really been a problem either.
11 months later …
NixOS looks interesting whoosh sucked into a warp
Can you still install extensions in GNOME? I hate the defaults
Yes but only from Gnome directly with an app called extensions manager. You can’t install them from the Fedora repo.
Thank you!
I’ve had a similar experience with Guix.