this post was submitted on 25 Feb 2024
33 points (83.7% liked)

Linux

48144 readers
904 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

cross-posted from: https://lemmy.ml/post/12400033 (Thank you https://lemmy.ml/u/Kory !)

I first used Linux about 5 years ago (Ubuntu). Since then, I have tried quite a few distros:

Kali Linux (Use as a secondary)

Linux Mint (Used for a while)

Arch Linux (Could not install)

Tails (Use this often)

Qubes OS (Tried it twice, not ready yet)

Fedora (Current main)

For me, it has been incredibly difficult to find a properly privacy oriented Linux distro that also has ease of use. I really enjoy the GNOME desktop environment, and I am most familiar with Debian. My issue with Fedora is the lack of proper sandboxing, and it seems as though Qubes is the only one that really takes care in sandboxing apps.

Apologies if this is the wrong community for this question, I would be happy to move this post somewhere else. I've been anonymously viewing this community after the Rexodus, but this is my first time actually creating a post. Thank you!

UPDATE:

Thank you all so much for your feedback! The top recommended distro by far was SecureBlue, an atomic distro, so I will be trying that one. If that doesn't work, I may try other atomic distros such as Fedora Atomic or Fedora Silverblue (I may have made an error in my understanding of those two, please correct my if I did!). EndeavourOS was also highly recommended, so if I'm not a fan of atomic distros I will be using that. To @[email protected], your suggestion for Linux Mint Debian Edition with GNOME sounds like a dream, so I may use it as a secondary for my laptop. Thank you all again for your help and support, and I hope this helps someone else too!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 17 points 8 months ago (1 children)

You could look into Atomic distros if you value sandboxing, such as Fedora Atomic or Vanilla OS. I don't know much about the debian space as Arch was my first distro so I kinda ran before I crawled.

[–] [email protected] 4 points 8 months ago (2 children)

Thank you! How are Atomic distros different from "regular" ones?

[–] [email protected] 11 points 8 months ago (1 children)

Pretty much that to be honest, so all of your apps are flatpaks. The base system is also kinda sandboxed, it's access is prohibited and instead you employ "layering".

I use Fedora Atomic on my desktop and laptop so I'll explain that one here. Atomic distros function off of Atomic transactions, which are a process form that can only successfully complete. If an Atomic transaction did fail, the entire transaction would be undone and reverted. This practically makes Atomic distros unbreakable. If an update fails, what update? Who said there was an update? No trace.

Obviously you can change the base system, as flatpak isn't suitable for all apps. This is where that layering comes in I mentioned earlier. I use XFCE-Terminal, obviously not a great candidate for a flatpak. So to install a package normally (as if through DNF) you need to use a packge manager that deals in Atomic. Fedora Atomic ships with their tool called rpm-ostree. I don't know quite how it works but I'm pretty sure it creates a branch of the current system (like Git) and installs the package there, then upon next boot you'll use the new branch and the old one discarded. Doing this means that if the package failed to install, your system is unchanged.

Atomic distros are super cool and I can't imagine not using one. They do so much that should've been done a loooong time ago. I highly recommend them. I have an unpublished blog post about my experience using Fedora Atomic that I'm more than happy to post here if you'd like.

[–] [email protected] 3 points 8 months ago (1 children)

I have an unpublished blog post about my experience using Fedora Atomic that I’m more than happy to post here if you’d like.

Sure! I would love to read it!

[–] [email protected] 4 points 8 months ago* (last edited 8 months ago)
[–] [email protected] 3 points 8 months ago

No not sandboxing. They use something like Git or OS images for the OS updates. You could install only native packages and have a regular fedora setup but with full transparency. The normal workflow is "keep your system clean, install flafpaks for GUI stuff and do random software dev, build environments, compiling etc in a Toolbox/Distrobox using a Podman container underneath".

Its very easy to use and such a blessing. You NEVER need to reinstall a distro again