It’s pretty neat. Though, don’t expect to roll your way in without any troubles if you don’t take the effort to read its documentation. Fedora Atomic already does things its own way. However, secureblue, by virtue of its superior security standard, adds its own set of ‘rules’ that one should abide. Personally, I absolutely love how this is enforced. But I can understand why it might be a bit overwhelming for those new on the block. But I have personally helped introduce relative newbs to secureblue and they managed (with some help). So you should be fine; their community on Discord also has been pretty helpful in my experience.
So, if your first priority for your desktop operating system is for it to be Linux-based and your second priority is that it’s properly hardened, then you simply can’t go wrong with secureblue.
I was about to write a long piece comparing different security-focused systems, but I retracted for the sake of brevity. Please feel free to ask a specific comparison if you will.
I also experience with Secureblue, so here are my answers:
I used GNOME because it is the only DE that protects the screen copy API. I used GNOME extensions because native methods of customizing UI/UX are very limited.
I personally re-enabl Xwayland because many apps (eg Steam) still use/require XOrg.
Yes I recommend use and recommend Bubblejail as a simple way of sandboxing some apps. Not a “super tight” but much better than unsandboxed. FYI, AppImages don’t work with Bubblejail, or Secureblue (cus they remove the unmaintained FUSE dependency).
Under the USERNS caption of the FAQ , there’s a link to another entry. In there, you may find the following command: ujust toggle-container-domain-userns-creation. After invoking this, distrobox should at least start working.
I do. And have done so for almost a year now.
It’s pretty neat. Though, don’t expect to roll your way in without any troubles if you don’t take the effort to read its documentation. Fedora Atomic already does things its own way. However, secureblue, by virtue of its superior security standard, adds its own set of ‘rules’ that one should abide. Personally, I absolutely love how this is enforced. But I can understand why it might be a bit overwhelming for those new on the block. But I have personally helped introduce relative newbs to secureblue and they managed (with some help). So you should be fine; their community on Discord also has been pretty helpful in my experience.
So, if your first priority for your desktop operating system is for it to be Linux-based and your second priority is that it’s properly hardened, then you simply can’t go wrong with secureblue.
I was about to write a long piece comparing different security-focused systems, but I retracted for the sake of brevity. Please feel free to ask a specific comparison if you will.
Looking at their features list…
I also experience with Secureblue, so here are my answers:
I can’t use toolbox on my secureblue, it shows a message showing that it can’t find podman version IDK what to do
Under the USERNS caption of the FAQ , there’s a link to another entry. In there, you may find the following command:
ujust toggle-container-domain-userns-creation. After invoking this, distrobox should at least start working.Try invoking
ujust distrobox-assemblefirst. This command is also found on the FAQ page. Enter the container created through this method.