Aight, got it.
For now, I’m exclusively on Wayland. Though, hopefully Openbox (or something inspired by it) will make the jump so that I can see for myself what all this goodness is about.
Anyhow, it was a lovely conversation. I enjoyed it to bits. I wish ya tha best. Cya, out there. Bye!
Do you have a link for these instructions?
In addition to the template linked by dustyData, there’s also BlueBuild if you prefer YAML over containerfiles.
Very enlightening! Thank you so much!
mouse-centric
This is actually unfortunate for me. I seem to be prone to RSI related aches. Keyboard is fine~ish. But mouse can be pretty troublesome. Do you happen to know if it plays nice with trackballs and/or trackpads?
enabling a lot of the privacy features like resist fingerprinting often breaks login flows
True. Though, in this case, it’s only enabled on hardened. So, the default config doesn’t enable it.
and breaks dark mode detection on site
Yeah, that’s really unfortunate. I suppose there’s Dark Reader. But, I believe Arkenfox’ maintainers held the opinion that a bandaid solution as such did more harm then worth it. At least for those that enable RFP for the sake of fingerprint protection.
Thanks for sharing.
Thanks for the appreciation!
Our goal is to continue the legacy of Mull by providing a free and open source, privacy and security-oriented web browser for daily use.
Do you work on IronFox?
I didn’t downvote myself, but did consider it.
For one, it felt a bit out of place; Fedora isn’t defined by systemd, nor Red Hat or IBM. One clear example would be how Fedora has chosen to stick with Btrfs; contrary to Red Hat’s demands. Don’t get me wrong, I don’t deny any partnership or whatsoever. But it’s not like Fedora’s community has no agency.
Secondly, corsicanguppy’s comment seems to imply that Fedora only sticks to systemd out of some obligation towards IBM/RedHat or something. As if the overwhelming majority of distros don’t default to systemd.
Thirdly, Poettering works for M$ now. Sure. But systemd remains a Linux project. And quite a good one at that. Even if the likes of dinit and s6 are starting to offer some healthy competition, it’s undeniable that systemd continues to have the advantage in terms of received man-hours (in development) and adoption. I hope that Fedora eventually gives others the chance to shine. But outright ditching systemd without a perfect replacement is just foolish.
Systemd is bloated
The bloat argument has absolutely no weight as long it’s not properly defined. One’s bloat is the other’s sane default and vice versa. Please, if you’re engaging in good faith, come up with a definition by which the likes of dinit and/or s6 are not bloated while systemd is. Please be complete and rigorous in your assessment.
and known to present security risks.
If you’re referring to what’s addressed in Madaidan’s article, you should not forget that Whonix -the very distro Madaidan used to be a security researcher at- employed systemd to enhance security. And while one might say a lot about Poettering, one simply can’t deny that they’ve got a sound understanding of good security standards and how to implement them. It’s therefore unsurprising that both Kicksecure and secureblue (i.e. Linux’ finest when it comes to hardened distros) heavily rely on systemd for their bidding.
Don’t see why looking at alternatives wouldn’t be seen as positive growth.
At least we can agree on this 😉.
Thanks a ton for the elaborate answer!
I’ve moved to cachy OS mainly because I needed to get certain things working that were only packaged in appimage
Hmm…, I’m aware that the AppImage situation is pretty dire since it requires FUSE 2 libs while everyone and their grandmothers have moved to FUSE 3; software that’s been almost out for a decade now. Thankfully, I’ve never actually experienced trouble getting it to work on any distro. Sure, installing some libs was often required, but nothing too fancy.
BUT I believe I could have worked it out in Aeon by fiddling around with distrobox
FWIW, I’m 100% positive that you could get it to work on Aeon. IIRC, I’ve also used AppImages through distrobox containers.
I think once there is a mature wayland-based Openbox replacement
Interesting. If it isn’t too much of a trouble, could you pitch Openbox :P for me? I’m not too familiar with it, but you did get me curious.
(eyes on labwc)
Put into my backlog of stuff I’ve got to checkout.
That was a great read. Wonderfully detailed. Thank you!
It’s a pity that it went down like that. Would you say that a properly matured openSUSE Kalpa would be your perfect setup? Out of curiosity, have you used projects related to Fedora Atomic for long periods of time? If so, how would you compare them?
I put it on my partners computer after Aeon crapped itself and put the system in a boot loop until I switched the hard disk out.
It is only release candidate software. As such, I didn’t have high expectations. However what you’ve described here is pretty troublesome. And I’d imagine your partner didn’t do crazy stuff that would justify such a reaction by the OS.
I’m personally very interested in the future of openSUSE Aeon. So far, I’ve mostly seen positive reactions. Therefore, a negative experience as such really piques my interest. If possible, could you elaborate upon what had transpired before the system broke? Or perhaps your partners personal experience with the distro in hindsight.
Under the USERNS caption of the FAQ , there’s a link to another entry. In there, you may find the following command: ujust toggle-container-domain-userns-creation. After invoking this, distrobox should at least start working.
Does anybody in this sub using Fedora Secureblue?
I do. And have done so for almost a year now.
What is your opinion?
It’s pretty neat. Though, don’t expect to roll your way in without any troubles if you don’t take the effort to read its documentation. Fedora Atomic already does things its own way. However, secureblue, by virtue of its superior security standard, adds its own set of ‘rules’ that one should abide. Personally, I absolutely love how this is enforced. But I can understand why it might be a bit overwhelming for those new on the block. But I have personally helped introduce relative newbs to secureblue and they managed (with some help). So you should be fine; their community on Discord also has been pretty helpful in my experience.
So, if your first priority for your desktop operating system is for it to be Linux-based and your second priority is that it’s properly hardened, then you simply can’t go wrong with secureblue.
I was about to write a long piece comparing different security-focused systems, but I retracted for the sake of brevity. Please feel free to ask a specific comparison if you will.
I’ll keep it relatively brief for fearing unwieldiness.
I’m really not a fan of the “we can’t do anything so let’s sit and wait until everything gets worse” philosophy.
I agree. I hope you’re not implying I’m stating otherwise.
but it was accepted because it was the best thing available at the time for the purpose
More like Red Hat pushed it as the new standard and the rest followed suit. Distro maintainers are pragmatic and reasonable people. They’ll more often than not go for the path of least resistance.
A clear cut example of this would be how most distros don’t opt for btrfs in combination with time shift or snapper for snapshot functionality. So clearly, they are not really trying to offer the best solution. Instead they just try to push a system that’s as easy as they come for them to maintain and act accordingly.
the community needed a standard
And we already had one: SysVinit. Don’t try to rewrite history.
I initially started writing a reply on the remaining text but noticed that my writings were continued to be misunderstood. Therefore, I decided to retract any further reply and will choose to stop engaging in this conversation. Thank you for the engagement. However, I would like to offer a small piece of advice as a fellow Lemmy user:
In future conversations, whether they are debates or discussions, please try to understand what the other person is saying. Avoid creating a straw man argument. If needed, ask for clarifications to ensure you fully grasp their point. If you continue to have difficulty understanding, consider alternative approaches to gain a better understanding.
I don’t know how this conversation deteriorated, but I’ll let it be. Thank you once more. For the record, I don’t think this conversation will be productive moving forward. You seem to be focused on your own points without trying to understand the other side, which is fine. You don’t have to try to understand me; I may not be important. However, the ideas I try to convey might be, and it’s more important to consider and understand those.
Anyhow, I wish you the best.
I think I better understand you now. Btw, I had changed my previous reply moments before I read your reply. My bad*.
I meant that I support this distro as long as it’s not immutable because I’m an opponent of immutability on the desktop. If they’re also making other kinds of systems, immutability may be beneficial there.
Have you been around since before the introduction of systemd? Systemd’s introduction was a lot more invasive and threatening to ‘traditional’ distros than immutables are today. Distros changed to systemd over night. Only Arch and Debian had communities that succeeded in establishing systemd-less derivatives. By contrast, the interest for immutability in existing distros (almost always) means a parallel distro is created with (at least initially) immutability tacked on.
So, please correct me if I’m wrong, but I feel as if you’re being too aggressive/overreactive considering how nonthreatening immutable desktops are to traditional distros.
Sometimes
innovationchange is bad or rushed (such as removal of X11 on Fedora).
Fixed that for you 😉.
Often only people with the newest hardware can benefit from it anyways.
Fair, but as unfortunate as it is, that’s basically a consequence of consumerism. I don’t like it, don’t get me wrong.
They don’t care about regular users making the products worse for them which is basically egoism.
I don’t think this applies to Linux overall. Fedora (and Red Hat by extension) have a vision that made them default to Wayland by default. So you’d be right to blame their policy. But this is nothing new for Fedora; they’re known to push bold changes. You might not like it or disagree with them. Fine. But is it important enough to hate them for it? Isn’t life too short for that?
There is a reason for proprietary products having legacy support after all.
Are you implying that doesn’t apply to Linux? I don’t understand. On an open system like Linux is, this doesn’t really seem to hold much weight. You can swap stuff around as you see fit.
They claim to have a lot of features.
What features are you referring to?
As I understand it, it’s basically trying to answer the following question: What if we could start over and use existing building blocks to make a simple yet complete system using the Linux kernel? All changes have been made in accordance to that basic premise. From replacing GNU in GNU/Linux with BSD, to choosing dinit over systemd as init system.
I hope they succeed (as long as it’s not immutable)
Are you one of those with a raging hateboner towards everything immutable? I ask this as I don’t see any reason to bring this up in the first place.
FWIW, I absolutely hope for it to succeed as well. Innovation (of any kind) pushes the industry forward. When people oppose innovation for whatever reason, it always reminds me of Henry Ford’s famous quote: “If I had asked people what they wanted, they would have said faster horses.”
Sorry for late response.
Also didn’t know about secureblue
Yup. It’s a relatively new project and doesn’t try to be very newbie-friendly. Hence, will not be talked about commonly in threads. Rightfully so, as I’d argue exquisitely hardened systems simply have to prefer security over convenience.
But it’s definitely neat and had its fair share of users. As the folks over at GrapheneOS and Privacy Guides seem to be enthusiastic on it, I wouldn’t be surprised if it receives a new influx/stream of users once community members of GOS have launched a dedicated website on it (which is already in the works) and the peeps responsible for PG’s recommendations have finally included secureblue as their de facto Linux recommendation.
hopefully it can all work together
So do I 😊!
Thank you for the chitchat! I wish you the best!
That sounds a bit funny, when those technologies are just (despite me not liking to use this term) inferior
Perhaps I should have worded that better 😅. It was meant as a textbook example of status quo bias; anything found by default on a ‘product’ that’s deliberately opinionated will see its audience gravitate towards said defaults. Even if those defaults are inferior to other options.
So, in this case, uBlue initially had a script within ujust (or just) that installed the Nix package manager. It wasn’t necessarily the perfect fit, but it definitely had its use cases:
rpm-ostree)But then, not long after the troubling conflicts between Nix and SELinux, brew was inaugurated as the de facto alternative for CLI and the rest is history.
in terms of packaging, only flatpak really shines because of its embedded permission model
Yup, can’t agree more.
Yeah, I think you should at least give it a shot and see how you like it, it’s not as easy right out of the box as the other 2 you mentioned, of course, so you should find out for yourself what you feel more comfortable using.
FWIW, I have actually used Nix sparingly in the past. IIRC, it broke on me at some point 😅. That could be on me, though. Unfortunately, I don’t recall the details. It could also be related to the hardening found on secureblue.
I agree 😜.
lol. I initially had a better written reply that I was about to send, but I clicked on cancel instead of reply. RIP.
First of all, thank you for sharing your own experiences!
Secondly, in short, looking at the discord servers that are related to the uBlue project, general folk seem to have moved past Nix and use flatpak and brew instead for GUI and CLI respectively. Though, some community members happily report to be content with Nix. So, perhaps I shouldn’t be necessarily opposed to home-manager.
Finally, I didn’t expect to find a crossover between brew and chezmoi to effectively become a quasi-home-manager.
Honestly, you could be absolutely right. I haven’t revisited Nix since Bazzite Buzz #12 informed us on the following:
“The Nix ujust script has also been removed due to conflicts with SELinux policies. Users can still install the Nix package manager manually if they so desire at their own risk.”
However, the above could be outdated; I simply don’t know. Are you aware of any developments that have changed things for the better?
Actually, it wasn’t me that said that 😅. I do find it in jrgd’s reply, though.
For the record, I also didn’t downvote your comment 😜. Though, looking at how well-received my previous reply has been, I can’t ignore the possibility that peeps that agreed with what I said also chose to downvote your comment.
Sorry, I don’t think I completely understood you here.
I absolutely agree with you that Fedora and Red Hat are very effective agents of change. So yes, if they would get behind an alternative for systemd, then that would definitely get traction.
Has something like this ever happened in the past? I can’t recollect a collaboration of sorts between these two entities. If anything, they seem to be at odds with eachother: Mir vs Wayland, Snap vs Flatpak and even Upstart vs systemd. Though, at least so far, Red Hat holds an impressive winning track record.
Absolutely. But, and this is my inner-systemd-skeptic talking, systemd is ridiculously intertwined with the current Linux landscape and often times new updates even show a glimpse of how much more intermingling we’ll get in the future. I hope we’ll eventually get something to systemd like what PipeWire has been to PulseAudio. That’s why development into alternatives like dinit and s6 is of utmost importance.
Suckless it is 😜. It’s a fine definition. Thank you for that. But, I got to ask, where is the line drawn? Like, the Linux kernel, by virtue of being monolithic, has to be bloated as well. Right? So, if that’s the case, is somehow the kernel’s bloat okay while bloat is unaccepted for the system and service manager? If so, why? I’m genuinely curious.
Sure~ish. Deep discussion. I’m fine with giving this to ya.
I suppose some peeps will enjoy themselves with what’s out there. Do you happen to use an alternative on a daily-basis?
Wholeheartedly agree 😊.