What are immutable distros, and are they the future of Linux?
Head to squarespace.com/thelinuxexper... to save 10% off your first purchase of a website or domain using code thelinuxexperiment
Grab a brand new laptop or desktop running Linux: www.tuxedocomputers.com/en#
👏 SUPPORT THE CHANNEL:
Get access to a weekly podcast, vote on the next topics I cover, and get your name in the credits:
KZhead: www.youtube.com/@thelinuxexp/...
Patreon: / thelinuxexperiment
Liberapay: liberapay.com/TheLinuxExperim...
Or, you can donate whatever you want: paypal.me/thelinuxexp
👕 GET TLE MERCH
Support the channel AND get cool new gear: the-linux-experiment.creator-...
🎙️ LINUX AND OPEN SOURCE NEWS PODCAST:
Listen to the latest Linux and open source news, with more in depth coverage, and ad-free! podcast.thelinuxexp.com
🏆 FOLLOW ME ELSEWHERE:
Website: thelinuxexp.com
Mastodon: mastodon.social/web/@thelinuxEXP
Pixelfed: pixelfed.social/TLENick
PeerTube: tilvids.com/c/thelinuxexperim...
Discord: / discord
#Linux #immutable #linuxdistro
00:00 Intro
00:33 Sponsor: 10% off your first website with Squarespace
01:26 What is an Immutable Distro?
03:30 Advantages
05:16 Installing software
07:44 Updating software
10:48 The Complexity problem
12:01 Are they the future?
13:26 Sponsor: Get a PC made to run Linux
14:29 Support the channel
They are linux based operating systems that are designed to be read-only and not easily modifiable.
Most of these immutable distros still let you install apps and packages on top of the system, through flatpaks, snaps or appimages, or with a specific layer of packages, that is kept when rebooting and updating. Some immutable distros give you easy access to containers so you can still use a full system with full write access.
And there are a BUNCH of immutable distros: Fedora Silverblue, and Fedora Kinoite are basically Fedora Workstation, with GNOME or KDE, but with an immutable base. Vanilla OS is an Ubuntu based, soon to be debian based immutable distro that gives you access to any packaging format through containers. BLendOS does the same thing, but based on Arch. SteamOS, the linux distribution that powers the steam deck, and also my Linux gaming console / PC is also immutable.
You could also say that NixOS is an immutable distribution, since you only install things and modify configurations through a declarative config file that is used to build the system. And there are a lot more, like microOS from openSUSE, endlessOS, and more!
So in terms of advantages, immutable distros are just way more secure. Since you, the user can't modify the base system, and since the super user can't do it either, it also means any third party programs also can't modify that base system.
Another advantage is reliability. Since you can't tinker with the system files, you also have a much smaller chance of actually destroying your system.
And in terms of maintenance, since you only use an updated system after a reboot, there is no risk of breaking something by updating it while it's running.
But how do I install anything if I can't write to the system? Most immutable distros work around that using universal packaging formats like flatpaks, snaps and appimages.
But that's not the only way to install stuff to an immutable distro. A lot of them actually still let you install packages to the system, in a dedicated layer. That's called "layering".
WHat this means is that you still have access to the distro's repos of packages, and you can still elect to install some, but you won't use the usual package manager, but another dedicated tool.
Some immutable distributions also use containers, generally with something like distrobox.
Another difference that can be considered a drawback is updating. Updates on immutable distros are never applied in place. When an update is available, they'll build another system image. So you end up with 2 systems; the one you're currently using, and the updated one, which is not currently active.
And you only get the updates after you reboot onto that new system image.
Another drawback is the complexity of these systems. Everything you try to do is different: installing a package doesn't use your usual package manager. Applying updates isn't the same command, or requires you to reboot to actually use the updated system.
Immutable distros are a different sort of system, with different tools to interact with things you might already know how to do.
Are they the future? Probably not. For servers, they make a lot of sense. For regular users, they do have a lot of advantages, but they also have a bunch of limitations that require the use of workarounds.
And so I don't think immutable distros will replace regular distros. They'll grow, and occupy a space next to let's call them "mutable" systems, but they'll probably never be the default thing most people use.
Head to squarespace.com/thelinuxexperiment to save 10% off your first purchase of a website or domain using code thelinuxexperiment
I loved your video. What about the reproducible build distros? NixOS and GuixSD? I know you have NixOS but would be cool if you talk about GuixSD and a comparision between them
I don’t see this being the future for me as I like the idea of updating my apps and directly doing things
KIOSK.
Here's a small correction- Nixos doesn't necessarily require reboots to apply configurations (or update the system). nixos-rebuild boot makes the updated config available from the next boot onwards, whereas nixos-rebuild switch makes those changes take place right away.
I trust vannila os, pika os, fedora immutable spins, endless os than nix os. They are easier for me to work on. I'm a Fedora Linux user. So I don't want nix os.
Yes, and in Fedora Silverblue same can be done with the terminal option/command apply-live
seems like many youtubers make this mistake 😅
I like the NixOS concept, but I want to have a working ISO image on disk (offline/locally) to be able to install it whenever I need without relying on the internet all the time. Is there an easy way to do it with NixOS using a config file? I use Fedora Kinoite now, and I like it, can't go back to mutable distros ever.
Opensuse aeon (was micros desktop) also comes with the option to directly apply changes in the running system. It is not adviced to do so, though...
“Are the future of Linux?” Edit: This mistake in the title has since been corrected.
Dammit
huh ?
@@siliconhawk9293I think it was about the title
@@siliconhawk9293 it was a mistake in the title that has since been corrected.
oh okay then thx @@WilburJaywright
One thing not mentioned here--in many cases, you can start with a base image and then apply a set of changes to customize your configuration. If you put those changes on a git server, then you now have a versioned record of everything you've done to configure your system. This is of course excellent for reproducibility, but it's also great for experimentation. You can try things out with complete security because if something goes wrong, you can simply revert your changes. I initially tried this out with universal blue, which provides support for customizing fedora silverblue, but then I switched to NixOS, which is really ideal for reproducibility + risk-free experimentation.
macOS is already doing this sort of thing on mainstream desktops with the introduction of the sealed system volume, so I think immutable distros probably can be made fairly seamless for regular users, so I do think the norm will move in that direction in the coming years
en.wikipedia.org/wiki/System_Integrity_Protection for reference. BSD and Linux have had variations on this feature for quite some time. I think Mac users are less affected because MacOS came with a hierarchy of /System /Library ~/Library that already allowed one to install system-wide (/Library) and user level files without putting things in /System well before they added SIP.
@@jasonkenney2231a link in a youtube comments section? how?
I advice you all to watch the talks of Richard Brown, a developer at SUSE who is also the creator of OpenSUSE MicroOS an immutable variant. He did a talk called "Why you should be running the MicroOS Desktop", when he explains why he consider MicroOS to be the "best" distribution he still acknowledge the various disadvantages it can have and the problems that an immutable system still needs to resolve.
Are you saying that Dick Brown created MicroOS?
@@40GrandBattery I'm sorry but who is dick brown ? Richard brown is a distro architect at SUSE and created OpenSUSE Aeon (previously OpenSUSE MicroOS).
An "immutable" OS is very appealing to me as someone who regularly runs new and unknown software on their daily driver. I always keep a drive image as a backup, but I'd rather avoid the hassle in the first place! Plus the payload may already have gotten inside the image... and the one before that, and the one before that... 😅
I really like the idea of immutable distro. They have a lot of potential for the future. I hope we will have this for smartphone soon.
We already do, this is pretty much exactly how modern Android works. Current phones ship with two system partitions, "Slot A" and "Slot B". Without root, both partitions are read-only. Apps are installed into an overlay file system which can work with either "slot". When you do a system update, it builds the updated system partition into whichever "slot" is not active, then marks that "slot" as active, and reboots. If your bootloader is unlocked, you can even manually select which "slot" to boot from.
@@silverywingsagain I see now that there are some disadvantages. Usually in Android, the bootloader is locked and root is not always easy on every device. The companies can lock us out of their OS. Or it is our OS if we paid for it?
NixOS is great, it's reproducible and doesn't make your computer a guess-the-state mess. It's also great for configuring multiple devices the exact same way.
Yeah Nix is wonderful
I really wanted to switch to it... But i am afraid whether it is another year long rabbit hole i am getting into...
I like the NixOS concept, but I want to have a working ISO image on disk (offline/locally) to be able to install it whenever I need without relying on the internet all the time. Is there an easy way to do it with NixOS using a config file? I use Fedora Kinoite now, and I like it, can't go back to mutable distros ever.
@@vaisakhkm783 This!
@@themedlebunfortunately not, NixOS needs internet to install packages and it has almost nothing by default.
I bet 10 bucks that Apple would do the same thing and sell it as "security update" while all they would do is to charge you extra to let you keep your files after a reboot.
It already mostly is.
macOS already runs much like this.
Macos is already doing it for few years.
@@476429yes mostly a few things can de done without a Update but its not weong its semi imutable
Linux users try to go one second without bringing up Apple or Microsoft challenge (IMPOSSIBLE)
Immutable distros certainly have their momentum, and there is a niche for that approach, but i don't think the classic approach will be gone anytime soon.
I was gonna say; sounds cool, but what does it do for me as an everyday EndeavorOS user?
I don't know if this will take over regular Linux desktop, but this is probably the way for future linux mobile.
In most cases, people should be rebooting any distro after updates. It's the only way to guarantee you're actually using all the new versions of apps & libraries. I've run into a lot of weird issues & instability, when I do not.
I just update before I shut my pc off, before I go to bed. Pretty simple.
I wish every package manager did what zypper does and prompt you after an update to look at what all system components are actively running and are still using a now-deleted or overwritten version of a file. Being able to complete the update process != having the updates take effect.
I am using Ubuntu since what 14.04 or something (many, many, many years)? I barely ever restarted after applying the updates to my server and it always works...
@@igordasunddas3377 The software stack of a server is typically not as complex as a desktop, and not interacted with nearly as frequently, thus you're far less likely to notice any issues. That said, you probably went many long periods with updated software on disk not being used, while the system keeps humming along with the old versions still loaded in memory, leaving your system potentially vulnerable.
@@igordasunddas3377it may work, but there will often be processes which are still running the old version. OpenSUSE tells you which processes need to be restarted which makes it easier, but on distros that don't do that it's better to just reboot every time.
I use Fedora Kinoite and i love it. I love the immutable base and im used to work with containers. Kinoite makes it easy for me to keep track of what i installed on the base system and therefore keeps my system clean. If i wanna test something: spawn a podman container and delete the container after testing. Upgrading to a new version of fedora is also extremely safe. If let's say you upgrade from version 38 to 39 you can rollback if something doesnt work properly in the new version. So having a bleeding edge system with this safety net is the perfect combination.
Is immutable distros good for laptops? A lot of containers runnin_ will takes up a lot of power right?
What I don't really get is, why you just don't use "normal" fedora and install your apps in a podman container or just as flatpaks? So you have the best of both worlds. You can change your system if you want to but at the same time you can be sure, that your libraries / dependencies aren't going to get bricked by some updates or new apps that you installed. So what do you gain beside not beeing able to change your system to your liking or just by layering the packages onto the main system? Nicks conclusion is exactly the way I see it too.
@@vaisakhkm783 no. Having a container running doesn't take resources in itself. If no applications run in the container it won't take any resources just by being started. I think what you are referring to here is virtual machines: those take resources when they run.
@@vaisakhkm783 A container is not a VM.
macOS is immutable in some way too. The OS files themselves are on a “system volume” which is mounted as a read only snapshot that is recompiled when there’s an update. That means you can reinstall macOS without losing any user files and applications. And it’s VERY difficult for any malware to interfere with core system functionality. macOS switched to this with Big Sur with previous versions bringing CoW APFS and separate system and user volumes similar to LVM.
That's good and all, though having data, /home, etc as separate partition from root is not new but has long been quite common in the world of unix-like systems. I have a spare laptop that I use for testing various distros where the /home partition has sat through almost a dozen installs with zero problems. Edit: typo
MacOS, Android and iOS are all immutable. The only major OS that isn't is Microsoft Windows, and most Linux distro's.
@@Sjoerd1993 Back when I used a jail broken iPhone, the root partition was actually not immutable but completely R/W and persistent, and rooted Android is mostly persistent as well, at least for the /data section that cannot be accessed normally, though the system partition is non persistent.
@@szr8that has not been the case for several years. I’d post links but KZhead…. If you search for “macOS signed system volume” you’ll find a number of Apple support documents about it as it has evolved over the last 3-4 years or thereabouts.
@@Sjoerd1993 You can lock down Windows to do the same. Through Group Policy and AD.
The future is now for me since Nixos and OpenSuse kalpa are my daily drivers. Even my home lab server is an immutable operating system - OpenSuse micro os.
After 13-15 years of messing with LInux, I consider myself on the cusp of being an intermediate user (but still far away). I say that, because I can see that something like this would keep beginners from breaking their distro so easily. Problem is that it doesn't sound user friendly. Besides, you learn more about your system when you break it (hopefully by accident) and then try to fix it. Then there's the core concept of Linux (at least as I perceive it): the freedom to make it entirely your own. I don't see how an immutable Linux distro affords that ability.
+1 for NixOS. It's too bad you lumped it with the other immutables because it doesn't suffer the drawbacks you mentioned (except learning curve).
I like the NixOS concept, but I want to have a working ISO image on disk (offline/locally) to be able to install it whenever I need without relying on the internet all the time. Is there an easy way to do it with NixOS using a config file? I use Fedora Kinoite now, and I like it, can't go back to mutable distros ever.
@@themedleb I haven't tried but you could do a minimal base install from a ventoy USB, copy your config and home files and rebuild. That would be pretty fast. If I understand your question.
He has an entire video just on NixOS. He has definitely covered this.
@@cjmoss51 as he's covered the other distros he talks about here in other videos. I was talking about the context in this particular video. I watched his NixOS video before I switched and his video contributed to my decision because he's a smart guy. He always asks for feedback and I think it was misleading to include NixOS with the other immutables.
Great video mate, awesome summary of the immutable Linux landscape at present and how it can be used.
Immutable Distros are perfect for people who just want to have a stable and secure system. I play around with OpenSuse Kalpa (MicroOs alpha variant with KDE Plasma) in a VM and I really like it so far. I'm currently on Debian, but I could see me using it in the future. Tumbleweed is already a great stable rolling release but combined with the stability of an immutable system, would make it perfect.
Cool, didn't know linux had this tech too. Our current Virtual Desktop farm (multi user windows server) is build with the non-persistent principal. A small and clean golden image and the rest is added via app virtualization. Our future farm (W11/W12?) will use similar mechanisms. It's a bit of a learning curve in the beginning but we love the flexibility it gives us. I don't expect this to become a thing for personal users but maybe more for admins managing a lot of linux desktops.
Yeah probably for workstations where you want to make sure you don’t have to fix things all the time!
Can I ask how do you guys manage to share the GPU between multiple Virtual Desktops? All the enterprise solutions I found usually use NVIDIA GRID or don't share the GPU.
@@tablettablete186 hi, we actually have no apps that really require a GPU so it's not an issue for us. We never really checked out what's possible so i'm afraid I can't help you with this.
@@ialrakis5173 Sad, but thanks for responding! I guess I will continue on my search!
@@tablettablete186I think Windows's Hyper-V has a method for GPU virtualization even on regular consumer GPUs, and it performs pretty well. Don't know of anything similar for Linux hosts though (well, I do, but none that perform as well)
I'm using debian bookworm right now with an arch distrobox container and it's honestly been a joy. Having the rolling release apps with the stability of debian. There are some awkward funny side effects but if you are somewhat experienced with linux it's pretty easy to overcome
Lol, I initially read that the exact opposite and was like "what the f is this guy trying to accomplish?" 😀
@@jothain Yeah the opposite would be pretty weird ngl, my somewhat broken English might have thrown you off, my bad
@@p3rtang No, not at all. Likely my non-native English skills made trick to me trying to read fast. Reading again I realized what you actually meant 🙂
@@jothainhahaha. I have all the slowness of LTS with all the instability of rolling release! Look upon my system in awe... Of how I thought this was a good idea... In all seriousness though, for my use case... I actually have arch break less than when I ran an LTS distro...
@@TheEclecticDyslexic Yeah. Like hilariously Ubuntu just borked with updates LTS version to remove GUI stuff or something, anyway making normal login impossible to desktop 🙂. Debian is insanely stabile imo, but yeah in all fairness what I ran openSUSE rolling for quite awhile expecting something nasty to happen, it got boring. Would've kept it, but too much updates for my net connection. Fedora was the same.There indeed are plethora of good quite bleeding edge distros around.
Immutable is the Android cognate of Linux. It's great for business usage, and for stable usage for things like Multi-Media creation workstations in corporate environments, and they're also great for newbies who not only un-tech savvy, but don't know what Linux is about, and don't want a geek to babysit them so they don't break their install every few hours.
Latest Elive Linux has that covered in a nice way. On boot you can choose to boot in your standard system or into their so called "impermutable' system. The latter allows everything the normal system would, except that all changes will be lost after a reboot. It's great for testing intricate stuff that could break your system. 😇
09:20 Just as a heads-up, you don't need root privileges to update your image, just `rpm-ostree upgrade` will do. Same is true for installing/layering new packages ;-)
Very clear explanation. Thanks. I've been lucky that since 1998 when I first installed Slackware to now (Linux Mint and Tuxedo OS) I've never managed to break my entire system.
Wow
If everything actually works in the immutable distro (remote file sharing, sleep mode, Bluetooth, etc...) I could see them being better for a casual user like myself. My last attempt to use Linux on my daily desktop was an utter failure of a system going into a coma whenever it went to sleep. Of course, I'm still waiting for native HDR support before I try Linux again.
Interesting to see that Vanilla OS is in the process of rebasing from Ubuntu to Debian. Hopefully Linux Mint does the same soon (despite Clemenet Lefevre's diplomatic statements about wanting to maintain a healthy working relationship with Canonical)....
Or move to rocky linux
Linux mint already have a flavour based on Debian
NixOS FTW
Immutable distros are a likely future for average person. Most people using a computer have no need for the kind of power that a traditional distro provides. They wanna browse the web, send emails and maybe use office. They don't need or want to see the stuff under the hood and having them accidentally break something is a real risk. A risk that immutable systems don't have. Silverblue is something I wanna give a whirl for myself one day. It's looking like it's quite reliable to use on the daily. Steam OS is also very cool. I'm hoping Valve release generic ISOs for that soon. Also, you can update packages on Fedora without a reboot. Updating through the terminal using DNF will just apply the update, no rebooting required. It'll be fine most of the the time. I just let Fedora update when I shut down my PC though, so the reboot option works fine for me.
Nah, I've got a one-track mind, I like Linux Mint!! Gone are the days when used to be curious, I'm getting old now. 😊
My father, a lifelong MS-DOS and Windows user, learned Linux in his final years - on Mint, as it happens. Age is only a number, as they say. I fully feel you on committing to what works, but never lose that human spirit of curiosity!
The best immutable linux distro is a Linux Live disk on a read only CD Rom, which Linux Mint no longer supports, perhaps someday Chrome OS will, which would be a pretty secure distro.
Puppy Linux
ChromeOS sticks make perfect sense. compared to settings things up, signing in to a Google account doesn't take that long and you can have stuff linked to say google drive instead of local storage. just plug in to any system ,enter network credentials and sign in.
CD ROM? Why not use a floppy disk (diskette) instead?
Have you tried u-blue.
@@replikvltyoutube3727 EasyOS. Not only a "pioneer" of "immutability", but also of containeralisation. Also from Barry Kauler
A nice to way it is: Traditional linux distros are a distribution of packages that are managed by a.......package manager "Immutable" linux distros are distribution of a operating system image on top of which you can install additional software
Thank you for the explanation!
Silverblue user here... for the last year. according to MAtt from Fedora... they ARE the future for Fedora. The benefits way surpass the issues.
I like knowing that my system won't be unusable anytime soon
So unless you are advanced user, Immutable Distro is just like security/backup upgrade (the "immutable" reminds me of kotlin). You just have to re-learn how to install & update a software/app, again from the beginning.. Which can be easy or hell depends on YOU, the user.
Thanks for this overview on immutable distros, Nick. I actually considered to put BlendOS onto a ThinkPad I would use exclusively for work but the handling of updates and stuff still feels weird to me. Maybe sticking with openSuSE Leap and snapshots is the smarter approach here? I don't know. But I like the concept a lot, especially since both BlendOS and VanillaOS try to get rid of the issue of where to obtain packages from since that's still an issue with say Arch having patches and changes Ubuntu users have no access to even with PPAs. At least flatpak compensates for that already a bit.
Great info! Thanks 👍
Still loving my so simple Vanilla OS.
In Linux you reboot only when system libraries are updated. Basically when there's a kernel update. If something from your desktop is updated, you just need to logout and log back in. For some apps you just restart them. This might seem overwhelming for some so some distros opt to request a full system restart.
Immutable distros sure look like an interesting approach for servers or systems that need to be super duper stable. But right now I'm good with Debian testing (even if I sometimes want newer packages earlier...). Thank you for showing us what they can do!
Jail breaking will be what people will be doing.
Informative!
Chromeos is an example of a super-immutable linux distribution
interesting information, thank you for sharing.
this video so good, i have to re-watch it and take serious notes.
I don't think this will be the future for everyone, but its amazing for enterprise and beginners. I'm honestly excited for what this tech can do for linux on mobile.
I was hoping you would say you hardly need to reboot at all, just rebooting the overlay userland. Or did you say the appliance type ones can have v high uptime? I use KBOOT/exec to restart my box without going to BIOS
that sponsor segways was not unexpected but smooth 😂
i gotta say, u are one of the few youtubers that has the ltt segue skills.
My opinion on this, as someone who's still quite new to the Linux space, is that these would be good for less tech savvy people coming over to Linux. They put a focus on security and stability, and prioritise package managers over any other form of application installation. I think this is very valuable for people who don't really want to edit their system, and just want to be able to click about and do their work/home life. For people who want more control over their systems, asking them to use an immutable system would be a bit of a stretch. I'm thinking someone like my mum could use an immutable Linux as her home OS. She's very prone to breaking things by simply panicking and clicking the wrong things, and she's very good at finding the wrong stuff on the internet and getting viruses. Giving her an immutable system would help a lot, as she can't easily break the internals, and it gives her the stability and package security that she'd seriously benefit from. I think if these ironed out some of the more awkward workarounds that have to be done into more clean, easy solutions, immutable distributions could completely change the way the average computer user sees Linux
Re: updates - this is a feature that even some non-immutable distros like Garuda have as well thanks to full btrfs use. On Garuda in particular, btrfs snapshots are created every time “pacman -Syu” is run and every snapshot is added to your GRUB menu, so if some update breaks your system, just boot into an old snapshot and you’ll be prompted to restore it when it’s fully booted.
My dad, who turns 83 this year, has an old laptop where Windows was the OS. I made him switch to linux and an immutable system was the way to go, although I didn't. He lives a ways away but next time I see him I'm installing an immutable system on his laptop. This is great for comapnies using linux aswell . Haven't tried the distros myself but I do see the benefits of them and that the user won't mess things up as easily, whether it's for me I don't know, I'm fine with the way things are on my system.
Sorry, but end-users probably are the LAST group of people with the ability to mess anything up on linux (not like they'll be able to su or sudo, and if they're jailed it shouldn't have been a problem anyway)...so if you think you need it to any users: it's yourself as the admin you _really_ fear messing everything up.
@@DxBlack Guess you're right but I can't count the number of times by dad has messed something up on his PC, he's a tinkerer and always has been. Anyway I don't think it can hurt him in any way and if something was to go awry I get a chance to tinker myself 🙂
The new SystemD soft reboot will likely make them a bit easier.
Great video! I am wondering if running another distro inside the container of an immutable distro works better than virtual machines? It could be a good thing to check out other distros without having to reinstall the OS from scratch every time for bare metal vs possible limitations in VMs. I also think in some cases, tinkering with distros inside a container could provide more security. At some point I want to take the time to learn Arch and it's nice to know that if I break Arch, I still have a secure functioning OS where I can still do my daily tasks.
It doesn't really work like that. If you start a arch container for example; this is one command to create it, another command to start it. Then you just install any packages you want and start those programs. You don't ever install or use the desktop that comes with arch. You won't do much in terms of configuration or customisation. It is awesome but not even close to full installation experience.
Actually these immutable distros remind me to no-root docker containers. We even had an enterprise kubernetes cluster which enforced using only non-root images. I think they are quite common as server machine images as well.
I do not believe I would try this immutable stuff any-time soon...
It's never "one size fits all" or one way of doing things that fits everyone's needs. Immutable distros show off the power of Linux in what they bring to the table for those who want those things...and like all things Linux, they're just an option.
Exactly!
I've done something similar to this (the hard way) for years. I do all my banking on a VM that is itself as locked down and isolated as possible. Every time I use it, I revert it to its previous state. It's also on its own disk, and I cut power to it when it's not in use via a honest-to-goodness toggle switch (not a momentary switch). These new immutable distributions sound like they could take some of this manual effort out of my hands!
Can I install an immutable OS on a multi-boot configuration (separate partition)? I currently use rEFInd and alternate between 3 OS's on one partition. I would want to be able to add say NixOS to another partition and use rEFInd to boot to that immutable NixOS whenever I want.
I love a lot about the idea of immutable distros. Having my computer work like a fresh install all the time sounds great. But I worry that they give too much control to the distro makers. It feels like a step towards walled garden ecosystems. And I do quite strongly oppose that.
I can see immutable desktops being used by companies that need to maintain consistency throughout their user base. I can see something like NixOS being used because it can rebuild itself after each reboot.
Great video thank you
Hot take: immutable linux distros are the new gateway linux distros for the average joe.
I used nix for 2 years + . Had to use the rollback for some reason my pc don't like the stable kernel. So happy it works this good and even with ext4 and not forcing btrfs on you. Even tho i liked using that it wears more 'the filesystem' . The minus side, is that you need to "collect your garbage" and it will take large amount of space on your drive (the old generations) :)
In all honesty, for me immutable distros have been being the present (in the form of OSTree-based Fedora’s Universal Blue Kinoite and Sericea) for the last almost two years…
Are you usally dishonest?
@@mavfan1 ostree has been a thing for around a decade. I’ve been running it since F35.
Dude, please tell me what brand is your watch; it looks so good!
I honestly think immutable OSes are better for new users and most intermediate users. The added stability, the ease of using flatpak and flathub as your single packaging system, not being allowed to screw up your system. All of these benefit newer users. I do think the concept of immutability goes agains the idea of a free, and open system. But it seems like a better way of doing things for a lot of people. This is why I main Nix
You can also use the nix package manager as a universal package manager for installing things like vim, shells, and other things.
Fwiw, while image-based updates need a reboot, this update often shouldn't take longer than a regular reboot ;)
I’m so relieved you don’t expect them to be the future for general desktop Linux.
Amazing video ! liked and shared (already subscribed).
I pretty much think that immutable distros are much better for enterprise workstations. It makes the work of the IT guys much easier since it is already locked down. Normal distro is still the best for home workstation....
0:09 missed opportunity to say “what the FOSS is all about”
ok but the obvious question, do you get to get rid of the old system images or no? because i would imagine immutable linux would fill up your drive very quickly, just like the rollback feature on other OS'..
Yes, you get rid of old images
My main issue with using flatpak containers is I haven't been able to make them scale to the correct DPI of my screen.
I had install silverblue on my second laptop, it worked fine for the most part however there were things I hadn't been able do till this date like use cuda with pytorch inside toolbox.
Immutable systems are inspired by how smartphone operating systems are already image-based. If you can deal with the whole OS as a single image, Secure Boot (or a future technology like it) becomes way more powerful. Antivirus software, while practically unnecessary now on Linux, will offer even less benefit on an immutable system because you can just restore the device with a reboot. Overall, I’m on board with the idea of immutable systems, but there is still enough to tinker with (e.g., graphics drivers doing funky things) to make these systems undesirable to large segments of the community.
Following one of your previous videos, I tried nixos as my desktop. I like what it's trying to do. But I had a show-stopper. KDESVN is something I use/rely-on. Nixos doesn't include it in its kde packages build. So I went down a several-day rabbit hole of trying to built it myself. I'm a retired software engineer, so not particularly bothered by the idea of building an app from sources. But after several days of banging my head against different brick walls in nixos, I gave up. Nixos trades something I didn't know I needed for something that I did need.
Ah, very good, thanks for this video!
Back in the day I worked for a small mom and pop PC repair place that sold some desktops with live cd OS’s only, the few people that bought them loved it because they stopped getting viruses and destroying their OS.
Currently on VanillaOS and it is a blast., atleast for me who is using Linux mainly as a everyday machine rather than a workstation. It is something I can see preinstalled on devices in the near future and I hope they can pull all of their goals off. Their premise is great and I love what they accomplished, hopefully OS 2 will turn out even better than the first one. Thanks for the Video on this topic!
I tried Vanilla on my old laptop and it worked really well. The only thing I hated was the gnome DE. Idk if or how you could change it.
@@Skelterbane69 you can’t, they have intentions to atleast bring KDE into the mix but currently only GNOME. If you look for another immutable, more friendly Distro, Silverblue/Kinoite especially with ublue and BlendOS are great too.
@@pascalt3572 I specifically want my hyprland. I'm quite happy with my current distro, but I'd like the safety of immutability.
This looks like a good foundation for appliances - after all, Linux underlying Android phones, Kindles, routers etc are essentially immutable.
Haiku is kinda-immutable too, but has an interesting scheme. The base system is distributed in the same .hpkg packages as regular software, and .hpkgs never unpack, but mount on boot kinda like Snaps but without cluttering mount list. To install a package, you don't even really need to use a package manager, you can just copy the package into /system/packages/ You can also install a package per-user, by copying it into ~/config/packages/, but this has no use as of right now, since the OS is single-user in R1
I think the appeal of immutable distro's is for businesses and government. It makes computers a whole lot more secure and predictable. Which is actually the selling point of ChromeOS, which Google is pushing towards enterprises lately. The beauty of other distro's doing this, means that enterprises and governments can roll their own with an extra layer.
what happens if you want to blacklist drivers or change some power settings, etc. I have edited boot files and others to make fedora 38 run nvidia. if a distro is immutable, how to make system changes for certain hardware, etc.
Unless this is done in /etc or /var, or through a tool like systemctl, it’s going to be very difficult
Thank you for this informative tutorial presentation. I did try an immutable (Silverblue), but was stuck since the extra programs i needed were not available as flatpacks or within containers. I guess I am one year too early to be an immutable system user. I am a Fedora 38 user, and from day zero to today (4.5months), I have had zero issues. Perhaps it is because of btrfs file system, or my being the sole user of my desktop system. I have not ever needed to roll-back any software I downloaded, but who knows about the future.
Hello, Good to hear that Fedora works great for you. Which software did you miss in containers? It should all be there, only the core components of your OS cannot come from within a container. But I have to admit that it is not trivial to work with containers, at least right now. I think that is something that needs and will improve in the upcoming years
@@matthiasbendewald1803 It did not work for me. I have 4 other partitions that I have and wanted to add to /etc/fstab, to be mounted at time of system boot but ... I then received information explaining how to add to the immutable /etc/fstab. So, I have an updated /etc/fstab and all is well.
My Development forders are shared across 5 distros on the same system. Each distro has it's own boot drive, and all share a /Development, a /LinuxStuff, a /temp and /Backup. Each Devt system has it's own /home. For now, silverblue is not for me, (I think).
It's a different way of thinking how you set up a system. It also allows you or someone you trust to deploy systems that are tested and setup otb for the end user. The only issue I had with immutable's is mullvad VPN client needing access to low level files even using OpenVPN but that's on me. I love them and the containerized workflows are excellent for dev work .
Thanks Nick.
I think that this will be great for workplaces or even libraries in my area, but I can’t see myself needing this on my laptop
I use NixOS, but I actually use a tmpfs as rootfs, to guarantee that there are no changes to the filesystem which arent specified in the config. On boot, it them bind mounts and symlinks paths which should be persisted, as well as some paths which can't be in the nix store, into place. BTW even my home directory is on the tmpfs. I just persist the XDG directories (Documents, Downloads, etc.) + some more, and the rest gets thrown away at reboot. Helps keep the number of dotfiles low.
Could you call her things like: using video editors with Linux, streaming with Linux and especially using Linux as storage servers and NAS like symbology.
was windows XP embedded not an immutable OS? (today windows IoT) You needed to setup the OS to deploy with specialized tooling for OEM, then it was setup on target HW, where it had an immutable partition, and the rest was reset at reboot or by command.
I love hacking my daily driver to bits so this sounds hellish to me 😂 I can see some use cases for this though and it's an interesting option. Thanks for sharing 👍
+1 for NixOS. Once you get familiar with it and set it up, everything will just work while you don’t have to deal with down configuration conflict especially Docker and LXC.
A read-only /usr isn't a new development at all. Mounting it over a network and updating | installing new software out of band was supposedly quite common in the past decades. The goal was to share it among whole fleets of computers, which is arguably what image-based distros are trying to achieve now, just without network storage.
I run Silverblue on my daily driver and am super happy with it. I wonder what other immutable OS'es people actually run (or tried) and what they think of it.
I went from silverblue to microOS and I find it better in every way, except the installer.
As a dev, I am hesitant to use that kind of distro. I woud definitively use it for my home server when I will start it.
Of course it's secure! It is always about security. You can't have a text editor without it self-updating and informing distributor about how secure your personal files have become. "Here's the list of those: ..."
This sounds a lot like a live Linux environment with a persistence “overlay” - this allows you to have read/write access to the whole OS while keeping the base OS image.