alt

alt, 7 months ago (edited 7 months ago)

Most distros are somewhat equal when it comes to privacy, anonymity and security; with the likes of Fedora and openSUSE known for taking it more seriously out of the box than the other ‘big bois’, while some smaller distros like Kicksecure are known for their best-in-class^[1]^ hardening that they offer by default.

As for NixOS, it’s really its own thing (together with Guix), and thus very different from any other distros. If you conquer it, you would be delightfully met by a system that enables you to do things unheard of in other distros. However, the learning curve is very steep. And perhaps even hardening it to the level that Fedora or openSUSE provide by default might not be trivial.

---

1. Qubes OS is technically not a Linux distro. But it’s worth mentioning as one generally tends to run Linux within a qube (read: VM), and in regards to security and privacy; Qubes OS is simply unmatched, period.

alt, 7 months ago

consentomatic.au.dk

alt, 7 months ago

Pop!_OS is definitely worth considering as it’s one of the few distros that goes as far as providing a recovery partition and offers one of the best experiences for those with Nvidia GPUs. Furthermore, Pop!_OS’ maintainers (read: System76) are actually financially incentivized to make their distro very polished and newbie-friendly as their distro is used on the hardware they sell.

On the flip side, Pop!_OS is currently in a major overhaul to replace GNOME with COSMIC; their own homebuilt Desktop Environment. As the Desktop Environment is arguably the most important contributor to how one experiences their Linux system, the eventual change might disrupt your workflow and you might even be too accustomed to GNOME to consider COSMIC at that point. The ongoing work on COSMIC has even meant that Pop!_OS has missed three major releases and are still clinging on their release from April 2022; thankfully it’s based on Ubuntu’s LTS (read: Long Term Support) release, so they aren’t particularly in rush to get a new release out and can rely on Ubuntu for security updates.

Regardless, COSMIC’s unsure future does leave a lot to be desired and does pose the question if perhaps other options should be considered more seriously instead.

Therefore, my personal recommendation would be either one of the following:

• If you just really like what you see from Pop!_OS, then just install its 22.04 release and you should be good until April 2027. As time goes on, you might be deprived from new developments and features; but at least updates etc will not be able to (potentially) corrupt/break your system in the meantime.
• Wait until April next year; when they’re supposed to release a new version. If you like what you see and the update and the changes are well-received by the community, then consider installing that one instead. It should be supported for 5 years, which is plenty to not worry about your system in the mean time.
• Go look elsewhere. There are hundreds of actively maintained distros out there. While not all of them are worth considering, there are at least a dozen of them that are worthy contenders. In case you’re interested to get the community’s help in finding a distro, consider answering the following questions:
  • Do you use an Nvidia GPU?
  • How would you rate your tech savviness on other operating systems?
  • How eager are you to learn and/or invest time to use your Linux system?
  • Do you prefer to have up-to-date software at all times even if that means daily/weekly updates that might potentially break some functionality?
  • Security or convenience?
  • Opinionated or blank slate?

A shortlist of distros worth considering for a beginner (from easiest to hardest): Linux Mint, Ubuntu, Debian/Fedora/openSUSE and Arch.

alt, 7 months ago

a few commenters pointed out that the highest rated VPN providers in this table just happen to be the ones that advertise most aggressively and are well-known for buying positive reviews from tech blogs, which are pretty clearly designed to be misleading

Exactly. This is unfortunately common practice, so this breakdown can be dismissed as they’re obviously biased due to monetary motivations.

Consider to read Privacy Guides’ take on the matter instead.

(Perhaps personal) TL;DR would be that Mullvad VPN in combination with Mullvad Browser offers the most private internet browsing experience for people who don’t desire to connect to the Tor Network. Furthermore, Proton offers a suite of privacy-friendly services for mail, drive, password manager etc. Therefore, for the sake of trusting the least amount of parties for these services (at the cost of putting all eggs in one basket), one might consider Proton VPN instead; additionally it includes a free tier and some support to port forwarding (read: allows the use of torrent applications).

alt, 7 months ago

Link to r/VPNTorrents’ recommendations.

TL;DR: Only AirVPN and ProtonVPN are recommended. While, IVPN and Mullvad used to be until they discontinued port-forwarding; which makes them unviable for torrenting.

Link that provides Privacy Guides’ opinion on AirVPN. It’s basically rejected because there have been no audits.

alt, 7 months ago

It’s the same folk, basically. TheAnonymouseJoker or whosoever is free to have their own opinions. Fact is that Privacy Guides is an open community that allows the discussion of these topics. If anyone doesn’t like their takes, they can either head to their Github page or to their own platform for a dialogue on the matter.

alt, 7 months ago

Not much to say regarding their first paragraph.

As for their second paragraph, perhaps they are rightfully sceptical regarding Privacy Guides. The body of topics they try to cover is substantial, though. And if TheAnonymouseJoker or whosoever disagrees with them, then they’re free to challenge their views.

Privacy Guides isn’t any kind of Gospel or whatsoever that you’d have to agree with in its entirety. I do believe, however, that they’ve done a tremendous job at offering a one-stop shop for those that are conscious regarding their security and privacy. Everyone is free to choose and pick whatever they like from there or not.

I would love to hear about other resources that do a similarly great job at providing at least decent information when it comes to security and privacy; FWIW thenewoil.org exists, however I don’t recall any VPN overview/guide/recommendations from them.

alt, 7 months ago (edited 7 months ago)

Very interesting indeed! And thank you for raising awareness!

There’s another similar project that’s still WIP and that hasn’t received a lot of development recently. Though, its maintainer does provide hardening scripts for Fedora’s Atomic distros that are worth looking into. Hopefully, we might even expect a collaboration of sorts between these projects early next year 🤞.

alt, 7 months ago

installing Chromium

This wouldn’t sit well with most privacy conscious folk out there. Though, I can understand it from a security point of view. Especially, when one notices that Chromium isn’t installed from Fedora’s repos, but instead the RPM is built to offer a more up-to-date version that should provide improved security compared to the stable version.

removing Flatpak

Probs for the sake of disabling unprivileged user namespaces; as you might have correctly alluded to.

even software stores

I imagine for the sake of minimizing attack surface.

So how am I gonna install software now, layering?

The Nix package manager is installable on Fedora’s atomic distros, so perhaps that route is worth exploring.

to my knowledge flatpaks are more secure than RPMs

To my knowledge, Flatpak’s sandbox indeed isn’t achievable by default with RPMs; unless one knows how to properly utilize SELinux to that effect.

alt, 7 months ago

Basically, you want to not disable kernel.unprivileged_userns_clone.

For a temporary solution that has to be redone after reboot, there is sysctl kernel.unprivileged_userns_clone=1.

For a lasting solution, consider echo kernel.unprivileged_userns_clone=1 | sudo tee /etc/sysctl.d/99-enable-unpriv-userns.conf.

In either case you’re foregoing security for the sake of convenience/functionality, so I understand why you would rather not act upon either of them.

I don’t know what the solution is that would be analogous to installing bubblewrap-suid. Perhaps, it’s worth exploring the projects found within the github page of Awesome Fedora Security for some pointers.

alt, 7 months ago

to use as a media centre and multiplayer gaming system in my living room

Based on this, you’re basically looking for the ‘game console experience on your couch’. If that’s the case, honestly you shouldn’t look beyond^[1]^ Bazzite.

If, instead, you actually wanted to play retro games primarily, then please let us know.

---

1. While ChimeraOS and HoloISO also offer the ‘game console experience’, they don’t support Nvidia GPUs. So you would be on your own at best; which would be a horrible experience for a new user. If you feel particularly adventurous, then Jovian-NixOS is actually another option. But arguably less newbie-friendly compared to Bazzite.

alt, 7 months ago (edited 7 months ago)

I’d definitely like to get some of the classic multiplayer games running on emulators as well.

Bazzite does allow easy install of EmuDeck and RetroDECK during first installation, which should cover most of your emulation needs. For completeness’ sake; Batocera does exist. However, I’m not sure if it runs e.g. Steam games as good as Bazzite runs retro games.

alt, 7 months ago

I don’t own any devices with an Nvidia GPU. Therefore, I can’t share my own experiences but only the ones from the community. If my memory serves me right, it should work. However, as usual, expect some strange behavior at times. Thankfully, getting back to a working system shouldn’t cause you any troubles on Jovian-NixOS. Nonetheless, it’s something to keep in mind.

alt, 7 months ago (edited 7 months ago)

I don’t know by heart if it’s able to do your bidding, but perhaps it’s worth checking out penguins-eggs. I guess the following would be its elevator pitch:

“penguins-eggs is a console tool, under continuous development, that allows you to remaster your system and redistribute it as live images on usb sticks or via PXE.

The default behavior is total removal of the system’s data and users, but it is also possible to remaster the system including the data and accounts of present users, using flag --clone. It is also possible to keep the users and files present under an encrypted LUKS file within the same resulting iso file, flag --cryptedclone.

You can easily install the resulting live system with the calamares installer or the internal TUI krill installer.”

alt, 7 months ago (edited 7 months ago)

Well I guess I’m a Linux user now.

One of us! Welcome!

Gnome apparently doesn’t let you create desktop shortcuts unless you resort to command line.

GNOME is indeed very opinionated. Consider taking a look at any of the “Desktop Icons”-extensions on extensions.gnome.org. This enables one to engage with desktop shortcuts without opening a terminal.

Linux is NOT dumbed down enough for the average user yet.

Depends. I can’t imagine how something like Endless OS could cause troubles to someone that only requires simple functionality (like e.g. their favorite web browser working etc) from their OS.

As a final note some Linux users push harder than crack dealers I’ve met.

Yes. We can be very enthusiastic at times 😅.

I do think that engaging with different desktop environments at this stage of your Linux journey might be very beneficial in the long run, but I can totally understand it if you’d like to settle down for (at least) a moment.

alt, 7 months ago

Distrobox is directly inspired from Toolbx and was created because of limitations of Toolbx and how Toolbx’ maintainers didn’t want to implement some features at that moment in time.

Currently, Distrobox is almost a superset of Toolbx. Though, I’ve come to the understanding that Toolbx does better at some tasks.

If you would like to stick to just one of them, then Distrobox is probably still the better one and should be preferred. However, if its added functionality doesn’t do it for you, then please feel free to continue using Toolbx.

Why is toolbox preinstalled and not distrobox?

Because Toolbx predates Distrobox and is developed by developers that are associated with Fedora and even specifically designed in hopes of solving some issues pertaining to Fedora’s Atomic distros.

alt, 7 months ago

Not OP. But for me, atomic updates, reproducibility, (to some degree) declarative system configuration, increased security, built-in rollback functionality and their consequences; rock solid system even with relatively up to date packages, possibility to enable automatic updates in background without fearing breakage, (quasi) factory reset feature, setting up a new system in just a fraction of the time required otherwise are the primary reasons why I absolutely adore atomic^[1]^ distros.

---

1. I prefer referring to the so-called ‘immutable’ distros as atomic distros instead. It’s more descriptive, because the distros aren’t actually ‘immutable’ but instead they’re atomic.

alt, 7 months ago (edited 7 months ago)

I disagree with most of the benefits you list

I’m curious to hear your objections.

chief among them “increased security”

Do you deny that specific protection to some attacks is provided through the chosen model of ‘immutability’ on at least one of the atomic distros?

not to mention half of them are already supported by traditional package managers

Hmm…,:

• atomicity; nope
• reproducibility =/= reproducible builds for some packages (if that’s what you meant)
• declarative system configuration; ansible (and any other solution that I’ve witnessed being mentioned in such discussions) succeed (at best) at convergent system management, while e.g. NixOS does congruent system management by default. Consider taking a look at this page if you’re interested in what these are and how they’re different. (Spoiler alert) congruent is better and therefore more desirable.
• increased security; security is not limited to chosen model for ‘immutability’ if at all; as Qubes OS (read: most secure and private desktop OS) doesn’t rely on it for its security. So I can understand where you’re coming from, but I have yet to see any non-security focused distro that provides the elevated protection against particular attacks that some atomic distros offer by default.
• built-in rollback functionality; sure, this is not exclusive to atomic distros. Perhaps I should have done a better job at making clear that it isn’t a feature provided necessarily by atomicity. But, the fact that I listed it at the very end, alludes that it isn’t as exclusive and consequential as atomicity is. At this point, however, it has become almost synonymous with atomic distros, while the same can’t be said about traditional distros.
• regarding the consequences; I’m unaware of any distro that does those out of the box (barring Pop!_OS with their factory reset). Though, I’d love to be educated on this.

I was genuinely curious so thanks for the rationale.

It has been my pleasure ☺️! I’m also genuinely curious to read your reply to this comment😉.

alt, 7 months ago

Understandable! Please consider coming back to this at some point (also possible in private) as I’m genuinely curious to hear from you.

alt, 7 months ago

The link for uBlue didn’t work for me. For those interested: uBlue

alt, 7 months ago (edited 7 months ago)

Looks good!

Are you just exploring the waters? Or were you discontent with Void and siduction?

alt, 7 months ago

Thanks for the explanation!

I didn’t like Runit

Unfortunate, but not very surprising 😭. I hope it (or another init) will one day be more than a viable alternative to systemd, so that the hegemony will cease to exist.

the package selection wasn’t great

While not applicable in all cases, I’ve had great success with relying on Distrobox in case I had to rely on the repos of another distro to get my software.

As for siduction, it was just a touch too buggy (i.e. XScreensaver caused the laptop to freeze when I closed the lid) and too preconfigured to be able to resolve easily. It also played havoc with my school’s BYOD internet.

Interesting! I didn’t know that siduction is relatively unpolished.

I’ll probably go back to it at some point, though.

I wonder if perhaps SpiralLinux does a better job.

Of course, the main reason for this new install is that I just bought an SSD, and I’d rather start fresh than try to flash my old hard disk across.

Relatable 😜.

alt, 7 months ago

Not OP.

getting downvotes etc

That was mostly on the first day. OP was probably very frustrated and disappointed after their initial impression. The way the rant that followed afterwards was written didn’t do them any favors 😅 and the downvotes that followed afterwards were therefore not very surprising…

I allredy forgot which distro worked for you

Pop!_OS

I hope to read more about OP’s experiences with Linux and if they decide to stick with it. Let’s hope we get updates on those soon 😉.

alt, 7 months ago

One important thing you need to know about distros: they’re all the same under the hood.

This is true for the traditional model in which the package manager is the main differentiator between distros. Therefore Arch, Debian, Fedora, openSUSE etc and their derivatives (which make up about 90% of the distros found on DistroWatch) are indeed mostly the same.

But the likes of Gentoo and NixOS etc don’t quite fit the bill. Granted, a new user should only very rarely (if ever) start their Linux journeys on any of these advanced distros.

alt, 7 months ago

I mostly want to discourage distro hopping with the belief that they’re missing out on a program or desktop, only to end up on windows because they’re tired of reinstalling everything.

Thank you for being thoughtful! I just wanted to add some nuance with my previous comment.

alt, 7 months ago

Software support seems lacking.

Compared to the AUR, the offering of any other distro will feel lacking (besides this one). Consider an Arch-distrobox for access to the AUR or install the Nix package manager on Fedora through Determinate Systems’ installer.

Xorg wiki page.

Fedora’s Wiki leaves a lot to desire in general, especially if you’ve come from the ArchWiki. On that note, I would argue only ArchWiki and Gentoo’s Wiki are excellent showcases of how the Wiki of a distro should look like.

Furthermore, Fedora has been the first to enable Wayland by default (since 2016 in fact). Therefore, I don’t find it that surprising that Fedora didn’t think it’s worth putting man-hours to the documentation of a project for which its sunset was in sight.

alt, 7 months ago

Wayland released in 2008, so it makes sense for them to stop putting any effort soon after.

alt, 7 months ago

is there any reason why I should even care about the freedom of init system?

Freedom of choice! It’s troublesome if distros and/or DEs rely so heavily on systemd to do their bidding. So much so, that some combinations of distro + DE don’t allow any differentiation in init or make it very cumbersome and unwieldy at best. I’m not interested in making systemd a necessary part of Linux. Therefore other inits not only have to exist, but should be ‘competitive’ as well. Which, to be frank, is currently not the case.

Another concern is that systemd is by no means a minimalist approach. Which beyond bloat, also has security implications. More information can be found in this (infamous) guide by Madaidan; security researcher on multiple distros known for taking security and privacy very seriously like e.g. Kicksecure and Whonix. Interestingly, while Madaidan discourages the use of systemd in that guide, it’s still heavily relied on in Kicksecure; one of the distros he works on. I think this is a perfect illustration of how systemd has become so good that even opponents can’t deny its merits and continue to make use of it for the time being out of necessity.

alt, 7 months ago

How so? I literally don’t see it. My apologies if I come across as obnoxious, but I simply don’t understand how I might have contradicted myself. I never explicitly mentioned Debian anyways, so why did you feel the need to mention that as somehow being related to a supposed contradiction.

alt, 7 months ago

In case you’re bored enough to read my ramblings and/or interested in what I understood and how, then consider reading the spoiler below.

spoiler*** Fam, you’re all over the place. Because you did an awful job at pointing at the supposed contradiction, I’ll have to analyze your excuse of an elaboration so that it somehow starts to make sense if at all: A contradiction consists of N statements that logically contradict with each other; for the sake of making it more precise we’ll refer to these statements as P, Q, R, S etc. After we’ve established this, we can move on to find what these alleged statements are from your comments. My best take would be: (Supposed) Contradicting Statements:- P: systemd is the only init that’s beyond a particular level of excellence and/or feature set.^[1]^ - Q: Some combinations of distro + DE are cumbersome and unwieldy at best if systemd is not used.^[2]^ Perhaps some other related statements that are either implied or a given/fact:- R: Kicksecure uses systemd as its init. - S: Modern distros use an init. - T: Default init is chosen based on preference^[3]^. - U: Kicksecure has to use systemd because P despite not being in favor of some aspects of its design. *** Please feel free to notify me if I missed the mark! Don’t you think that P and Q are actually complementary to one other? *** > No, not at all. The crux might be here. But I’m not sure where exactly you might have tripped over. Was it because I said “opponents” instead of “(some) opponents”? Was it because I said “out of necessity”, while elsewhere I said “don’t allow any differentiation in init or make it very cumbersome and unwieldy at best”, but in this case they aren’t contradictory statements. Was it the fact that Devuan exists? But, this assumes that any of the inits found on Devuan are somehow as mature and feature-rich as systemd. Which, unfortunately, is simply not the case. (I’m hopeful that dinit and s6 might reach maturity soon, though.) > So trying to use Kicksecure without systemd would be very cumbersome and unwieldy at best. Exactly, that was my point. > Perhaps Madaidan should’ve used Devuan as a starting point instead. It’s a team effort, I don’t even know if he started working on Kicksecure from its inception^[4]^. They might also simply be victims of the sunk-cost fallacy. Furthermore, I wouldn’t be surprised if -to them- systemd’s pros simply outweigh its cons. Which, curiously, gets us back to the entire point of my original comment; viable alternatives to systemd don’t exist. This painful truth is not only sad and unfortunate, but perhaps even worrisome for the future of Linux. *** 1. From: *“systemd has become so good that even opponents can’t deny its merits and continue to make use of it for the time being out of necessity”*2. From: *“some combinations of distro + DE don’t allow any differentiation in init or make it very cumbersome and unwieldy at best.”*3. Preference is arguably too broad of a term, but I wanted to make clear that distro maintainers have different priorities. 4. This page suggest otherwise, simply because someone else is referred to as founder. Though, ultimately, I don’t know. ***

If not 😜; did I understand you correctly in that the mere existence of Devuan is the supposed contradiction?

alt, 7 months ago

the best os-design there is: the unix-like system.

Couple of questions:

1. Is there even any scientific basis to this statement?
   • If yes, would you be so kind to cite sources as I got trouble finding peer-reviewed articles on the matter.
   • If not, would you be able to make a logically sound argument on why that is the case?
2. Why Unix-like and not Unix? Wouldn’t Unix be the actual “original vision”?

alt, 7 months ago

Thanks for the answer! I got some pointers 😉.

alt, 7 months ago

Thanks a lot for this excellent write-up! I believe it has successfully fulfilled its purpose.

To make myself absolutely clear: I believe that we agree on our general sentiment towards systemd; I don’t like how it has almost ostracized other inits, nor do I like how ever-impactful it has become across the board so much so that even the most established DE (read: GNOME) has had hard dependencies to systemd in the past^[1]^.

And this is where i think you’ve contradicted yourself. IMO, the only reason opponents use it is not because it’s so great but because it’s so entrenched in whichever distro they’re using.

Got it! I see now why you might have perceived that as a contradiction. And honestly, you might be correct! I assumed that systemd is used for how it might enable the full system AppArmor policy^[2]^ and other features that Kicksecure has become known for. Honestly, I’m not an expert on Kicksecure myself. I just like the project and even try to import some of their systemd-related features and/or configs on my daily driver.

Based on past readings, the idea that systemd was (ironically) still preferred on Kicksecure for security-related features stuck with me. But, honestly, it could have been my misunderstanding and instead they might have chosen to make the best out of it as not using systemd would have increased the maintenance burden tremendously.

This conversation has opened the possibility to me that Kicksecure’s maintainers might have stuck to systemd for non-security reasons. Ultimately, your contribution by addressing that point has been immense. Thank you so much for the insight and for being patient with me 😊!

---

1. I believe this has since been resolved.
2. Based on the following statement: “AppArmor can do this by loading a profile for systemd in the initramfs.” found here

alt, 7 months ago

Ow wow, that’s a lot! Unsure to what degree you’ve used them; but if you feel confident talking about (at least some of) them, would you be so kind to offer us a rundown of what you liked and didn’t like? Thanks in advance!

alt, 7 months ago

Thank you!

alt, 7 months ago (edited 7 months ago)

Couple of things that might have tampered your experience:

• Nvidia. This should come to no one as a surprise, but unfortunately the experience still leaves a lot to desire. Unfortunately, even changing to Nobara didn’t help you out there. If you’re still dead set on Fedora, I would recommend the Nvidia Images of uBlue which are also mentioned in the Troubleshooting part of Fedora’s documentation.
• Using Fedora as a new user. Before people start shitting on me, I’m a proud Fedora user and it has been my daily driver ever since the day I’ve switched to Linux. But -like Debian- Fedora’s strict stance on FOSS requires one to take additional steps during initial setup/configuration after installation. The aforementioned images from uBlue (once again) help to solve that.
• I assume you just did the thing on Windows and straight up downloaded VLC off the internet and thought it would work out like that. I wonder if you do the same on your Android/iOS/macOS device. If I’m mistaken, then please feel free to skip the rest of this paragraph. If not, then please consider to read on. So, while it is possible to download software directly off the internet through your browser, this is in 99% of the cases simply inferior to grabbing your software the intended way; through the installed package manager(s). On Fedora, that would have been dnf and/or flatpak. As VLC isn’t even found in Fedora’s repos (though it is found in RPM Fusion’s repos), your best bet would have been installing it as a flatpak. Which in this case, could have been through the built-in ‘storefront’ with a GUI (it’s called Software on GNOME) or through the terminal with the flatpak install org.videolan.VLC -y command.
• Regarding Media Server, I simply have no experience setting that up. Therefore I hope that others could chime in to offer their support.

---

but y’all are dirty liars. Linux is still bullshit and has been since I first installed it over 20 years ago. What the hell has the community even accomplished if it still sucks this much dick to use?

This doesn’t help your cause. Please refrain from saying such things in the future.

---

Edit: I just noticed this thread. It might simply be the case that Fedora 39 isn’t playing nice (yet). Consider installing Fedora 38 for the time being instead.

alt, 7 months ago

Nope I downloaded VLC through the software manager.

Interesting to hear that it caused so many issues then 🤔. FWIW, I’ve personally been using MPV since I’m on Linux. I don’t remember the exact reason, but if my memory serves me right; support for it on Linux somehow seemed superior compared to VLC. Related; e.g. it’s actually found in Fedora’s repos.

I’m going to do this for one week, doing daily updates and trying my god-damned best to get this shit software to do what the community says it can do.

Kudos for sticking with it for a bit longer! Please feel free to seek help from the community; though be mindful of your language if possible, I’m sure it will contribute to more people reaching out.

I managed the get Nvidia working on 39, which looks like an accomplishment given the other post linked about Nvidia and issues with 39.

Well done! Please note that a random update related to Nvidia might break your system in the future. If you don’t want to deal with that in the future, running one of those Nvidia Images from uBlue ensures that from happening in the first place. This offers some explanation to what it achieves and how. TL;DR:

“We’ve slipstreamed the Nvidia drivers right onto the operating system image. Steps that once took place on your local laptop are now done in a continuous integration system in GitHub. Once they are complete, the system stamps out an image which then makes it’s way to your PC.

No more building drivers on your laptop, dealing with signing, akmods, third party repo conflicts, or any of that. We’ve fully automated it so that if there’s an issue, we fix it in GitHub, for everyone.

But it’s not just installation and configuration: We provide Nvidia driver versions 525, 520, and 470 for each of these. You can atomically switch between any of these, so if your driver worked perfectly on a certain day and you find a regression you just rebase to that image.”

Btw mounting a NAS is basic, basic office environment functionality. I don’t know how Linux ever expects to take over in the office if mounting a NAS drive is this stupid and difficult.

I hope am sure there’s an easy way, we just have to figure out what that is. Wish you the best of luck, though!

Btw, if the idea of Nobara did interest you, perhaps you should consider Bazzite; which is a project related to uBlue, but which -like Nobara- tries to be properly setup for gaming from the get-go.

alt, 7 months ago (edited 7 months ago)

Lots of great answers here already so I will only address a couple of things that haven’t been mentioned:

Regarding Fedora Silverblue:

• Currently, Fedora Atomic Desktops are in a major shift to accept OCI container images for delivery of packages. This means that the built image becomes one compliant to OCI and that we boot into an OCI container as our system. As OCI images are relatively declarative (not to the extent that NixOS does (yet)), it becomes possible to have a set of config files (most importantly, the so-called Containerfile) in which your system is ‘declared’/‘configd’. In case you’re interested into how this looks/works, consider taking a look at uBlue’s startingpoint or if you’re more interested in the scope of configuration into Bazzite and/or Bluefin.
• apx is available as a COPR on Fedora Atomic Desktops.
• Nix can be installed on Fedora Atomic Desktops using Determinate Systems’ installer.

Regarding Vanilla OS:

• They’re also moving to a model that’s very close to where Fedora Atomic Desktops is heading towards. So, expect a similar way to config/‘declare’ your system.

What are your thoughts on the three four distros mentioned above?

It’s a question of polish if you’d ask me. With Fedora Atomic Desktops and NixOS being advantageous due to being more established and better funded. I wouldn’t write off Vanilla OS yet as they seem to know what they’re doing. Though, I wouldn’t keep my hopes up for blendOS as its main developer was unaware of which MAC was configured by default on blendOS (spoiler alert: none, at least at the time).

Furthermore, NixOS is literally its own thing and unfortunately infamous for its steep learning curve. If you can afford to learn and conquer NixOS, then NixOS should be the recommendation; unless (like me) you seek SELinux on your systems.

Between Fedora Atomic Desktops and Vanilla OS; Vanilla OS is still in its major rewrite/revamp. The alpha builds are there, but I wouldn’t recommend using those on production machines. Fedora Atomic Desktops, on the other hand, has been going strong for a while now and the uBlue-team has even succeeded in making the OCI-stuff accessible for the general (Linux) public. So if you want to switch now and NixOS is/seems too hard; then Fedora Atomic Desktops it is. On that note, I recommend to check out the uBlue project.

Which ones are the most interesting, and for what reasons?

Honestly, all of them are really interesting, but NixOS does the most unique stuff; with only Guix doing something similar within the Linux landscape. To give you a taste of some of the wild stuff found on NixOS; there’s the so-called Impermanence module which -to my knowledge- happens to be the closest thing to a usable stateless system we’ve got; period. Consider reading this excellent blog post in case you’re interested to know what this entails.

alt, 7 months ago

A lot of programs I work with very often are Windows-exclusive, and alternatives supporting Linux are rare.

Consider mentioning the programs you work with. On a general note, Wine can be used to make Windows-software work on Linux. Bottles can be used to that effect as a front-end. Furthermore, for a more sophisticated solution; consider taking a look at CodeWeavers.

alt, 7 months ago

Thanks everyone for your replies, I’m really interested in KDE Plasma now.

I agree that KDE Plasma should satiate your desire for customizing the look and feel of your system. But, note that KDE Plasma isn’t properly supported on Linux Mint. Therefore, consider switching to a Distro in which it is; e.g. the KDE Flavors/Spins of Fedora, openSUSE or Ubuntu.

alt, 7 months ago (edited 7 months ago)

What is a reliable yet affordable option to get started?

Unfortunately, good affordable hardware on which Linux is properly supported is hard to get by. I’m personally fond of vendors like (in alphabetical order) Framework, NovaCustom, Star Labs, System76, Tuxedo. But other vendors like ASUS, Dell, HP and Lenovo are known to sell devices that do a considerable job at supporting Linux; consider to check the compatibility/support for their devices through resources like linux-hardware.org.

Are my concerns based in reality or is Linux going to be able to handle everything windows does without issues?

Regarding video types; I don’t think you should have any problems regarding those; on some distros it might not be supported by default, but that should be solvable with a single command. Relying on flatpaks^[1]^ instead is another viable solution and is enabled by default on a lot of distros. Moving on to word document templates; I suppose the suite of cloud-based services found in Microsoft 365 should work regardless. As for the question if the templates would work on LibreOffice, ONLYOFFICE and the like; I simply don’t know. On to familiarity of OS and using it for business purposes; most distros that are friendlier towards newer users have been setup with sane defaults. Therefore, I don’t think there’s a lot that could go wrong as long as you’re interacting with a GUI. When interacting with a command-line interface, note that information found on the internet is often times outdated. Therefore, if you’re hesitant or unsure; consider interacting with the community for some help. We’re all in this together!

is Linux going to be able to handle everything windows does without issues?

You should be totally fine aside from some software that’s known to not support Linux at all.

What else might I need to know to use Linux comfortably from the get go?

Ask yourself the following questions:

• To what degree are you interested to learn how it all works and to experience what Linux offers?
  • If you see it primarily as a means to an end, then pick a distro that does an excellent job at accommodating your workflow without requiring you to relearn more than necessary.
  • If instead, interest in Linux itself is the main driving force behind the switch, then please be mindful that the Linux rabbit hole is very real.

Is it going to take a lot of time and effort to get Linux running how I need it to?

Somewhat related to the previous question*. Like, there are distros out there that I can install for my grandfather and he wouldn’t even notice the difference. But even some (relatively) mainstream-distros can be daunting for so-called power users of Windows. E.g. I would argue I was your average Windows-user; play games, browse the internet, email, write documents, video-editing, run software required for my studies etc. It took me about two weeks before I was ‘comfortable’ on Linux. And even then, some of the software I used for e.g. video-editing just didn’t want to play nice^[2]^.

So, yeah, sell me on Linux, please.

If you want freedom and control over your devices, there’s simply no viable alternative.

---

1. Software management on Linux -at least on the surface- is closer to Android/iOS than to Windows. You should rarely (if at all) feel the need to find software through your browser. Instead, you should interact with so-called package managers. This can be achieved through either a command-line interface or a storefront with a GUI that behaves like those found on Android/iOS etc. Coming back to Flatpak; this is an (upcoming) universal (read: (mostly) distro-agnostic) package manager that tries to solve a lot of problems that traditional package managers have had. There’s still a lot of ongoing work for it to achieve its design-goals to the fullest, but even in its current iteration it works excellent and therefore it’s unsurprising to find it enabled by default on a significant chunk of the Linux landscape. Software that are packaged using this technology are referred to as flatpaks (or flatpak if singular).
2. In retrospect, this seems to be primarily rooted in the fact that my machine isn’t that powerful in the first place. On Windows, it managed because it was better optimized for it. Unfortunately, on Linux, this was not the case.

alt, 7 months ago

Thanks for pointing that out! It has since been fixed.

alt, 7 months ago

Regarding 4; I suppose you’re looking for the ArcMenu extension if you wish to continue using GNOME as your Desktop Environment (will be abbreviated to DE from here on). Though GNOME’s workflow is considerably different to Windows’. Therefore, you might be interested into looking elsewhere unless you’re actually interested to continue GNOME. FWIW, GNOME is one of the most popular and most polished DEs out there, but it’s very opinionated; which rub some folk the wrong way. I personally like it, but others might differ on this. Lastly, GNOME is NOT particularly known to be light. Therefore, if you’re not happy with how it runs; e.g. frame skips with animations or just high RAM usage overall, then perhaps consider Xfce or Lxqt. If you’re not discontent about the performance on GNOME, then you could also consider KDE or Cinnamon as those might ‘feel’ more ‘modern’ than the aforementioned Xfce and Lxqt.

Regarding 5; Ubuntu gets a lot of hate due to:

• how they’re forcing Snaps (their in-house universal package manager; therefore a direct competitor to Flatpak) onto its users. So much so that even attempting to install some packages through apt will result in the Snap being installed instead; which is basically unprecedented within the Linux landscape.
• some mishaps in the past resulted in very bad PR; especially to those that are privacy-conscious and/or F(L)OSS-advocates.

You’d have to get to your own conclusions though. It’s probably still the most used distro and therefore you might expect some QoL-features are only found within. If you’re inconclusive, just try it out and consider reporting back to us on how it went. Regarding old hardware; the DE is the most important factor anyways.

alt, 7 months ago

I don’t know if it even works, but have you considered relying on their Stealth protocol? While its absence on Linux (and Windows) means that you might not even be able to make use of it in the first place, I’m still interested to know if it makes any difference.

alt, 7 months ago

I have something like 70 AUR packages installed and it’s very seldom I have problems.

I’m glad to hear that you’re able to dodge problems more often than not. But even if you wouldn’t have any problems at all, it’s undeniable that the model of Manjaro + AUR is fundamentally broken. No amount of copium, Stockholm-syndrome or masochism would change that.

There isn’t any significant difference in AUR compatibility between Manjaro, Arch or any other Arch based distro. I believe this to be an often misunderstood issue.

Don’t you think that Manjaro’s model of holding back packages conflicts with the AUR that primarily targets Arch which (by design) doesn’t hold back packages? And, if you agree that it conflicts, don’t you think that this actually is a very significant difference as two distinct programs/binaries/software/whatever might rely on two different versions of the same dependency? It’s like a schoolbook example of what dependency hell is*.

When you install an AUR package it will work now, on the current state of the distro (current package versions). Later, as you upgrade packages, AUR packages will gradually start failing to work. This is the same on any Arch distro and it depends on how often you upgrade. If anything, by delaying packages by 2 weeks Manjaro will also delay potential incompatibility.

Fam, with all due respect, I’d like to invite you to educate yourself on this matter. Because, apologies for saying this, there’s just an awful lot of misinformation, conflation and confusion present in this paragraph.

TLDR is that all AUR packages will break eventually and have to be reinstalled periodically, on any distro.

I agree that packages everywhere on all distros may break at some point; that’s just how software is. Though, nothing condones taking on a defeatist stance towards package breakage.

alt, 7 months ago (edited 7 months ago)

You may be happy, or perhaps dismayed, to learn that I finally installed Bazzite on my desktop.

Well played! Welcome to the cool kids club! I’ve actually used Bazzite myself for a short while a couple of months ago. It felt like a holiday destination with lots of cool stuff, but it was more opinionated than what I’m comfortable with. So I returned back home (read: custom uBlue image) afterwards, where I am in command for what’s found inside and where I am free to do whatever I will. Though, I did pick up some of the things I liked from Bazzite 😜, so it was not for naught 😉.

I did a bit tonne of sampling, with BlendOS and Vanilla, trying things out, but Fedora wins.

Very interesting! I’ve got my own reasons for preferring Fedora cough security cough, but I’m very interested to know your findings! I’d have to admit that Vanilla OS’ upcoming 2.0 Orchid update is very tempting though.

I have Fedora Silverblue on a usb in case Bazzite does not like my computer,

Hmm…, perhaps consider the following:

1. Rebase back to Silverblue with rpm-ostree rebase fedora:fedora/39/x86_64/silverblue (assuming you’re already on Fedora 39).
2. After you’ve booted into Silverblue, pin the Silverblue-deployment with sudo ostree admin pin 0.
3. While still in the Silverblue-deployment, rollback to Bazzite with rpm-ostree rollback.
4. Reboot, and you should notice that you have one additional entry in the GRUB-menu. That’s the Silverblue-deployment where you can always fall back on; just in case*.

The above steps do assume that you haven’t pinned any prior Silverblue-deployments; as you don’t necessarily need multiple Silverblue-deployments 😅. Furthermore, they assume no additional steps involving Nvidia; but that’s mostly because I don’t have any experience dealing with that (thankfully).

I swear I will just jump onto the NIXOS (or guix) bandwagon if I ever decide to switch again.

FWIW, you can install both Nix and Guix on Silverblue.

alt, 7 months ago

I super appreciate all of the tips!

It has been my pleasure 😊!

I thought I was good installing Bazzite with a fresh install using an ISO, made sure to pick the NVIDIA option… it just failed to load the drivers, and showed a gray screen switching to open drivers.

Very strange. Consider reporting this as a bug on their Github or ask assistance on their discord server.

I played with NixOS in a VM. I have sooooo much to learn… so I think I will just install the package manager, and gorge on the cake I get to keep.

NixOS, while excellent at what it offers, is indeed very different from almost anything else. I wish you the best of luck if you wish to conquer it, but I’ve personally put it on my backlog; I hope to return to it eventually, but not now. Perhaps consider using Fleek, which would be Nix-made-easy. Obviously, it isn’t as powerful, but perhaps a new user doesn’t need that much power in the first place 😉.

alt, 7 months ago

Silverblue + distrobox is enough for me.

Aight. Hope to meet you next time your hand and fingers start tingling and itching 😜.