• ChojinDSL@discuss.tchncs.de
    link
    fedilink
    arrow-up
    212
    ·
    4 months ago

    Immutable in this context refers to an OS that can’t be changed while running. Steam deck does something like that. Basically the all of the OS system files are read only, so that the user or some malware can’t Bork the system. The only parts that are writable are the users profile directory and the logs.

    You can still receive updates and install apps. It’s just that that’s handled a bit differently than with a standard OS.

    E.g. it could be that the OS provider only issues complete updates, and then you either have to reboot. This is the case with steam os on the steam deck. The System portion of the OS is mounted read only during use.

    • davidgro@lemmy.world
      link
      fedilink
      arrow-up
      66
      ·
      4 months ago

      Another prominent example is Android. Sure system apps can be upgraded individually – by storing the new version in a restricted part of the ‘user’ partition – but otherwise the system files are strictly read only until a new ‘image’ is ‘flashed’ to it by the update system or a power user with debugging tools. In the past, a common use of root capabilities was to remount the system partition as read/write and then change files on it directly. It’s more complex now.

      That’s also why system apps can be rolled back to the stock version, and can sometimes be disabled, but can’t be directly uninstalled like user apps. Only the updated version on the user partition (if there is one) can be removed.

        • davidgro@lemmy.world
          link
          fedilink
          arrow-up
          14
          ·
          4 months ago

          Sure they are, but system apps are still installed in the immutable space initially, which is the important thing, that updates to it can’t go there.

          I don’t know how desktop immutable systems deal with that.

    • Blubber28@lemmy.world
      link
      fedilink
      arrow-up
      15
      ·
      4 months ago

      I’ve read several topics trying to explain it and this single comment does a way better job, thank you XD

      If you don’t mind me asking a follow-up, why are non-immutable OS’s in Linux more popular? Or in other words, is there a definite downside to an immutable OS that people should be wary of? I was planning to install Fedora 40 soon, but now I think I may opt for the Atomic one (with the KDE env) instead.

      • WFH@lemm.ee
        link
        fedilink
        English
        arrow-up
        15
        ·
        4 months ago

        Regular Linux distros have 30+ years of history. It’s what most of us are used to. Immutable/atomic/transactional OSes are relatively recent hence the relatively low adoption rate.

        Also, atomic OSes are, by nature, much harder to tinker with. After all, the goal is to provide the exact same image for all users. As a power user, it’s a bit frustrating. As a new user, having a virtually unborkable system is excellent.

        If you plan on installing an atomic variant of Fedora, may I suggest uBlue Aurora instead of Fedora Kinoite? It is based on Silverblue/Kinoite but includes by default, among other QOL improvements, the restricted-licence codecs that must be manually installed in official Fedora products.

        • kurcatovium@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          ·
          4 months ago

          Well, currently I use Tumbleweed with just couple of tweaks, but I can’t live without things like Yakuake, fish, yt-dlp and bunch of other console commands that are not present in most dostros’ defaults. How does atomic distribution handle this? I believe flatpak only has gui applications…

          // I just diacovered Yakuake is there, but I can’t imagine how does this specific program integrate with system?

          • WFH@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            You can layer basically any RPM onto the base system with rpm-ostree, but it’s slow and inefficient, or you can install anything from any distro by spinning a container with Distrobox and exporting the command to your main system.

            • Vittelius@feddit.org
              link
              fedilink
              arrow-up
              3
              ·
              4 months ago

              The universeal blue family of operating systems also comes with Homebrew, the Linux port of the popular Mac package manager. The idea being that flatpak is for GUI apps and homebrew for the cli

              • WFH@lemm.ee
                link
                fedilink
                English
                arrow-up
                3
                ·
                4 months ago

                Oh yeah thanks I forgot about brew. TBH the only uBlue machine I’m currently playing with is destined to be my dad’s new computer, so he’s not expected to get anywhere near the command line :D

        • Blubber28@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          4 months ago

          I am all open for suggestions! I will add a bit of context; I am proficient with Linux command line, good enough to troubleshoot if problems pop up. But I currently do not feel the desire to tinker a lot with the system itself, I just want to do daily driving, play games, and do some basic coding for fun. What value do those restricted licence codecs bring to the system?

      • ChojinDSL@discuss.tchncs.de
        link
        fedilink
        arrow-up
        9
        ·
        4 months ago

        If the immutability in OS is well designed, then there shouldn’t be really an downsides or loss in comfort. That is, unless you’re a linux expert and like to tinker under the hood.

        The general idea is, the core of the OS if read-only, and everything else that needs to be modified is mounted writeable. Ideally, protecting the core of the OS from writes, should for example prevent malware from installing a modified kernel or boot loader. Or maybe preventing the user from accidentally borking something so that their system becomes unbootable. How much of an advantage that is practice is dependent on use case. In the case of Steam OS on the steam deck, it’s perfect, since boot issues on the steam deck could potentially be tricky to fix as opposed to a standard PC.

        Another advantage of immutable could theoretically be wear and tear of certain storage devices. e.g. Think of a raspberry PI and SDcards. If you could have most of the important stuff of the OS as read only on the SD card, and everything else on a usb disk or even an NFS mount, then the SD card should last much longer since no writes are happening on it.

        As far as true security benefit is concerned… I can’t really say. It depends on how updates and eventual writes are actually handled to the immutable part of the OS. Obviously at some point, changes do happen. Like during a system update. In the case of Steam OS, The system portion is wiped and replaced the new version. Chimera OS, did something similar (I don’t know if they still use the same method). They had a read-only BTRFS partition, where they would then provide a new snapshot during an update, which would be downloaded and applied at the next reboot. This approach would hinder automated crypto malware for example (at least for system files).

        • Blubber28@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          4 months ago

          Thank you, then it looks like I’ll be giving the atomic one a try! I can always overwrite and install normal Fedora KDE if the atomic version is giving me issues after all :)

      • Mango@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        I know of a good specific example of a downside. I play SS14 on Steam Deck and musical instruments in it require midi support. This means I need to properly install FluidSynth, but I can’t. I can get the flat pack, but the game won’t recognize that it’s there because it’s looking in the wrong place.

        This is why I’m going to install bazzite on my deck.

      • Max-P@lemmy.max-p.me
        link
        fedilink
        arrow-up
        40
        ·
        4 months ago

        Yes, pretty much always has too. /system is normally mounted read-only and all use data is in /data, so when you want to factory reset, you just format /data and reboot and voilà, brand new. Later versions also have a /vendor and a bunch of other partitions but the idea remains the same, as a user you only get to change /data (and /sdcard back before they had any meaningful internal storage, now it’s an overlay mount to /data/media/0).

    • PotatoesFall@discuss.tchncs.de
      link
      fedilink
      arrow-up
      2
      ·
      4 months ago

      I’m no expert on this but I’m pretty sure the /etc directory is writeable too for config files, which sadly still allows a user or malware to still bork the system if they get superuser privilege

      • fullstackhipster@awful.systems
        link
        fedilink
        arrow-up
        7
        ·
        4 months ago

        I find it hard to imagine a system that is not borkable by a superuser. Maybe it’s helpful to think of immutable setups as harder to bork by accident during routine maintenance (e.g. through faulty updates) and more resilient to bad code (through containerization).

        • PotatoesFall@discuss.tchncs.de
          link
          fedilink
          arrow-up
          4
          ·
          4 months ago

          good point, that’s fair. The reason I think it bears mentioning is that editing configs under /etc/ is totally something we might expect a user to do. So you could follow a tutorial online that is wrong or outdated and with enough bad luck, tada, you bricked your “immutable” system. Or, less dramatic and more likely, something doesn’t work as intended anymore and you don’t know how to restore to the original config from when you installed.

          • fullstackhipster@awful.systems
            link
            fedilink
            arrow-up
            7
            ·
            4 months ago

            You’re right that “immutable” is a bit of a misnomer in that regard, and it’s been argued that “atomic” is a more fitting term.

            And I agree that a lot of documentation and how-to-guides don’t account for immutable setups (yet?), which can get novice users especially in a lot of trouble.

            Personally, I prefer a declarative system (NixOS) that solves this problem rather cleanly and gives me most benefits of so-called immutable distros as well.

    • Ð Greıt Þu̇mpkin@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      4 months ago

      Sounds pretty secure except for at the update stage, but you said that’s handled differently so maybe that’s more secure too.

      • Max-P@lemmy.max-p.me
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        Depending on the use case there’s usually a temporary system that’s there only to take the update from the user partition and apply it to the system partition. So even if you bork the update it’ll still boot into that environment and install the system again. Valve does provide bootable images to put on a USB stick if you do break it pretty bad. It’s just a PC, it doesn’t do much to stop you from wiping the disk. The route Android took is A/B devices, when you’re using A you update B and then reboot into B, then the next update you’ll be updating the A partition and reboot into it. Plus if the next one fails to boot for some reason you can revert to the old version as if nothing happened, and retry the update from scratch. Except Samsung, because I don’t know I guess they want to turn the updating into a whole experience of anticipation or whatever crap reason they have for it.

    • MyFairJulia@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      What if a new OS comes with, say, a GPU driver that is not compatible anymore? Is there not even an override for this possible? I have a PC with the GTX 970 which in computer terms is basically just after the meteorite crash ending the jurassic era. And i have been considering to use Bazzite OS for this machine.

  • Ooops@feddit.org
    link
    fedilink
    arrow-up
    118
    ·
    edit-2
    4 months ago

    An immutable OS is fixed and mounted non-writable. Every update you get, every program you install is handled on top of it via containers or filesystem overlays so the underlying OS is untouched. Basically the same concept you know from smartphones or other devices with a “reset to factory settings” function. No matter how hard you screw up your system, you can always reset to the base OS, either by granulary deactivating things installed on top, or by a reset to the working base OS.

      • Ooops@feddit.org
        link
        fedilink
        arrow-up
        2
        ·
        3 months ago

        They are written but don’t replace something in the read-only OS. They are just overlayed, so once removed the original is still there. How they do it differs. There are actual overlay filesystems for the job, or some use btrfs where all subvolumes behave mostly like virtual partitions (and copies of a subvolume only take space for changes of the original).

  • prime_number_314159@lemmy.world
    link
    fedilink
    arrow-up
    45
    ·
    4 months ago

    An immutable OS is useful for things like an alarm clock, where if you accidentally muted the sound system, you could oversleep. There’s an obvious downside if you’re someone that watches porn on your alarm clock computer, but sometimes compromises must be made.

    • JackbyDev@programming.dev
      link
      fedilink
      English
      arrow-up
      8
      ·
      4 months ago

      I used to have a clock that had a USB port for pictures to display. This may be a larger problem than we’re aware of

  • lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    30
    ·
    4 months ago

    None of us knows!

    There’s a group of hardcore hackers that keep bringing it up and we’re all afraid to ask.

    PS: Kudos for biting the bullet.

  • dan@upvote.au
    link
    fedilink
    arrow-up
    26
    ·
    edit-2
    4 months ago

    Have you used Docker before?

    You know how Docker images are read-only? Changes are layered on top, but the base image itself is read-only and all other files are stored in a volume outside the container. Containers are seen as ephemeral. When you upgrade to a new version of the image, the container is deleted and a new fresh one is created.

    Imagine that but for the whole OS.

    A related concept is an “atomic” OS, which means upgrades are atomic. Atomic in this context means that either the whole upgrade succeeds, or the whole upgrade fails. It can’t get stuck in a half upgraded state. If you’ve dealt with databases before, it’s a bit like database transactions.

  • Destide@feddit.uk
    link
    fedilink
    English
    arrow-up
    13
    ·
    4 months ago

    Root directories are no go unless you specifically ask to change them. If you’re developing it’s a lot easier if you can depend on all the programs and dependencies to be the same in the same directories.

    It’s like getting a system how you like it and burning it to dvd.

    The changes from distro to distro are how they handle your changes. More specially how do we undo changes if it goes wrong

    There are a few ways to handle changes some swap from image A to image B like vanilla os

    Some just use their rollback image tech they have in standard distros like opensuse aeon .

    Some like fedora silverblue use images that pull from a repo if you’ve used docker this might seem familiar.

    From silverblue you have ublue project that really pushes the container ethos your distro becomes a host to ask sorts of containers kinda like proxmox.

    The end of the day it’s like distros a collection a packages with the essential stuff locked in a non writeable directory.

    I hope this is clear sorry I’m dyslexic and it’s bedtime

  • superkret@feddit.org
    link
    fedilink
    arrow-up
    10
    ·
    4 months ago

    It’s the newest hype for Linux nerds. You literally can’t get them to shut up about their OS.

      • whoareu@lemmy.ca
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        How do you verify lack of intelligence? We could easily test lack of knowledge but how to test someone’s intelligence?

        • FuglyDuck@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 months ago

          Well one simple way is to place a direct-shock stun gun on a table and put them in the room with it.

          Let them wait ten minutes, see if they get bored and shock themselves. You’d have to do something to make sure they don’t like it, though.