Head to squarespace.com/thelinuxexperiment to save 10% off your first purchase of a website or domain using code thelinuxexperiment

Here's a small correction- Nixos doesn't necessarily require reboots to apply configurations (or update the system). nixos-rebuild boot makes the updated config available from the next boot onwards, whereas nixos-rebuild switch makes those changes take place right away.

One thing not mentioned here--in many cases, you can start with a base image and then apply a set of changes to customize your configuration. If you put those changes on a git server, then you now have a versioned record of everything you've done to configure your system. This is of course excellent for reproducibility, but it's also great for experimentation. You can try things out with complete security because if something goes wrong, you can simply revert your changes. I initially tried this out with universal blue, which provides support for customizing fedora silverblue, but then I switched to NixOS, which is really ideal for reproducibility + risk-free experimentation.

“Are the future of Linux?” Edit: This mistake in the title has since been corrected.

macOS is already doing this sort of thing on mainstream desktops with the introduction of the sealed system volume, so I think immutable distros probably can be made fairly seamless for regular users, so I do think the norm will move in that direction in the coming years

I bet 10 bucks that Apple would do the same thing and sell it as "security update" while all they would do is to charge you extra to let you keep your files after a reboot.

I advice you all to watch the talks of Richard Brown, a developer at SUSE who is also the creator of OpenSUSE MicroOS an immutable variant. He did a talk called "Why you should be running the MicroOS Desktop", when he explains why he consider MicroOS to be the "best" distribution he still acknowledge the various disadvantages it can have and the problems that an immutable system still needs to resolve.

I use Fedora Kinoite and i love it. I love the immutable base and im used to work with containers. Kinoite makes it easy for me to keep track of what i installed on the base system and therefore keeps my system clean. If i wanna test something: spawn a podman container and delete the container after testing. Upgrading to a new version of fedora is also extremely safe. If let's say you upgrade from version 38 to 39 you can rollback if something doesnt work properly in the new version. So having a bleeding edge system with this safety net is the perfect combination.

In most cases, people should be rebooting any distro after updates. It's the only way to guarantee you're actually using all the new versions of apps & libraries. I've run into a lot of weird issues & instability, when I do not.

Immutable distros certainly have their momentum, and there is a niche for that approach, but i don't think the classic approach will be gone anytime soon.

An "immutable" OS is very appealing to me as someone who regularly runs new and unknown software on their daily driver. I always keep a drive image as a backup, but I'd rather avoid the hassle in the first place! Plus the payload may already have gotten inside the image... and the one before that, and the one before that... 😅

I really like the idea of immutable distro. They have a lot of potential for the future. I hope we will have this for smartphone soon.

NixOS is great, it's reproducible and doesn't make your computer a guess-the-state mess. It's also great for configuring multiple devices the exact same way.

macOS is immutable in some way too. The OS files themselves are on a “system volume” which is mounted as a read only snapshot that is recompiled when there’s an update. That means you can reinstall macOS without losing any user files and applications. And it’s VERY difficult for any malware to interfere with core system functionality. macOS switched to this with Big Sur with previous versions bringing CoW APFS and separate system and user volumes similar to LVM.

I don't know if this will take over regular Linux desktop, but this is probably the way for future linux mobile.

My opinion on this, as someone who's still quite new to the Linux space, is that these would be good for less tech savvy people coming over to Linux. They put a focus on security and stability, and prioritise package managers over any other form of application installation. I think this is very valuable for people who don't really want to edit their system, and just want to be able to click about and do their work/home life. For people who want more control over their systems, asking them to use an immutable system would be a bit of a stretch. I'm thinking someone like my mum could use an immutable Linux as her home OS. She's very prone to breaking things by simply panicking and clicking the wrong things, and she's very good at finding the wrong stuff on the internet and getting viruses. Giving her an immutable system would help a lot, as she can't easily break the internals, and it gives her the stability and package security that she'd seriously benefit from. I think if these ironed out some of the more awkward workarounds that have to be done into more clean, easy solutions, immutable distributions could completely change the way the average computer user sees Linux

So unless you are advanced user, Immutable Distro is just like security/backup upgrade (the "immutable" reminds me of kotlin). You just have to re-learn how to install & update a software/app, again from the beginning.. Which can be easy or hell depends on YOU, the user.

+1 for NixOS. It's too bad you lumped it with the other immutables because it doesn't suffer the drawbacks you mentioned (except learning curve).

09:20 Just as a heads-up, you don't need root privileges to update your image, just `rpm-ostree upgrade` will do. Same is true for installing/layering new packages ;-)

0:09 missed opportunity to say “what the FOSS is all about”

I'm using debian bookworm right now with an arch distrobox container and it's honestly been a joy. Having the rolling release apps with the stability of debian. There are some awkward funny side effects but if you are somewhat experienced with linux it's pretty easy to overcome

Immutable distros are a likely future for average person. Most people using a computer have no need for the kind of power that a traditional distro provides. They wanna browse the web, send emails and maybe use office. They don't need or want to see the stuff under the hood and having them accidentally break something is a real risk. A risk that immutable systems don't have. Silverblue is something I wanna give a whirl for myself one day. It's looking like it's quite reliable to use on the daily. Steam OS is also very cool. I'm hoping Valve release generic ISOs for that soon. Also, you can update packages on Fedora without a reboot. Updating through the terminal using DNF will just apply the update, no rebooting required. It'll be fine most of the the time. I just let Fedora update when I shut down my PC though, so the reboot option works fine for me.

Immutable Distros are perfect for people who just want to have a stable and secure system. I play around with OpenSuse Kalpa (MicroOs alpha variant with KDE Plasma) in a VM and I really like it so far. I'm currently on Debian, but I could see me using it in the future. Tumbleweed is already a great stable rolling release but combined with the stability of an immutable system, would make it perfect.

Re: updates - this is a feature that even some non-immutable distros like Garuda have as well thanks to full btrfs use. On Garuda in particular, btrfs snapshots are created every time “pacman -Syu” is run and every snapshot is added to your GRUB menu, so if some update breaks your system, just boot into an old snapshot and you’ll be prompted to restore it when it’s fully booted.

Immutable is the Android cognate of Linux. It's great for business usage, and for stable usage for things like Multi-Media creation workstations in corporate environments, and they're also great for newbies who not only un-tech savvy, but don't know what Linux is about, and don't want a geek to babysit them so they don't break their install every few hours.

The best immutable linux distro is a Linux Live disk on a read only CD Rom, which Linux Mint no longer supports, perhaps someday Chrome OS will, which would be a pretty secure distro.

The future is now for me since Nixos and OpenSuse kalpa are my daily drivers. Even my home lab server is an immutable operating system - OpenSuse micro os.

After 13-15 years of messing with LInux, I consider myself on the cusp of being an intermediate user (but still far away). I say that, because I can see that something like this would keep beginners from breaking their distro so easily. Problem is that it doesn't sound user friendly. Besides, you learn more about your system when you break it (hopefully by accident) and then try to fix it. Then there's the core concept of Linux (at least as I perceive it): the freedom to make it entirely your own. I don't see how an immutable Linux distro affords that ability.

They are gold for true Linux noobs. I remember playing with Ubuntu 10 years ago and the distro throughout years of trying different versions and updates after while would have the gui fail to launch. The Bluetooth would break. The same WIFI that I had used to download the update would not work after the update. Even now my HDR display would probably be useless on most distros. So far I have been using the steam deck to play Dragon Age Origins, and since cloud save doesn't work I've been using the Steam Deck as my main computer for about a month. Firefox does not full screen properly in game mode, and Chrome crashes pretty often, but the reboots are reasonably quick. HDR randomly turning off has been the only other draw back. I haven't noticed anything that would have let me know that it was immutable as I am probably the target audience for the Steam Deck. Oh, and the HDR fix is super simple, just turn it off and back on in settings then it works for a long time, not sure how long, I am not sure that issue happened more than one time or not. Either way it is seemingly acceptable. Would be nice if they made playing a walk-through while playing a game a little easier, but even that isn't that hard. Alt-tab would be nice though. No major complaints.

Silverblue user here... for the last year. according to MAtt from Fedora... they ARE the future for Fedora. The benefits way surpass the issues.

If everything actually works in the immutable distro (remote file sharing, sleep mode, Bluetooth, etc...) I could see them being better for a casual user like myself. My last attempt to use Linux on my daily desktop was an utter failure of a system going into a coma whenever it went to sleep. Of course, I'm still waiting for native HDR support before I try Linux again.

Very clear explanation. Thanks. I've been lucky that since 1998 when I first installed Slackware to now (Linux Mint and Tuxedo OS) I've never managed to break my entire system.

Interesting to see that Vanilla OS is in the process of rebasing from Ubuntu to Debian. Hopefully Linux Mint does the same soon (despite Clemenet Lefevre's diplomatic statements about wanting to maintain a healthy working relationship with Canonical)....

My dad, who turns 83 this year, has an old laptop where Windows was the OS. I made him switch to linux and an immutable system was the way to go, although I didn't. He lives a ways away but next time I see him I'm installing an immutable system on his laptop. This is great for comapnies using linux aswell . Haven't tried the distros myself but I do see the benefits of them and that the user won't mess things up as easily, whether it's for me I don't know, I'm fine with the way things are on my system.

I like knowing that my system won't be unusable anytime soon

i gotta say, u are one of the few youtubers that has the ltt segue skills.

Cool, didn't know linux had this tech too. Our current Virtual Desktop farm (multi user windows server) is build with the non-persistent principal. A small and clean golden image and the rest is added via app virtualization. Our future farm (W11/W12?) will use similar mechanisms. It's a bit of a learning curve in the beginning but we love the flexibility it gives us. I don't expect this to become a thing for personal users but maybe more for admins managing a lot of linux desktops.

In Linux you reboot only when system libraries are updated. Basically when there's a kernel update. If something from your desktop is updated, you just need to logout and log back in. For some apps you just restart them. This might seem overwhelming for some so some distros opt to request a full system restart.

Nah, I've got a one-track mind, I like Linux Mint!! Gone are the days when used to be curious, I'm getting old now. 😊

Chromeos is an example of a super-immutable linux distribution

I was hoping you would say you hardly need to reboot at all, just rebooting the overlay userland. Or did you say the appliance type ones can have v high uptime? I use KBOOT/exec to restart my box without going to BIOS

I pretty much think that immutable distros are much better for enterprise workstations. It makes the work of the IT guys much easier since it is already locked down. Normal distro is still the best for home workstation....

Immutable distros sure look like an interesting approach for servers or systems that need to be super duper stable. But right now I'm good with Debian testing (even if I sometimes want newer packages earlier...). Thank you for showing us what they can do!

It's never "one size fits all" or one way of doing things that fits everyone's needs. Immutable distros show off the power of Linux in what they bring to the table for those who want those things...and like all things Linux, they're just an option.

Great video mate, awesome summary of the immutable Linux landscape at present and how it can be used.

Still loving my so simple Vanilla OS.

In all honesty, for me immutable distros have been being the present (in the form of OSTree-based Fedora’s Universal Blue Kinoite and Sericea) for the last almost two years…

Latest Elive Linux has that covered in a nice way. On boot you can choose to boot in your standard system or into their so called "impermutable' system. The latter allows everything the normal system would, except that all changes will be lost after a reboot. It's great for testing intricate stuff that could break your system. 😇

I can see immutable desktops being used by companies that need to maintain consistency throughout their user base. I can see something like NixOS being used because it can rebuild itself after each reboot.

I love a lot about the idea of immutable distros. Having my computer work like a fresh install all the time sounds great. But I worry that they give too much control to the distro makers. It feels like a step towards walled garden ecosystems. And I do quite strongly oppose that.

Thanks for this overview on immutable distros, Nick. I actually considered to put BlendOS onto a ThinkPad I would use exclusively for work but the handling of updates and stuff still feels weird to me. Maybe sticking with openSuSE Leap and snapshots is the smarter approach here? I don't know. But I like the concept a lot, especially since both BlendOS and VanillaOS try to get rid of the issue of where to obtain packages from since that's still an issue with say Arch having patches and changes Ubuntu users have no access to even with PPAs. At least flatpak compensates for that already a bit.

Great video! I am wondering if running another distro inside the container of an immutable distro works better than virtual machines? It could be a good thing to check out other distros without having to reinstall the OS from scratch every time for bare metal vs possible limitations in VMs. I also think in some cases, tinkering with distros inside a container could provide more security. At some point I want to take the time to learn Arch and it's nice to know that if I break Arch, I still have a secure functioning OS where I can still do my daily tasks.

If people keep using their computers as browser appliances, immutable systems make way more sense.

Immutable systems are inspired by how smartphone operating systems are already image-based. If you can deal with the whole OS as a single image, Secure Boot (or a future technology like it) becomes way more powerful. Antivirus software, while practically unnecessary now on Linux, will offer even less benefit on an immutable system because you can just restore the device with a reboot. Overall, I’m on board with the idea of immutable systems, but there is still enough to tinker with (e.g., graphics drivers doing funky things) to make these systems undesirable to large segments of the community.

NixOS FTW

Thank you for this informative tutorial presentation. I did try an immutable (Silverblue), but was stuck since the extra programs i needed were not available as flatpacks or within containers. I guess I am one year too early to be an immutable system user. I am a Fedora 38 user, and from day zero to today (4.5months), I have had zero issues. Perhaps it is because of btrfs file system, or my being the sole user of my desktop system. I have not ever needed to roll-back any software I downloaded, but who knows about the future.

Immutable Linux distros goes against the Linux ethos of being able to change every thing

I do not believe I would try this immutable stuff any-time soon...

I used nix for 2 years + . Had to use the rollback for some reason my pc don't like the stable kernel. So happy it works this good and even with ext4 and not forcing btrfs on you. Even tho i liked using that it wears more 'the filesystem' . The minus side, is that you need to "collect your garbage" and it will take large amount of space on your drive (the old generations) :)

This looks like a good foundation for appliances - after all, Linux underlying Android phones, Kindles, routers etc are essentially immutable.

Following one of your previous videos, I tried nixos as my desktop. I like what it's trying to do. But I had a show-stopper. KDESVN is something I use/rely-on. Nixos doesn't include it in its kde packages build. So I went down a several-day rabbit hole of trying to built it myself. I'm a retired software engineer, so not particularly bothered by the idea of building an app from sources. But after several days of banging my head against different brick walls in nixos, I gave up. Nixos trades something I didn't know I needed for something that I did need.

that sponsor segways was not unexpected but smooth 😂

In my experience, most instability comes from system updates that don’t play nice with your hardware, not some app that has conflicting dependency with other app. Immutable distros don’t really help this apart from the snapshots, which you can also do with time shift and backups on any distro.

These Immutable systems sound very cool and I wish I could adopt it. But in no way I'm going to jump into this rabbit hole of again trying to learn how to do basic stuff. Things should be easy and the user should be able to do it in a couple of clicks.

+1 for NixOS. Once you get familiar with it and set it up, everything will just work while you don’t have to deal with down configuration conflict especially Docker and LXC.

was windows XP embedded not an immutable OS? (today windows IoT) You needed to setup the OS to deploy with specialized tooling for OEM, then it was setup on target HW, where it had an immutable partition, and the rest was reset at reboot or by command.

The new SystemD soft reboot will likely make them a bit easier.

Currently on VanillaOS and it is a blast., atleast for me who is using Linux mainly as a everyday machine rather than a workstation. It is something I can see preinstalled on devices in the near future and I hope they can pull all of their goals off. Their premise is great and I love what they accomplished, hopefully OS 2 will turn out even better than the first one. Thanks for the Video on this topic!

Tried Fedora Kinoite a few weeks ago. The first flatpak program I installed wouldn't run because of missing dependencies in the OS. The FIRST! 😂 Installed regular fedora workstation and decided to postpone immutable experiments for a while...

Can I install an immutable OS on a multi-boot configuration (separate partition)? I currently use rEFInd and alternate between 3 OS's on one partition. I would want to be able to add say NixOS to another partition and use rEFInd to boot to that immutable NixOS whenever I want.

this video so good, i have to re-watch it and take serious notes.

Actually these immutable distros remind me to no-root docker containers. We even had an enterprise kubernetes cluster which enforced using only non-root images. I think they are quite common as server machine images as well.

I hope immutable distros aren't the future. Sounds and looks like they're going backwards to how Windows works.

A nice to way it is: Traditional linux distros are a distribution of packages that are managed by a.......package manager "Immutable" linux distros are distribution of a operating system image on top of which you can install additional software

I just worked out how to set up a second drive as my /home folder by editing the fstab configuration file. I guess I won’t be able to do that in an immutable distro?

12:55 yeah.... doesn't seem like something I'm interested in. And seems to complex to be something I'd put on a family members device.

I've done something similar to this (the hard way) for years. I do all my banking on a VM that is itself as locked down and isolated as possible. Every time I use it, I revert it to its previous state. It's also on its own disk, and I cut power to it when it's not in use via a honest-to-goodness toggle switch (not a momentary switch). These new immutable distributions sound like they could take some of this manual effort out of my hands!

I don't think this will be the future for everyone, but its amazing for enterprise and beginners. I'm honestly excited for what this tech can do for linux on mobile.

There's a reason why Chromebooks are doing pretty well in schools: system updates happening in the background without user interaction and without having to wait for the system to apply updates on shutdown or boot is perfect for people who are not computer savvy. Immutable distros are interesting for such users at least for the more seamless system updates.

I use NixOS, but I actually use a tmpfs as rootfs, to guarantee that there are no changes to the filesystem which arent specified in the config. On boot, it them bind mounts and symlinks paths which should be persisted, as well as some paths which can't be in the nix store, into place. BTW even my home directory is on the tmpfs. I just persist the XDG directories (Documents, Downloads, etc.) + some more, and the rest gets thrown away at reboot. Helps keep the number of dotfiles low.

No caso do OpenSuse Tumbleweed, quando se faz update ao Kernel, Firmware, etc. o terminal indica que tenho que reiniciar o sistema quando ele "diz" zypper ps-s indica que há pacotes antigos que serão necessários serem reiniciados. (There are running programs which still use files and libraries deleted or updated by recent upgrades. They should be restarted to benefit from the latest updates. Run 'zypper ps -s' to list these programs.)

@TheLinuxEXP, wouldn't Android also qualify as an immutable OS/distro?

sooo.. basically immutable os is is kind of a docker with a grub entrance?

My main issue with using flatpak containers is I haven't been able to make them scale to the correct DPI of my screen.

I honestly think immutable OSes are better for new users and most intermediate users. The added stability, the ease of using flatpak and flathub as your single packaging system, not being allowed to screw up your system. All of these benefit newer users. I do think the concept of immutability goes agains the idea of a free, and open system. But it seems like a better way of doing things for a lot of people. This is why I main Nix

~ 8:30 - This is why this approach is _not_ suitable for servers - we don't reboot servers every days, month or year... We reboot them when we move to different machine.

I’m actually using a semi immutable os right now there’s a command to remove the immutablenes and the home doesn’t get wiped, updating wipes changes but it’s convenient for a gaming focused “just works” pc

Hi Nick. I have a question: Have you switched to Nix or SUSE yet?

What about rootkits residing in UEFI bios? Is there any protection or detection against this?

This sounds a lot like a live Linux environment with a persistence “overlay” - this allows you to have read/write access to the whole OS while keeping the base OS image.

I run Silverblue on my daily driver and am super happy with it. I wonder what other immutable OS'es people actually run (or tried) and what they think of it.

Immutable distros are convenient not for pro users, but for vendors of appliances like Steam Deck. Each state of the system being deterministic and predictable means less bugs in the bugtracker, less angry users, less complaints, less bad reviews. If you are able to maintain your system by yourself - you don't need immutability.

Guess immutable distros could be a very good option for business usage :)

Haiku is kinda-immutable too, but has an interesting scheme. The base system is distributed in the same .hpkg packages as regular software, and .hpkgs never unpack, but mount on boot kinda like Snaps but without cluttering mount list. To install a package, you don't even really need to use a package manager, you can just copy the package into /system/packages/ You can also install a package per-user, by copying it into ~/config/packages/, but this has no use as of right now, since the OS is single-user in R1

Never I will install a OS that is read-only. I want to be the one in charge, I'm not giving that privilege to the devs of a distro.

So, it's like soft firmware? firm software?

I love these for dev environments.

Inmutable systems are the way to go. Android and iOS are inmutable as well, that's why they are super safe. Now the next thing we need is proper zero cost sandboxing and permissioning (like: "Do you want to allow that App to read your documents ...")

I think it is "the future" in a similar way Debian Stable is "the future" for some. At some point, you just don't care for all the blings the various distro have, especially more cutting/bleeding-edge ones. You just want a system that does exactly what you say, and it will keep being that system even after updates, none of which would pose a significant risk of breakage (cough-Arch's Grub update-cough). For me, host system is just... so long as it can install whatever proprietary printer drivers I need at work, then it's like whatever man. I install everything through Conty and Nix (with home-manager, system-manager, and declarative-flatpak), with Distrobox and Windows VM for 'backup' so like... why bother with mutable distro when I don't care about my host system and want to actively care less about it, y'know?

i've installed silverblue simply because i need something that i can always count on working for my school laptop. too many times have i created bigger issues trying to solve little ones