What are immutable distros, and are they the future of Linux?

Рет қаралды 99,111

Күн бұрын

Head to squarespace.com/thelinuxexper... to save 10% off your first purchase of a website or domain using code thelinuxexperiment
Grab a brand new laptop or desktop running Linux: www.tuxedocomputers.com/en#
👏 SUPPORT THE CHANNEL:
Get access to a weekly podcast, vote on the next topics I cover, and get your name in the credits:
KZbin: www.youtube.com/@thelinuxexp/...
Patreon: / thelinuxexperiment
Liberapay: liberapay.com/TheLinuxExperim...
Or, you can donate whatever you want: paypal.me/thelinuxexp
👕 GET TLE MERCH
Support the channel AND get cool new gear: the-linux-experiment.creator-...
🎙️ LINUX AND OPEN SOURCE NEWS PODCAST:
Listen to the latest Linux and open source news, with more in depth coverage, and ad-free! podcast.thelinuxexp.com
🏆 FOLLOW ME ELSEWHERE:
Website: thelinuxexp.com
Mastodon: mastodon.social/web/@thelinuxEXP
Pixelfed: pixelfed.social/TLENick
PeerTube: tilvids.com/c/thelinuxexperim...
Discord: / discord
#Linux #immutable #linuxdistro
00:00 Intro
00:33 Sponsor: 10% off your first website with Squarespace
01:26 What is an Immutable Distro?
03:30 Advantages
05:16 Installing software
07:44 Updating software
10:48 The Complexity problem
12:01 Are they the future?
13:26 Sponsor: Get a PC made to run Linux
14:29 Support the channel
They are linux based operating systems that are designed to be read-only and not easily modifiable.
Most of these immutable distros still let you install apps and packages on top of the system, through flatpaks, snaps or appimages, or with a specific layer of packages, that is kept when rebooting and updating. Some immutable distros give you easy access to containers so you can still use a full system with full write access.
And there are a BUNCH of immutable distros: Fedora Silverblue, and Fedora Kinoite are basically Fedora Workstation, with GNOME or KDE, but with an immutable base. Vanilla OS is an Ubuntu based, soon to be debian based immutable distro that gives you access to any packaging format through containers. BLendOS does the same thing, but based on Arch. SteamOS, the linux distribution that powers the steam deck, and also my Linux gaming console / PC is also immutable.
You could also say that NixOS is an immutable distribution, since you only install things and modify configurations through a declarative config file that is used to build the system. And there are a lot more, like microOS from openSUSE, endlessOS, and more!
So in terms of advantages, immutable distros are just way more secure. Since you, the user can't modify the base system, and since the super user can't do it either, it also means any third party programs also can't modify that base system.
Another advantage is reliability. Since you can't tinker with the system files, you also have a much smaller chance of actually destroying your system.
And in terms of maintenance, since you only use an updated system after a reboot, there is no risk of breaking something by updating it while it's running.
But how do I install anything if I can't write to the system? Most immutable distros work around that using universal packaging formats like flatpaks, snaps and appimages.
But that's not the only way to install stuff to an immutable distro. A lot of them actually still let you install packages to the system, in a dedicated layer. That's called "layering".
WHat this means is that you still have access to the distro's repos of packages, and you can still elect to install some, but you won't use the usual package manager, but another dedicated tool.
Some immutable distributions also use containers, generally with something like distrobox.
Another difference that can be considered a drawback is updating. Updates on immutable distros are never applied in place. When an update is available, they'll build another system image. So you end up with 2 systems; the one you're currently using, and the updated one, which is not currently active.
And you only get the updates after you reboot onto that new system image.
Another drawback is the complexity of these systems. Everything you try to do is different: installing a package doesn't use your usual package manager. Applying updates isn't the same command, or requires you to reboot to actually use the updated system.
Immutable distros are a different sort of system, with different tools to interact with things you might already know how to do.
Are they the future? Probably not. For servers, they make a lot of sense. For regular users, they do have a lot of advantages, but they also have a bunch of limitations that require the use of workarounds.
And so I don't think immutable distros will replace regular distros. They'll grow, and occupy a space next to let's call them "mutable" systems, but they'll probably never be the default thing most people use.

Пікірлер: 522

@TheLinuxEXP 10 ай бұрын

Head to squarespace.com/thelinuxexperiment to save 10% off your first purchase of a website or domain using code thelinuxexperiment

@Ateshtesh 10 ай бұрын

I loved your video. What about the reproducible build distros? NixOS and GuixSD? I know you have NixOS but would be cool if you talk about GuixSD and a comparision between them

@ZeFoxii 10 ай бұрын

I don’t see this being the future for me as I like the idea of updating my apps and directly doing things

@DudeSoWin 9 ай бұрын

KIOSK.

@ZeStig 10 ай бұрын

Here's a small correction- Nixos doesn't necessarily require reboots to apply configurations (or update the system). nixos-rebuild boot makes the updated config available from the next boot onwards, whereas nixos-rebuild switch makes those changes take place right away.

@rocklinks 10 ай бұрын

I trust vannila os, pika os, fedora immutable spins, endless os than nix os. They are easier for me to work on. I'm a Fedora Linux user. So I don't want nix os.

@gabrielrmattoso 10 ай бұрын

Yes, and in Fedora Silverblue same can be done with the terminal option/command apply-live

@clankfish 10 ай бұрын

seems like many youtubers make this mistake 😅

@themedleb 10 ай бұрын

I like the NixOS concept, but I want to have a working ISO image on disk (offline/locally) to be able to install it whenever I need without relying on the internet all the time. Is there an easy way to do it with NixOS using a config file? I use Fedora Kinoite now, and I like it, can't go back to mutable distros ever.

@matthiasbendewald1803 10 ай бұрын

Opensuse aeon (was micros desktop) also comes with the option to directly apply changes in the running system. It is not adviced to do so, though...

@misterdrgn5155 10 ай бұрын

One thing not mentioned here--in many cases, you can start with a base image and then apply a set of changes to customize your configuration. If you put those changes on a git server, then you now have a versioned record of everything you've done to configure your system. This is of course excellent for reproducibility, but it's also great for experimentation. You can try things out with complete security because if something goes wrong, you can simply revert your changes. I initially tried this out with universal blue, which provides support for customizing fedora silverblue, but then I switched to NixOS, which is really ideal for reproducibility + risk-free experimentation.

@WilburJaywright 10 ай бұрын

“Are the future of Linux?” Edit: This mistake in the title has since been corrected.

@TheLinuxEXP 10 ай бұрын

Dammit

@siliconhawk9293 10 ай бұрын

huh ?

@livingcodex9878 10 ай бұрын

@@siliconhawk9293I think it was about the title

@WilburJaywright 10 ай бұрын

@@siliconhawk9293 it was a mistake in the title that has since been corrected.

@siliconhawk9293 9 ай бұрын

oh okay then thx @@WilburJaywright

@moussagacem8260 10 ай бұрын

I advice you all to watch the talks of Richard Brown, a developer at SUSE who is also the creator of OpenSUSE MicroOS an immutable variant. He did a talk called "Why you should be running the MicroOS Desktop", when he explains why he consider MicroOS to be the "best" distribution he still acknowledge the various disadvantages it can have and the problems that an immutable system still needs to resolve.

@40GrandBattery 3 ай бұрын

Are you saying that Dick Brown created MicroOS?

@moussagacem8260 3 ай бұрын

@@40GrandBattery I'm sorry but who is dick brown ? Richard brown is a distro architect at SUSE and created OpenSUSE Aeon (previously OpenSUSE MicroOS).

@TwoToTheSix 10 ай бұрын

macOS is already doing this sort of thing on mainstream desktops with the introduction of the sealed system volume, so I think immutable distros probably can be made fairly seamless for regular users, so I do think the norm will move in that direction in the coming years

@jasonkenney2231 9 ай бұрын

en.wikipedia.org/wiki/System_Integrity_Protection for reference. BSD and Linux have had variations on this feature for quite some time. I think Mac users are less affected because MacOS came with a hierarchy of /System /Library ~/Library that already allowed one to install system-wide (/Library) and user level files without putting things in /System well before they added SIP.

@joechristo2 9 ай бұрын

@@jasonkenney2231a link in a youtube comments section? how?

@Slugbunny 10 ай бұрын

An "immutable" OS is very appealing to me as someone who regularly runs new and unknown software on their daily driver. I always keep a drive image as a backup, but I'd rather avoid the hassle in the first place! Plus the payload may already have gotten inside the image... and the one before that, and the one before that... 😅

@radui7468 10 ай бұрын

I really like the idea of immutable distro. They have a lot of potential for the future. I hope we will have this for smartphone soon.

@silverywingsagain 10 ай бұрын

We already do, this is pretty much exactly how modern Android works. Current phones ship with two system partitions, "Slot A" and "Slot B". Without root, both partitions are read-only. Apps are installed into an overlay file system which can work with either "slot". When you do a system update, it builds the updated system partition into whichever "slot" is not active, then marks that "slot" as active, and reboots. If your bootloader is unlocked, you can even manually select which "slot" to boot from.

@radui7468 10 ай бұрын

@@silverywingsagain I see now that there are some disadvantages. Usually in Android, the bootloader is locked and root is not always easy on every device. The companies can lock us out of their OS. Or it is our OS if we paid for it?

@BiserAngelov1 10 ай бұрын

Immutable distros certainly have their momentum, and there is a niche for that approach, but i don't think the classic approach will be gone anytime soon.

@izzyj.1079 10 ай бұрын

I was gonna say; sounds cool, but what does it do for me as an everyday EndeavorOS user?

@ruthlessadmin 10 ай бұрын

In most cases, people should be rebooting any distro after updates. It's the only way to guarantee you're actually using all the new versions of apps & libraries. I've run into a lot of weird issues & instability, when I do not.

@Skelterbane69 10 ай бұрын

I just update before I shut my pc off, before I go to bed. Pretty simple.

@johnandmegh 10 ай бұрын

I wish every package manager did what zypper does and prompt you after an update to look at what all system components are actively running and are still using a now-deleted or overwritten version of a file. Being able to complete the update process != having the updates take effect.

@igordasunddas3377 9 ай бұрын

I am using Ubuntu since what 14.04 or something (many, many, many years)? I barely ever restarted after applying the updates to my server and it always works...

@ruthlessadmin 9 ай бұрын

@@igordasunddas3377 The software stack of a server is typically not as complex as a desktop, and not interacted with nearly as frequently, thus you're far less likely to notice any issues. That said, you probably went many long periods with updated software on disk not being used, while the system keeps humming along with the old versions still loaded in memory, leaving your system potentially vulnerable.

@lunlunnnnn 9 ай бұрын

@@igordasunddas3377it may work, but there will often be processes which are still running the old version. OpenSUSE tells you which processes need to be restarted which makes it easier, but on distros that don't do that it's better to just reboot every time.

@arhwebmaster 10 ай бұрын

I use Fedora Kinoite and i love it. I love the immutable base and im used to work with containers. Kinoite makes it easy for me to keep track of what i installed on the base system and therefore keeps my system clean. If i wanna test something: spawn a podman container and delete the container after testing. Upgrading to a new version of fedora is also extremely safe. If let's say you upgrade from version 38 to 39 you can rollback if something doesnt work properly in the new version. So having a bleeding edge system with this safety net is the perfect combination.

@vaisakhkm783 10 ай бұрын

Is immutable distros good for laptops? A lot of containers runnin_ will takes up a lot of power right?

@MrMarcetLP 10 ай бұрын

What I don't really get is, why you just don't use "normal" fedora and install your apps in a podman container or just as flatpaks? So you have the best of both worlds. You can change your system if you want to but at the same time you can be sure, that your libraries / dependencies aren't going to get bricked by some updates or new apps that you installed. So what do you gain beside not beeing able to change your system to your liking or just by layering the packages onto the main system? Nicks conclusion is exactly the way I see it too.

@arhwebmaster 10 ай бұрын

@@vaisakhkm783 no. Having a container running doesn't take resources in itself. If no applications run in the container it won't take any resources just by being started. I think what you are referring to here is virtual machines: those take resources when they run.

@themedleb 10 ай бұрын

@@vaisakhkm783 A container is not a VM.

@monabuu 10 ай бұрын

macOS is immutable in some way too. The OS files themselves are on a “system volume” which is mounted as a read only snapshot that is recompiled when there’s an update. That means you can reinstall macOS without losing any user files and applications. And it’s VERY difficult for any malware to interfere with core system functionality. macOS switched to this with Big Sur with previous versions bringing CoW APFS and separate system and user volumes similar to LVM.

@szr8 10 ай бұрын

That's good and all, though having data, /home, etc as separate partition from root is not new but has long been quite common in the world of unix-like systems. I have a spare laptop that I use for testing various distros where the /home partition has sat through almost a dozen installs with zero problems. Edit: typo

@Sjoerd1993 10 ай бұрын

MacOS, Android and iOS are all immutable. The only major OS that isn't is Microsoft Windows, and most Linux distro's.

@szr8 10 ай бұрын

@@Sjoerd1993 Back when I used a jail broken iPhone, the root partition was actually not immutable but completely R/W and persistent, and rooted Android is mostly persistent as well, at least for the /data section that cannot be accessed normally, though the system partition is non persistent.

@williamp6800 9 ай бұрын

@@szr8that has not been the case for several years. I’d post links but KZbin…. If you search for “macOS signed system volume” you’ll find a number of Apple support documents about it as it has evolved over the last 3-4 years or thereabouts.

9 ай бұрын

@@Sjoerd1993 You can lock down Windows to do the same. Through Group Policy and AD.

@kralcrack5457 10 ай бұрын

NixOS is great, it's reproducible and doesn't make your computer a guess-the-state mess. It's also great for configuring multiple devices the exact same way.

@TheLinuxEXP 10 ай бұрын

Yeah Nix is wonderful

@vaisakhkm783 10 ай бұрын

I really wanted to switch to it... But i am afraid whether it is another year long rabbit hole i am getting into...

@themedleb 10 ай бұрын

@madsnygaard6444 10 ай бұрын

@@vaisakhkm783 This!

@kralcrack5457 10 ай бұрын

@@themedlebunfortunately not, NixOS needs internet to install packages and it has almost nothing by default.

@oscs4556 10 ай бұрын

The future is now for me since Nixos and OpenSuse kalpa are my daily drivers. Even my home lab server is an immutable operating system - OpenSuse micro os.

@biscotty6669 10 ай бұрын

+1 for NixOS. It's too bad you lumped it with the other immutables because it doesn't suffer the drawbacks you mentioned (except learning curve).

@themedleb 10 ай бұрын

@biscotty6669 10 ай бұрын

@@themedleb I haven't tried but you could do a minimal base install from a ventoy USB, copy your config and home files and rebuild. That would be pretty fast. If I understand your question.

@cjmoss51 9 ай бұрын

He has an entire video just on NixOS. He has definitely covered this.

@biscotty6669 9 ай бұрын

@@cjmoss51 as he's covered the other distros he talks about here in other videos. I was talking about the context in this particular video. I watched his NixOS video before I switched and his video contributed to my decision because he's a smart guy. He always asks for feedback and I think it was misleading to include NixOS with the other immutables.

@Beryesa. 10 ай бұрын

I don't know if this will take over regular Linux desktop, but this is probably the way for future linux mobile.

@p3rtang 10 ай бұрын

I'm using debian bookworm right now with an arch distrobox container and it's honestly been a joy. Having the rolling release apps with the stability of debian. There are some awkward funny side effects but if you are somewhat experienced with linux it's pretty easy to overcome

@jothain 10 ай бұрын

Lol, I initially read that the exact opposite and was like "what the f is this guy trying to accomplish?" 😀

@p3rtang 10 ай бұрын

@@jothain Yeah the opposite would be pretty weird ngl, my somewhat broken English might have thrown you off, my bad

@jothain 10 ай бұрын

@@p3rtang No, not at all. Likely my non-native English skills made trick to me trying to read fast. Reading again I realized what you actually meant 🙂

@TheEclecticDyslexic 10 ай бұрын

@@jothainhahaha. I have all the slowness of LTS with all the instability of rolling release! Look upon my system in awe... Of how I thought this was a good idea... In all seriousness though, for my use case... I actually have arch break less than when I ran an LTS distro...

@jothain 10 ай бұрын

@@TheEclecticDyslexic Yeah. Like hilariously Ubuntu just borked with updates LTS version to remove GUI stuff or something, anyway making normal login impossible to desktop 🙂. Debian is insanely stabile imo, but yeah in all fairness what I ran openSUSE rolling for quite awhile expecting something nasty to happen, it got boring. Would've kept it, but too much updates for my net connection. Fedora was the same.There indeed are plethora of good quite bleeding edge distros around.

@andromydous 9 ай бұрын

After 13-15 years of messing with LInux, I consider myself on the cusp of being an intermediate user (but still far away). I say that, because I can see that something like this would keep beginners from breaking their distro so easily. Problem is that it doesn't sound user friendly. Besides, you learn more about your system when you break it (hopefully by accident) and then try to fix it. Then there's the core concept of Linux (at least as I perceive it): the freedom to make it entirely your own. I don't see how an immutable Linux distro affords that ability.

@mirage809 10 ай бұрын

Immutable distros are a likely future for average person. Most people using a computer have no need for the kind of power that a traditional distro provides. They wanna browse the web, send emails and maybe use office. They don't need or want to see the stuff under the hood and having them accidentally break something is a real risk. A risk that immutable systems don't have. Silverblue is something I wanna give a whirl for myself one day. It's looking like it's quite reliable to use on the daily. Steam OS is also very cool. I'm hoping Valve release generic ISOs for that soon. Also, you can update packages on Fedora without a reboot. Updating through the terminal using DNF will just apply the update, no rebooting required. It'll be fine most of the the time. I just let Fedora update when I shut down my PC though, so the reboot option works fine for me.

@Wurstbrot03 10 ай бұрын

Immutable Distros are perfect for people who just want to have a stable and secure system. I play around with OpenSuse Kalpa (MicroOs alpha variant with KDE Plasma) in a VM and I really like it so far. I'm currently on Debian, but I could see me using it in the future. Tumbleweed is already a great stable rolling release but combined with the stability of an immutable system, would make it perfect.

@matthewhayward1843 10 ай бұрын

Great video mate, awesome summary of the immutable Linux landscape at present and how it can be used.

@antoniom.andersen6704 10 ай бұрын

My dad, who turns 83 this year, has an old laptop where Windows was the OS. I made him switch to linux and an immutable system was the way to go, although I didn't. He lives a ways away but next time I see him I'm installing an immutable system on his laptop. This is great for comapnies using linux aswell . Haven't tried the distros myself but I do see the benefits of them and that the user won't mess things up as easily, whether it's for me I don't know, I'm fine with the way things are on my system.

@DxBlack 10 ай бұрын

Sorry, but end-users probably are the LAST group of people with the ability to mess anything up on linux (not like they'll be able to su or sudo, and if they're jailed it shouldn't have been a problem anyway)...so if you think you need it to any users: it's yourself as the admin you _really_ fear messing everything up.

@antoniom.andersen6704 9 ай бұрын

@@DxBlack Guess you're right but I can't count the number of times by dad has messed something up on his PC, he's a tinkerer and always has been. Anyway I don't think it can hurt him in any way and if something was to go awry I get a chance to tinker myself 🙂

@OctaviusPelagius 9 ай бұрын

In Linux you reboot only when system libraries are updated. Basically when there's a kernel update. If something from your desktop is updated, you just need to logout and log back in. For some apps you just restart them. This might seem overwhelming for some so some distros opt to request a full system restart.

@ialrakis5173 10 ай бұрын

Cool, didn't know linux had this tech too. Our current Virtual Desktop farm (multi user windows server) is build with the non-persistent principal. A small and clean golden image and the rest is added via app virtualization. Our future farm (W11/W12?) will use similar mechanisms. It's a bit of a learning curve in the beginning but we love the flexibility it gives us. I don't expect this to become a thing for personal users but maybe more for admins managing a lot of linux desktops.

@TheLinuxEXP 10 ай бұрын

Yeah probably for workstations where you want to make sure you don’t have to fix things all the time!

@tablettablete186 10 ай бұрын

Can I ask how do you guys manage to share the GPU between multiple Virtual Desktops? All the enterprise solutions I found usually use NVIDIA GRID or don't share the GPU.

@ialrakis5173 10 ай бұрын

@@tablettablete186 hi, we actually have no apps that really require a GPU so it's not an issue for us. We never really checked out what's possible so i'm afraid I can't help you with this.

@tablettablete186 9 ай бұрын

@@ialrakis5173 Sad, but thanks for responding! I guess I will continue on my search!

@lunlunnnnn 9 ай бұрын

@@tablettablete186I think Windows's Hyper-V has a method for GPU virtualization even on regular consumer GPUs, and it performs pretty well. Don't know of anything similar for Linux hosts though (well, I do, but none that perform as well)

@sjambler 10 ай бұрын

Very clear explanation. Thanks. I've been lucky that since 1998 when I first installed Slackware to now (Linux Mint and Tuxedo OS) I've never managed to break my entire system.

@1p2k-223 9 ай бұрын

Wow

@trevorford8332 10 ай бұрын

Nah, I've got a one-track mind, I like Linux Mint!! Gone are the days when used to be curious, I'm getting old now. 😊

@Slugbunny 10 ай бұрын

My father, a lifelong MS-DOS and Windows user, learned Linux in his final years - on Mint, as it happens. Age is only a number, as they say. I fully feel you on committing to what works, but never lose that human spirit of curiosity!

@OldMan_PJ 10 ай бұрын

If everything actually works in the immutable distro (remote file sharing, sleep mode, Bluetooth, etc...) I could see them being better for a casual user like myself. My last attempt to use Linux on my daily desktop was an utter failure of a system going into a coma whenever it went to sleep. Of course, I'm still waiting for native HDR support before I try Linux again.

@Sjoerd1993 10 ай бұрын

09:20 Just as a heads-up, you don't need root privileges to update your image, just `rpm-ostree upgrade` will do. Same is true for installing/layering new packages ;-)

@msnpassjan2004 10 ай бұрын

The best immutable linux distro is a Linux Live disk on a read only CD Rom, which Linux Mint no longer supports, perhaps someday Chrome OS will, which would be a pretty secure distro.

@replikvltyoutube3727 10 ай бұрын

Puppy Linux

@_framedlife 10 ай бұрын

ChromeOS sticks make perfect sense. compared to settings things up, signing in to a Google account doesn't take that long and you can have stuff linked to say google drive instead of local storage. just plug in to any system ,enter network credentials and sign in.

@themedleb 10 ай бұрын

CD ROM? Why not use a floppy disk (diskette) instead?

@KnightOfEvil 10 ай бұрын

Have you tried u-blue.

@prgnify 10 ай бұрын

@@replikvltyoutube3727 EasyOS. Not only a "pioneer" of "immutability", but also of containeralisation. Also from Barry Kauler

@Alex_Khouri 10 ай бұрын

Interesting to see that Vanilla OS is in the process of rebasing from Ubuntu to Debian. Hopefully Linux Mint does the same soon (despite Clemenet Lefevre's diplomatic statements about wanting to maintain a healthy working relationship with Canonical)....

@Mario60bore 10 ай бұрын

Or move to rocky linux

@MiningForPies 10 ай бұрын

Linux mint already have a flavour based on Debian

@CptDuck 10 ай бұрын

So unless you are advanced user, Immutable Distro is just like security/backup upgrade (the "immutable" reminds me of kotlin). You just have to re-learn how to install & update a software/app, again from the beginning.. Which can be easy or hell depends on YOU, the user.

@MegaManNeo 10 ай бұрын

Thanks for this overview on immutable distros, Nick. I actually considered to put BlendOS onto a ThinkPad I would use exclusively for work but the handling of updates and stuff still feels weird to me. Maybe sticking with openSuSE Leap and snapshots is the smarter approach here? I don't know. But I like the concept a lot, especially since both BlendOS and VanillaOS try to get rid of the issue of where to obtain packages from since that's still an issue with say Arch having patches and changes Ubuntu users have no access to even with PPAs. At least flatpak compensates for that already a bit.

@zeburgerkang 5 ай бұрын

this video so good, i have to re-watch it and take serious notes.

@KuruGDI 10 ай бұрын

I bet 10 bucks that Apple would do the same thing and sell it as "security update" while all they would do is to charge you extra to let you keep your files after a reboot.

@framegrace1 10 ай бұрын

It already mostly is.

@476429 10 ай бұрын

macOS already runs much like this.

@JahidulIslam 10 ай бұрын

Macos is already doing it for few years.

@Ghfvhvfg 9 ай бұрын

@@476429yes mostly a few things can de done without a Update but its not weong its semi imutable

@imjoeking_ 9 ай бұрын

Linux users try to go one second without bringing up Apple or Microsoft challenge (IMPOSSIBLE)

@calabi-yau4894 10 ай бұрын

Great video! I am wondering if running another distro inside the container of an immutable distro works better than virtual machines? It could be a good thing to check out other distros without having to reinstall the OS from scratch every time for bare metal vs possible limitations in VMs. I also think in some cases, tinkering with distros inside a container could provide more security. At some point I want to take the time to learn Arch and it's nice to know that if I break Arch, I still have a secure functioning OS where I can still do my daily tasks.

@matthiasbendewald1803 10 ай бұрын

It doesn't really work like that. If you start a arch container for example; this is one command to create it, another command to start it. Then you just install any packages you want and start those programs. You don't ever install or use the desktop that comes with arch. You won't do much in terms of configuration or customisation. It is awesome but not even close to full installation experience.

@deceivedxchild 10 ай бұрын

Thank you for the explanation!

@triantares9607 10 ай бұрын

Latest Elive Linux has that covered in a nice way. On boot you can choose to boot in your standard system or into their so called "impermutable' system. The latter allows everything the normal system would, except that all changes will be lost after a reboot. It's great for testing intricate stuff that could break your system. 😇

@davidturcotte831 10 ай бұрын

NixOS FTW

@hydroxa4330 9 ай бұрын

My opinion on this, as someone who's still quite new to the Linux space, is that these would be good for less tech savvy people coming over to Linux. They put a focus on security and stability, and prioritise package managers over any other form of application installation. I think this is very valuable for people who don't really want to edit their system, and just want to be able to click about and do their work/home life. For people who want more control over their systems, asking them to use an immutable system would be a bit of a stretch. I'm thinking someone like my mum could use an immutable Linux as her home OS. She's very prone to breaking things by simply panicking and clicking the wrong things, and she's very good at finding the wrong stuff on the internet and getting viruses. Giving her an immutable system would help a lot, as she can't easily break the internals, and it gives her the stability and package security that she'd seriously benefit from. I think if these ironed out some of the more awkward workarounds that have to be done into more clean, easy solutions, immutable distributions could completely change the way the average computer user sees Linux

@needsLITHIUM 10 ай бұрын

Immutable is the Android cognate of Linux. It's great for business usage, and for stable usage for things like Multi-Media creation workstations in corporate environments, and they're also great for newbies who not only un-tech savvy, but don't know what Linux is about, and don't want a geek to babysit them so they don't break their install every few hours.

10 ай бұрын

Silverblue user here... for the last year. according to MAtt from Fedora... they ARE the future for Fedora. The benefits way surpass the issues.

@jezzamobile 10 ай бұрын

Great info! Thanks 👍

@gabsriel 10 ай бұрын

Still loving my so simple Vanilla OS.

@ToxicTwisterC 10 ай бұрын

I like knowing that my system won't be unusable anytime soon

@fly1ngsh33p7 10 ай бұрын

Immutable distros sure look like an interesting approach for servers or systems that need to be super duper stable. But right now I'm good with Debian testing (even if I sometimes want newer packages earlier...). Thank you for showing us what they can do!

@tonysheerness2427 10 ай бұрын

Jail breaking will be what people will be doing.

@FaceBookAutomated 10 ай бұрын

Informative!

@David_Quinn_Photography 10 ай бұрын

interesting information, thank you for sharing.

@fuseteam 10 ай бұрын

A nice to way it is: Traditional linux distros are a distribution of packages that are managed by a.......package manager "Immutable" linux distros are distribution of a operating system image on top of which you can install additional software

@TomAtkinson 9 ай бұрын

I was hoping you would say you hardly need to reboot at all, just rebooting the overlay userland. Or did you say the appliance type ones can have v high uptime? I use KBOOT/exec to restart my box without going to BIOS

@user-pg5sz2vn1w 4 ай бұрын

i gotta say, u are one of the few youtubers that has the ltt segue skills.

@13thravenpurple94 10 ай бұрын

Great video thank you

@KuruGDI 10 ай бұрын

that sponsor segways was not unexpected but smooth 😂

@syrefaen 10 ай бұрын

I used nix for 2 years + . Had to use the rollback for some reason my pc don't like the stable kernel. So happy it works this good and even with ext4 and not forcing btrfs on you. Even tho i liked using that it wears more 'the filesystem' . The minus side, is that you need to "collect your garbage" and it will take large amount of space on your drive (the old generations) :)

@voltaire6804 9 ай бұрын

Dude, please tell me what brand is your watch; it looks so good!

@msthalamus2172 10 ай бұрын

I've done something similar to this (the hard way) for years. I do all my banking on a VM that is itself as locked down and isolated as possible. Every time I use it, I revert it to its previous state. It's also on its own disk, and I cut power to it when it's not in use via a honest-to-goodness toggle switch (not a momentary switch). These new immutable distributions sound like they could take some of this manual effort out of my hands!

@ronm6585 9 ай бұрын

Thanks Nick.

@onkelfabs6408 9 ай бұрын

Actually these immutable distros remind me to no-root docker containers. We even had an enterprise kubernetes cluster which enforced using only non-root images. I think they are quite common as server machine images as well.

@kennystrawnmusic 8 ай бұрын

Re: updates - this is a feature that even some non-immutable distros like Garuda have as well thanks to full btrfs use. On Garuda in particular, btrfs snapshots are created every time “pacman -Syu” is run and every snapshot is added to your GRUB menu, so if some update breaks your system, just boot into an old snapshot and you’ll be prompted to restore it when it’s fully booted.

@ukaszpalczewski7588 10 ай бұрын

I do not believe I would try this immutable stuff any-time soon...

@succubiuseisspin3707 10 ай бұрын

Tried Fedora Kinoite a few weeks ago. The first flatpak program I installed wouldn't run because of missing dependencies in the OS. The FIRST! 😂 Installed regular fedora workstation and decided to postpone immutable experiments for a while...

@tekrocker 9 ай бұрын

Can I install an immutable OS on a multi-boot configuration (separate partition)? I currently use rEFInd and alternate between 3 OS's on one partition. I would want to be able to add say NixOS to another partition and use rEFInd to boot to that immutable NixOS whenever I want.

@adrianstephens56 10 ай бұрын

Following one of your previous videos, I tried nixos as my desktop. I like what it's trying to do. But I had a show-stopper. KDESVN is something I use/rely-on. Nixos doesn't include it in its kde packages build. So I went down a several-day rabbit hole of trying to built it myself. I'm a retired software engineer, so not particularly bothered by the idea of building an app from sources. But after several days of banging my head against different brick walls in nixos, I gave up. Nixos trades something I didn't know I needed for something that I did need.

@dungeon4971 10 ай бұрын

I had install silverblue on my second laptop, it worked fine for the most part however there were things I hadn't been able do till this date like use cuda with pytorch inside toolbox.

@jd31068 10 ай бұрын

Ah, very good, thanks for this video!

@Maisonier 9 ай бұрын

Amazing video ! liked and shared (already subscribed).

@ChimeraX0401 10 ай бұрын

I pretty much think that immutable distros are much better for enterprise workstations. It makes the work of the IT guys much easier since it is already locked down. Normal distro is still the best for home workstation....

@lunlunnnnn 9 ай бұрын

I use NixOS, but I actually use a tmpfs as rootfs, to guarantee that there are no changes to the filesystem which arent specified in the config. On boot, it them bind mounts and symlinks paths which should be persisted, as well as some paths which can't be in the nix store, into place. BTW even my home directory is on the tmpfs. I just persist the XDG directories (Documents, Downloads, etc.) + some more, and the rest gets thrown away at reboot. Helps keep the number of dotfiles low.

@StaffyDoo 10 ай бұрын

In all honesty, for me immutable distros have been being the present (in the form of OSTree-based Fedora’s Universal Blue Kinoite and Sericea) for the last almost two years…

@mavfan1 10 ай бұрын

Are you usally dishonest?

@npgoalkeeper 10 ай бұрын

@@mavfan1 ostree has been a thing for around a decade. I’ve been running it since F35.

@scavanger1000 10 ай бұрын

I’m actually using a semi immutable os right now there’s a command to remove the immutablenes and the home doesn’t get wiped, updating wipes changes but it’s convenient for a gaming focused “just works” pc

@vcprocles 10 ай бұрын

Haiku is kinda-immutable too, but has an interesting scheme. The base system is distributed in the same .hpkg packages as regular software, and .hpkgs never unpack, but mount on boot kinda like Snaps but without cluttering mount list. To install a package, you don't even really need to use a package manager, you can just copy the package into /system/packages/ You can also install a package per-user, by copying it into ~/config/packages/, but this has no use as of right now, since the OS is single-user in R1

@owdoogames 7 күн бұрын

I just worked out how to set up a second drive as my /home folder by editing the fstab configuration file. I guess I won’t be able to do that in an immutable distro?

@zac8603 8 ай бұрын

I don't think this will be the future for everyone, but its amazing for enterprise and beginners. I'm honestly excited for what this tech can do for linux on mobile.

@gljames24 10 ай бұрын

The new SystemD soft reboot will likely make them a bit easier.

@ecjb1969 9 ай бұрын

This sounds a lot like a live Linux environment with a persistence “overlay” - this allows you to have read/write access to the whole OS while keeping the base OS image.

@Spoooce 9 ай бұрын

I think that this will be great for workplaces or even libraries in my area, but I can’t see myself needing this on my laptop

@breadmoth6443 10 ай бұрын

ok but the obvious question, do you get to get rid of the old system images or no? because i would imagine immutable linux would fill up your drive very quickly, just like the rollback feature on other OS'..

@bragefuglseth3505 10 ай бұрын

Yes, you get rid of old images

@dnkmmr69420 10 ай бұрын

You can also use the nix package manager as a universal package manager for installing things like vim, shells, and other things.

@Zeioth 9 ай бұрын

My main issue with using flatpak containers is I haven't been able to make them scale to the correct DPI of my screen.

@pierrekilgoretrout3143 9 ай бұрын

was windows XP embedded not an immutable OS? (today windows IoT) You needed to setup the OS to deploy with specialized tooling for OEM, then it was setup on target HW, where it had an immutable partition, and the rest was reset at reboot or by command.

@lsatenstein 10 ай бұрын

Thank you for this informative tutorial presentation. I did try an immutable (Silverblue), but was stuck since the extra programs i needed were not available as flatpacks or within containers. I guess I am one year too early to be an immutable system user. I am a Fedora 38 user, and from day zero to today (4.5months), I have had zero issues. Perhaps it is because of btrfs file system, or my being the sole user of my desktop system. I have not ever needed to roll-back any software I downloaded, but who knows about the future.

@matthiasbendewald1803 10 ай бұрын

Hello, Good to hear that Fedora works great for you. Which software did you miss in containers? It should all be there, only the core components of your OS cannot come from within a container. But I have to admit that it is not trivial to work with containers, at least right now. I think that is something that needs and will improve in the upcoming years

@lsatenstein 10 ай бұрын

@@matthiasbendewald1803 It did not work for me. I have 4 other partitions that I have and wanted to add to /etc/fstab, to be mounted at time of system boot but ... I then received information explaining how to add to the immutable /etc/fstab. So, I have an updated /etc/fstab and all is well.

@lsatenstein 9 ай бұрын

My Development forders are shared across 5 distros on the same system. Each distro has it's own boot drive, and all share a /Development, a /LinuxStuff, a /temp and /Backup. Each Devt system has it's own /home. For now, silverblue is not for me, (I think).

@gwgux 10 ай бұрын

It's never "one size fits all" or one way of doing things that fits everyone's needs. Immutable distros show off the power of Linux in what they bring to the table for those who want those things...and like all things Linux, they're just an option.

@TheLinuxEXP 10 ай бұрын

Exactly!

@NaveenPathak-gi4xu 9 ай бұрын

Amazing thanks

@cero-of5jj 5 ай бұрын

I honestly think immutable OSes are better for new users and most intermediate users. The added stability, the ease of using flatpak and flathub as your single packaging system, not being allowed to screw up your system. All of these benefit newer users. I do think the concept of immutability goes agains the idea of a free, and open system. But it seems like a better way of doing things for a lot of people. This is why I main Nix

@basilcat3111 9 ай бұрын

Hi Nick. I have a question: Have you switched to Nix or SUSE yet?

@OcteractSG 9 ай бұрын

Immutable systems are inspired by how smartphone operating systems are already image-based. If you can deal with the whole OS as a single image, Secure Boot (or a future technology like it) becomes way more powerful. Antivirus software, while practically unnecessary now on Linux, will offer even less benefit on an immutable system because you can just restore the device with a reboot. Overall, I’m on board with the idea of immutable systems, but there is still enough to tinker with (e.g., graphics drivers doing funky things) to make these systems undesirable to large segments of the community.

@davidcave5426 10 ай бұрын

I can see immutable desktops being used by companies that need to maintain consistency throughout their user base. I can see something like NixOS being used because it can rebuild itself after each reboot.

@chinmayghule8272 10 ай бұрын

These Immutable systems sound very cool and I wish I could adopt it. But in no way I'm going to jump into this rabbit hole of again trying to learn how to do basic stuff. Things should be easy and the user should be able to do it in a couple of clicks.

@rjv2395 10 ай бұрын

what happens if you want to blacklist drivers or change some power settings, etc. I have edited boot files and others to make fedora 38 run nvidia. if a distro is immutable, how to make system changes for certain hardware, etc.

@TheLinuxEXP 10 ай бұрын

Unless this is done in /etc or /var, or through a tool like systemctl, it’s going to be very difficult

@thejoneseys 10 ай бұрын

I love hacking my daily driver to bits so this sounds hellish to me 😂 I can see some use cases for this though and it's an interesting option. Thanks for sharing 👍

@docopoper 10 ай бұрын

I love a lot about the idea of immutable distros. Having my computer work like a fresh install all the time sounds great. But I worry that they give too much control to the distro makers. It feels like a step towards walled garden ecosystems. And I do quite strongly oppose that.

@Destide 10 ай бұрын

It's a different way of thinking how you set up a system. It also allows you or someone you trust to deploy systems that are tested and setup otb for the end user. The only issue I had with immutable's is mullvad VPN client needing access to low level files even using OpenVPN but that's on me. I love them and the containerized workflows are excellent for dev work .

@psdaengr911 8 ай бұрын

Chromeos is an example of a super-immutable linux distribution

@TubeSkaterRudy 6 ай бұрын

What about rootkits residing in UEFI bios? Is there any protection or detection against this?

@eldiabloramon 9 ай бұрын

I could see that being used in a corp env for “dumb terminals” where you are using something like a NUX with a PXE boot from a NIC to a SAN LUN that contains the non-writable distro. Much like a Live CD env.

@winlux2 9 ай бұрын

I’m so relieved you don’t expect them to be the future for general desktop Linux.

@ivomagalhaes1 9 ай бұрын

No caso do OpenSuse Tumbleweed, quando se faz update ao Kernel, Firmware, etc. o terminal indica que tenho que reiniciar o sistema quando ele "diz" zypper ps-s indica que há pacotes antigos que serão necessários serem reiniciados. (There are running programs which still use files and libraries deleted or updated by recent upgrades. They should be restarted to benefit from the latest updates. Run 'zypper ps -s' to list these programs.)

@botsareeverywhere 9 ай бұрын

Back in the day I worked for a small mom and pop PC repair place that sold some desktops with live cd OS’s only, the few people that bought them loved it because they stopped getting viruses and destroying their OS.

@aidan8583 2 ай бұрын

i've installed silverblue simply because i need something that i can always count on working for my school laptop. too many times have i created bigger issues trying to solve little ones

@marcs8325 7 ай бұрын

I think the appeal of immutable distro's is for businesses and government. It makes computers a whole lot more secure and predictable. Which is actually the selling point of ChromeOS, which Google is pushing towards enterprises lately. The beauty of other distro's doing this, means that enterprises and governments can roll their own with an extra layer.

@pascalt3572 10 ай бұрын

Currently on VanillaOS and it is a blast., atleast for me who is using Linux mainly as a everyday machine rather than a workstation. It is something I can see preinstalled on devices in the near future and I hope they can pull all of their goals off. Their premise is great and I love what they accomplished, hopefully OS 2 will turn out even better than the first one. Thanks for the Video on this topic!

@Skelterbane69 10 ай бұрын

I tried Vanilla on my old laptop and it worked really well. The only thing I hated was the gnome DE. Idk if or how you could change it.

@pascalt3572 10 ай бұрын

@@Skelterbane69 you can’t, they have intentions to atleast bring KDE into the mix but currently only GNOME. If you look for another immutable, more friendly Distro, Silverblue/Kinoite especially with ublue and BlendOS are great too.

@Skelterbane69 10 ай бұрын

@@pascalt3572 I specifically want my hyprland. I'm quite happy with my current distro, but I'd like the safety of immutability.