Maybe ask on https://discourse.flathub.org/
My Keyoxide Idendity:
aspe:keyoxide.org:TJXAWXPMSAG6VPARJQRWNB2TPA
- 34 Posts
- 1.08K Comments
Joined 5 months ago
Cake day: April 11th, 2024
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
31·14 hours ago@petsoi@discuss.tchncs.de you might want to add that warning to the post.
They also tried to submit the app to Flathub, but had way too broad permissions with no explanation why. “Users expect filesystem access” etc. In the end it was rejected and they publish a .flatpak file themselves.
https://github.com/flathub/flathub/pull/5233
The other points are far worse though.
I guess uBlues main images are. I use Fedora Atomic Kinoite, which is not ready at all.
Pretty cool I just found it crazy that
A: nobody commented
B: you didnt mention the image at all
Wtf is that screenshot
I did the same, exactly the way you did but my “zygote” isnt as advanced.
I should make a raw ISO too, but currently I just use Clonezilla (which shrinks and resizes automatically) and have a small SSD with a nearly vanilla system.
Just because the Fedora ISO didnt boot
True. Linux, Android, Windows all have no problems
Using dots in a file though…
Strange, thanks that is nice! The development of bcachefs seems to not be that problematic on rolling or semi-rolling distros.
That guy might just have bad time managent, but filesystem based encryption is really cool.
Fedora has this package? I didnt find it, strange
Woopsie, yes that is true. I thought that was my user ID
Yup. They didnt, that is why I reported bugs.
https://bugs.kde.org/buglist.cgi?f1=reporter&list_id=2716961&o1=equals&resolution=---&v1=%25user%25
I used CentOS stream with Plasma 5 and there were a ton of bugs.
I myself reported over 200 plasma bugs and all recent ones were only fixed in 6. I am on Plasma 6 since half a year or so, so no idea what exactly that was, but a lot.
Also, Qt5 is EOL.
So…
Concept of OSTree or image-based
In theory “immutable distros” are safer to use. Not easier, but setting up stuff is less hard than fixing a system that doesnt boot or upgrade.
I am only focussing on Fedora Atomic desktops, which use OSTree (which is a version control system like git, but for binaries) and in the future/currently in parallel bootable OCI containers.
Both technologies have the same purpose, that your system is an exact bit-by-bit clone of the upstream system.
Layering
Now the system needs to have support for modding, doesnt it? Android doesnt, ChromeOS doesnt, I think SteamOS also doesnt? But this is Desktop Linux!
While many distros use flawed and incomplete concepts, lacking an “escape path” (reset) back to normal (100% upstream with no changes) (for example OpenSUSE microOS, VanillaOS etc), all such distros allow you to change the system.
The disadvantage of image-based is, that you always base of the unchanged image and then add your changes. On every update, you pull down the changes, open that thing up, throw in your changes, pack it again. This takes time and wouldnt be sustainable for example when using a phone.
So you kinda need custom images like uBlue. The advantage here is, that all changes are done on a single system and all clients just clone that. Fedora for exmample has notorious issues with an understaffed rpmfusion team and problems in coordination, so you might get sync issues and a critical security update doesnt work because of a random other package conflict.
or you might get a regression, uBlue could centrally roll that back.
Apps
Tbh the biggest issue is with edge cases of Flatpaks, like portals.
I just now needed to create a signature containing an image in thunderbird. The solution is to copy that image to the internal ~/.var/app/org.mozilla.thunderbird/ container and paste the exact file path there, as portals are broken after app restart.
Then adding an HTML as signature, it needs to be saved in the same folder and also linked exactly.
These edge cases are issues. Let alone missing hardware key support, no filesystem sandboxing in Firefox Flatpak (and uBlue and Fedora people think that is fine) or outdated target systems, because Flatpak needs to work on Debian 11 e.g.
There are also apps on Flathub that are broken, like QGis, or missing apps like RStudio, both known FOSS alternatives to stuff that people really use, and I couldnt even run those without Distrobox, which is also not preinstalled on Fedora Atomic Desktops, and toolbx lacks basic features like separated homedirs.
Yup, it is a rough field. But the stability is worth it. Also, official Flatpaks are great.
You can use measured boot as part of the firmware boot process, store a hash of the known good boot files on a trusted media and compare that.
This is done with the Heads payload in Coreboot. But support is like only Thinkpads and now also soon Novacustom, Nitrokey and maybe System76 laptops.
The thing is, then you know your kernel is safe, but what about the rest? Depending on the attack vector, a system like on Android with full immutability and a recovery that verified the whole OS root partition would be safer.
But this means that you have no ability to customize, without breaking things.
CentOS Stream 10 will likely use Plasma 6. That will be great.
They always add features and in Fedora it is a bit breaky breaky again. After a few minor updates its fine again, and just getting better.
Just the icons are missing I think, then it would be a great LTS.
Kubuntu uses Calamares, which is a nice installer. But I managed to wipe a drive once! Because by default it loses the destination drive selection, I went back to check if everything was fine and it selected my main drive again, I continued without noticing. woops!
GNOME has very little settings.
I actually gave Fedora Silverblue a try, documented here. This was not beginner friendly at all and still lacked many features in the end.
So this is the issue when GNOME doesnt allow basic things, like editing desktop files in a guided way, showing package names etc.
Ubuntu has had broken packages for a lot of 3rd party software (when I last used it, a few years ago), for example SciDAVis which I used, and Libreoffice and more. Flatpak works without issues here. Beginners will not add Flatpak and have issues here.
I didnt say anything about Arch I think. He also doesnt care about that. Using Arch as base really just makes sense for Valve, as it is neutral, not legally restricted etc.
uBlue deals with the constant sync (and coordination) issues between Fedora and rpmfusion. When using Arch, this is not needed.
I hopped a ton. Mint, Manjaro, MX Linux, Kubuntu, KDE Neon, Fedora KDE, Fedora Kinoite. Happy landing, and hopping was not fun, it simply was broken all the time.
Poorly, Kubuntu uses the broken Plasma 5.27 for a while until the next release afaik.
Really that was kind of the plasma guys fault, but Plasma 6.0.2 or so was really stable. Perfect LTS candidate. Then the new features came in, now it is stable again (on Fedora).
I used Kubuntu and the outdated Plasma and many packages were annoying. Nowadays snaps, and removed base packages.
Those are not individual random 3rd party distros.
Please read up on that stuff first. I understand how oldschool users find this odd.
- Fedora is the base distro. Legally restricted, not being able to preinstall crucial components. They also do a bunch of annoying opinionated decisions, like Fedora Flatpaks or Toolbx instead of Distrobox.
- Fedora Kinoite: the immutable image of Fedora + KDE Plasma. Very barebones, not really user friendly out of the box, but a great distro. As an advanced user I use it daily.
- uBlue Bazzite and Aurora: take Fedora Atomic desktops, make them compatible with NVIDIA, ASUS, Surface and more. Add a ton of packages, many call that bloat, but it makes stuff work out of the box.
(Btw. great Distro names :D)
https://discussion.fedoraproject.org/t/how-i-customize-fedora-silverblue/127071
I would go with KDE