I’ve heard of immutable OS’s like Fedora Silverblue. As far as I understand it, this means that “system files” are read-only, and that this is more secure.

What I struggle to understand is, what does that mean in practical terms? How does installing packages or configuring software work, if system files can’t be changed?

Another thing I don’t really understand is what the benefits as an end user? What kinds of things can I do (or can be done by malware or someone else) to my Arch system that couldn’t be done on an immutable system? I get that there’s a security benefit just in that malware can’t change system files – but that is achieved by proper permission management on traditional systems too.

And I understand the benefit of something declarative like NixOS or Guix, which are also immutable. But a lot of OS’s seem to be immutable but not purely declarative. I’m struggling to understand why that’s useful.

  • tikitaki@kbin.social
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    I’ve been using the same distro for at least 4 years now and I haven’t ever had any issues. Fedora on a desktop at home. It’s very stable. You don’t even need to know too much… although obviously knowing your way around the terminal and knowing some basic things about Linux helps

      • version_unsorted
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Totally. I broke every package management I used before arch just trying to get up-to-date packages on my system. I loved the concept of the split home partition though and would just do a fresh install and remount home. Learning the Linux Filesystem Hierarchy was probably one of the best things I did for system stability though.