I’ve heard of immutable OS’s like Fedora Silverblue. As far as I understand it, this means that “system files” are read-only, and that this is more secure.
What I struggle to understand is, what does that mean in practical terms? How does installing packages or configuring software work, if system files can’t be changed?
Another thing I don’t really understand is what the benefits as an end user? What kinds of things can I do (or can be done by malware or someone else) to my Arch system that couldn’t be done on an immutable system? I get that there’s a security benefit just in that malware can’t change system files – but that is achieved by proper permission management on traditional systems too.
And I understand the benefit of something declarative like NixOS or Guix, which are also immutable. But a lot of OS’s seem to be immutable but not purely declarative. I’m struggling to understand why that’s useful.
You don’t understand what it’s like for people who love to fiddle with settings and options without knowing what they do
Totally. I broke every package management I used before arch just trying to get up-to-date packages on my system. I loved the concept of the split home partition though and would just do a fresh install and remount home. Learning the Linux Filesystem Hierarchy was probably one of the best things I did for system stability though.