Immutable Distro Opinions
Immutable Distro Opinions
I recently took up Bazzite from mint and I love it! After using it for a few days I found out it was an immutable distro, after looking into what that is I thought it was a great idea. I love the idea of getting a fresh image for every update, I think for businesses/ less tech savvy people it adds another layer of protection from self harm because you can't mess with the root without extra steps.
For anyone who isn't familiar with immutable distros I attached a picture of mutable vs immutable, I don't want to describe it because I am still learning.
My question is: what does the community think of it?
Do the downsides outweigh the benefits or vice versa?
Could this help Linux reach more mainstream audiences?
Any other input would be appreciated!
Immutable distros are great for applications where you want uniformity for users and protections against users who are a little too curious for their own good.
SteamOS is a perfect use case. You don't want users easily running scripts on their Steam Decks to install god knows what and potentially wreck their systems, then come to Valve looking for a fix.
Immutable distros solve that issue. Patches and updates for the OS roll out onto effectively identical systems, and if something does break, the update will fail instead of the system. So users will still have a fully functional Steam Deck.
If you're not very technical, or you aren't a power user and packaged apps like Flatpaks are available for all your software, then go for it. I prefer to tinker under the hood with my computers, but I also understand and except the risk that creates.
Immutable distros are a valuable part of a larger, vibrant Linux ecosystem IMO.
Since the idea is that the "root partition" is immutable, serious question:
How do you fix a hardware config issue or a distro packaging / provision issue in an immutable distro?
Several times in my Linux history I've found that, for example, I need to remove package-provided files from the ALSA files in
/usr/share/alsain order for the setup to work with my particular chipset (which has a hardware bug). Other times, I've found that even if I set up a custom.XComposefile in my $HOME, some applications insist on reading the Compose files in/usr/share/X11/localeinstead, which means I need to be able to edit or remove those files. In order to add custom themes, I need to be able to add them to/usr/share/{icons,themes}, since replicating those themes for each $HOME in the system is a notorious waste of space and not all applications seem to respect/usr/local/share. Etc.Unless I'm mistaken on how immutable systems work, I'm not sure immutable systems are really useful to someone who actually wants to or needs to power user Linux, or customize past the "branding locking" that environments like Gnome have been aiming for for like a decade.
NixOS is kinda the best of both worlds, because it does everything in a way that is compatible with an immutable fs, but it doesn’t force you into abiding by immutability yourself.
You can always opt into immutability by using Impermanence, but I’ve never seen any reason to.
Edit: That said, the syntax has a steep learning curve and there are tons of annoying edge cases that spawn out of the measures it takes to properly isolate things. It can be a lot to micromanage, so if you’d rather just use your system more than tinker with it, it may not be a good fit.
- You can still apply updates live, e.g. on Bazzite (Fedora Atomic) with the
--apply-livetag (or however it's spelled). - The root partition isn't read only per se, but you have to change it from upstream image instead of the one right now. You can use the uBlue-Builder for example to make your own custom Bazzite spin just for you if you want.
- Both aren't inherently secure or insecure. It's harder to brick your system, yeah, for sure, but you can still fuck up some partitions or get malware. It's just better because everything is documented, saved, containerised and reproducible.
- And you can still install system software, e.g. by layering it via rpm-ostree. Or use rootful containers in Distrobox and keep using apt in there.
- You can still apply updates live, e.g. on Bazzite (Fedora Atomic) with the
I think they're great. I've got two Linux newbies running some Ublue variant with no issues
I remain interested in the immutables or atomic distros because I know a lot of smart people that swear by them.
I also don't try them just yet because I know a lot of dumb people like me that end up breaking a lot of stuff before quitting them altogether.
They could be amazing and just not perfected yet or they may be a meme and no one's proved it outright just yet. Will be lurking this thread either way lool :D
turn off. immutable
what does the community think of it?
It's important to note how the Linux community interacts with change. In the past, whenever a change has been significant enough to influence individual workflows, it often provoked strong reactions. This was evident when systemd was introduced and adopted by distros like Arch and Debian. Even though systemd was arguably superior in essential aspects for most users, it failed to meet the needs of at least a vocal minority. Consequently, community endeavors were set up to enable the use of Debian or Arch without systemd.
Similarly, the introduction of immutable distributions seems to upset some people, though (at least to me) it's unjustified. Immutable distributions don't necessarily alter the traditional model. For instance, the existence of Fedora Silverblue doesn't impose changes on traditional Fedora; let alone Arch or Debian.
But, overall, most Linux users aren't bothered by it. Though, they often don't see a use for themselves. Personally, I attribute this at least in part to existing misconceptions and misinformation on the subject matter. Though, still, a minority[1] (at best ~10%) actually prefers and uses 'immutable' distros.
Do the downsides outweigh the benefits or vice versa?
Depends entirely on what you want out of your system. For me, they absolutely do. But it's important to note that the most important thing they impose on the user is the paradigm shift that comes with going 'immutable'. And this is actually what traditional Linux users are most bothered by. But if you're unfamiliar with Linux conventions, then you probably won't even notice.
As a side note, it's perhaps important to note that the similarities between traditional distros are greater than the similarities between immutable distros. Also, Fedora Atomic is much more like traditional Fedora than it is similar to, say, openSUSE Aeon or Vanilla OS. Grouping them together as if they are a cohesive group with very similar attributes is misleading. Of course, they share a few traits, but overall, the differences are far more pronounced.
Therefore, it is a false dichotomy to simply label them as traditional distros versus immutable distros. Beyond these names, which we have assigned to them, these labels don't actually adequately explain how these systems work, how they interact, how their immutability is achieved (if at all), what underlying technologies they use, or how they manage user interactions. The implications of the above. Etc.
Could this help Linux reach more mainstream audiences?
The success of the Steam Deck and its SteamOS are the most striking and clear proof of this. So, yes. Absolutely.
- Not accounting SteamOS users.
I love building my own uBlue image. Tinkering is done in toolbox containers, definite changes are baked into the image. Completely custom (to me) and when you get it right it will just work anywhere. If I would brick my PC/storage I can just boot up another and restore my (back-upped) home dir with very little effort.
I've used Bazzite for the last year or so after distrohopping for a while and landing on Arch. I learned how 'atomic' distros, as the Fedora folks call them, work. It sounded like my phone, where apps are relatively sandboxed and automatically update. I said 'this is how computers should work' and stuck to it.
I wouldn't use standard Silverblue/Kinoite or standard Fedora. The uBlue images include so many drivers and fixes on the image that make the primary distros look incompetently made if you're not a power user. They wouldn't like me saying that because their work is only possible because of what Fedora does. But by that I mean, you will eventually run into something that doesn't work and it always comes down to some licensing or scope issue that the developers simply don't care about.
Having to do literally anything extra to get your NVIDIA GPU drivers frankly isn't acceptable when that's not the case for AMD cards. Let alone having to modify grub in the worst case if your distro doesn't boot properly. If I have a part or plug something in that isn't some hyper specific piece of technology, it should just work, because it isn't 1999 where you need driver CDs anymore.
The main tradeoff is that for users who aren't very technical, installing anything outside of flatpaks probably won't make any sense. They have guides, and stuff like brew and distrobox isn't that difficult when you understand it. But having 4 different ways to install stuff (flatpak, brew, distrobox, layering) sounds ridiculous and confusing on its face.
I have a practically 0 maintenance system with Bazzite and that's the way I like it even though I'm perfectly capable of running anything else and modifying it to my liking. The average user isn't going to care about anything they're missing by not being able to modify certain files, or if they do, there's probably a better way to do whatever it is they're trying to do that doesn't involve running random bash scripts.
I would recommend Aurora and Bluefin to all my Windows/Mac friends who aren't gamers, and Bazzite or Bazzite-gnome to everyone who is. I would never recommend anything else at this point, not even something like Mint, because I consider the uBlue images to be just that good and the tradeoffs of the weird program installation to be more than worth it. Other immutable/atomic distros are too immature (like Arkane Linux) or work fundamentally differently to Fedora Atomic and rely more on things like snapshots (like OpenSUSE Aeon/Kalpa) so I'm not really comfortable recommending them either.
From an advertising perspective, it's important to think about who you're targeting. Who are your likely customers? Certainly there are some based on the strengths that you raised.
However, some people are definitely not a good target audience, and some people is actually a very large group of people. There are a lot of current and potential users who essentially want the standard major applications to work, and they're not going to touch the root partition, and they want things to be very simple. For people like that, Debian or Ubuntu or Fedora already do what they want. And these major operating systems have been around for so long that people will naturally be more confident using them, because they were their friends have experience, or because they think the organization has more stability because of its experience.
Of course a lot of things depend on how you define words, but to me the above paragraph describes the mainstream audience, and I don't think you're going to have much luck reaching them, because I don't think the thing you're trying to sell gives them extra value. In other words, it's not solving a problem for them, so why should they care.
what does the community think of it?
Everyone has their own opinion, personally I think they're a great idea and have lots of great applications. But just like rolling vs non-rolling release it's a personal and application dependant choice.
Do the downsides outweigh the benefits or vice versa?
Again, depends, for my personal computer I wouldn't use it because I think it could get complicated to get specific things to work, but for closed hardware like the Deck or even a fairly stable desktop used as a gaming system it's perfect.
Could this help Linux reach more mainstream audiences?
It could, it can also hamper it because people might start to try solutions that only work until next boot and not understanding why, or having problems getting some special hardware to work (more than it would be a mutable distro). But there is a great counter to this which is that once it's running it will be very difficult to break by user error.
At the end of the day I think it's a cool technology but that people should know what they're getting into, just like when choosing rolling vs non-rolling distro, it's not about what's better, but what suits your needs best.
For my needs, I've build a static system with buildroot for a pi zero. No updates, no modifications on the system, no remote access. Some directories are in tempfs, and after a reboot the system is fresh again. when needed, I removed the sd card and copy a new image
I use this board for a pulseaudio/mpd player, it's not intended for a desktop usage, but I'm happy beiing able to configure a system like this one. For me, there is no maintenance, and this is exactly what I wanted
I think it's good if you have a ton of storage and want to set it and forget it. For me, immutable depresses me. I came to Linux for the tinkering and the ability to do what I please to my system, not to be restricted. That's just me, though. For handhelds/strictly gaming machine (a Steam machine for example)? I think immutable is the perfect fit for it.
I'm not really sure how the upsides of immutable distros work. I've been using linux for a long time and I'm not an expert but I've learned bits of things here and there.
I recently bought a steamdeck and it's running an immutable distro. I don't really know how to use software that's installed via flatpak because it's weird.
I have a game installed that runs badly (unplayable for me) through proton. I can launch it through q4wine if I switch the steamdeck into "desktop mode" and it runs much better.
If it wasn't an immutable distro I could pretty easily make a shell script that launches the game through wine. Then I could add that shell script as a non steam game and it would (I think) run well, and I'd be able to launch it from the non desktop side of steam OS that is a lot more streamlined.
There is something comforting to me about immutable distros though.
I feel like I don't remember half the shit I have installed on my computers. If I wanted to start cutting things out I don't know where I'd start. But with flatpaks I get the sense I could probably just wipe anything I don't use out of the flatpak directory and I probably wouldn't break anything.
I'm using Bluefin and overall it's great. However, there are some unique issues due to immutability and flatpak.
- It's more difficult to utilize a NAS. For example, on something like Mint, I can open Proton Drive on Firefox, and I can use FF to upload files from my NAS to PD.
On Bluefin, I can access my NAS and all files using the Files app, but not using FF, and I cannot accomplish the above task in the same way. Firefox cannot fully access my NAS, and I have not figured out how to make it work. I've played around with Flatseal, but no dice. Instead, I need to use Files to download the files from my NAS to a local folder, and then I can use Firefox to upload to PD from that local folder. I'm guessing there is a better way, but I haven't figured it out yet.
- I would desperately like to use a screenshot tool with built-in annotations, but I haven't found a flatpak that works. As I understand, it might have something to do with flatpak combined with Wayland and/or my Nvidia GPU.
So while most things "just work," there are some problems. Planning to stick with it and keep learning. I do love the concept and I'm overall very happy with everything.
Has anyone had good success with setting up a development environment in an immutable distro? I love the entire concept because it fits with a lot of my other software preferences, but the tools for containerized dev environments felt frustrating.
Like, what do you do for your editor? vscode + devcontainers feel like the best option, but it's rough when I need other IDEs (like I use some of the Jetbrains products). Stuff like toolbox works well too, but to get an editor in that, you have to install it in each one, or make a container that has it built in.
Otherwise, I'll stick with plain Fedora — I use flatpaks for all of my apps anyways (except my editor)
I really appreciate rarely seeing the message "update complete, please reboot now". I would consider myself on the tech savvy side though.
Then you have NixOS, which is declarative, and fairly immutable.
You don't have to reboot to make changes, but you can't just run unlinked binaries either.
You can't do things like edit your hosts table or modify the FS for cron jobs. The application store is unwritable, but you can sync new apps into it .
You have to make changes to the config file and run a rebuild as root.
I switched to silver blue after a bad update and my experience has been almost identical if not smoother than standard fedora
I am a huge fan of immutable distributions, not for my personal daily driver but for secondary systems like my living room/home theater PC.
Could you share some pics (without anything private ofc) of bazzite? I wanted to try it but I couldn't use it as live distro. My main problem is arch because I'm used to
aptand I find pacman or whatever it uses difficult for me (nothing I can't learn ofc)I love the idea of getting a fresh image for every update
What do you mean? Thanks
I wonder if you can download Apparmor and Apparmor-d on mutable distros, But I faced issues of bwrap and I couldn't find a SELinux equivalent for Apparmor-d i tried allowing Bwrap but it didnt work so i uninstalled Apparmor.
TL;DR: My desktop PC uses EndeavourOS and the only immutable experience I have is SteamOS 3. I can't say one approach is better than the other, but I like having the newest software and packages in my system. And that's best provided with a rolling release. I also think that sandbox systems like Flatpak and the several alternative installation methods besides the system package manager is an added complexity for a new user in Linux.
I don't mind using an immutable system (BTW another term that describes this kind of system is Atomic, which comes from Fedora), as long as it is designed around it and works well. The only immutable system I use is on my Steam Deck with the pre-installed SteamOS 3. My generic desktop personal computer is using an Archlinux derivative EndeavourOS with a rolling-release, where I have much greater control over the system.
Both systems have their strengths. I don't think that my mutable and always up to date system is breaking more often than the other system. The best part of it is, its always up to date and I get the newest applications. I try to not use much Flatpaks or AppImages (but do for certain apps, where I have no other choice for ease of use). And an immutable system naturally basically asks me to use Flatpaks and other user space package formats that is not handled by the distribution itself.
Even though I have some thoughts on it, I am not excluding one approach. Many say that immutable distributions are good for new users to Linux. I think this adds some complexity and problems, because they need to use sandbox systems like Flatpak. And that's if they know that they are using Flatpak, because sometimes the app distribution gives options like AppImage and custom installer scripts as well. This is all confusing for someone who just starts with Linux. On top of it, the sandbox of Flatpak requires some additional setup and configuration for some apps, to access certain hardware or filesystems in example.
All in all, I tend to like the traditional "mutable" distribution system as a rolling release model the most. But I'm an not excluding any other and would use a good "immutable" one; I just didn't try any other than the one in my Steam Deck.
I need to run immutable distros more, and I need to figure out how to roll my own images.
Desktop side, I need certain things in the base image rather than adding more layers or using a container. Things like rsync, nvim, git, curl, lynx, etc.
Would immutable distros help reach more desktop audiences? Perhaps. It’s more about applications though. The biggest help has been electron apps and the migration to web apps. The Steam Deck is successful because it has applications people want.
Server side, they look really promising for bare metal servers. Provided, there is an easy way to compile custom images. Being able to easily rollback to a known good image is very enticing, as you point out.
I don't mind flatpaks, but overall I don't enjoy how software installs on immutable distros if it's not flatpacked. It's quite a kludge.