Linux

47308 readers

576 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

toolbox vs distrobox. Which one to use? (lemmy.ml)

submitted 10 months ago* (last edited 10 months ago) by [email protected] to c/[email protected]

23 comments fedilink hide all child comments

toolbox is preinstalled on fedora silverblue/kinoite whereas distrobox isn't. What's the advantage of one vs the other? Why is toolbox preinstalled and not distrobox?

edit: thank you guys! I guess for me this means that I'll use distrobox because it's much more mature or documentation is a little bit better and I do not need (or have) fedora's support

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 10 months ago* (last edited 10 months ago) (1 children)

I disagree with most of the benefits you list

I'm curious to hear your objections.

chief among them “increased security”

Do you deny that specific protection to some attacks is provided through the chosen model of 'immutability' on at least one of the atomic distros?

not to mention half of them are already supported by traditional package managers

Hmm...,:

atomicity; nope
reproducibility =/= reproducible builds for some packages (if that's what you meant)
declarative system configuration; ansible (and any other solution that I've witnessed being mentioned in such discussions) succeed (at best) at convergent system management, while e.g. NixOS does congruent system management by default. Consider taking a look at this page if you're interested in what these are and how they're different. (Spoiler alert) congruent is better and therefore more desirable.
increased security; security is not limited to chosen model for 'immutability' if at all; as Qubes OS (read: most secure and private desktop OS) doesn't rely on it for its security. So I can understand where you're coming from, but I have yet to see any non-security focused distro that provides the elevated protection against particular attacks that some atomic distros offer by default.
built-in rollback functionality; sure, this is not exclusive to atomic distros. Perhaps I should have done a better job at making clear that it isn't a feature provided necessarily by atomicity. But, the fact that I listed it at the very end, alludes that it isn't as exclusive and consequential as atomicity is. At this point, however, it has become almost synonymous with atomic distros, while the same can't be said about traditional distros.
regarding the consequences; I'm unaware of any distro that does those out of the box (barring Pop!_OS with their factory reset). Though, I'd love to be educated on this.

I was genuinely curious so thanks for the rationale.

It has been my pleasure ☺️! I'm also genuinely curious to read your reply to this comment😉.

[–] [email protected] 1 points 10 months ago* (last edited 10 months ago) (2 children)

I really wanted to avoid a debate (doubly so in a thread where some dude just wanted some help), which is why I'm trying not to engage the various answers I got; though just one thing since I apparently can't help myself: Qubes, which you cite, is indeed an example of such improved security done correctly, through an hypervisor and a solid implementation; not cgroups, some duct-tape and the same kernel, and thinking your security has improved. Thanks again, at any rate.

[–] [email protected] 4 points 10 months ago* (last edited 10 months ago)

Understandable! Please consider coming back to this at some point (also possible in private) as I'm genuinely curious to hear from you.

[–] [email protected] 1 points 10 months ago

There are may layers of security that every companies have different approach based by their users / their target customers.