this post was submitted on 21 Jun 2026
14 points (93.8% liked)

Linux

65904 readers
718 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 7 years ago
MODERATORS
AgreeableLandscape@lemmy.ml
nooter692@lemmy.ml
MarcellusDrum@lemmy.ml
cypherpunks@lemmy.ml
cyclohexane@lemmy.ml
d3Xt3r@lemmy.nz
14
Portable Formats and Inmutable Distros (lemmy.zip)
submitted 15 hours ago by overcast@lemmy.zip to c/linux@lemmy.ml
17 comments fedilink hide all child comments
 

I feel like inmutable distros are in a quite good state nowadays, and while solutions like bootc and sysexts are not “mainstream” yet, it’s getting there

when it comes to getting non Flatpak packages, things get interesting, there are a lot of options, really

AppImages, statically linked binaries, tarballs, OCI containers, distrobox/toolbx, Homebrew, VMs, Nix even experimental formats like RunImages, AppBundles and FlatImages

if you need some non-system level package, you’ll have a way to use it yet, still it seems sort of chaotic “which one should I choose? how will I be able to easily manage them?”

GPM, dbin, Soar, AM… and the list goes on

and it’s okay, the so called cloud native approach is still evolving, so this fragmentation is expected so it’s nice to share opinions about this while we’re living this interesting phase any thoughts?

top 17 comments
sorted by: hot top controversial new old
[–] boredsquirrel@slrpnk.net 7 points 11 hours ago* (last edited 11 hours ago) (5 children)

All of the methods have big issues but I would still prefer them over messing with a mutable system

  • snap is likely the most secure by avoiding user namespaces, using AppArmor only and thus being very flexible (also for use for kernels, drivers, browsers ...) but it is proprietary, nobody likes it and Canonical doesnt wanna stop somehow.
  • flatpak has the biggest amount of officially maintained packages, but packaging is often really bad, runtime extensions arent really a thing, instead people just put ffmpeg binaries in their packaged and think that is fine. Flatpak does consume quite some disk space and more importantly RAM for the duplicated things
  • nix doesnt have any of these, but sandboxing is hard, there is either stable or unstable, changing and configuring things is very complex. Likely no official packages. Still the method I prefer.
  • homebrew idk? Never tried, mac focused and with more and more linux features like sandboxing. No idea
  • distrobox/toolbox is pretty hacky, relies on entire distros running in parallel with no shared anything (currently, afaik bootc deduplication is kind of planned but kind of difficult too). Updates dont really work so either you go declarative with podman compose or distrobox-assemble, or you use rolling distros. Also they share your homedir by default so they will clutter and mess up your dotfiles which is a problem nobody deals with. Dotfile backup tools exist but are kinda complex. Distrobox has a config but the creator doesnt seem to want to make it the default, neither do downstreams.
  • Appimages just suck, back to the windows way but without developer signature verification (like Windows) or secure updates (like .apk files on Android)

Also Nix, Flatpak and a few more fully depend on Github. Same with uBlue, Secureblue and a ton of other projects. Really scary actually.

[–] MonkderVierte@lemmy.zip 1 points 1 hour ago* (last edited 47 minutes ago) (1 children)

Looks to me like immutable only attracts the kind of developers/hackers who like to solve things by slapping another runtime on it.

[–] boredsquirrel@slrpnk.net 1 points 52 minutes ago

Immutable in the actual sense yes, it is basically a product and every other software is installed aside from it.

But you can also have better managed systems like nix or ostree, that reduce entropy or at least make it fully declarative so theoretically finding and reproducing issues is easy

[–] overcast@lemmy.zip 2 points 8 hours ago (2 children)

my thoughts

  • lol i just completely forgot about snaps
  • Nix can’t be installed in the standard way on inmutable distros :(
  • Homebrew is actually good, it’s exactly like your usual package manager and works with /home as a symlink, however it can take up a lot of storage since it pulls it’s own dependencies and that GCC thing is another one
  • distrobox/toolbx have their usecases, but until things get better it can be used as a last resort
  • and good old AppImages, I think they’re good for slow moving projects and games, but a large amount of them are not really portable, which defeats the purpose of AppImagws in the first place
[–] marcie@lemmy.ml 1 points 1 hour ago

Can always just layer it with rpm-ostree install (.rpm file)

[–] boredsquirrel@slrpnk.net 1 points 3 hours ago

Never used homebrew, that doesnt sound good.

I am trying to use nix and firejail only, but it is pretty rough and barely documented which is kinda insane as firejail is THE tool. Unlike crabjail, bubblejail and what else is out there

[–] moonpiedumplings@programming.dev 3 points 9 hours ago (1 children)

distrobox/toolbox

Distrobox excels for when you need some proprietary tool that ships it's packages as a repo for Ubuntu but not much else. You spin up a distrobox for Cisco Packet Tracer, or VSCode (the proprietary microsoft one, not Arch's Code-OSS and Unity.

Then, once you're done, you can just delete it all.

[–] overcast@lemmy.zip 2 points 8 hours ago (1 children)

this, even a tarball would have been better than a Ubuntu-only .deb

[–] moonpiedumplings@programming.dev 2 points 8 hours ago (1 children)

If the tarball was dynamically linked against specific distro's libraries though, then it wouldn't work on all distros.

They also often provide RPM packages for Red Hat systems. Not always though, and I use Arch (btw) anyways.

[–] overcast@lemmy.zip 1 points 7 hours ago (1 children)

really? by the time I needed it, there were only .deb available, and they did not listed all their dependencies on Debian, only on Ubuntu, I had to look for their dependencies and install them manually, what a mess

[–] moonpiedumplings@programming.dev 1 points 7 hours ago

Not everybody does. It's just sometimes.

[–] moonpiedumplings@programming.dev 1 points 9 hours ago* (last edited 9 hours ago)

nix doesnt have any of these, but sandboxing is hard, there is either stable or unstable, changing and configuring things is very complex. Likely no official packages. Still the method I prefer.

Nix is what I use, and it was frustrating to have to hack a lot of it into place, but I feel like it has the most potential. Unfortunately the flakes nonflakes split, in combination with the split of "distros" like determinate nix, flox, and so on, and the governance concerns really hold it back. It has horrific documentation, for the most part caused by the above (flakes are "experimental" and so can't be included in official docs), and it is frustrating the lengths I have to go to to make stuff work that should be easy.

For example, GPU acceleration of Nix packaged apps on non Nixos systems. I figured out how to do it:

(config.lib.nixGL.wrappers.mesa pkgs.gzdoom)

source

But I think it's just straight up impossible to do this via imperative package installs, outside of home manager. And it's kind off important if you want any GUI app whatsoever to work.

But now that I have it working, I use Nixpkgs exclusively and am able to avoid the AUR entirely. To me, the AUR is a last resort, only for something like say, system level printer drivers (thankfully I've never needed to install anything to get printers to work). By ensuring that I only use the AUR once in a blue moon, I can make sure that I actually review the PKGBUILD when using it.

[–] EchoDelta_9@programming.dev 1 points 11 hours ago (1 children)

Likely no official packages.

Would you mind explaining what you mean with this? Thanks in advance!

[–] moonpiedumplings@programming.dev 1 points 10 hours ago* (last edited 10 hours ago)

They are probably referring to the way that snap, flatpak, and distrobox are available as official packages in most linux distro's repositories, whereas nix isn't. I have encountered this frustration for sure. Debian and Arch provide nix packages, but many other distros don't.

In addition to this, nix requires manual setup if you install it from the repos, which is annoying. And then you have to do further manual setup to enable flakes, and then you have to figure out how to install packages and it's not fun.

So the main way people install nix is via the curl | bash scripts various "distros" of Nix provide.

[–] overcast@lemmy.zip 1 points 8 hours ago

did you know about pkgforge repo? it’s an interesting project however, even package managers for portable formats are sort of fragmented

I don’t like depending on GitHub so I don’t consider GPM, Soar and AM seem too similar… and I still have to understand what makes dbin stand out

[–] novafunc@discuss.tchncs.de 7 points 13 hours ago* (last edited 10 hours ago) (1 children)

Preface: I have been daily driving Fedora Atomic for the last couple of years and have also used a bit of Aeon and NixOS.

My opinion is that while atomic/immutable desktops are overall a good idea, they are marred by poor planning, a refusal to fix existing tools, and some cope.

There are way too many package managers and waste in this space. I think flatpak is a large cause of all this friction due to fact that it is always "sandboxed" and only focuses on GUI apps. The fact that it does not aim to support CLI apps (despite being able to handle them quite well!) means that we must have another tool, traditionally podman via toolbox/distrobox. The sandbox doesn't play well with certain subsets of apps, notably things like VSCode. At least Flatpak Next seems like it will address this part with its unsandboxed mode.

I also find it quite strange how some developers revel in wasted space and inefficiency. So many duplicated libraries between the host, flatpak, podman, and homebrew. With better planning, we could've had shared runtimes (such as Freedesktop) between the OS, flatpak, and whatever CLI package manager. Instead we have something like Fedora packages for the host OS and podman (not shared), flatpak using Freedesktop, and brew shipping their own stuff.

I also think that systemd sysexts are poorly designed, it's crazy they're being pushed. It's pretty much a package manager without dependency management. And for what upsides? It has no sandboxing, it's not portable between distros and distro versions, and must vendor dependencies to work around having no concept of dependencies. And we're already seeing fragmentation with Fedora and OpenSUSE working on their own frontends to manage sysexts.

[–] overcast@lemmy.zip 1 points 9 hours ago* (last edited 9 hours ago)

yay I think Flatpak has potential for CLI apps, they just need a nice way to expose aliases to the host actually, there are some CLI apps on Flathub already so I still don’t know how that “no terminal apps” criteria is handled

didn’t know sysext were so cumbersome