While you are correct, Bazzite is a drop-in OS replacement for Steamdeck and Asus ROG Ally, so there’s a lot of potential for more people hearing about it as it gets more popular.
While you are correct, Bazzite is a drop-in OS replacement for Steamdeck and Asus ROG Ally, so there’s a lot of potential for more people hearing about it as it gets more popular.
There isn’t a pro-grade, open source video editing tool or anything close
Do you use open source professional grade video editing tools on Windows? Almost certainly not, so why would it be a requirement for Linux?
What we need is companies producing Linux builds of professional grade closed source software. And if the trend of Microsoft making terrible decisions and Linux use increasing, it might actually happen.
Very true. The discussion helped me, as I did think it meant not easily editable.
As root of course you can change the system to be any other type of system (layer packages, rebase, whatever), but I did assume it meant not easily modifiable in it’s current state.
My comment in the comment chain was:
An attacker escaping from a container can’t be system root as Podman runs rootless (without some other exploit or weak password).
We could give the op the benefit of the doubt and thinking that they were saying that the attacker inside the container managed to gain root inside the container.
While you are correct, any system is compromised if you have root, so isn’t that irrelevant at that point?
Makes sense. An “immutable” distro provides no additional security benefit, however CoreOS does have a reduced attack surface area compared to other distros, which itself is a benefit.
edit: “Immutable” means “all of them are the same”, not “unchangeable”.
You sound confident, but the fact that Fedora is using the term “immutable” makes me wonder if you actually have domain expertise here.
Immutable means immutable. It would be strange for them to call it that if it actually means “completely irrelevant from a security perspective”.
Unless you provide some evidence to the contrary I’m going to assume you aren’t correct.
They 100% can.
An attacker escaping from a container can’t be system root as Podman runs rootless (without some other exploit or weak password).
The filesystem itself is also read-only.
/dev/nvme0n1p4 on /sysroot type xfs (ro)
/dev/nvme0n1p4 on /usr type xfs (ro)
/dev/nvme0n1p3 on /boot type ext4 (ro)
One salty downvote from @[email protected] :P
Selfhosted Gitea is a way to get a wiki, bug tracker or whatnot - collaborate, for example, but it’s not necessary to have a Git server for your personal use.
No, but it is amazing for browsing your repos and visually seeing what you did in a past commit or a branch, while your IDE is open to your latest code. Or copying and pasting something that you need from a different repo.
For Git experts, sure they can probably do all that better inside their IDE or CLI, but for us plebs, having your own Forgejo is incredible 😍
I have mine configured to disable the wiki and issues, etc, it’s just the repo browser.
deleted by creator
I use UCore for my homelab and it’s been flawless. Absolutely no issues. I run around 50 containers, LLMs, and host some public sites with Caddy.
The major thing that’s keeping me away from CoreOS/ uCore is all the ignition-butane-stuff. From what I’ve heard, it’s needlessly complicated
It’s super super easy. Run a docker one-liner on your existing local server or laptop to host a quick webserver:
docker run -p 5080:80 --name quick-webserver -v "$PWD":/var/www/html php:7.2-apache
And put this Ignition file in the directory from above: https://github.com/ublue-os/ucore/blob/main/examples/ucore-autorebase.butane
That’s it, that’s the only steps. Boot off the ISO and type in the hosting URL from above.
You’ll only need that when building the server the first time.
doesn’t require rebooting as often.
You have to reboot to upgrade to the latest image, so you’ll have to get rid of the ideal of uptime with years showing on the clock.
Rebooting is optional, and so far it’s been rock solid. Since your workload is all containerised everything just comes up perfectly after a reboot without any intervention.
I think Debian is less maintenance
Arguably that’s the best feature of an atomic server. I don’t need to perform any maintenance, and I don’t need to worry that I’ve configured it in some way that has reduced my security. That’s all handled for me upstream.
Yes you need an ignition file, but you just need to put it on any web accessible (local) host.
I used a docker one-liner on my laptop to host the server:
docker run -p 5080:80 --name quick-webserver -v "$PWD":/var/www/html php:7.2-apache
And put this Ignition file in the directory I ran the above command from: https://github.com/ublue-os/ucore/blob/main/examples/ucore-autorebase.butane
You could equally put the Ignition file on some other web host you have, or even Github.
That’s it, that’s the only steps.
uCore spin of Fedora CoreOS:
https://github.com/ublue-os/ucore
If your password was “is this necessary though” it’s easy to remember and not difficult at all to type
I believe you can run one of the ujust
scripts to add all the same dev tooling to Bazzite.
I have a Steam Deck for my gaming, which is funnily enough the thing that got me into Linux in the first place.
https://www.asus.com/us/laptops/for-home/zenbook/zenbook-14-oled-um3402/
22 hours battery life.
AMD.
Slim, gorgeous. Runs Linux like a champ.
I have bought only Asus for my last 4 laptops (previously I was Thinkpad), and I have never regretted any of them. Since switching from Windows to Linux earlier this year (Aurora-DX) I have had no issues.
If you want to go even smaller and lighter, this one is awesome but is Intel and doesn’t have as long battery life.
Thank you for posting this - I have had a play and it’s excellent.
I am a newbie in the Linux world and have been looking for something to replace the excellent WinSCP. XPipe is the first application I’ve used on Linux that actually makes remote SSH/SCP browsing easy to do, while still being able to handle more complicated SSH auth than just user/pass.
Bazzite. Idiot proof Nvidia gaming. I’ve installed it for a few Windows-using friends and they’ve had no complaints.
https://bazzite.gg/