• menas@lemmy.wtf
    link
    fedilink
    arrow-up
    6
    arrow-down
    2
    ·
    6 days ago

    I would have put OpenBSD in “focus on security”. Or hell The only prebuild thing their is pain, pain and suffering

    • Carighan Maconar@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      6 days ago

      Are *buntu flavors risky for my workstation? Should I be considering Fedora?

      Why would they be risky? O.o They’re the preferred workstation setup at my place because Ubuntu is spread enough that it can be relied upon to be the distro admins have the most experience with (which is a self-perpetuating thing, I am aware).

  • superkret@feddit.org
    link
    fedilink
    arrow-up
    202
    ·
    edit-2
    8 days ago

    When you run OpenSUSE, you can feel it was made by Germans.
    The installer is a beautiful example of German engineering.
    The package manager is a perfect example of German over-engineering.
    If you run it with KDE, you have 2 redundant GUI admin tools for every config in the system, and 4 for setting up printers.

  • Fliegenpilzgünni@slrpnk.net
    link
    fedilink
    arrow-up
    171
    arrow-down
    4
    ·
    8 days ago

    Sees “Germany”

    Die Kommentarspalte dieser Pfostierung befindet sich ab sofort im Besitz der Bundesrepublik Deutschland meine Kameraden!

      • visc@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 days ago

        NixOS is for people who have accidentally uninstalled 90% of their system because they didn’t pay attention to what other packages depend on the thing they were uninstalling and were desperately looking for a an undo button.

    • Zozano@lemy.lol
      link
      fedilink
      English
      arrow-up
      10
      ·
      7 days ago

      I’m still a Linux noob all things considered, and I’ve been using NixOS for six months or more.

      It is HARD, but I see the true value of it. I will never need to reinstall Linux because I broke it, that’s simply impossible.

      If I ever need to migrate my system, it’s all backed up to github. With a single

      Bash update.sh
      

      every single .config file backed up, system upgraded, all packages updated.

      I just love Nix, it’s the perfect OS for me.

      Now I just need to learn how to use flakes…

      Sidebar: I’ve never asked before, but maybe someone can help me out. If I install a flake of an application, am I supposed to add it to the existing flake, or can I modulate flakes?

      I’ve noticed when installing the nixvim flake it generates a new flake and it runs when I issue the

      nix run ~/.dotfiles/nixvim/flake.nix
      

      command, but I don’t want to have to run that command every time. I feel like making a fish abbreviation isn’t the correct way of doing this.

      • tinkling4938@lemmynsfw.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        6 days ago

        So I’ve only been using nix about a year and only used flakes. I use in two ways.

        First, I have my main nix flake. Most everything is controlled from that. It has several outputs from full blown nixos builds per host or some home manager builds for non-nixos systems.

        Third-party flakes I use as inputs to my own flake then use the override system to inject them into nixpkgs. Then I just install whatever like normal from nixpkgs. I can either override an existing pkg (neovim nightly replaces regular neovim for me), or you can just add as a new package to nixpkgs by using a different attribute name.

        Second way is for projects with their own repo. I’ll add a project flake that has a devshell with direnv so as soon as I enter that directory it sets up a sort of virtual environment just for that project. You can add outputs to it so others can use as a third-party flake.

        My main starting point was https://github.com/Misterio77/nix-config for this design.

  • Crozekiel@lemmy.zip
    link
    fedilink
    English
    arrow-up
    54
    arrow-down
    1
    ·
    7 days ago

    ITT - “I DISAGREE WITH THE FACTUAL ACCURACY OF THE SETUP AND/OR PUNCHLINE OF YOUR JOKE.”

  • specterspectre@lemmy.world
    link
    fedilink
    English
    arrow-up
    38
    arrow-down
    1
    ·
    edit-2
    7 days ago

    I think I’ve put fedora on at least 4 personal systems and it has never caused an issue. It’s so smooth it’s boring in the best way. Switched to it for daily computing about 4 years ago. I use a minipc as a media server with Arch and turning it on it’s exciting. Just this fucking morning the default configuration decided that my main audio device was a microphone. Lovely. So flexible.

    • Lucy :3@feddit.org
      link
      fedilink
      arrow-up
      2
      ·
      3 days ago

      On the other hand, my server running Arch testing has never had any issues. In fact, the only issue on any of my devices, all Arch testing, was nvidia.

      • specterspectre@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 days ago

        This is a YMMV situation. I had Gentoo running on a minipc for a while and it never had any random issues pop up. Any screw up was fully traceable to configuration and entirely my fault. It was kinda funny. Hope your server stays healthy.

  • TimeSquirrel@kbin.melroy.org
    link
    fedilink
    arrow-up
    38
    arrow-down
    3
    ·
    8 days ago

    I mean, I’m on Debian and I’m on the same install instance I’ve had for almost four years now. I’m constantly reading about how some of you people keep hosing your other distros with a normal update…

    • JustEnoughDucks@feddit.nl
      link
      fedilink
      arrow-up
      3
      ·
      7 days ago

      Lol, I ran 5 years on arch without a break.

      Now 6 months of Bazzite without a break.

      I think the age of distros shipping severely broken updated is over. And it was always, ALWAYS grub that broke after an update on mint and opensuse 10 years ago for me.

    • Draghetta@lemmy.world
      link
      fedilink
      arrow-up
      13
      arrow-down
      1
      ·
      7 days ago

      Real. Though sometimes running a recent version of something is a real challenge, unless it ships in appimage. If it’s a small program you can usually backport the package from unstable or just build it yourself, but if it depends on some rust or js libraries or whathaveyou you have to do so much crap you might as well just be running trixie

  • LordKitsuna@lemmy.world
    link
    fedilink
    arrow-up
    40
    arrow-down
    12
    ·
    7 days ago

    I’ll never stop hating that debian is labeled stable. I’m fully aware that they are using the definition of stable that simply means not updating constantly but the problem is that people conflate that with stability as in unbreaking. Except it’s the exact opposite in my experience, I’ve had apt absolutely obliterate debian systems way too often. Vs pacman on arxh seems to be exceptionally good at avoiding that. Sure the updated package itself could potentially have a bug or cause a problem but I can’t think of any instance where the actual process of updating itself is what eviscerated the system like with apt and dpkg.

    And even in the event of an update going catastrophically wrong to the point that the system is inoperable I can simply chroot in use a statically built binary pacman and in a oneliner command reinstall ALL native packages in one go which I’ve never had not fix a borked system from interrupted update or needing a rollback

    • Couldbealeotard@lemmy.world
      link
      fedilink
      English
      arrow-up
      9
      ·
      7 days ago

      They really should have used the word “static” instead of stable. Stable definitely has connotations of functional stability, and unstable of functional instability.

    • pmk@lemmy.sdf.org
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      7 days ago

      To me the issue is the people calling a system stable because it is reliable, even if it updates unpredictably to changing functionality.

    • dezmd@lemmy.world
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      1
      ·
      7 days ago

      You are maybe conflating stability with convenience.

      “Why is this stable version of my OS unstable when I update and or install new packages…”

      The entire OS falling down randomly on every distribution during normal OS background operations was always an issue or worry, and old Debbie Stables was meant to help make linux feel reliable for production server use, and it has done a decent job at it.

      • LordKitsuna@lemmy.world
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        edit-2
        7 days ago

        I mean when I can take an Arch Linux installation that I forgot about on my server and is now 8 years out of date and simply manually update the key ring and then be up to date without any issue but every time I’ve ever tried to do many multiple major version jumps on debian it’s died horrifically… I would personally call the latter less stable. Or at least less robust lol.

        I genuinely think that because Arch Linux is a rolling distribution that it’s update process is just somehow more thorough and less likely to explode.

        The last one with debian was a buster to bookworm jump. Midway through something went horrifically wrong and dpkg just bailed out. The only problem was that it somehow during all of that removed the entirety of every binary in /bin. Leaving the system completely inoperable and I attempted to Google for a similar solution as arch. Where i could chroot in and fix it with one simple line. But so far as I was able to find there is no such option with apt/dpkg. If I wanted to attempt to recover the system it would have been an entirely manual Endeavor with a lot of pain.

        I would also personally label having the tools to recover from catastrophic failure as being an important part of stability especially when people advocate for things like Debian in a server critical environment and actively discourage the use of things like Arch

        If the only thing granting at the title of stability is the lack of update frequency that can simply be recreated on Arch Linux by just not updating frequentlyಠ_ಠ

        • leezh@lemmy.blahaj.zone
          link
          fedilink
          arrow-up
          3
          ·
          7 days ago

          No opinion on Debian but as a heavy ArchLinux user I should point out you shouldn’t upgrade without reading the news as occasionally manual intervention is required. Upgrades can and will break things if you’re not careful.

          https://archlinux.org/news/openblas-0323-2-update-requires-manual-intervention/

          https://archlinux.org/news/ansible-core-2153-1-update-may-require-manual-intervention/

          https://archlinux.org/news/incoming-changes-in-jdk-jre-21-packages-may-require-manual-intervention/

        • fallingcats@discuss.tchncs.de
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          edit-2
          7 days ago

          I mean when I can take an Arch Linux installation that I forgot about on my server and is now 8 years out of date and simply manually update the key ring and then be up to date

          That won’t work, old pacman versions can’t deal with the fact that packages are now zstandard compressed. In fact, the window were you could successful do the update without a whole bunch of additional work was something like a couple of months. Certainly a whole lot less than a year.

          • LordKitsuna@lemmy.world
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            edit-2
            7 days ago

            I mean, if you want to use your system pacman sure. But you can just download the latest statically built pacman to do the large jump without issues. However i will concede that is more than JUST keyring update

            Edit: another fun way to get around that issue pretty easily. Boot any up to date arch installer, mount the old ass system root to /mnt and just run

            pacman -Sy

            pacman --sysroot /mnt

            Now just normal syu and the live environment pacman will update the old system, arch/pacman has a plethora of easy ways to get around what would otherwise be show stoppers on apt/dpkg :)

        • MrMcGasion@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          7 days ago

          While I personally agree with your sentiment, and much prefer arch to debian for my own systems, there is one way where debian can be more stable. When projects release software with bugs I usually have to deal with those on Arch, even if someone else has already submitted the bug reports upstream and they are already being worked on. There are often periods of a couple of weeks where something is broken - usually nothing big enough to be more than a minor annoyance that I can work around. Admittedly, I could just stop doing updates when everything seems to be working, to stay in a more stable state, but debian is a bit more broadly and thoroughly tested. Although the downside is that when upstream bugs do slip through into debian, they tend to stay there longer than they do on arch. That said, most of those bugs wouldn’t get fixed as fast upstream if not for rolling distro users testing things and finding bugs before buggy releases get to non-rolling “stable” distros.

          • EuroNutellaMan@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            5 days ago

            I honestly don’t see this thorough testing. Not for a lot of apps I use anyway. It’s normal tbf even with 2 year you can’t thoroughly test every package for every bug, so you’re stuck with very old bugs a lot more often than people think. And on top of that some packages are so old that instructions you find on their git pages or wherever are too new and don’t work.

        • pmc@lemmy.blahaj.zone
          link
          fedilink
          arrow-up
          1
          ·
          6 days ago

          Did you go buster -> bullseye -> bookworm or just straight to bookworm? It sounds like something got screwed up with the usr merge.

          • LordKitsuna@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            6 days ago

            Straight to bookworm. Sounds like that’s not supported but that just further shows why i don’t find it to be a functionally stable, or perhaps reliable is a better wording, system. But that’s also just my opinion

        • JackbyDev@programming.dev
          link
          fedilink
          English
          arrow-up
          1
          ·
          7 days ago

          it would have been an entirely manual Endeavor with a lot of pain.

          It’s funny that your phone auto corrected or you typed a capital E out of habit. I imagine you talk about Endeavor OS a lot lol.

          • LordKitsuna@lemmy.world
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            7 days ago

            Was using voice to text, it auto capitalizes words at absolute random. However yes i do use EndeavorOS so it comes up from time to time :p

    • dan@upvote.au
      link
      fedilink
      arrow-up
      12
      ·
      7 days ago

      FWIW I’ve got a Debian server that hosts most of my sites and primary DNS server, that’s been running since Etch (4.0, 2007ish). I’ve upgraded it over the years, switched from a dedicated server to OpenVZ to KVM, and it’s still running today on Bookworm. No major issues with upgrades.

      • LordKitsuna@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        2
        ·
        7 days ago

        It’s definitely not something that will happen 100%. I’ve also had long standing debian systems that seem to not care. However I’ve had plenty that, for whatever reason couldn’t handle multiple major version hops and just eviscerated themselves, I’ve not had that with arch personally. You may need to download the latest statically built pacman depending on how old it is but that and a keyring update usually has you covered

        • dan@upvote.au
          link
          fedilink
          arrow-up
          3
          ·
          7 days ago

          However I’ve had plenty that, for whatever reason couldn’t handle multiple major version hops

          Debian only supports upgrading one major version at a time. If you’re upgrading from Debian 10 to 12, you need to first do 10 to 11, then 11 to 12. Upgrading multiple versions at a time is completely untested and unsupported.

    • kekmacska@lemmy.zip
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      2
      ·
      7 days ago

      depends on workload. Debian has very old packages and can be insecure but it is a set it and forget it type of thing, it is good when uptime is critical for a server. For desktops, or servers that need better security, but can tolerate a little downtime, rolling releases are good too, if you are enough to update frequently, and you should, since updates usually contain a lot of patched vulrenabilities

    • friendless@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      7 days ago

      Good point! But I recently swapped to Debian 12 from Fedora 41. The latter needing constant updates several times a day. And despite this, it was not stable at all.

      • dan@upvote.au
        link
        fedilink
        arrow-up
        2
        ·
        7 days ago

        Fedora is good on laptops since it has the very newest kernel and thus includes all the latest driver fixes (which are needed for laptops like the Framework where they’re actively improving things). On the other hand, it has the very newest kernel and thus includes all the latest bugs.

  • I_Miss_Daniel@lemmy.world
    link
    fedilink
    English
    arrow-up
    26
    arrow-down
    3
    ·
    8 days ago

    Fedora 41 is now the ‘wait 45 seconds every boot because you don’t have a tpm chip’ version.

    • richardisaguy@lemmy.world
      link
      fedilink
      arrow-up
      21
      ·
      8 days ago

      Can i get some context please? My fedora install wasn’t using TPM, i had to manually configure it; i haven’t noticed any difference in boot speed with or without TPM encryption

        • richardisaguy@lemmy.world
          link
          fedilink
          arrow-up
          3
          ·
          7 days ago

          I want to have data-at-rest encryption, so that the only password i need to insert is my user one, this allows me to not have to type passwords multiple times. If i had the regular encryption password i would have to enable autologin in SDDM, which would do away with the encryption on kdewallet and all my credentials.

          Plus i also enable secureboot, and use fedora kinoite, so that i is hard to tamper with my boot stuff without my TPM wiping itself off my encryption password, this gives me a very Bitlocker-like setup, but without the shittiness of having my encryption keys linked to microsoft’s terrible encryption system and user accounts, i can actually control my stuff like this. For a laptop, i must say data-at-rest encryption is a must!

          This setup gives me multiple security layers; took my laptop off me -> booted my laptop, faced with user password -> tried to boot another OS, TPM wiped itself, no more encryption key -> computer now asks for encryption password, has to find a way around LVM2 encryption -> LVM2 encryption (somehow) defeated they must now crack my user password, or have to (try) to decrypt my credentials on the file system itself; after all these convoluted and extremely hard steps i think we can agree this person really deserves to have access to my cool wallpapers

        • rzlatic@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          7 days ago

          so if it probably affects only a small number of specific hw platforms, you cannot state fedora as “now wait 40 seconds” distro.

          i’m also not using the tmd chip, no issues.