Debian stable, I guess, has both people sleeping on cruise control. Fine until it stops being fine, and then a flurry of activity.
Edit: or maybe a train. Boring, except for updates and dist upgrades.
Dist upgrades when you’ve neglected a server for 3 years is a fun activity. Many versions of the upgrader don’t work, need to take a specific upgrade path that lacks documentation. Mainly achieved by trial and error.
Do your upgrades regularly, kids . 😁
At one point I rebuilt a server by fully abandoning the package database and reinstalling everything as overwrites. Converted a slackware install into a Debian install in situ by cannibalizing it from the inside out. Pretty proud of that one, even 20 years later.
edit: oh gods… more like 24.
Wow, 2000’s era was the wild west of Linux. 😁 I remember installing distros from DVDs attached to magazines. 🤭
upgrades when you’ve neglected a server
In times of containers, does it even matter?
Edit: to clarify, yes you MUST keep your server up to date (and have backups) but what I’m questioning is… if the OS a server actually matters much when most of the actual “serving” is done by containers, which might themselves get updates, or not, but are isolated.
Yes, it matters.
Also, the actual isolation of container environments varies greatly, on a per container basis. Containers are far less isolated than virtual machines, and virtual machines are less isolated than separate hosts.
Neither containers or VMs will will protect from attacks on the host, see regreSSHion. You may be able to limit access to your host by using containers or VMs, but container escapes and VM escapes are not impossible.
There is much time and effort required to maintain each of these layers. With “stable” distros like Debian, It is often the responsibility of the distribution to provide fixes for the packages they provide.
Given Debian as the example, you are relying on the Debian package maintainer and Debian security team to address vulnerabilities by manually backporting security patches from the current software version to whatever ancient (stable) version of the package is in use, which can take much time and effort.
While Debian has a large community, it may be unwise to use a “stable” distro with few resources for maintaining packages.
OTOH, bleeding edge distros like Arch get many of their patches directly from the original author as a new version release, placing a lower burden on package maintainers. However, rolling releases can be more vulnerable to supply chain attacks like the XZ backdoor due to their frequent updates.
Thanks for the in depth clarification. I had in mind how quick re-installing a system was after a failure but indeed security itself is fundamental.
So to try to better gauge the risk here when you say
container escapes and VM escapes are not impossible.
what level of efforts are you talking about here? State level 0-day required with team of actual humans trying to hack? Script kiddy downloading Kali and playing for 1h? Something totally automated perpetually scanning the Internet in minutes and owning you without even caring for who you are?
I did read about blue pilling years ago (damn just checked, nearly 20 years ago https://en.wikipedia.org/wiki/Blue_Pill_(software) ) but it seems that since it’s the 1 thing solutions like Docker, Podman, etc and VM propers (and then the underlying hardware) have to worry about, it feels like it would be like trying to break-in by focus on a lock rather than breaking a window, namely the “hard” part of the setup.
Yeah, containerization does make it much easier to just throw away the base system and start fresh. This way, you don’t have to worry about possibly straying the recommended upgrade path and accidentally breaking something.
More code adds complexity, complexity leads to more bugs, more bugs means more vulnerabilities. Virtualization takes a lot of code. With all this extra code, it is possible that you are actually expanding the attack surface instead.
It is likely inconsequential for most people just running a couple personal services at home, but organizations are pretty frequently targeted by sophisticated attacks, where the consequences of a breach can be severe.
Yes, many of these vulnerabilities are difficult to exploit, either requiring local access or the existence of another vulnerability to achieve local access.
However, there also exists a massive market segment whose entire business model relies on selling local access to VM compute resources, cloud server providers. An attacker could simply rent a VM on a vulnerable platform to gain the needed local access, launch an attack on the host and thereby compromise the other guests on the same machine.
There have been an incredible number of flaws found and fixed (for now) in the isolation provided by virtual machines. VMware had a spat of critical vulnerabilities in 2024.
Shouldn’t it be Gentoo or Arch ?
I went through LFS’ build process three times. By the third time, I felt like I might actually have a clue as to what’s going on. Then I tried build X.org, and discovered what package managers are for. Tried a few “standard” distributions with their binary packages, none of which satisfied my newly discovered control freak tendencies. Ended up settling on Gentoo, been with it ever since.
The meme is definitely LFS.
I don’t use mint, but the serenity of a reliable platform to work on by far outweighs the boringness of the system.
My computer is a tool, not a hobby (anymore).
I feel the same way on PoPOS. I have compiled my own kernel (it’s actually not that difficult honestly) and done all matter of work at work. It’s also how I know the system is super stable and I don’t have to mess with things for my daily driver stuff.
EndeavourOS on my DD laptop with time shift in case an update wants to be a dick (or I do something stupid).
Proxmox VMs for when I’m feeling saucy.
Ain’t no one got time for an unstable work machine.
I run my “work machine” (Windows 11 VM) in Proxmox, cause I aint running windows on bare metal 🤘 Also means it’s always available wherever I happen to be, via Apache Guacamole. 👌
Mint is my favourite distro. Is everything I want from my computer.
… Except the Nvidia support. I need the actual proprietary driver for cuda and it’s not the easiest of rides.
(I switched to Nobara for better support and now the drivers memory leak. I need the courage to distrohop again)
For me it’s everything but the HDR support.
Same. I recently spent a few hours failing to either build gamescope from source or get the flatpak versions of gamescope and steam working together. Others got it working a few months ago, but their steps didn’t work for me and I just decided I’d rather spend my time playing without HDR than keep trying at it. Wouldn’t have been so hard on a disto better supported by gamescope.
Except the Nvidia support. I need the actual proprietary driver for cuda
As far as I know, the open-source driver supports CUDA now, as long as you’re using version 560 or above and the latest CUDA packages. https://developer.nvidia.com/blog/nvidia-transitions-fully-towards-open-source-gpu-kernel-modules/
We’ve been using the open-source driver with workstation-grade cards at my employer for a while. The open-source driver didn’t get full support for consumer-grade cards until version 560 which was only released around 6 months ago.
Debian with the mint UI. All of the debian memes, but none of the UI headaches!
There’s also LMDE which is mint built on Debian instead of Ubuntu. The Mint guys had the foresight to prepare for a future when they’d get fed up with Ubuntu’s nonsense.
Been using this for a while now. For my needs, it’s the best distro out there.
Dang it, you gotta come in here and tempt me to distrohop… That’s a dang attractive choice.
LMDE is everything you want, I assure you.
By the wire that powers the PSU, by the CPU on all-high! By the bus and system fans, blessed be… There she lies… The Magnum Opus!
People who understand Linux Mint and other complex distros at a deep level:
god mode
My shack pc is a tv box with a custom version of armbian, basically it’s barely holding itself together, but it still works decently for digital modes, so i’m not complaining; i couldn’t imagine the torture that would be daily driving that monstrosity
I love Mint for this reason.
When my OS works well enough that I don’t even have to think about it day to day, it’s doing its job.
the thing I think a lot of “linux dorks” (and I use that term lovingly) forget about is that most people want to work on their computer, not work on their computer. The OS, for most people, should be the software equivalent of a motherboard – an invisible plinth upon which the actual things you care about sit. With a motherboard, that’s your GPU, CPU, RAM, etc. and with the OS, that’s the applications you run.
there’s nothing wrong with making fiddling with your computer a hobby, and I’ve been known to dabble myself over the years, but for me and most other normal people, that ends up being too much work for too little reward in the end. Mint getting to the point where you can daily drive it and not have to worry about it even if you’re a complete brainlet when it comes to Linux is a massive W.
What happens if I also tinker with hardware? Does that mean I am a mother dorker?
Why do you think I shill NixOS here and actually installed Mint on my mom’s laptop?
That’s why I love Ubuntu/Mint too.
It’s boring stable.
I’ve been tempted to try out other distros, but honestly, when it works as well as it does for me, it’s too hard for me to give it up for something that might not be as stable of an experience.
As someone who used Linux Mint for a while and will always keep it in my heart as my stable transition from windows, Pop OS is just about as easy with a much nicer out-of-the-box UI (especially love the native dock). So for anyone like me, try it out.
Pop Os is nice. I went and bought the same hardware that system76 uses and then loaded their popOs on it. Going on 4 years of use now, zero issues. Battery life is challenging… Solid laptop otherwise.
laughs maniacally in Slackware
Oh god. I started with Slackware in 1998 and used it on the desktop until around 2008, then on the server until 2017 or so.
In later years, the last panel definitely felt like Slackware. I was afraid to upgrade for fear of breaking things. Installing new software was tough because it was like, well, I need this dependency for that package, but what about this one? Will I break package A if I install the dependencies for package B? Only one way to find out!
Slackware is probably much easier to handle now, with the proliferation of docker and the like, where the software includes the libraries it needs and doesn’t rely on the system libraries. Just run everything in a container.
Yeah, fuck Windows. I just had a focus stealing pop-up from HP that demanded a reboot.
I had put the pop-up to the side to finish some work before I’d let it reboot. Pressed enter to finish the message I was composing, only for the pop-up to once again steal focus, and given that “restart” was the only button on that pop-up, it immediately restarted the PC.
If i had one wish it would be to erase GetFocus from reality entirely
I do not understand why Windows lets windows steal focus like that. I have to use Windows for work, and I’ll be typing in my password or token, and it’ll steal the focus WHILE I’M TYPING. It’s infuriating behavior and potentially a security issue.
WITNESS ME
WITNESS NT
I use Arch BTW.
Today the liquidctl integration of cooler control died, making all my fans go into a safe profile which makes a lot more noise than normal. Imagine having to listen to that for an hour trying to get it working again. I did get it working luckily, somehow the coolercontrol-liqctld python module didn’t register properly. Once I got the module registered everything was working, for now…
yea this is probably the most annoying issue i’ve had on Arch. every time there’s a new version of Python, you’ll need to reinstall some python packages, usually the AUR stuff.
https://wiki.archlinux.org/title/Python#Module_not_found_after_Python_version_update
Is it that hard to roll back an update?
No, but depending on what’s wrong that might not be the best thing to do. If the new version is broken, rolling back to a previous working version might fix it. But when the update broke something, it might not fix it and could even make it worse. I’d rather figure out what went wrong and how to fix it, it’s a good skill to have. And if the new version does turn out to be broken, it’s good to have dug into it so you can make a proper bug report.
I think I would rather just use something stable.
Luckily there is a distro for anyone. There’s plenty of super stable distros out there. But if you want the cutting edge, stability will be comprised. And the cutting edge is pretty cool at the moment, so for me it’s worth the issue once and again.
I use Fedora and it seems to provide a pretty good middle ground. I know some like to fix broken systems but for me I want something more recent without breakage. (I actually use Fedora Silverblue so I can easily roll back changes)
Not gonna lie, I’m glad I’ve moved from Arch to Tumbleweed. Media codecs are handled worse somehow, but I haven’t had to deal with crap like this ever since…
You have to add the source with the non free codec packages:
https://en.opensuse.org/SDB:Installing_codecs_from_Packman_repositories
I tried that already, didn’t really help. That repo is currently deactivated on my machine, I think I had some (more) annoying problem with it (don’t remember all the details), but after spending quite a few hours on this problem, I essentially gave up trying to fix it. Right now, video playback works well enough that I don’t want to deal with it anymore.
And, honestly, I haven’t had a Linux installation where everything related to multimedia and graphics drivers just worked flawlessly. Ubuntu, Debian, Arch and Suse all had different issues. Switching from Nvidia to AMD didn’t help, either. Sometimes the flaws were minor and easy to ignore, but it has never ever worked as well as it does on Windows.
hmmm, did you try switching(vendor change) all system packages to pacman? (an option in the yast software installation module when you select the repository)
Can you link to the artist?
Oof. Looking at the WordPress it’s almost a time capsule. They got viral with this one and thought they could make it a full business by depreciating the WordPress domain and going to a .com site. The site is now dead.
looks like whatever was done later was preserved here https://m.tapas.io/series/Awkward-Love/info
daily driving arch
why is nothing working I JUST REFUELED MY TANK! HOW COULD THAT POSSIBLY BREAK MY CAR?!
Sounds like a driver issue
RTFCM
“Everything’s shiny, Cap’n, not to fret!”
“You told me these packages were supported for another 6 weeks!”
“Your last Pacman -Syu was 6 months ago, Cap’n!”
“My OS don’t crash. If it crashes, you crashed it!”
Me after a restart following a seemingly harmless package update:
“Ah, curse your sudden but inevitable betrayal!”
Refuel your car next time instead of your tank, sheesh
Get a decent package mangement system on it and LFS is like every other distro with extra steps.
Ugh, interesting yet so obvious! It’s been years… well decades since I played with LFS, time to read on https://www.linuxfromscratch.org/lfs/view/9.1-systemd/chapter06/pkgmgt.html
I kinda want to try LFS with Nix, but I think that’s literally just NixOS
As a windows user I didn’t like Mint
I tried out Kubuntu and it was really nice.
Why didn’t you like mint? It’s set up pretty much like windows.
I’m not OP, but I also prefer KDE over Cinnamon. The size/spacing of the buttons on the left side of the start menu/application launcher looks weird to me, and while I’m sure there’s merits to Cinnamon that was enough to sour my tastes.
A windows like linux isn’t really attractive to a windows user, they just want an intuitive but also customizable system. Chances are Windows users trying linux still have their old windows system, anyways. Why would they want a windows and also a fake windows?
Because modern windows is garbage and old windows is full of holes. Or at least that’s why I switched 🤷
There are a lot of reasons people might want to switch to Linux from Windows, but I don’t think it’s usually the GUI that’s the main problem on the Windows side. I think it’s pretty reasonable to want the GUI to work in the way you’re used to but still want an OS that doesn’t shove ads at you, install AI without your permission, bug you about Teams and OneDrive, reboot every time it needs to update anything, etc.
You answered your own question!
KDE more like goodest desktop
Plasma kept crashing my system after waking it up from suspend. I tried fresh installs twice, with different revisions of graphics drivers. Plus, I had to install a bunch of crap from github just for my games to work properly. Lighting issues, texture issues. The mouse wouldn’t stay captured to one monitor in Fallout 4. Mint with Cinnamon just worked out of the box for me.
Did you remember to sacrifice a pigeon?
You know, upon further reflection, I’m pretty sure my issues stemmed from Wayland. Plasma was a very nice DE, and I think I’d probably like it fine without Wayland.
Kubuntu is great nowadays.
Try out Zorin then
+1 Kubuntu.
KDE Plasma and Debian is where it’s at.
Comfortable, familiar OS GUI, working drivers out of the box, and a non crashing kernel with updates once a month.
And also steam works.
Steam and gaming working is a big thing.
Like 96.6% of the operating system.
I just found out about the global themes! KDE is just so good.
KDE Plasma and Debian is where it’s at.
Yep, in fact sadly I move away from Ubuntu after years of using because of the slow yet seemingly inexorable trend toward bloatware. Going back to the “basics” with Debian, and keeping KDE, made the transition very easy. As you also highlight, Steam works perfectly. Anyway, time to go back to Elden Ring ;)