Bazzite has a very simple process for installing software that isn’t on Flatpak: You spin up a virtual machine running a better distro and install it there
Bazzite has a very simple process for installing software that isn’t on Flatpak: You spin up a virtual machine running a better distro and install it there
Bazzite is the better distro because you install things in a distrobox. Muck around, break things in there, but your main distro stays safe, secure and stable.
Until the keys change. And you spend forever wondering why it updates every day only to realize it was the same update over and over and over, and the only way they announce they broke things is a GitHub issue.
I love Bazzite, daily it on my gaming PC. But imutable distros do have challenges, and installing non-standard software is defintlately one of them.
Hmmm. I use QubesOS mainly for the ability to have a separate VM for different things that I can muck around in and not break shit. Does bazzite offer a similar experience?
You don’t run a VM for everything with Bazzite, Distrobox is more like Flatpak or WSL in that regard.
It also isn’t much more secure, it’s just that everything is a bit more contained and comes with their own dependencies.
So it’s kinda like a docker container its got its own filesystem and root runtime but not its own kernel?
Distrobox is just a set of shell scripts that controlls Podman under the hood. Not only is it like docker, it literally uses the same container format (ContainerD).
Huh the more u know lol
Eh, it’s fedora under the hood with SELinux enabled, and immutable, better than most security wise, I didn’t say much more.
I replied to @muntedcrocodile@lemm.ee and understood the question like “Is distrobox as secure as QubesOS?”, which I replied with “No”.
I’d say Fedora Atomic is definitely a bit more secure than other distros (e.g. Ubuntu, regular Fedora, etc.) for reasons you mentioned, but if you are a user that thinks that only Qubes offers the security you need, than there’s no alternative.
I can recommend you Secureblue tho as a good middle ground.
It’s Fedora Atomic, but hardened, a bit like GrapheneOS. Still viable for comfortable everyday use, but much more secure.
Ahh, fair cop. Good point on Secureblue, but my threat model doesn’t take me there.