Immutable and atomic PureOS? [Vanilla OS, NixOS, ...]

Software PureOS
1

Hi, Vanilla OS will be based on minimal Debian. They create immutable OS distribution with support for APX, APT, DNF, AUR, APK, ZYPPER, XBPS, NIX, DEB, RPM and Flatpak, Flathub, AppImage, GNOME Software, Package Manager.

That’s what I call a distribution :slight_smile:

https://vanillaos.org/2023/06/11/vanilla-os-orchid-devlog.html

https://handbook.vanillaos.org/2023/01/11/install-and-manage-applications.html

Is this more secure OS than traditional distributions? Could be PureOS based on Vanilla OS (minimal Debian) with just open-source packages?

2

IMHO immutable OS restrict the freedom to modify, change, and improve.

PureOS is a Free GNU/Linux distribution. GNU is free software.

What is Free Software?

Free software means the users have the freedom to run, copy, distribute, study, change and improve the software.

3

I could not see why. The source is public. Do your changes and commit them. Even if it were not possible to make runtime modifications with these kind of systems (which is possible) these freedoms don’t mean that you are in all cases protected from a necessary re-compile.

1 Like
4

Immutability in the other meaning

5

I have a half-prediction that in a couple years, immutable/image-based distros and container-y/flatpak apps will be the norm.

I’m not sure if I like it or not. Good ideas, but I don’t really experience the problems that image-based distros are trying to solve.

6

One advantage would be that I could have core OS without modified files for years, because core files are read-only. I could whenever decide to remove applications and libraries and to have fresh OS without breaking the core system.

In addition to that, hashes of the core OS files of exact version could be compared to a known hashes of the version and tampering of read-only files could be detected (for example if someone boots live CD and modifies core files).

Or, hacked core files are replaced on each boot and no comparing of hashes is needed.