Is there anything obviously wrong or bad about the idea to just use whatever distro you like on bare metal. Like rolling release to get the fastest updates or immutable to make it rock solid. And then just use distrobox or toolbx with Debian and maybe Arch to run software your base distro does not provide?
I run Fedora right now but want to switch to something else. I was thinking about Tumbleweed a lot but there is quite a big portion of software which does not ship on Tumbleweed. (Theoretically you could download the .rpm file which quite a few developers provide on and install it on Tumbleweed too? But I am not 100% sure about that so please correct me about that if I’m wrong.) So I thought about Nix but the drama around that distro made me loose interest. Obviously Arch is also an idea but I don’t like my base OS to be a project itself so I’d rather not use it for now.
And yes I thought about installing homebrew or nixpkg or pixi or whatever the name of the next new package manager is. But nearly all of them are only installable by executing a script and I don’t feel comfortable doing that. Would it be safer to run scripts like that in a distrobox/toolbx?
So yeah, my initial question was wether it is viable to just choose any distro and get along with distrobox to get your software from the AUR or through .deb packages. But the question developed if it would be wise to use distrobox to execute random internet scripts without altering your base OS/putting your data to risk.
You must log in or register to comment.
Distrobox changed the way I use Linux. I cannot imagine going back.
First, you are exactly right that it allows you to separate app repo from the rest of what you live about a distro.
I use an Arch Distrobox with every machine. Using Chimera Linux that uses MUSL, Clang, libc++, and BSD userland? Install anything from the Arch repos or AUR in seconds.
But it is not just package repo size. Using an app that targets RHEL? Install it from a RHEL Distrobox.
Doing dev for a project whose users are Ubuntu people? Build it in an Ubuntu Distrobox.
Want to try something and do not want it to mess up your system? Do it in a Distrobox.
Need some software for a class that will just be cluttering up your system after? Make a Distrobox for that class.
I have a .NET Distrobox. I have a Java Distrobox. Just not having to update the IDE and frameworks all the time is a huge win.
Mature application that I use every day that I do not want to change or break on me? Install from a Debian Distrobox.
Rapidly developing app where I want the latest for features and fixes? Install from an Arch Distrobox.
Tools you like that only Mint offers? Install a Mint Distrobox.
Distrobox is the greatest.
What software? I’ve never found the need for distrobox; any software usually has a package or tarball.
For example signal only provides a .deb package for Linux. And I must admit I never understood how to handle a “generic” linux package/tarball. Maybe I should dig into that one day.
You can install the packages within the box
This sounds a lot like the Universal Blue distros. They even have homebrew installed by default. If you’re already using Fedora it would be a pretty easy transition.
Yes I thought about that too, but I really want to try something else.
I run a pretty barebone Archlinux with several distroboxes. My main motivation for this setup is that I work on a lot of different projects that all have very different setups. Running them in distroboxes make sure I can just drop the box, once the project is finished, and all code and data is just wiped, without having any impact on my main setup.
Exactly! Keeps the core clean. I use use Arch distroboxes on Arch or EOS for exactly this reason.
I switched from fedora to silverblue to now aeon (opensuse) and I use a tumbleweed and fedora distrobox. It’s almost exactly like silverblue.
Yes, you can choose any distro. But remember that a big part of a distro is the default software and settings. Choose one which fits your likings. I wouldn’t use debian or ubuntu. I like podman, selinux, etc. But anyone has different needs.
Since distrobox, the base distro matters less and less.
Because you mentioned it, what exactly is selinux? I saw it a few times on fedora but never really understood what it’s useful for.
It’s for permission management. Usually the user does not see it really.
Basically, if a hacker gains access to something, selinux secures your system by limiting the scope the attacker can gain.
Ubuntu uses apparmor.
I’m not deep in both topics to judge which one is actually better. I am just used to selinux and it’s good. I remember that peoplr claimed apparmor to be easy and selinux to be difficult to handle but I can’t confirm that. For my podman containers I simply add “:Z” to the paths which the container shall have access to and I know that it can’t gain access to any other location because of this Z and selinux. If I have to debug selinux, I run
sudo setenforce 0and if it then works, I can look deeper into it.
distrobox is pretty cool. I do not use it right now, but i have used it and it worked fine.
Is there anything obviously wrong or bad about the idea to just use whatever distro you like on bare metal.
no. go with anything that gives you recent-ish updates plus security stuff (most good distros satisfy both).
I run Fedora right now but want to switch to something else.
any reason why do you want to do that. just trying out or any problems. fedora to me seems like a nice distro already. If there is any problem, maybe we can help.
Theoretically you could download the .rpm file which quite a few developers provide on and install it on Tumbleweed too?
It can work, but most likely it will not. to put it simply - most linux packages are effectively very fancy zip files. they use different containers and different compression algorithms. some (for example arch packages) are just zip files (or tarballs to be precise), and metadata is to be handled by separate files downloaded by pacman, hence you would not see people packaging anything for arch (you dont have to do anything). some others (for example debian deb packages) are zip file contaiing 3 other zip files. one of them is the package it self, other being metadata stuff (which have information of requirements, file lists, etc.). RPM packages are similar.
While suse also uses the same rpm packaging format, there is no guarantee that package requirements are packaged same way in suse as fedora. If a package does not have many dependencies, it will likely work, but I would still not recommend it.
But nearly all of them are only installable by executing a script and I don’t feel comfortable doing that.
there is a reason for that. they want something that works across distros and setups. also this way, they know how and where they installed theemselves, and after installation, they can manage themselves.
but for these programs, I would not worry much (the ones you listed are big projects, and trusted, and you just do this once). but more importantly - these install scripts are often very simple. effectively they just download some file from server (something like github release) and then extract to some desired location. other things they do include specific setup quirks management. What I mean is that these are simple enough, that I recommend just downloading the script and reading it. if it is not downloading anything unknown, it is fine. if it is not very readable, then that is a bad sign.
But the question developed if it would be wise to use distrobox to execute random internet scripts without altering your base OS/putting your data to risk.
no. things can escape containers. just try to not run scripts.
