Linux

65935 readers

492 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 7 years ago

MODERATORS

nooter692@lemmy.ml

AgreeableLandscape@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Portable Formats and Inmutable Distros (lemmy.zip)

submitted 1 day ago by overcast@lemmy.zip to c/linux@lemmy.ml

23 comments fedilink hide all child comments

I feel like inmutable distros are in a quite good state nowadays, and while solutions like bootc and sysexts are not “mainstream” yet, it’s getting there

when it comes to getting non Flatpak packages, things get interesting, there are a lot of options, really

AppImages, statically linked binaries, tarballs, OCI containers, distrobox/toolbx, Homebrew, VMs, Nix even experimental formats like RunImages, AppBundles and FlatImages

if you need some non-system level package, you’ll have a way to use it yet, still it seems sort of chaotic “which one should I choose? how will I be able to easily manage them?”

GPM, dbin, Soar, AM… and the list goes on

and it’s okay, the so called cloud native approach is still evolving, so this fragmentation is expected so it’s nice to share opinions about this while we’re living this interesting phase any thoughts?

you are viewing a single comment's thread
view the rest of the comments

[–] moonpiedumplings@programming.dev 1 points 1 day ago

snap is likely the most secure by avoiding user namespaces, using AppArmor only and thus being very flexible (also for use for kernels, drivers, browsers …) but it is proprietary, nobody likes it and Canonical doesnt wanna stop somehow.

Snap does seem to support user namespaces. Although I want to comment that user namespaces are not universally insecure. When an application is confined within a user namespace, seccomp rules restrict it from being able to interact with the user namespaces subsystem, walling it off from the increased attack surface.