Silverblue for Atomic Updates

compromyse · November 2, 2024, 4:04am

Why bother using Fedora, when Silverblue can be used, ensuring atomic updates? It’d just make dom0 more reliable and less error-prone to updates being applied properly. Has this been attempted before?

otter2 · November 2, 2024, 11:00am

I like the idea of using debian more, but this would be cool too. Please do it and post your experience!

solene · November 2, 2024, 11:46am

what would be the arguments for Debian?

apparatus · November 2, 2024, 11:53am

github.com/QubesOS/qubes-issues

Change the OS used in dom0

opened 04:34PM - 18 Apr 16 UTC

mfc

T: enhancement C: core P: major

We have discussed this numerous times but don't have an issue to track these dis…cussions. It would be worth understanding what would be needed to change dom0 from Fedora to Debian (say Debian 8). Benefits include: - increased hardware compatibility - incorporate serious work taken towards reproducible builds - better firstboot installer - better (slower) release cycle than Fedora with longer-term support - other things? This ticket does not encompass modifying the desktop environment.

Reproducible build.

barto · November 2, 2024, 11:57am

Apart from “Debian is not Fedora”, there are differences which may be relevant to QubesOS dom0:

Debian favors stability and has a conservative approach
Debian is built on reproducible infrastructure
Debian evolution is not influenced by a commercial entity (RedHat)

But in the end, because I didn’t audit the source code of either distro, they are the same for me.

compromyse · November 2, 2024, 12:03pm

Honestly, I like the idea of Debian too, due to it’s focus on stability. But regardless of whatever is picked, I think an atomic OS should be used. It makes the entire system a less of a hassle to do in-place upgrades in.

compromyse · November 2, 2024, 12:05pm

Isn’t Debian just as reproducible as Fedora? What makes Fedora more reproducible compared to Debian?

barto · November 2, 2024, 12:09pm

It’s the other way around! Debian is built on reproducible infrastructure.

apparatus · November 2, 2024, 12:13pm

I’m talking about Debian, not Fedora.
For Fedora:

Because of this strong control over the build process, reproducible builds haven’t historically been a priority in Fedora.

This work was kicked off from an initial discussion at the RPM developer’s meetup during DevConf.CZ 2023. That led to the organization of a hackfest during Flock 2023, where we formalized goals, defined a general approach and started documenting known issues on the Pagure tracker. A recap of this event was published on Discourse and provided the starting point for this documentation. The project itself was formally announced on the Devel list in March 2024.

Fedora Reproducible Builds :: Fedora Docs

compromyse · November 2, 2024, 12:21pm

I see… I proposed only Silverblue because I’d assumed it’d be easier to bringup due to both Silverblue and Fedora having similar architecture (with regard to packages, and system design).

otter2 · November 2, 2024, 12:32pm

Practically - no updates (apart from security) and long life

Subjectively, I like their community and “spirit” or style more, whatever tf that is

P.S. In addition to that, I worry about our devs. Maybe ditching maintenance of quickly changing fedora systems is a good idea because it will allow them to work more on other projects. Maybe not. I do not know.

ymy · November 2, 2024, 1:25pm

could you open another topic or search for debian as dom0?

i find the topic of atomic updates tempting regardless the underlaying distribution. (especially now that i use a custom xen kernel and a regular update would my laptop unbootable with a regular kernel :> )

its makes the dom0 experience also a little bit more like the APP VM experience where updates are only applied after reboot. (and in that case you have the choice to chose between an earlier version/branch)