why or how is fedora security?
When you run OpenSUSE, you can feel it was made by Germans.
The installer is a beautiful example of German engineering.
The package manager is a perfect example of German over-engineering.
If you run it with KDE, you have 2 redundant GUI admin tools for every config in the system, and 4 for setting up printers.German engineering.
Thank you for the nostalgia
I can hear this gif. I guess it’s time to have my colonoscopy.
I think I’ve put fedora on at least 4 personal systems and it has never caused an issue. It’s so smooth it’s boring in the best way. Switched to it for daily computing about 4 years ago. I use a minipc as a media server with Arch and turning it on it’s exciting. Just this fucking morning the default configuration decided that my main audio device was a microphone. Lovely. So flexible.
I eventually landed on Fedora too. Its level of “it just works” is amazing.
Right!? Almost everything I need is one dnf command away with minimal setup on my part.
On the other hand, my server running Arch testing has never had any issues. In fact, the only issue on any of my devices, all Arch testing, was nvidia.
This is a YMMV situation. I had Gentoo running on a minipc for a while and it never had any random issues pop up. Any screw up was fully traceable to configuration and entirely my fault. It was kinda funny. Hope your server stays healthy.
I’ll never stop hating that debian is labeled stable. I’m fully aware that they are using the definition of stable that simply means not updating constantly but the problem is that people conflate that with stability as in unbreaking. Except it’s the exact opposite in my experience, I’ve had apt absolutely obliterate debian systems way too often. Vs pacman on arxh seems to be exceptionally good at avoiding that. Sure the updated package itself could potentially have a bug or cause a problem but I can’t think of any instance where the actual process of updating itself is what eviscerated the system like with apt and dpkg.
And even in the event of an update going catastrophically wrong to the point that the system is inoperable I can simply chroot in use a statically built binary pacman and in a oneliner command reinstall ALL native packages in one go which I’ve never had not fix a borked system from interrupted update or needing a rollback
You are maybe conflating stability with convenience.
“Why is this stable version of my OS unstable when I update and or install new packages…”
The entire OS falling down randomly on every distribution during normal OS background operations was always an issue or worry, and old Debbie Stables was meant to help make linux feel reliable for production server use, and it has done a decent job at it.
I mean when I can take an Arch Linux installation that I forgot about on my server and is now 8 years out of date and simply manually update the key ring and then be up to date without any issue but every time I’ve ever tried to do many multiple major version jumps on debian it’s died horrifically… I would personally call the latter less stable. Or at least less robust lol.
I genuinely think that because Arch Linux is a rolling distribution that it’s update process is just somehow more thorough and less likely to explode.
The last one with debian was a buster to bookworm jump. Midway through something went horrifically wrong and dpkg just bailed out. The only problem was that it somehow during all of that removed the entirety of every binary in /bin. Leaving the system completely inoperable and I attempted to Google for a similar solution as arch. Where i could chroot in and fix it with one simple line. But so far as I was able to find there is no such option with apt/dpkg. If I wanted to attempt to recover the system it would have been an entirely manual Endeavor with a lot of pain.
I would also personally label having the tools to recover from catastrophic failure as being an important part of stability especially when people advocate for things like Debian in a server critical environment and actively discourage the use of things like Arch
If the only thing granting at the title of stability is the lack of update frequency that can simply be recreated on Arch Linux by just not updating frequentlyಠ_ಠ
While I personally agree with your sentiment, and much prefer arch to debian for my own systems, there is one way where debian can be more stable. When projects release software with bugs I usually have to deal with those on Arch, even if someone else has already submitted the bug reports upstream and they are already being worked on. There are often periods of a couple of weeks where something is broken - usually nothing big enough to be more than a minor annoyance that I can work around. Admittedly, I could just stop doing updates when everything seems to be working, to stay in a more stable state, but debian is a bit more broadly and thoroughly tested. Although the downside is that when upstream bugs do slip through into debian, they tend to stay there longer than they do on arch. That said, most of those bugs wouldn’t get fixed as fast upstream if not for rolling distro users testing things and finding bugs before buggy releases get to non-rolling “stable” distros.
I honestly don’t see this thorough testing. Not for a lot of apps I use anyway. It’s normal tbf even with 2 year you can’t thoroughly test every package for every bug, so you’re stuck with very old bugs a lot more often than people think. And on top of that some packages are so old that instructions you find on their git pages or wherever are too new and don’t work.
They really should have used the word “static” instead of stable. Stable definitely has connotations of functional stability, and unstable of functional instability.
Average Grandaddy Stable distro hater
To me the issue is the people calling a system stable because it is reliable, even if it updates unpredictably to changing functionality.
From my experience of Fedora: would you like to update today? Debian: You’re good bro, no updates today.
Qubes is the actuall security distro tho.
Qubes is specialised, though. The four distros above are general purpose with a focus.
Fedora 41 is now the ‘wait 45 seconds every boot because you don’t have a tpm chip’ version.
Can i get some context please? My fedora install wasn’t using TPM, i had to manually configure it; i haven’t noticed any difference in boot speed with or without TPM encryption
Probably only affects a small number of AMD machines.
so if it probably affects only a small number of specific hw platforms, you cannot state fedora as “now wait 40 seconds” distro.
i’m also not using the tmd chip, no issues.
What’s wrong with your Fedora installation? Mine doesn’t do that (also without a TPM chip)
Seems to be specific to some AMD models. I’m running it on a ~ten year old Asus. Timeout waiting for tpm as seen in someone else’s post at https://discussion.fedoraproject.org/t/much-longer-boot-time-after-updating-to-fedora-41/132603/15
Problem only occurred after upgrading from 40 to 41 - can be seen by pressing Esc while it’s booting.
that’s annoying. my laptop has TPM and i also encrypted the disk
Flexibility translates to unpredictable.
What? I love Arch, it’s so god damn stable and fast.
Once i get another machine to dick around on ill try installing arch.
Just use kvm/qemu and install it. When I want to play with detailed setups I install slackware and start configuring/compiling.
yeah i could do that. When i installed it i had a problem booting logging in, it wouldn’t goto the DE.
Danke für dies handbuch
Fedora is security? I mean, don’t get me wrong, I love it, it’s my daily driver after trying just about every distro under the sun, but I would’ve figured something like Qubes would stand head and shoulders above it.
i would say fedora is the “security distro for every day people” kind of distro
One of the few with SELinux by default
As a Fedora user, I thought Debian would be more secure.
Qubes is specialised, whereas Fedora is a general purpose distro with a security focus.
Don’t forget SUSE’s focus on SAP… Which is also Germany I guess
More accurate i would describe Fedora is:
Adopting Modern features first(Wayland,pipewire,etc Like there is no x mode in most stable Wayland desktops) and only having free and open source Repos(Rpmfusion can be added but its not official and excludes the Kernel drivers).I mean, sure Arch is flexible. All good footguns can mutilate me in a bunch of different ways.
Mint: easy
I, uh, use Kubuntu LTS (
--minimal-install, so nosnap).Are *buntu flavors risky for my workstation? Should I be considering Fedora?
Are *buntu flavors risky for my workstation? Should I be considering Fedora?
Why would they be risky? O.o They’re the preferred workstation setup at my place because Ubuntu is spread enough that it can be relied upon to be the distro admins have the most experience with (which is a self-perpetuating thing, I am aware).
