Rolling my own immutable distro
I've looked at a lot of other immutable distros and I might just end up using one of those, but I feel like taking on a bit of a challenge and there's a few things I'm not very keen on with existing solutions (last paragraph is my idea if you want to skip the context).
Most immutable systems I've seen require a reboot in order to apply system changes. What is this, Windows? Yeah, reboots are quick but restoring my windows and getting back into my groove is not quick. Also, every immutable OS I've seen wants you to opt-in to a rollback. Rarely do I see the full effects of installing a package or altering a config immediately. By the time I notice an issue maybe it's too late to rollback to before the change or maybe I've done a few other things since and I don't want to rollback everything. I would much prefer to make "rolling forward" or persisting changes to be a very conscious process.
I started messing with BTRFS and I think I've come up with a process that will get me what I want, no matter the distro. Please poke holes in my idea. So I think I can use BTRFS to hold data for the rootfs in three different subvolumes (at minimum): root-A, root-B, root-Z. root-Z is my golden image and it represents what I want root to look like after reboot. root-A and root-B are the active and passive instances of rootfs, but which one is active will flip-flop after every reboot. So if I boot with A, B gets replaced with the contents of Z. In the meantime I can do whatever I want with A. Not sure how I'll update Z (chroot or "promote" the active subvol to be Z) but without an update every reboot is an automatic rollback.
Thoughts?
I encourage you to go to town with whatever crazy setup you come up.
I just want to note that the reboot-to-update mechanism also has its positive sides, as ancient as it may seem (we do not succumb to windows level backwardness, because that fails to reap the benefits despite requiring so many reboots). Namely, you get atomic updates, hence the name "fedora atomic" for example. That means you have no transient periods where your OS is running in an inconsistent state. Like when you update a traditional distro, the new files/libraries/binaries/kernel-modules do not match anymore what is in RAM, including the currently running kernel. That leads to stuff like the nvidia driver / cuda not working until reboot, running applications failing to load a library they need now etc.. The vast majority of times this is no huge problem, but in theory the only way of maintaining a system with it never running in basically undefined state is with atomic udpates.
I get it, but I don't understand why fedora has to reboot 2 times when I update using the gui. What would be the problem with updating before shutting down, and rebooting only once? Fedora reboots, updates, then reboots again.
I've been on Fedora Silverblue for over two years now and I've never experienced such a thing. Would you mind elaborating? Like, does the system force itself off after the first reboot without any input? Or, instead, do you notice that the installed package is not installed and therefore succumb to another reboot by your own admission? Which, to be honest, seems like some broken interaction*.
I probably didn't explain it very well, sorry.
When I update using the gnome software manager, it only downloads the packages and wait for a reboot to install them. When I click the option to reboot ans install, it boots to a software update screen, and when it finishes, it reboots again to the system.
Basically what it's doing is booting to an alternate OS configuration to do the install. It's way easier to just reboot again rather than tear down the installer environment and go into a normal one. That's basically a reboot in all but name. It's annoying to have to enter your encryption passphrase twice, though.
I feel like a lot of Linux behaviors tell me most Linux people don't encrypt their data, which tbh should not only be the default but should be difficult to opt out of. Apple actually does this one right. Encryption is just the way it works.
That's exactly what happens. I get it now
Thank you for the elaboration! Quick question;
You use the word "boots" here. Then,
Now, you use reboots accompanies with "again". Therefore, I will assume that the previous "boots" meant to convey a reboot. As for my actual question, does your system do a full reboot the first time? So, is it technically possible to access GRUB in-between and does it ask you to fill in the LUKS-password (if you've enabled FDE) etc?
Finally, is this on Fedora Silverblue? Or just plain ol' classic Fedora?
It's on main fedora, and yes, I go through grub need to input the encryption password twice. I can record it, if it makes things more clear. I'm having a weird difficulty explaining this.
IIRC main Fedora used to not do this until some update crashed people's sessions including the update process which left their install in an unbootable state.
The ostree based versions like Silverblue avoid this by their updates not touching the running system and instead creating a new folder structure with the updates applied that will be booted into on next boot.
That's were the disparity of our experiences stem from π. I'm aware that regular Fedora behaves peculiar for updates. IIRC, the reasoning involved something about ensuring that updates happened offline for the sake of system integrity. Thankfully, Fedora Atomic doesn't have that issue π. Thank you clarifying!
Sorry for the mess, and thank you for taking your time to answer me
No need to apologize fam. Thank you for being patient with my questions π.