[SOLVED] Podman quadlet adding files to container - Europe Pub
Scottish University agreed to 'monitor' students for weapons company supplying IDF, emails reveal
Emails suggest staff agreed to "implement" security measures including a request to "monitor university chat groups"
How Miami’s city commission gave themselves an extra year in office without voters’ permission
Last week, Miami’s city commission told those voters they’ll have to wait an extra year. In a 3-2 vote, the commission changed the city’s election bylaws to push the municipal races back to 2026.
Commissioners said they made the change in the name of cost savings and increased voter engagement when higher-profile races for Congress or the presidency may be on the ballot. But they gave themselves an extra year in office without asking voters for permission first.
Miami city officials cancelled an election. Outraged voters call it a power grab
Commissioners for the city of Miami rewrote their election laws to push the off-year 2025 local races to 2026 without input from voters. The decision has sparked outrageGeorge Chidi (The Guardian)
Nvidia becomes first company to reach $4tn in market value
Chipmaker Nvidia became the first public company in history to scale a $4tn market value on Wednesday as its stock price continues a years-long stratospheric rise.
Shares of the top chip designer rose roughly 2.4% to $164, benefiting from the ongoing surge in demand for artificial intelligence technologies. Nvidia’s chips and associated software are considered world leaders for building artificial intelligence products.
Nvidia achieved a $1tn market value for the first time back in June 2023 and the surge continued unabated with its market value – the total value of its shares – more than tripling in about a year, faster than Apple and Microsoft, the only other US firms with a market value of more than $3tn. Apple was the first company to reach a valuation of $3tn, back in 2022.
Nvidia becomes first company to reach $4tn in market value
Ongoing surge in demand for AI technology fueled stratospheric rise of chipmaker’s valueBlake Montgomery (The Guardian)
Multiple CVEs Patched in Latest Git Update
Multiple CVEs Patched in Latest Git Update
Git 2.50.1 fixes seven CVEs, including critical flaws in submodule handling, bundle cloning, and GUI tools.Bobby Borisov (Linuxiac)
Anyone else able to "sense" whether a solution on a forum will work before fully reading it through? Especially the long-winded ones.
Searching gives me the impression there's a million ways to solve the same problem on Linux, and I find myself profiling answers into about four categories at a glance:
- Succinct: one or two-liner, a single config file, or just a few clicks
- Long-winded song-and-dance: Full train of thought interspersed between various commands and logs, several config files (some of which don't already exist), or installing an obscure package that is no longer maintained
- Specific to a desktop environment or version I don't have
- Just looks wrong
I'll usually just take solutions from the first category, which almost always works, save for differences between updates and versions. Solutions in the second category also seem to end with a 50% chance of the OP unable to solve the problem. If I'm desperate, I'll try the second one, but it often ends up not working, eventually leading me to come up with a much cleaner solution of my own.
Curious if anyone else does this too and if those one-liners are really better solutions or if it's just confirmation bias.
like this
HeerlijkeDrop, Andreas Gütter e Mordikan like this.
like this
Andreas Gütter e themadcodger like this.
I find i to look on forums for solutions less and less anyway. Once you've been using a distro long enough unless your trying to do something you've never done before it's usually pretty simple to know what's wrong, and fix it. Because you'll get the same things popping up over and over again.
I also like to keep like a little doc of fixes I've done on each computer so that if a year later i need to do a version upgrade or reinstall i can look back to it, and see what i did last time if i get repeat issues. Especially useful on stuff like laptops where you'll have really specific hardware issues that reappear years later, and normally take hours and hours of trying to figure out what is broken.
like this
Mordikan likes this.
Usually the best fixes are the simple ones. And it seems like even with the longer ones you're able to figure out your simple fixes which is awesome!
Kind of funny how quickly we've flipped from "you should treat LLM output like advice from a random stranger" to "you should treat advice from a random stranger like LLM output".
Either way, it's the right idea. If you can't understand what you're doing but you do it anyway, you're going to create all kinds of problems for yourself.
In a round about way, that does fix the problem you have, though. Just randomly changing things or installing/uninstalling packages until the whole OS is borked and you have to reinstall thereby clearing the problem.
Doesn't teach how to fix the problem, but at least they'll get real proficient with setting up new system partitions.
Lolol yes, it's a weird straight circle indeed.
However applying those fixes and then learning to fix it is a great way to learn how to troubleshoot and unb0rk your system.
The difference between workable and non-workable usually boils down to whether I can understand each step and how they arrived at their solution(that is, can I fix my own fuck-up if I miss a step or impliment it wrong for my own situation), which I will know pretty quickly. That said, with my limitted knowlege, I can still spot the 50% that have no chance in hell of working pretty quickly.
OTOH, if a solution is succinct, upvoted, and still looks wrong, I'm at least going to look into the problem further with that as a reference point before I write it off completely.
like this
Mordikan likes this.
The more experience you have, the more BS your able to smell. Sometimes I marvel at how succinct other people can be fixing an issue with amazing docs. Compared to my old "wizard spell" shenanigans that solve the issue, but only on a Tuesday, full moon, goats, etc....
Its hard to solve issues, even harder to keep the solution working after a certain amount of time.
like this
HeerlijkeDrop likes this.
Drives me nuts computer illiterate family members praising me for fixing the most basic, basic shit for them. They think its because I have lots of experience. But no, its because I learned the absolute basics of computer literacy and the experience I now have is grounded in that. I don't want praise for "working magic", I want people to fucking spend a small amount of their time learning the most BASIC of IT skills so I don't have to waste my time fixing shit you should know.
Sorry, my frustration might be showing just a little.
My spouse is a tech and tells me he has all the patience for stupidity because he gets paid for it. Once upon a time, I was going to go into IT but turns out that no amount of money was worth it for me because my tolerance for stupidity and willful ignorance is next to zero.
TBF, I still smile and tell family members it's all good, no problem to fix and then vent my inward seething later on to my spouse 😅
The usual tech support search:
- First hit is a thread describing your exact problem, marked as [SOLVED]. Clicking it goes to a 404.
- Second hit is a thread describing your exact problem that goes to an actual thread, but the message has been edited to just say "Solved" with no record of what was done.
- Third hit is a thread describing almost your exact problem, with the first response calling the poster a noob for asking and then 15 pages of arguments.
- Fourth hit is a thread describing something in the same general area as your problem, which you try anyway and makes the thing you're trying to fix break in a different way, but it's progress at least.
- Actual solution is somewhere between the 5th and 8th hit, or you give up and come back to it in about a week and solve it instantly without trying for some fucking reason.
So to answer the question, I can usually tell I'm getting close to the solution when I say "Oh for fuck's sake" as I'm closing tabs lol.
like this
HeerlijkeDrop likes this.
I love to go with just rip out what ever is broken never look at it again and till eventually forgetting something was broken reinstalling what ever I ripped out only for everything to work again
Despite trying to reinstall things like 3 times before.
The key is you HAVE to forget about the problem or it knows your trying to trick it and it breaks it self again!
With ‘The Far Side,’ Gary Larson Pioneered the Art of the Meme
With ‘The Far Side,’ Gary Larson Pioneered the Art of the Meme
In the late 1980s, it seemed like every self-proclaimed budding suburban middle-school intellectual worth their salt had Far Side books crammed into every nook and...joshschollmeyer (MEL Magazine)
like this
Coopr8 likes this.
Here's an easy fix to that dilemma: There are no women who have claimed to be raped.
None. Zero.
It is all "witeness statements" from groups like ZAKA and the IDF which are stated in the report. Not a single person claims they were raped themselves.
These claims have nothing to do with believing women. They do not claim they were raped. The claim is "Believe Israel".
'Alligator Alcatraz' Already Ballooning Over $600 Million, Leaked Document Shows
The federal detention facility in Florida, officially named “Alligator Alcatraz,” is only the beginning when it comes to FEMA money being used to fund ICE operations, according to a source within the federal agency. The new program, dubbed “the ICE grant” by FEMA employees, means that millions in grant funds intended for shelters and facilities for noncitizen migrants may now be redirected toward detention centers and whatever else ICE decides.
DHS Secretary Kristi Noem said in a statement to the Associated Press on June 25 that the detention facility in Florida “will be funded in large part by the Shelter and Services Program within the Federal Emergency Management Agency.” The Alligator Alcatraz facility will cost $245 per bed daily, or $450 million per year, one U.S. official told the Associated Press. Internal FEMA documents, however, put the total grant awarded to the Florida Division of Emergency Management at $608.4 million.
The flow of cash from FEMA’s SSP program to states building ICE detention centers outlined by Noem, matches what a source within FEMA told Drop Site of the ICE grant: “it appears they’re taking the money intended for the SSP that Congress mandated via their old appropriations bill to a new grant program related to ICE so they can pay states.” States will then use the funds to develop ICE detention centers similar to the Everglades facility in Florida.
'Alligator Alcatraz' Already Ballooning Over $600 Million, Leaked Document Shows
DHS is redirecting FEMA money to create a slush fund for ICE detention centers.Ka (Jessica) Burbank (Drop Site News)
Pro-Israel Professor Shai Davidai Is Leaving Columbia
Per an email sent to Columbia Business School faculty on Wednesday morning from Dean Costis Maglaras and obtained by The Intercept, the vocal pro-Israel business school assistant professor made the decision to leave the school.
Several students, including Mahmoud Khalil and Mohsen Mahdawi, have also alleged that Davidai targeted them and called for them to be deported in the lead-up to their arrests by Immigration and Customs Enforcement.
Davidai was also a member of a prominent WhatsApp group of Columbia alumni, parents and professors that strategized about how to deport pro-Palestine students, The Intercept reported. He has noted that he does not have tenure at the school.
Pro-Israel Professor Shai Davidai Is Leaving Columbia
Davidai posted that he had been cleared of allegations filed against him last year. He was previously suspended after he was accused of harassment and intimidation.Akela Lacy (The Intercept)
The West seeks to destroy cooperation between Russia and China, says expert
The West seeks to destroy cooperation between Russia and China, says expert
Vladimir Nezhdanov, an expert at the Diplomatic Academy of the Russian Ministry of Foreign Affairs, commented on the statement by European Commission President Ursula von der Leyen on the need to stop China’s support for Russia in the programme ‘Opin…newsmaker1 newsmaker1 (English News front)
I'll have to repeat: Merz imagined himself to be the Fuhrer and wants war with Russia
I'll have to repeat: Merz imagined himself to be the Fuhrer and wants war with Russia: EADaily
EADaily, July 9th, 2025. German Chancellor Friedrich Merz, speaking in the Bundestag, said that Russia is questioning the right of an entire nation to exist and is beginning to destroy political freedom on the entire European continent.EADaily
Fuck Putin
Fuck all his family and ancestors and descendants.
I wish so hard for him to meet his end. Extremely slow and painful. To feel all the pain he caused all around the world.
In Kiev, they boast about the use in combat of an aircraft created by the Czech Republic and Slovakia: EADaily
In Kiev, they boast about the use in combat of an aircraft created by the Czech Republic and Slovakia: EADaily
EADaily, July 9th, 2025. Kiev at the end of June received the first aircraft of the SharkU1 type — an upgraded ultralight vehicle developed in the Czech Republic and Slovakia and designed for electronic warfare.EADaily
Archaeologists Discovered an Unprecedented Ancient Monument That Could Rewrite History
Archaeologists Discovered an Unprecedented Ancient Monument That Could Rewrite History
An archaeological find revealed in eastern France offers a never-seen-before mix of enclosures. They could rewrite history.Tim Newcomb (Popular Mechanics)
The Great Armenian Sell Out and Turkish/NATO Dreams of a Turan Corridor Stretching to China
Chaos in the Caucasus: The Great Armenian Sell Out and Turkish/NATO Dreams of a Turan Corridor Stretching to China | naked capitalism
The great question is how Russia and Iran will respond if Turkiye and friends attempt to muscle their way across the Southern Caucasus.Conor Gallagher (naked capitalism)
like this
Maeve likes this.
China, Russia, and Iran have hypersonic missiles. And that changes everything.
Bullets:
- China is the world leader in the development and deployment of hypersonic missile systems.
- Russia and Iran also have successfully built and recently used hypersonic platforms in conflicts in Ukraine and the Middle East.
- The United States is racing to close the gap, and hopes to build systems for some Army units next year.
- But the problem is that no air defense platforms can intercept inbound hypersonic munitions.
- This is the reality that confronts career politicians and military officers in Western countries: an armed conflict against any country with hypersonic missiles invites catastrophic losses to ground bases and naval fleet assets.
- Those risks will be deemed unacceptably high, and in the event of potential conflict in the Western Pacific or Persian Gulf will likely result in disengagement and withdrawal of American naval forces.
China, Russia, and Iran have hypersonic missiles. And that changes everything.
This is a transcript, for the video found here:Kevin Walmsley (Inside China / Business)
like this
geneva_convenience likes this.
changes everything?
does it though? War is profit. So it’ll “change” the ROI before it changes anything else.
don't like this
☆ Yσɠƚԋσʂ ☆ doesn't like this.
like this
☆ Yσɠƚԋσʂ ☆ likes this.
don't like this
☆ Yσɠƚԋσʂ ☆ doesn't like this.
Five-Year-Old Boy Injured in Ukraine UAV Strike on Kursk Beach Dies of Wounds
Five-Year-Old Boy Injured in Ukraine UAV Strike on Kursk Beach Dies of Wounds
A five-year-old boy who was injured in Ukraine's drone attack on Kursk beach died during transportation to Moscow, acting Governor Alexander Khinshtein said on Wednesday.Sputnik International
China Denies Shipping Air Defenses To Iran
China Denies Shipping Air Defenses To Iran
China’s embassy in Israel on July 9 rejected a report claiming that it had transferred missile production equipment or air...Anonymous1199 (South Front)
Moscow not fazed by Trump’s harsh rhetoric – Kremlin
Moscow not fazed by Trump’s harsh rhetoric – Kremlin
Russia is well aware that it is the US president’s style, spokesman Dmitry Peskov has saidRT
[JS] Let me pay for Firefox!
Let me pay for Firefox!
Hi Mozilla community, I’m a long time Mozilla supporter, I’ve published free (as in freedom) and open-source software, and I desperately want Mozilla to charge for Firefox. If that sounds like a contradiction, please keep reading.Mozilla Discourse
Ukrainian terror plot targeting railway bridge foiled – FSB (VIDEO)
Ukrainian terror plot targeting railway bridge foiled – FSB (VIDEO)
The suspect was shot dead after he opened fire at officers during the arrest, the Russian security agency has saidRT
America is sinking, and Canada cannot go down with the ship
America is sinking, and Canada cannot go down with the ship
Donald Trump is blaming other countries for his country’s large trade deficits when the U.S. should be looking at itselfClaude Lavoie (The Globe and Mail)
Most Canadians now see US as a ‘threat,’ study reveals
Most Canadians now see US as a ‘threat,’ study reveals
Europeans are still most concerned by Vladimir Putin’s Russia, Pew Research Center survey shows.Ferdinand Knapp (POLITICO)
This Aged Like Fine Milk, JD Vance Post From 2021
UK government’s deal with Google ‘dangerously naive’, say campaigners
UK government’s deal with Google ‘dangerously naive’, say campaigners
Company to provide free technology and ‘upskill’ civil servants but concerns raised over UK data being held on US serversRobert Booth (The Guardian)
like this
☆ Yσɠƚԋσʂ ☆ likes this.
Google is paying a pittance to achieve vendor lock-in.
The training may be free but there will be other services which will not be free and the other services will integrate better with the existing 'free' Google services better than anything else.
Houthi attack on cargo ship kills 3 mariners, European naval force says
Houthis killed and kidnapped cargo ship crew following attack in Red Sea, U.S. Embassy in Yemen says
Yemen's Houthi rebels killed 3 mariners with an attack on a ship in the Red Sea, a European naval force says, fueling concern over a possible new wave of attacks by the Iran-backed group.CBS News
like this
Maeve likes this.
SUSE launches new European digital sovereignty support service to meet surging demand
SUSE launches new European digital sovereignty support service to meet surging demand
With SUSE's help, European companies and governments can ensure their IT support, software, and data assets are safe.Steven Vaughan-Nichols (ZDNET)
like this
Andreas Gütter, Endymion_Mallorn e underrate170 like this.
Neat
In practice, SUSE's Sovereign Premium Support is tailored for enterprises and public sector organizations that require strict data residency, privacy, and operational control within the EU. The service ensures that:
- All support personnel and data are based in the EU, with named premium support engineers and service delivery managers assigned to each customer.
- Customer support data is stored exclusively on EU-located networks and servers, addressing both regulatory and geopolitical concerns.
- Access to sensitive data is strictly limited to EU-based staff, with a commitment to encrypting all data required for troubleshooting.
like this
Mordikan likes this.
Look, folks, I’ve been hearing a lot, a lot, about this thing called Linux. Ever heard of it? Sounds European, doesn’t it? Probably invented in Brussels, or Sweden, maybe Russia, I don't know. Total disaster. I call it Socialist Windows, because that’s what it is! It’s chaotic, no one’s in charge. Total mess. Bernie Sanders running an IT department, terrible.
Meanwhile, Windows, great American company, by the way, very successful, very strong.
IMO, If you really want independance dont use things from corporations.
Many people complains about overstaffing in administrations, so why not have them work on a distro from scratch ?
Donald Trump threatened Putin and Xi he would bomb Moscow, Beijing: audio
Donald Trump said he had separately warned both Russian President Vladimir Putin and Chinese President Xi Jinping that he would bomb their respective capitals if either of them invaded their neighbors, newly released audio broadcast by CNN shows.
The U.S. president was recorded speaking at a private fundraiser in 2024 about his conversations with Putin and Xi.
"With Putin I said, 'If you go into Ukraine, I'm gonna bomb the s*** out of Moscow,'" Trump is heard saying, recounting his version of their conversation. He also said with Xi he also threatened to "bomb the s*** out of Beijing" if it invaded Taiwan, the self-governing island that China claims as its own.
Donald Trump Threatened Putin and Xi He Would Bomb Moscow, Beijing: Audio
The newly released audio captured Trump talking about his conversations with Putin and Xi.Brendan Cole (Newsweek)
☆ Yσɠƚԋσʂ ☆ likes this.
US supreme court clears way for Trump officials to resume mass government firings
The US supreme court has cleared the way for Donald Trump’s administration to resume plans for mass firings of federal workers that critics warn could threaten critical government services.
Extending a winning streak for the US president, the justices on Tuesday lifted a lower court order that had frozen sweeping federal layoffs known as “reductions in force” while litigation in the case proceeds.
The decision could result in hundreds of thousands of job losses at the departments of agriculture, commerce, health and human services, state, treasury, veterans affairs and other agencies.
US supreme court clears way for Trump officials to resume mass government firings
Justices lift lower court order that froze ‘reductions in force’ federal layoffs while litigation in case proceededDavid Smith (The Guardian)
Okay why is your distro the best?
I made the unfortunate post about asking why people liked Arch so much (RIP my inbox I'm learning a lot from the comments) But, what is the best distro for each reason?
RIP my inbox again. I appreciate this knowledge a lot. Thank you everyone for responding. You all make this such a great community.
like this
Endymion_Mallorn e Andreas Gütter like this.
My Arch is the best for my private laptop
My Asahi is the best so that I don't have to deal with f*cling macos crap
Why my distro (pop!_os) is the best? Well it's probably not, but here's why I went with it:
- ubuntu based, so lots of applicable tech support online
- looks nice out of the box (imo)
- comes with nvidia drivers. Not a major point cause they aren't hard to get, but it was one of the things I considered when I unintentionally ended up with with nvidia
- tiling (the big one imo)
Aand that's kinda it :3.. at the moment it's kinda behind all the other stuff cause they're working on the new COSMIC DE, which im hoping is gonna be an upgrade to the GNOME with extensions the current version has
Aeon desktop is the best indeed:
- Crazy fast install.
- System configuration is done on the first boot.
- Supports ignition and combustion.
- The install USB can become a $HOME backup if you re-install.
- Full disk encryption by default and mandatory.
- Latest GNOME, looks clean and pretty.
- Rolling.
- Immutable, with Distrobox by default.
As far as desktop Linux goes, I don't see why I would use anything else atm. Give it a try!
Or, if you want all the same features without immutability, just go with OpenSUSE Tumbleweed!
(Aeon is an OpenSUSE project, too)
Are all the distros having the same GNU/Linux kernel
Yes. Different distros have different versions, patches and so on, but the underlying kernel is the same.
if I replace all the Arch userland files into Debian’s, the system will become Debian?
If by "userland" you mean files which your normal non-root user can touch, then no. There's differences on how distributions build directory trees, file locations, binaries, versions and so on. You can of course replace all the files on the system and change distribution that way, a convenient way to do that is to use distros installer but technically speaking you can also replace them manually by hand (which I don't recommend).
like this
jwr1 likes this.
I recently needed to build newer versions of some packages for Debian. Now, they're go based so the official packaging is super complicated and eventually I decided to try and make my own from scratch. After a few more hours of messing with the official tooling I start thinking "there must be a better way."
And sure enough, after a bit of searching I found makedeb which allows you to make debs from (almost) regular PKGFILEs. Made the task a million times simpler.
makedeb - A simplicity-focused packaging tool for Debian archives
A simplicity-focused packaging tool for Debian archives.www.makedeb.org
EndeavourOS Bcause:
It’s Arch with an easy installer, with all of the most common administration tools already installed
With the Arch repo, AUR, and flatpak I have a wide breadth of software to choose from
I can easily install it without a desktop environment to install and set up Hyprland without the clutter of another DE
Not to mention it’s active and friendly community and excellent documentation
like this
jwr1 likes this.
Arch.
I'm vegan, german and into fitness. There really was no other choice. /s?
Also, it's lightweight, you always get the most recent software, pacman is superb and it's super stable. In about 10 years on multiple systems, I never had anything break. The worst of it are simple problems during updates, which are always explained on their website.
Lastly, there is the wiki. The single best source of Linux information out there. Might as well be using the distro that's directly explained there, albeit a lot of information can be used on other ones as well.
With arch-install, you don't even need to learn much, but learning is never a bad idea and will be great if something does break. Every system can break. Arch prepares you for that.
pacman is the best i've used, packages are very up to date, and it's pretty easy to troubleshoot with the enormous amount of info on the wiki and elsewhere
Also it taught me about Nix (the package manager, which also runs on any distro and macOS independent of NixOS) which I now use to set up perfect development environments for each of my projects... if I set up dependencies once (as a flake.nix shell), it'll work forever and anywhere.
Same for me. I distro-hopped for about 20 years with OpenSuse, Ubuntu, Debian, Arch and Fedora being the most memorable desktop setups for me. While all that was a valuable experience, NixOS feels like graduation.
For the Nix-curious: I wish someone would have told me not to bother with the classic config and build a flake-based system immediately. They're "experimental" in name only, very stable and super useful in practice.
git add any new files before building!) but absolutely makes up for it by its features.
Same for me, I stopped distro-hoping 2 years ago when I moved to NixOS.
It was tough at first, setting it up took a while and i genuinely felt stupid like i haven't felt for a while; but now I love having the same config on my two laptops. I have one that stays at work and another one for traveling. With one word/line added into my config I can as a software, configure the VPN, change the wallpaper on both my laptop, or not. Some stuff like gaming goes only on the traveling laptop.
Also, another big thing for me is the feeling of having a cleanly built system all the time. I haven't felt the urge to do a clean reinstall since I started with NixOS.
- It's a fast way to get to a specific setup, like a particular DE or Vulkan gaming support, thanks to abstraction that NixOS modules provide
- There are tons of packages
- Because packages are installed by adding a config entry you don't accumulate random software you forgot you installed
- Immutable updates and rollbacks - this is similar to benefits of atomic ostree distros, but the nix solutions are more general, so you have one system that does more things with a consistent interface
- in addition to updating the base system, rollbacks also roll back user-installed packages, and configurations if those are managed via Nix
- devshells provide per-directory packages and configuration using the same package repos as the host system, without needing to manage docker images
- Nix is portable - much of what it does on NixOS can also be used in other distros, or even on Macos or Windows with the Linux subsystem
- Configurations often combine NixOS and Home Manager parts. The Home Manager part can be used à la carte on other OSes is a way that is fully isolated from the host OS package management. For example on Macos this is a much nicer alternative to Homebrew.
- devshells also work on other OSes
- similar to Guix - but NixOS uses systemd, and is (from what I understand) more tolerant of non-free software (whether these are pros or cons is up to individual interpretation)
Is a huge plus for me. I love to f up things to learn from them but I don’t like broken things and oh boy. Nix keeps me in the clean, safe.
Don’t get me wrong im doing stupid stuff all the time but just cus i have a few configs written down i can learn a lot. Or a little that amazes me lol
1. Arch based
a. Pacman package manager
b. AUR
c. Rolling release distro
2. Graphical installer
3. Extensive software repo. Things that I used to only be able to get as a flatpak are available in the repo, such as SurfShark VPN as an example
4. Super fast.
5. Updates are tested before they are made available and the delay is only a few days.
like this
scintilla likes this.
Debian (testing) is most suitable for me. If there were a universally best distro, all the others would cease to exist...
It isn't made by a for-profit company and thus doesn't have "features" I don't want.
It pays attention to software freedom, though it isn't so restrictive about it that it doesn't work with my hardware.
It was very easy to install only the things I wanted and needed.
Mint. It just works and Cinnamon is a good DE (ui design peaked in the Windows XP days). Plus you also get all the software built and tested for Ubuntu without the bullshit of using Ubuntu.
For my server I use NixOS, because having one unified configuration is so nice.
99% of screenshot is just wallpaper lol
But it's a good one! Mind sharing original file?
Best FREE AI Image Extender- Expand Images by AI Outpainting
Seamlessly extend your photos beyond their original boundaries in one-click. Enlarge images and adjust to any aspect ratio (over 20 options available). Resize your photos to perfectly fit Instagram, Facebook, and YouTube dimensions.yce.perfectcorp.com
My way of thinking and working is incompatible with most premade automatism, it utterly confuses me when a system is doing something on its own without me configuring it that way.
That's why I have issues with many of the "easy" distributions like Ubuntu. Those want to be to helpful for my taste.
Don't take me wrong, I am not against automatism or helper tools/functions, not at all.
I just want to have full knowledge and full control of them.
I used Gentoo for years and it was heaven for me, the possibility to turn every knob exactly like I wanted them to be was so great, but in the end was the time spend compiling everything not worth it.
That's why I changed to Arch Linux. The bare bone nature of the base install and the high flexibility of pacman and the AUR are ideal for me. I love that Arch by default is not easy, that it doesn't try to anticipate what I want to do. If something happens automatically it is because I configured the system to behave that way.
Linux is so great, because there is a distribution for nearly everyone out there (unless you are blind, then things are not that great apparently, but it seems to get better).
I switched from pop os to Fedora a while back. I did like pop, but it gave me problems regularly and I think it just needs to cook for a few more years probably. Fedora fixed every issue I was having 👍
Seeing all the arch praise here is definitely giving me distro fomo though. Lol
As someone who used both Arch and Fedora: no need to fomo, Fedora is great and delivers everything you may ever need from Arch without the headache.
The only strong side of Arch here is AUR, but then again, I've never found anything I would need that wouldn't be available in Fedora.
So, you're golden.
With Guix you have reproducibility, freedom, good docs and peace of mind, also when configuring things more deeply. You also have a powerful programming language (Scheme / Lisp) with which to define your system config as well as your dotfiles. This is my insight after years of GNU/Linux usage. I run Guix on laptops, desktops and servers, and I never have configuration drift, as well as the benefit that I have a self documenting system.
Isn't GUIX based on Linux-libre?
This must complicate installing nonfree software, including nonfree drivers if your computer needs any.
Thanks for this! I guess the point is, people don't want to dig deep into the system built with different approach as a base.
But you made me interested
Arch. I tried other distros and always came back to Arch. Other distros are very bloated and honestly I can't be bothered with removing them manually. I also love the AUR and the wiki.
Another interesting distro was NixOS, but that is a bit of a pain in the ass to learn.
For newbies, Fedora KDE Plasma edition or Mint Cinnamon is my recommendation. Kinoite is Fedora KDE Plasma edition but immutable for the ones that keep breaking the system because they keep following some absurd guide online for whatever.
Debian.
With x11 gnome it can run the Rustdesk client and pass all the keys properly to the Windows host. And it doesn't boot to a black screen like many other distros on my Asus laptop.
Was on Fedora with similar results but it started taking ages to boot looking for a non existent tpm chip.
I use fedora silverblue for a couple reasons. After jumping from elementary to Ubuntu to Manjaro to Artix I got tired of dealing with distro specific modifications and weird issues. With the Ubuntu based distro I never enjoyed how out of date some packages were. I’d hear about a cool new update for a program I use and realize it would be a while till that would be in my repos.
I really liked artix and Arch’s rolling release nature and I would probably enjoy arch if I still used my computer daily like I used to but now I can be away from it for a couple months at a time and I need updates to be stable.
I’ve found Fedora (silverblue in particular) to be a perfect middle ground between rolling release and having a more regular update schedule. I use silverblue because I never wanted to have to worry about an update breaking my install ever again.
I will admit that because silverblue uses flatpaks almost exclusively, my appreciation for software being up to date could be achieved on almost any other distro, but the vanilla style of fedora is what keeps me now. I’m a big fan of vanilla gnome and not too many distros ship it like that.
Honestly, having tried both atomic and regular Fedora, I ended up with regular, as it allows you to do all the same things without limiting you to them.
Install flatpak? Sure. Use Distrobox? Of course. But if you have to use native package, you can simply install it without jumping through the hoops with rpm-ostree (which doesn't even always work properly).
Fedora itself is great, though - a healthy release cycle, high stability, and mature base.
Gentoo works best for me because I'm a control freak. It lets me tune my system in any way I want, and I don't mind leaving my computer on while I'm asleep so that it can compile its way through libreoffice, webkit, and a couple of browsers. Plus, based on complaints I hear from people using other distros, Portage beats other package managers in every way except speed.
This doesn't mean that it's best for everyone, mind you, just that it's best for me.
Gentoo is the best, if you have a beefy CPU with enough RAM, it's not even that slow. (Yes still slower, though dnf may be on par).
But it's just the best thing for having control over your hardware and software.
USE flags are divine, I can't imagine a life without them anymore.
I agree with Gentoo.
I had installed Arch for my wife, to get fast install times and more normal user friendly upgrades, but it kept breaking all the time.
It really opened my eyes to how incredibly stable Gentoo is while still allowing living on the bloodiest of edges at the same time.
Fedora
Any RPM-based system has exemplary validation and, as long as we don't throw it out with flatsnappimages, it presents a very clean and maintainable install.
Extra points for PCLinuxOS which has avoided lennart's cancer.
No points for SuSE as they continue to exist as the over engineered bastard child of slackware and RPM, like slackware met 73deJeff on a trip and let the tequila do the talking. Mamma mia!
OpenSUSE because rolling release and no IBM. Never used it though.
Currently I use Mint. It works but it's not the best.
Fedora Atomic because I don't fucking care what package manager and whatnot sits underneath.
I just wanna relax in my free time and not worry about all this fucking nerd stuff.
Touching grass > Troubleshooting a broken system
Arch. I think when people say "bloat" they don't mean it in the traditional sense of the word. Most people are installing plasma or gnome and pulling all the "bloat" that comes with them. To me at least it's more that no one is deciding what they think you're likely to need/do, and overall that makes the system feel much more "predictable". Less likely to work against what I'm trying to do.
Ignore all the comments about Arch being hard to install or "not for beginners". That view is outdated. When I first installed Arch when you had to follow the wiki and install via the chroot method. Now it's dead simple to install with the script and running it isn't any more difficult than any other distro.
Mainly though it's because of the AUR.
like this
Mordikan likes this.
OpenSUSE Tumbleweed/Slowroll
Tumbleweed is the only bleeding-edge rolling release distribution that just works and never fails and is super easy to install and manage without any expertise. And it is massively underrated and forgotten for no good reason.
All Tumbleweed packages go through extensive and to this day unrivaled automatic system testing that ensures no package is ever gonna bork itself or your system.
If you're still worried about stability, there is Slowroll - currently testing, but in my experience very stable distribution. It makes rolling release updates...a bit slower, so that they're only pushed after Tumbleweed users absolutely ensure everything is great and stable (not that it's ever otherwise). It does the same job as Manjaro, but this time around it actually works without a hitch.
Both deliver great experience and will suit novice users.
Ubuntu.
Why? - I guess I'm too lazy for distro hopping now 🙁
Besides, this was the 1st Linux distro I tried back in 2005. After the usual ditro hopping phase was over, I settled on it; somehow (irrespective of snap and other controversies) I feel at home.
I agree. I tried Fedora first, then Pop!OS, and then settled on Kubuntu.
Kubuntu has been the most stable so far, no big issues. I chose it for that and its Wayland support. Snaps can be disabled or even have auto update turned off which is what I did and I had no real issues with Ubuntu past that so overall a good distro.
Widely supported, plenty of tutorials, has my favorite DE as a spin, it just does what I need it to.
Debian stable.
Everybody think they are a special snowflake who needs bleeding edge, or a specific package manager or DE or whatever. Truth is 99.99% do not. They just like to believe they do, claim they do, try it, inflict self pain for longer than they need, convince themselves that truly they are, because of the pain, special.
Chill, just go with stable, it's actually fine.
Edit: posted from Arch, not even sarcasm.
As someone who ran Debian Stable for a while, this is not a distro for "99.99%".
First, Debian, while very stable in its core, commonly has same random issues within DE's and even programs that may likely just sit there until the next release comes along.
Second, a release cycle of 2 years is actually a giant and incredibly noticeable lag. You may love your system when it just releases, but over time, you will realize your system is old, like, very damn old. It will look old, it will act old, and the only thing you can do is install flatpaks for your preferred programs so that they'd be up to date.
This isn't just programs. It is your desktop environment. It is Wine (gamers, you're gonna cry a lot unless you work it around with flatpaks like Bottles, which will feel like insane workaround you wouldn't have to have with a better fitting distro).
It is the damn kernel, so you may not even be able to install Debian on newest hardware without unsupported and potentially unstable backporting tricks.
Don't get me wrong, Debian is absolutely great in what it does, and that is providing a rock solid environment where nothing changes. But recommending it for everyone? Nope.
I feel like a lot of your points were true at one point, but are becoming lest relevant.
For one, at least with XFCE, I found myself not really running into DE bugs.
Also, I don't think two years is as obnoxious anymore. During the era of the GTK 4 transition a couple, it drove me nuts, but now that a lot of APIs like that have stabilized, I really don't notice much of a difference between Debian Testing and Stable. I installed and daily drove Bookworm late in its lifecycle on my laptop, and in terms of DE and applications, I haven't noticed anything. I get the feeling Debian's gotten better at maintenance in the past few years - I especially see this with Firefox ESR. There was a time where the version was several months behind the latest major release of ESR, but usually it now only takes a month or two for a new ESR Firefox to come to Debian Stable, well within the support window of the older release.
Also, I don't think Flatpaks are a huge dealbreaker anyway - no matter what distro you're using, you're probably going to end up with some of them at some point because there's some application that is the best at what it does and is only distributed as a Flatpak.
Frankly, I probably am a terrible reference for gaming, as I'm a very casual gamer, but I've found Steam usually eliminates most of these issues, even on Debian.
Also, the official backports repository has gotten really easy. My laptop had an unsupported Wi-Fi chipset (it was brand new), so I just installed over ethernet, added the repo, and the install went smoothly. There were a few bugs, but none of these were specific to Debian. Stability has been great as ever.
In conclusion, I think right around Bookworm, Debian went from being the stable savant to just being an all-around good distro. I'll elaborate more on why I actually like Debian in a comment directly replying to the main post.
I might disagree with 99.999% like you - maybe I'd put it in the 50-75% range.
As a KDE fan, I had some bugs on some devices (like on one of the laptops, wallpapers did not install correctly and the setting to always show battery charge didn't work) even on Debian 12.
XFCE is well-known for stability, but seems to be increasingly irrelevant for the average/newbie user because the interface looks outdated and configuring is relatively complicated.
Interesting you mentioned Firefox ESR - iirc, even at release the version shipped with Debian 12 was considered very old, prompting many to install Firefox as a flatpak. Two years later, it's two years older.
Flatpaks are good and suitable options for many tasks - no argument here! But some things are just better installed natively, and there Debian just...shows.
Steam is a godsend, but there are many non-Steam games and, importantly, programs out there, and launching them through Steam often feels like yet another bloated and slow workaround; besides, you cannot choose Wine over Proton, and sometimes (granted: rarely) you may want to use Wine specifically.
To conclude - it's alright to choose Debian anyway, it is good! But I just feel like newbies and casual users could save a lot of trouble and frustration simply going with something that doesn't require all that - say, Fedora (non-atomic), or OpenSUSE, and then go from there to whatever they like. There are plenty of distributions that are stable, reliable, but without the tradeoffs Debian sets.
If you feel like stability is your absolutely biggest priority ever, and you have experience managing Linux systems - by all means, go Debian. But by that point you'll already know what you want.
Debian Stable actually updates Firefox ESR through the typically on by default security channel.
The current ESR version in there is 128, which is about a year old, which replaced the 115 that came with Debian 12 by default.
The newest ESR, 140 just came out 2 weeks ago. 128 still has 2 months of security updates, and 140 has already been packaged for sid. I have no doubts 140 will come before those 2 months are up.
Now the KDE thing actually sounds like it sucks.
even programs that may likely just sit there until the next release comes along.
... the only thing you can do is install flatpaks for your preferred programs so that they’d be up to date.
... Wine (gamers, you’re gonna cry a lot unless you work it around with flatpaks
I already posted on this a while ago but that's is a recurring misconception. No distribution, literally 0, provides all software to the latest version or to the version one expects. Consequently IMHO it is perfectly acceptable to go beyond what the official package manager of the distribution offers. It can be flatpaks, am, build from source, etc but the point precisely is that the distribution is about a shared practical common ground to build on top of. A distribution is how to efficiently get to a good place. I also run Debian stable on my desktop and for gaming, I use Steam. It allows me to get Wine, yes, but also Proton and even ProtonFix so that I basically point and click to run games. I do NOT tinker to play Elden Ring, Baldur's Gate 3, Clair Obscur, etc and my hardware is well supported.
So... sure if you consider a distribution as something you must accept as-is and NOT rely on any of the available tools to get the latest software you actually need, can be games but can be tools e.g. Blender, Cura, etc, then you WILL have a tough time but that's the case for all distributions anyway.
TL;DR: a distribution is the base layer to build on. Its package manager, on Debian and elsewhere, is not the mandatory and sole way to get the software you need.
Debian. Truly the universal operating system. Runs on all of my laptops, desktops, servers, and NAS with no fuss and no need to keep track of distro-specific differences. If something has a Linux version, it probably works on Debian.
Granted, I am a bit biased. All of my hardware is at least 5 years old. Also came from Windows, where I kept only the OS and browser up to date, couldn't be bothered with shiny new features. A package manager is already a huge luxury.
- I have access to more packages than with any other package manager.
- everything to get my setup in the exact state I want is in my config, which is 90% useable on any other distro thanks to home manager
- My config is all in one place and easy to share
- If I ever break something, I can always roll back
- I don't need Docker
NixOS makes me feel so safe making low-level changes to Linux and making sure that my work laptop, gaming desktop, and personal laptop all have the exact same shit on them and I'm gonna use them the exact same way.
I wish that nixlang was decoupled from the concept of a build system bc it's such a great DAG config DSL and I can think of so many cooler uses for it but I just don't have time to focus on it.
Because it uses the best desktop environment (GNOME) and im the most familiar with
(I wonder how many downvotes i will get)
I can't speak for anyone else but I can tell you what I personally love about Gnome.
I like that it's Spartan. I like that it looks good without me having to customize a thousand different settings.
I like that It has client side decorations, so every window doesn't have to have an obscene, chunky, mostly useless title bar.
I don't miss every single application having 100 different options packed into a menu bar. Once you get used to it, you realize that it was mostly getting in the way the whole time.
It's just a really streamlined workflow for 98% of what you do. The problem is that 2% where it's too spartan and God do you wish you had some options.
But I also think KDE is a great desktop environment. If I were more of a gamer I'd be using KDE. I think XFCE is an excellent desktop environment for aging hardware and Windows converts. It is very much a matter of taste, Use cases, and your preferred workflow.
While I still care somewhat of distro differences for functional reasons, I completely agree that DE's are the most important part in terms of user experience.
Both my machines use KDE, and while they run two different distros, they look and feel pretty much the same since I use a very similar layout on both of them. This, along with file sync through my NAS and similar apps, makes switching from one computer to the other a breeze (pun not intended), despite some differences under the hood.
My distro isn't the best, but it's at least a good starting point: Debian + XFCE.
Was using Ubuntu from about 12.04 through 20.04, but it is getting too snappy and support contract happy for me these days.
Mint Cinnamon.
It's easy, stable and gets out of my way.
I haven't seen the need to dostro hop for years.
I am a debian person but when I tried EndeavourOS i relegated debian to my homeservers only.
Almost 1 year in EndeavourOS, I fucked it up once and was very easy to recover.
Bazzite.
Super easy install and setup. Ready to start installing games at first boot. Just a wonderful OS to use.
Devuan + Trinity Desktop
Moved over there since Debian switched to Sytemd. It is boring, dusty... but it works and stays out of my way.
As with others, I love Debian Stable.
Most packages have sane defaults, and it's so stable. It's true that it sometimes means older software versions, but there's also something to be said for behavior staying the same for two years at a time.
If hardware support is an issue, using the backports repo is really easy - I've been using it on my laptop for almost a year with no problems that don't exist on other distros. If you really need the shiniest new application, Flatpak isn't that bad.
It also feels in a nice position - not so corporate as to not give a darn about its community, but with enough funding and backing the important stuff gets maintained.
I just moved to Debian trixie (soon to be stable) because I needed an upgrade after ~15 years of Gentoo.
I was a proud Gentoo user. I learned a lot about systemd and kernel configuration. Many advances in portage made it possible to find the time to maintain my Gentoo setup. On my laptop I gave up Gentoo even earlier, because updating my system was just too time consuming. I actually learned less and less about the software I was using, because I was trapped in dependency conflict management. The new binary repos did save some compile time, but the actual time sinks are decision for your systems, use flags and the forementioned dependencies.
So, I installed Debian on my main workstation (two days ago). I am already using Debian on on my Raspberry Pis. I did choose a more challenging way using debootstrap, because I want to use systemd-boot, encrypted btrfs and have working hibernation. I am still busy with configuring everything.
One could argue, that I could've used the time on Gentoo to solve my current python_targets_python3_13 issues and do a proper world update. No, this is a future investment. I want the time to configure new stuff, not wait for dependency resolution or waste time solving blocking packages.
The main reason to switch from Gentoo to Debian is being able to install security updates fast without blocking packages in the same slot.
secureblue: Hardened Fedora Atomic and Fedora CoreOS images
Hardened operating system images based on Fedora Atomic Desktop and Fedora CoreOSsecureblue
I love Pop OS because it got me back into Linux after ditching it for windows for the last 10 years, partly to do .net development and partly because I hated the state of Ubuntu/Unity.
As soon as cosmic is stable and easy to install on Nix I'll switch to it.
It's actually quite good so far, been struggling a bit with external monitors, but I don't miss windows
I use Kubuntu. It is defintly not the best Distro. I am just used to it and too lazy to get used to another distro. My days as a distro jumper lie 15 years back...
Tbh though, I might switch to Debian stable whenever Trixie comes out.
It isn't. I'm on PopOS 24.04 Alpha 7 (soon to be Beta 1), because of COSMIC (and because I was having some bugs with Fedora a few months back).
I recently wanted to tinker with a piece of software that wasn't packaged, and I couldn't compile it because of outdated libraries. I could return to Fedora specifically to tinker with it but as an ex-distrohopper, I know it isn't worth the effort.
Even though Fedora or some version of it will likely be my forever distro, I will stick to PopOS for now because I can't be bothered to distrohop and back up months' worth of files, including game saves and a ton of stuff in my Downloads directory.
I use debian cause it just works.
I was a Nix user (more specifically, nix-darwin user) but after being away from the computer for like one year (to study for the university entrance exam), I completely forgot how to use it and resulted in erasing the computer. Nix/NixOS is fun, but it was too complicated for me.
I use Nobara with KDE for my gaming computer, Mint with Cinnamon for pretty much everything else.
Mint is the closest to a "Just Works" experience for me. Cinnamon is rock stable, especially on Mint Debian Edition. I don't remember the last time Cinnamon crashed or had any major bugs for me.
I use Debian for most of my servers, stable and simple. Arch on a junker Thinkpad to test and mess around with new programs and window managers.
Mint Cinnamon is also great
EndeavourOS is the best because.
It's currently on my system and said system hasn't burst into flames yet, so I'm too lazy to change it.
Tumbleweed. Rolling release with automated testing (openQA), snapper properly setup out of the box.
Honestly the entire openSUSE ecosystem. Tumbleweed on my main PC that often has some of the latest hardware, Slowroll on my (Framework) laptop because it's rolling but slower (monthly feature updates, only fixes in-between), and Leap for servers where stability (as in version/compatibility stability, not "it doesn't crash" stability) is appreciated.
openSUSE also comes in atomic flavors for those interested. And it's European should you care.
With all that being said, I don't really care much about what distro I'm using. What I do with it could be replicated with pretty much any distro. For me it's mostly just a means to an end.
- The fricking AUR
- Nothing I don't _actually_ need
- Pacman
- Everything is the latest version available–ALWAYS.
- ArchWiki
Gentoo because it is as stable as Debian, less bloated than Arch, has more packages than Ubuntu, is rolling release, can mix and match stable, testing and unstable on a whim.
Even its one downside, compile times, is now gone if you just choose to use binary packages.
And less stable than Arch, and more bloated than Ubuntu... If that is something you want for whatever reason! It is the most versatile distro in existance because it's literally anything you want it to be - clean and nice, or total chaos. What is there not to love?
Gentoo ❤
Since I mostly use computers for entertainment these days I keep coming back to Bazzite. It’s fast, stable, kept up to date, reliable, and “just works”. I’ve created custom rpm-ostree layers to faff around, but it’s not actually necessary for anything I need.
I used to keep a second Kubuntu Minimal partition around but I realized I just don’t need it. If I wasn’t so happy with Bazzite, I would probably go with openSUSE or Endeavor.
I've been using (X)Ubuntu for ages. I just wanted something that "just works". Tired of too much tinkering and there's plenty of (non commercial) support. Mixing it with i3 as my window manager.
Roast me ;)
For me it's openSUSE Tumbleweed on my Desktops/Laptops and openSuse Leap on my Servers. The killing Feature for me was the propper BTRFS integration with Snapper for seamless rollbacks in case I borked the system in some way.
One "downside" for me is the mix of Gnome Settings and Yast on my Desktop. But I like yast on my servers for managing everything (enabling ports in firewall, network config, enable autoamtic isntall of security updates, etc.).
Also openSuse is not that common, so sometimes it is hard to find a solution if you have a distribution specific question.
Personally never looked to closely into openSuse Build Services (OBS). But I know some people who really like it.
I am using Bluefin, based on Fedora Silverblue. I realized that I was already exclusively using flatpaks for everything except one random app, so I thought why not go all-in?
Haven't had to worry about updates or system breakages since, and it's been great so far.
I used to use Debian Stable, but since doing SysAdmin work I've just become used to the way Fedora / RHEL does things.
I think linux distros are a coinflip on if they like your hardware or not, sometimes it feels like they just don't like you individually as a person.
When I use fedora for example, everything that can go wrong does go wrong. It's in theory not any more complicated than debian, but I've never had good luck keeping a fedora system healthy.
With Debian, usually the best troubleshooting tip I can give people is try installing testing instead of stable. Sometimes the kernel in stable is just too damn old for the hardware you want to install on.
Which Kubernetes is the Smallest? Examining Talos Linux, K3s, K0s, and More - Sidero Labs
Which Kubernetes is the Smallest? Examining Talos Linux, K3s, K0s, and More - Sidero Labs
Lots of projects claim to be the “smallest” or “simplest” Kubernetes, but they never provide data to back it up. Let’s look at how these distributions compare to Talos Linux.Justin Garrison (Sidero Labs)
And obviously their option is the "best". From the conclusion:
Talos Linux is unique. It’s the only option that includes OS management in a purpose-built distribution for running Kubernetes. There’s no compromise for scaling up or down. In terms of small-scale numbers, it “wins” in several of the examined categories, including memory usage, disk r/w, and installation size. But all of these metrics are side effects of Talos Linux’s defining characteristic: It’s simple.
You could try mine, SimpleK8s (kubeadm, containerd, systemd, buildroot), ~50Mb single file (kernel+initramfs).
simplek8s.org/
The current footprint is lower than every alternatives commented on this article.
I find this comparison unfair becuase k3s is a much more batteries included distro than the others, coming with an ingress controller (traefik) and a few other services not in talos or k0s.
But I do think Talos will end up the lighest overall because Talos is not just a k8s distro, but also a extremely stripped down linux distro. They don’t use systemd to start k8s, they have their own tiny init system.
It should be noted that Sidero Labs is the creator of Talos Linux, which another commenter pointed out.
I've been looking at K3s deployed on FCOS, but I have no clue how I'm supposed to use Terraform to deploy FCOS.
My understanding is that FCOS is supposed to be ephemeral and re-deployed every so often, which would imply the use of a hypervisor like Proxmox on the host, but Proxmox does not play well with Terraform.
I also considered OpenStack, but it's way over my head. I have a very simple single-node Kubernetes setup to deploy using GitOps, and nothing seems to fit the bill.
Is the Trinity Desktop Environment Secure?
So, a while back I installed Xfce with Chicago95, but was disappointed. Xfce just doesn't vibe with me, and a strict emulation of Windows95 is not really what I wanted, I just wanted something that "felt" that classic.
So I was gonna give up and just use KDE, until I saw TDE. I think TDE is probably what I'm looking for but I'm concerned about using anything so minor because security.
It TDE secure (for personal use)?
Can a DE even be insecure, or are they all generally as secure as each-other as long as you follow the rules (trustworthy software, closed firewall, install patches fast, and disaster recovery plans)?
What vulnerabilities can a desktop environment even have (edit)?
It appears to be maintained, which is a point in its favour.
You could send them a message on their mailing list and ask the question.
It's good that it looks to be still maintained, but I imagine their resources are limited with so little market share and it doesn't look like they have the resources to switch to Wayland (which I assume is more secure).
I'm not sure my noob questions are worthy of asking the devs directly.
That might be true. They have a Mastodon too floss.social/@tde
There are no stupid questions and the attitude of any response would be a good way to judge if using the DE is worth your time.
As one practical example, a malicious program may monitor your key presses to extract your passwords (in web browsers or sudo).
Or it could be taking screenshots behind the scenes and sending that data remotely or to a local AI.
Or turning on your mic and….
So basically they still require arbitrary code execution as a starting point.
Another guy shared this link from Secureblue that goes into thumbnail generation, which can be done programmatically and has been documented in the past as an avenue for infection in Nautilus.
Probably not significantly less secure than Xorg itself, I wouldn't mind using in your place. DE security is usually not a huge problem, if someone can exploit these vulnerabilities usually you are quite bonked.
Remember most of what happens on screen is xorg, the wm is a simply interacting with xorg and other parts of your DE are simple user level programs like the panel etc..
What kind of threats could affect Xorg? I can't imagine anything really exploiting the display manager without arbitrary code execution elsewhere (not that I know anything at all about software security).
I guess the biggest risk is whichever browser I use becoming a Wayland exclusive and not getting updates.
There are no open security bugs against TDE that I'm aware of—if there were, I'd expect them to be fixed in the next release. In my experience, the development team, while not huge, is active and competent.
I've been using TDE since a little while after Gentoo sunsetted KDE3, and I've had no issues. Just make sure your X server is secure—-nolisten and all that stuff—and don't try to use Konqueror as a web browser (it remains an excellent file manager), and you should be fine.
Wayland is "more secure" than X in that it makes less LAN contact by default and tries to sandbox programs from one another to an extent, just in case some future browser exploit that can copy random swathes of your screen tries to screenshot your password manager or something. There are no active exploits against a correctly-configured X server at this time that will magically vanish if you switch to Wayland, as far as I'm aware—it's more future-proofing stuff.
Thanks, that's a very clear response. I guess I basically can use it until X11 stops getting security updates. I wonder whether an X11 vulnerability can trigger a serious vulnerability even if it doesn't get security updates.
No idea what that -nolisten stuff is about. Is that to do with the firewall?
-nolisten is an actual option passed to the X server—your distro may do so by default—to work around a known security issue in some versions. I admit I'd have to look up the details, as it's been a couple of years since that issue was reported. Recent X versions almost certainly have a patch.
That might be a better fit for me. I know KDE has a polish and security I want, I imagine I could make it how I want.
Apparently TDE has lower resource usage, so I wonder if for that reason TDE might be a better fit. Clearly I should get both more experience with KDE and a better idea of what I'm actually looking for.
Before you give up on XFCE and/or Chicago95 - have you replaced the default menu with Whisker Menu? For me, Whisker Menu is a must-have for any sane XFCE user. When I used it with Chicago95, I found I could have a Windows 7 style interface with Windows 95 aesthetics.
Honestly, even if Chicago95 is aesthetically not what you want, I'd recommend trying an alternate theme on XFCE - I currently use modified DesktopPal '97 combined with a pack of Haiku-style icons.
Overall, I'd be interested to know more about your qualms with XFCE and see if customization can help you overcome them. A lot of distros have annoying defaults for XFCE, but I changed a few simple settings and have a desktop I rather enjoy using. It is totally fine if it still isn't the thing for you after any potential discussion, but I just want to make sure you really know what XFCE has to offer before you move on.
I don't really like how I keep accidentally rolling-up the windows in Xfce and how long the settings menu takes to load, I probably had more qualms but I don't remember what they are. It works fine (except for some aspects of Chicago95), but it feels outdated in a bad way rather than good way. Part of it is probably my crummy laptop with broken CTRL keys and incompatible bluetooth.
DesktopPal '97 seems really cool, but right now my top priority is switching to KDE Plasma 6 with custom themes and seeing how that goes.
What do you mean by "window roll-up"?
Also, the settings menu thing is weird - mine takes less than a second to load, and I'm on a machine with a 7 year old processor at this point. I almost worry that if that takes a long time KDE will be more miserable performance-wise, unless you've already tried it on here.
By the way, what distro and XFCE version are you running - just for good measure.
The outdated sentiment is probably based, honestly. I think it's gotten better, but there are rough edges. In the end, do what works for you.
Roll up is when you scroll-up while hovering over the title bar and everything except the title-bar disappears. In the image monovergent provided the title bar is highlighted in red.
I use Linux Mint with Xfce. Gonna change to OpenSUSE once I can be bothered distro-hopping.
EDIT: Specifically it's the Font Settings that take forever to load, not all of the settings menu.
Oh yeh. The font menu is crap. I can’t argue with that.
It’s one of those mysterious annoying things that’s up there with the GTK file picker in some apps taking 10 seconds to load.
But I also don’t change fonts that often. Still, that has much room for improvement.
Window roll-up can be disabled under Window Manager Tweaks > Accessibility > Use mouse wheel on title bar to roll up the window
Getting the bitmap font right goes a long way towards making the theme much more cohesive: github.com/grassmunk/Chicago95…
If you decide to return to any GTK-based desktop environments, I'd suggest trying out the GTK3 port of the Raleigh theme (github.com/thesquash/gtk-theme…). It's a much less involved install compared to Chicago 95 but gets you most of the look-and-feel.
The Whisker menu properties menu also has settings to make it fit the Windows 95 style a bit better. Here's how it could look:
GitHub - thesquash/gtk-theme-raleigh: A GTK+ 3 version of the old Raleigh theme for GTK+ 2
A GTK+ 3 version of the old Raleigh theme for GTK+ 2 - thesquash/gtk-theme-raleighGitHub
I made the changes, and it's slightly better but I think the main issue is my bad laptop and the negative association I have with Xfce as a result (since Xfce was what I was interacting with).
Raleigh isn't really my style. Too many lines. Plus I've decide I'll switch to themed KDE (and probably FreeBSD with TDE on one device).
The theme in the image you sent is really nice. Beige makes it feel more classic, and the red title-bar is far less jarring than a blue one is in 2025.
As far as the TDE devs know, there haven't been any issues resulting in a user getting hacked, they've modernized the underlying code, and actively patch any reported vulnerabilities: redlib.tiekoetter.com/r/linuxq…
That said, it is still a niche codebase with a small team, so they might not have the resources to be so proactive against theoretical vulnerabilities as a project like KDE or GNOME with Wayland. If you're being targeted, TDE would certainly be a shiny attack surface, but otherwise, I don't really see why a hacking group would go for something as niche as TDE. There's a tradeoff, like the one I take with X11 because I refuse to give up my XFCE+Chicago95 setup for an arguably more secure Wayland setup.
Most of the issues of a desktop environment just come down to there being more code and therefore a larger attack surface. Lots of widgets, obscure processes, and nooks and crannies to hide malicious stuff too. And legacy code with expansive privileges from the days before security was as much of a concern. While not Linux, it is analogous with security being a big part of why Microsoft released Server Core, which stripped out much of the GUI.
An extreme case, I also know of a someone who used Windows XP to do rather important work on the internet until around 2020. Only thing that stopped them were websites getting too bloated to load on their computer. But they did follow the basic rules as you mentioned and seemed to be just fine.
Is Q4OS/Trinity Desktop Environment inherently insecure to use on a 'main' computer? - r/linuxquestions
View on Redlib, an alternative private front-end to Reddit.redlib.tiekoetter.com
I guess it all comes down to the security of X11, and also whether X11 could even be exploited without arbitrary code execution though Anki or Firefox or Steam Chat or something. At which point no sane hacker would waste such an exploit on X11 that's rapidly becoming defunct.
An extreme case, I also know of a someone who used Windows XP to do rather important work on the internet until around 2020.. But they did follow the basic rules as you mentioned and seemed to be just fine.
I think they skipped the third rule, install patches fast.
It TDE secure (for personal use)?
Depends on your threat modeling. Though, unfortunately, none of the DEs/WMs on Linux offer perfect security; this even applies to a hardened distro like secureblue.
So, practically-speaking, it probably ain't great. But we aren't used to great anyways 😅.
Oh damn, so just viewing a file in your file manager is enough to get infected in an insecure desktop environment, as thumbnails can be generated programmatically? If I clicked a bad link that would 100% infect my system.
I'm not worried too much about screen-capture. I'm worried first and foremost about triggering any arbitrary code execution and thumbnail generation on a file would definitely do it.
aksdb
in reply to Nico198X • • •Nico198X
in reply to aksdb • • •aksdb
in reply to Nico198X • • •I think you won't regret it. If the container startup installs stuff, you might lock yourself out when the remote server has issues, your network has issues, or if the package you install changes due to an update.
With it baked into an image, you have reproducible results. If you build a new image and it doesn't work anymore, you can immediately switch back to the old one and figure out the issue without pressure.
Nico198X
in reply to aksdb • • •