this post was submitted on 24 Jul 2024
514 points (97.8% liked)

linuxmemes

21410 readers
834 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     
    you are viewing a single comment's thread
    view the rest of the comments
    [–] PotatoesFall@discuss.tchncs.de 2 points 4 months ago (3 children)

    I'm no expert on this but I'm pretty sure the /etc directory is writeable too for config files, which sadly still allows a user or malware to still bork the system if they get superuser privilege

    [–] fullstackhipster@awful.systems 7 points 4 months ago (2 children)

    I find it hard to imagine a system that is not borkable by a superuser. Maybe it's helpful to think of immutable setups as harder to bork by accident during routine maintenance (e.g. through faulty updates) and more resilient to bad code (through containerization).

    [–] PotatoesFall@discuss.tchncs.de 3 points 4 months ago (1 children)

    good point, that's fair. The reason I think it bears mentioning is that editing configs under /etc/ is totally something we might expect a user to do. So you could follow a tutorial online that is wrong or outdated and with enough bad luck, tada, you bricked your "immutable" system. Or, less dramatic and more likely, something doesn't work as intended anymore and you don't know how to restore to the original config from when you installed.

    [–] fullstackhipster@awful.systems 9 points 4 months ago

    You're right that "immutable" is a bit of a misnomer in that regard, and it's been argued that "atomic" is a more fitting term.

    And I agree that a lot of documentation and how-to-guides don't account for immutable setups (yet?), which can get novice users especially in a lot of trouble.

    Personally, I prefer a declarative system (NixOS) that solves this problem rather cleanly and gives me most benefits of so-called immutable distros as well.