uCore spin of Fedora CoreOS:
https://github.com/ublue-os/ucore
- SELinux
- Supports secure boot
- Immutable root partition (can’t be tampered with)
- Rootless Podman (significantly more secure than Docker)
- Everything runs in containers
- Smart and secure opinionated defaults
- Fedora base is very up-to-date, compared to something like Debian
I do it that way for my kid as she prefers it, and the “normal” way for me, and it is identically easy.
I cannot understand the claim that it’s easier the seed end, it’s just not true.
It’s definitely cleaner doing it the normal way from the bunch end as you never get bits of banana on you if it’s a particularly squishy one.
Bunch end wins for me. Just as easy if not easier and no mess.