I’ll straight up pose the question I asked someone else:

It seems I wasn’t clear as most people misunderstood me.

But, to give a very precise example; say

• I had a folder called ~/some/folder.
• It was on an encrypted drive.
• And I had done additional work to encrypt the folder again.
• And say, I used chattr, chmod or chown or similar utilities that remove access as long as one doesn’t have elevated privileges.
• And say, I had done whatever (additional thing) mentioned in your comment.

Then, what prevents whosoever, to copy that file through cloning the complete disk?

Even if they’re not able to get past the password, it will be found on the cloned disk. SO, basically, I ask for some method that prevents the file to even be copied through a disk clone. I don’t care that it has three passwords protecting it. What I want is for the disk clone (or whatever sophisticated copy/mv/cut or whatsoever utility exists) to somehow fail while trying to attempt the action on the protected files.

The thing with file permissions is that I or root are able to change that. I am looking for a method (if it exists) that somehow bypasses that.

Thank you for your input! It has made me recognize that I should specify that I don’t want this to be system-wide; which was not clear from the post.

What you’re describe in your post is a user who is not confident enough to manage their own machine with the CLI, and is afraid of misplacing files.

I understand why I might have given off that impression. But no worries; I’m a (relatively) seasoned Linux user. I also have no qualms with CLI or whatsoever. It’s a specific set of files that I wish to ‘protect’.

Seems interesting. Got any sources to read up on? Thanks in advance!

Who says I’m not already :P . Got any ideas on how this might be able to specifically solve the problem at hand?

ZSH through the excellent ZSH Quickstart Kit.

Interesting!

So, I guess that at least one of the following ‘transitions’ is ‘blameworthy’: Silverblue -> uBlue Silverblue uBlue Silverblue -> Bluefin-DX Bluefin-DX -> secureblue

I guess I’ll pass out on it for now. Thank you though!

Yeah I noticed that line as well. But, I’m a bit pessimistic that it will not be solved. Btw, what’s the image you’re on?

I’d like to know if it works for you now. I only ran the commands from the post and everything worked ootb

Aight. Let’s give it a go:

Terminal interaction

Well…, for some reason it didn’t work. FWIW, I’m on the bluefin-dx-main-userns-hardened image as provided by secureblue.

Thank you for the response!

Current mode: enforcing

This is pretty interesting. If I recall correctly, installing Nix onto Silverblue came with the caveat that SELinux’ enforcing mode had to be turned off. But, your terminal output tells another story. I wonder what’s up.

FWIW, I had lost interest in installing Nix on Fedora Silverblue for this very reason. However, I might have to revisit my stance on this. Once again, thank you (for reinvigorating my interest in Nix)!

Unfortunate. However, one bad move doesn’t justify dismissing systemd altogether.

Do I wish for s6 and dinit to be competitive with systemd? Absolutely. Do I wish for systemd what PipeWire has been for PulseAudio? Yes, please. Do I wish that distros/DEs would be less reliant on systemd? Hell yeah! (Can I please have an rpm-based distro without systemd?)

But, unfortunately, at least for now, systemd is the most robust and (somehow) most polished init we got. And I’m actually grateful for that.

Until now I used distrobox but I always wondered which distro/ package manager to use. What’s your experience with it?

The answers found below this post resonate with my own experiences.

I do have a question: When you run the sestatus command in the terminal, what string/description is found corresponding to “Current mode”?

Do you mean SecBSD?

Can’t agree more.

I believe Flatpak initially couldn’t and/or didn’t want to do CLI. At some point, it offered some basic functionality; I first noticed it on Bottles. But, it’s pretty dire if no variation of top can be found.

I wouldn’t be surprised if most people are simply unaware that Flatpak can even do CLI. This inevitably also negatively affects its CLI ecosystem.

By default, Fedora Atomic envisions the following in regards to installing packages/software:

• First, try the Flatpak.
• If that doesn’t work, use Toolbx(/Distrobox).
• If all else fails, resort to rpm-ostree.

This works pretty fine, but isn’t perfect:

• Flatpak has become pretty good for software with a GUI. However, while it can do CLI, it’s underutilized.
• Toolbx/Distrobox has its merits, but not everyone enjoys consuming CLI through containers.
• Besides the fact that installing all your CLI tools through rpm-ostree will seriously impact how fast you can update your system, it also requires you to (soft-)reboot. This can be pretty cumbersome, especially if you’re in flow.

Thus, the situation around CLI on Fedora Atomic became a sore to the eyes. Within the community, there were multiple attempts to tackle this problem:

• Nix; For some time, this was the perfect solution. Unfortunately, in its current iteration, installing Nix on Fedora Atomic requires SELinux’ enforcing mode to be turned off. As turning enforcing mode off is unacceptable for uBlue’s maintainers, this was eventually dismissed.
• Better tooling around Toolbx/Distrobox; There have been made some efforts in this regard, perhaps most notably Ptyxis. But, we’re not there yet. Though, some are hopeful of what podmansh will bring to the table.
• Homebrew; It behaves as any other package manager used for installing packages from the repository on any Linux distro out there. Except, in this case, it’s exclusively utilized for CLI. Currently, it’s simply the most straightforward in use. You just have to teach people to replace their apt/dnf/ pacman with flatpak (for GUI) and brew (for CLI). Furthermore, it comes with a big and healthy repository. Finally, it utilizes technologies related to the ones found on Fedora Atomic.
• systemd-sysext; This has only very recently been added to systemd. I wouldn’t be surprised if this will play a prominent role going forward. Though, I’m unsure if CLI will benefit most of it.

Thank you for the response!

the wikipedia linux article with the linux development tree

Aight. Understood. Therefore your interest is still pretty juvenile. Thus, I recommend you to either install FreeBSD on a device to revert right away or dismiss the thought of FreeBSD for the foreseeable future.

I have no idea

Aight. It will be (on average) (a bit) more troublesome until you’re past the learning curve. Which is steeper and broader than the one found on Debian/Mint/Ubuntu.

So, all in all, I would forego going for FreeBSD for the time being. Thank me later.

what linux OS should I install on a backup notebook if my main one is debian?

It depends:

• If your backup notebook will only rarely be used, then just make it Debian as well. I can’t think of a reason why you’d make it harder on yourself for those spare times you’d have to rely on the backup notebook. (As a side note, if your main system was on a rolling release (like e.g. Arch), then there would be merit in going for a different (i.e. more stable^[1]) distro (like e.g. Debian Stable) on the rarely used backup. This is tied to the fact that rolling release distros somewhat require you to update every so often for proper functioning. This hassle is simply absent on distros like Debian Stable etc.)
• However, if the backup notebook will be used as a second system of sorts for all kinds of needs and does not have to be reliable per say, then please be my guest and quench your distrohopping thirst to your hearts content.

Install linux mint, so I get ubuntu but without them throwing their subscription services down my throat.

Linux Mint does indeed provide you some Ubuntu goodies without its associated negatives. But, perhaps it’s worth mentioning LMDE; i.e. Linux Mint Debian Edition.

I’m unsure about other advantages

Linux Mint does a lot of heavy lifting to provide a seamless and polished experience. This does come with being more opinionated than either Debian or Ubuntu is. However, one might argue that they’re just offering the bare minimum that your average Linux user would want on their systems anyway. Hence, it’s unsurprising that Linux Mint has become the go-to distro for many newbie and veteran Linux users alike. You don’t know what you’re missing if you’re unsure of other advantages…

maybe the more frequent program updates? Kernels are also updated more often than with debian as far as I know.

FWIW, Debian also has its testing and unstable releases.

Do you know of other advantages?

As has been previously alluded, Debian is pretty bare-bones compared to Linux Mint. So, if you’re mostly interested in setting up things exactly as you’d want to, then you should go for Debian and build it up as you go. However, if you’re more in favor of sane and opinionated (albeit bloated to some) defaults, then Linux Mint takes the cake. Ultimately, you’d have to experience it for yourself and come to your own conclusions.

Go for FreeBSD

😅

this might require a learning curve, because this is an OS I’ve never used.

Yup.

Are commands that different from debian?

Debian (and its commands) are more similar to Arch, Fedora or any Linux distro for that matter than it is to FreeBSD. Like, it’s a pretty significant departure. And one, I’d argue, you’re simply not equipped for (yet).

Overall, I think making the move to FreeBSD doesn’t seem like the logical next move for ya. Its ecosystem (unfortunately) is a lot less developed compared to Linux. And while there are definitely some pros and cons to it, I just can’t fathom why your average user would use it without properly knowing what they’re getting into and why they’re deliberately and consciously making that choice. If you allow me, may I ask you where this interest to FreeBSD stems from?

other more niche linux OSs seem too much a hassle and I guess won’t be as supported as the main ones.

Do Arch, Fedora or openSUSE (to name a few) fall under “other more niche linux OSs”? Furthermore, do you think that FreeBSD will be less of a hassle compared to “other more niche linux OSs”?

1. The term “stable” is used here to mean slow cadence of change which manifests most commonly as little to no updates in-between point releases. These point-releases occur annually/biennially and come with big updates/changes. As you might expect, a distro with a release cycle as such comes with the added benefit that (little to) no breakage should occur until the next point release. Hence, these distros are (rightfully) associated with providing reliable and robust experiences. Though, this does not mean that they have a monopoly on this. When used responsibly, all (if not most) mainstream/popular distros are able to provide reliability and robustness.–