I thought I’ll make this thread for all of you out there who have questions but are afraid to ask them. This is your chance!

I’ll try my best to answer any questions here, but I hope others in the community will contribute too!

  • jack@monero.town
    link
    fedilink
    arrow-up
    11
    ·
    edit-2
    7 months ago

    Why are debian-based systems still so popular for desktop usage? The lack of package updates creates a lot of unnecessary issues which were already fixed by the devs.

    Newer (not bleeding edge) packages have verifiably less issues, e.g. when comparing the packages of a Debian and Fedora distro.

    That’s why I don’t recommend Mint

      • Trainguyrom@reddthat.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 months ago

        Distrobox can be used to install other programs (including GUI apps)

        I need to play around with that sometime. Is it a chroot or a privileged container or is it a sandboxed container with limited access? How’s hardware excelleration in those?

      • jack@monero.town
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        7 months ago

        You should definetely check out Bazzite, it’s based on Fedora Atomic and has Steam on the base image. Image and Flatpak updates are applied automatically in the background, no need to wait for the update on next boot. Media codecs and necessary drivers are installed by default.

        The Bazzite image also directly consists of the upstream Fedora Atomic image, just with quality of life changes added and optimized for gaming

    • wolf@lemmy.zip
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      7 months ago

      Debian desktop user here, and I would happily switch to RHEL on the desktop.

      I fully agree, outdated packages can be very annoying (running a netbook with disabled WIFI sleep mode right now, and no, backported kernel/firmware don’t solve my problem.)

      For some years, I used Fedora (and I still love the community and have high respect for it).

      Fedora simply does not work for me:

      • Updated packages can/did break compatibility for stuff I need to get stuff done. Fine if Linux is your hobby, not acceptable if you need to deliver something
      • In the industry, many times not the last recent packages of development environments are used (if you are lucky, you are only a few months or years behind), so having the most recent packages in Fedora helps me exactly zero
      • With Debians 2 years release cycle (and more years of support), I can upgrade to the next version when it is appropriate for me (= 1-2 days when there is a slow week and the worst bugs have been found already)
      • My setup/desktop is heavily customized and fully automated via IaC, no motivation to tweak this stuff constantly (rolling) or every 6-12 months (Fedora)
      • From time to time I have to use software packages from 3rd parties, with Fedora, I might be one update way from breaking this software packages because of version incompatibilities (yes, I might pin a version of something to use a 3rd party software, but this might break Fedora updates (direct and transitive dependencies)
      • I once had a cheap netbook for travel with an infamous chip set bug concerning sleep modes, which would be triggered by some kernels. You can imagine how it is to run Fedora, when you get often Kernel updates and the bug will be triggered or not after double digit numbers of minutes of work.

      Of course, I could now start playing around with containerizing everything I need for work somehow and run something like Silverblue, perhaps I might do it someday, but then I would again need to update my IaC every 6-12months, would have to take care of overlays AND containers etc…

      When people go ‘rolling’ or ‘Fedora’, they simply choose a different set of problems. I am happy we have choice and I can choose the trouble I have to life with.

      On a more positive note: This also shows how far Linux has come along, I always play around with the latest/BETA Fedora Gnome/KDE images in a VM, and seriously don’t feel I am missing anything in Debian stable.

    • AMDIsOurLord@lemmy.ml
      link
      fedilink
      arrow-up
      6
      ·
      7 months ago

      Debian systems are verified to work properly without subtle config breakages. You can run Debian practically unattended for a decade and it’s chug along. For people who prefer their device to actually work, and not just be a maintenance princess, it’s ideal.

      • jack@monero.town
        link
        fedilink
        arrow-up
        3
        ·
        7 months ago

        Okay, I get that it’s annoying when updates break custom configs. But I assume most newbs don’t want to make custom dotfiles anyways. For those people, having the newest features would be more beneficial, right?

        Linux Mint is advertised to people who generally aren’t willing to customize their system

        • AMDIsOurLord@lemmy.ml
          link
          fedilink
          arrow-up
          5
          ·
          7 months ago

          having a stable base helps. Also, config breakage can happen without user intervention. See Gentoo or Arch’s NOTICE updates

        • Nibodhika@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          7 months ago

          Breaks can happen without user intervention in other distros, there are some safeguards around it, but it happens. Also new users are much more likely to edit their configs because a random guy on the Internet did it than an experienced person who knows what they’re doing, also a lot more likely not to realize that this can break the system during an upgrade.

    • jdnewmil@lemmy.ca
      link
      fedilink
      arrow-up
      5
      ·
      7 months ago

      Noob question?

      You do seem confused though… Debian is both a distribution and a packaging system… the Debian Stable distribution takes a very conservative approach to updating packages, while Debian Sid (unstable) is more up-to-date while being more likely to break. While individual packages may be more stable when fully-updated, other packages that depend on them generally lag and “break” as they need updating to be able to adapt to underlying changes.

      But the whole reason debian-based distros exist is because some people think they can strike a better balance between newness and stability. But it turns out that there is no optimal balance that satifies everyone.

      Mint is a fine distro… but if you don’t like it, that is fine for you too. The only objection I have to your objection is that you seem to be throwing the baby out with the bathwater… the debian packaging system is very robust and is not intrinsically unlikely to be updated.

      • jack@monero.town
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        7 months ago

        Noob question?

        Should I’ve made a new post instead?

        You do seem confused though… Debian is both a distribution and a packaging system…

        Yes, Debian is a popular distro depending on Debian packages. My concern is about the update policy of the distro

        But the whole reason debian-based distros exist is because some people think they can strike a better balance between newness and stability.

        Debian is pure stability, not the balance between stability and newness. If you mean debian-BASED in particular, trying to introduce more newness with custom repos, I don’t think that is a good strategy to get balance. The custom additional repos quickly become too outdated as well. Also, the custom repos can’t account for the outdatedness of every single Debian package.

        you seem to be throwing the baby out with the bathwater… the debian packaging system is very robust and is not intrinsically unlikely to be updated.

        Yes, I don’t understand/approve the philosophy around the update policy of Debian. It doesn’t make sense to me for desktop usage. The technology of the package system however is great and apt is very fast

        • KISSmyOSFeddit@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          7 months ago

          Debian is a balance between stability and newness.
          If you want to see what pure stability looks like, try Slackware.

    • Cyclohexane@lemmy.mlOPM
      link
      fedilink
      arrow-up
      4
      ·
      7 months ago

      Unlike other commenters, I agree with you. Debian based systems are less suitable for desktop use, and imo is one of the reasons newcomers have frequent issues.

      When installing common applications, newcomers tend to follow the windows ways of downloading an installer or a standalone executable from the Internet. They often do not stick with the package manager. This can cause breakage, as debian might expect you to have certain version of programs that are different from what the installer from the Internet expects. A rolling release distro is more likely to have versions that Internet installers expect.

      To answer your question, I believe debian based distros are popular for desktop because they were already popular for server use before Linux desktop were significant.

      • Nibodhika@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        7 months ago

        That’s a bad example, Debian is bad because people use it wrong and it breaks is not a really strong argument, same can be said about every other distro.

        I believe Debian based distros are popular because Ubuntu used to be very beginner friendly back in the early 2000s, while other distros not so much. Then a lot of us started with it, and many never switched or switched and came back.

        • Cyclohexane@lemmy.mlOPM
          link
          fedilink
          arrow-up
          1
          ·
          7 months ago

          Debian is not bad. It is just not suitable for newcomers using it for desktop. I think my arguments hold this stance.

    • LoreleiSankTheShip@lemmy.ml
      link
      fedilink
      English
      arrow-up
      3
      ·
      7 months ago

      As someone not working in IT and not very knowledgeable on the subject, I’ve had way less issues with Manjaro than with Mint, despite reading everywhere that Mint “just works”. Especially with printers.

      • Nibodhika@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        7 months ago

        Yeah, Manjaro just works, until it doesn’t. Don’t get me wrong, I love Manjaro, used it for years, but if it breaks it’s a pain in the ass to fix, and also hard to get help because the Arch community will just reply with “Not Arch, not my problem” even if it’s a generic error, and the Manjaro community is not as prominent.

        I could also mention them letting their SSL certificate expire, which doesn’t inspire a lot of trust, but they haven’t done that in a while.

    • bloodfart@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      7 months ago

      Because people have the opposite experience and outlook from what you wrote.

      I’m one of those people.

      I’m surprised no one brought up the xz thing.

      Debian specifically targeted by complex and nuanced multi prong attack involving social engineering and very good obfuscation. Defeated because stable (12 stable, mind you, not even 11 which is still in lots of use) was so slow that the attack was found in unstable.

      • Cyclohexane@lemmy.mlOPM
        link
        fedilink
        arrow-up
        7
        ·
        7 months ago

        This is not a good argument imo. It was a miracle that xz vulnerability was found so fast, and should not be assumed as standard. The developer had been contributing to the codebase for 2 years, and their code already landed in debian stable iirc. There’s still no certainty that that code had no vulnerabilities. Some vulnerabilities in the past were caught decades after their introduction.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          2
          ·
          7 months ago

          Its not a miracle it is just probability. When you have enough eyes on something you are bound to catch bugs and problems.

          Debian holds back because its primary goal is to be stable, reliable and consistent. It has been around longer that pretty much everything else and it can run for decades without issue. I read a article about a university that still had the original Debian install from the 90’s. It was on newer hardware but they just copied over the files.

          • Cyclohexane@lemmy.mlOPM
            link
            fedilink
            arrow-up
            2
            ·
            7 months ago

            Lots of eyes is not enough. As I mentioned earlier, there are many popular programs found on most machines, and some actually user facing (unlike xz) where vulnerabilities were caught months, years, and sometimes decades later. xz is an exception, not a rule.

        • bloodfart@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          7 months ago

          I was running 12 stable on a machine that had been updated and upgraded in between the time when the backdoor was introduced and when it was discovered. At no point in time did either dpkg query or the self report show that system had the affected 5.6.0(?) version.

          Stable had versions of xz that contained commits from the attacker and has been walked back to before those were made out of an abundance of caution.

          There’s a lot of eyes on that software now and I haven’t seen anyone report that versions between the attacker gaining commit rights and the attacked version were compromised yet, as you said though: that doesn’t mean it isn’t and vulnerabilities have existed for many years without being discovered.

          As to whether it’s a good argument, vulnerabilities have a short lifespan generally. Just hanging back and waiting a little while for something to crop up is usually enough to avoid them. If you don’t believe me, check the nist database.

          I’m gonna sound like a goober here, but the easiest way to not trip is to slow down and look where you’re going.

      • jack@monero.town
        link
        fedilink
        arrow-up
        1
        ·
        7 months ago

        If that is a good tradeoff for you, old/broken packages but more trusted, then that’s okay. Btw, the xz backdoor was found so quickly it didn’t even ship to most distros in use, except for Debian Sid and Arch I think

        • bloodfart@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          7 months ago

          I see it as a fantastic trade off. There are some packages I use that need to be more up to date than stable repos and I either install them from different repos or in a different way.

          And arch never even had the whole backdoor because they built from source and didn’t include the poison pill binary component from the attacker.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      3
      ·
      7 months ago

      I’m not sure what planet you are on but Debian is more stable and secure than anything I have ever tested. Maybe Debian gets a bad rap because of Ubuntu.

      • Cyclohexane@lemmy.mlOPM
        link
        fedilink
        arrow-up
        2
        ·
        7 months ago

        I disagree. Stable, yes. But stable as in unchanging (including bug-for-bug compatibility), which imo is not what most users want. It is what server admins want though. Most newbie desktop users don’t realize this about debian based systems, and is one of the sources of trouble they experience.

        Debian tries to be secure by back porting security fixes, but they just cannot feasibly do this for all software, and last I checked, there were unaddressed vulnerabilities in debian’s version of software that they had not yet backported (and they had been known for a while). I’m happy to look up the source for you if you’re interested.

      • wolf@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Debian is for sure not more secure than most other distributions/operating systems. (Might be true for what you tested).

        Not even mentioning the famous Debian weak SSH key fuck up (ups), Debian is notoriously understaffed to take care of back ports of security patches for everything which is not the kernel/web server/Python etc. (and even there I would not be too sure) and don’t get me started on starting services/opening ports on an apt install etc.