For a one-stop-solution for all your problems related to package X not being available in the repos of distro Y; consider the more than excellent https://github.com/89luca89/distrobox.
You should probably start with this one as the others might be less intuitive to you at the moment. Furthermore, their use-cases and thus why one might prefer the others over Lutris in the first place might not be clear currently and not even be stuff you worry about in the first place.
In general, linuxes autodetect all hardware, but do not automount all filesystems. This is intended. It is a matter of configuration, and so the different distros have different tastes regarding this topic.
You already use an arch container that has access to the AUR, which has literally every package, available on linux.
Also, if anything, flatpaks are THE official (universal) packaging format for Linux, it’s the most widely adopted and most well integrated of the universal packaging formats. I’m not saying that homebrew is bad, just why bother with it when you’ve got 100 other packaging formats that are all better…
if anything, flatpaks are THE official (universal) packaging format for Linux
I don’t deny that, I make good use of a ton of flatpaks on my system. I also believe that it’s the best we have. And I would literally switch to Brave as a flatpak if it would satisfy the following:
Be official and thus maintained by Brave itself.
Not having to forego its own more powerful sandbox due to (hopefully) current restrictions of Flatpak. Yes, you read that correctly; while flatpaks are arguably the safest way to consume most applications, this doesn’t apply to apps that actually have stronger sandboxes which had to be ‘slimmed down’ when packaged as a flatpak. Thus, currently, for maximum protection, one simply can’t rely on flatpaks for their Chromium-based browsers. If you choose to do so and it has worked out for you wonderfully; that’s awesome, I’ve been there and enjoyed the experience as well. But, I can’t justify it for myself any longer.
Never implied that anyways. Official merely ensures that the amount of trusted parties can be minimized.
Bubblewrap is not insecure.
Bubblewrap, when properly applied is indeed excellent; perhaps the best utility to sandbox applications on Linux. I’m thankful that flatpaks makes use of bubblewrap, namespaces and seccomp to offer relatively safe/secure apps/binaries, I’m unaware of any other ‘(universal) package manager’ within the Linux-space that offers similar feats in that regard. Unfortunately, Chromium-based browsers just happen to have an even stronger sandbox -if properly configured- than flatpaks are currently capable of.
Okay true. I am not so much into this Browser sandbox thing and dont really get it. Its a different way than bubblewrap, as from Firefox RPM for example I can open any file and save anywhere. But its process isolation right?
as from Firefox RPM for example I can open any file and save anywhere. But its process isolation right?
For Firefox, the verdict on its native sandbox vs Flatpak’s native sandbox doesn’t seem conclusive. With -assumingly- knowledgeable peeps on both sides of the argument, which indeed does raise the question how knowledgeable they actually are. Nonetheless, for myself, I’ve accepted Flatpak’s sandbox to not be inferior to Firefox’ native one. Thus, I don’t see any problem with using its flatpak.
Apart from having all the nice KDE integration and things like Keepass integration, Fido2 keys, drag and drop and some more things…
Also afaik the Fedora Firefox has a good SELinux profile and it runs damn fast. I did a speed test and it was best, along with Mozillas all-together-binary.
I’m a sucker for GNOME :P , but I’ll keep it in mind.
things like Keepass integration
The flatpak does allow integration, but isn’t built-in unfortunately; so one has to fiddle a bit themselves to set it up.
Fido2 keys
I should rely more on those. Do you have any recommendations? I’ve been hearing good things about Nitropad and Yubico, but I honestly don’t know if they’re actually good and how they would fare amongst eachother.
drag and drop
Overrated anyways /s :P .
Also afaik the Fedora Firefox has a good SELinux profile
It’s probably better configured with the native package than the flatpak one indeed. I wonder if this will change as Fedora is interested to ship Firefox as a flatpak by default on Silverblue (and variants).
it runs damn fast. I did a speed test and it was best
I haven’t had the best internet speeds since I’ve been relying on free VPN. But that’s on me :P .
Fedora packages a Flatpak Firefox themselves, based off the RPM. So its good too, but lacks codecs with currently no way to enable them so yeah. They would need am extension of some sort hosted on Flathub. So simply using Firefox Flatpak from Flathub makes more sense.
I got a Nitrokey for Heads but for some reason it never arrived? I can say these things are very expensive. And Heads uses PGP and not others.
I rely on flatpaks for all non-firefox browsers and haven’t had any issues with them, I’ve used the brave flatpaks specifically for almost a year now and no issues…
If you choose to do so and it has worked out for you wonderfully; that’s awesome, I’ve been there and enjoyed the experience as well. But, I can’t justify it for myself any longer.
If you meant something else, then please feel free to correct me.
I am thankful that zypak exists so that Chromium-based browsers and Electron apps don’t have to explicitly flag –no-sandbox to continue functioning. However, it doesn’t undermine the fact that native Chromium’s sandbox is more powerful than Flatpak’s sandbox. As such, if one desires security, then one should gravitate towards the native installed one.
Unfortunately, you didn’t -to my knowledge- support nor retract your claim on Chromium using flatpak sub-sandboxes. Therefore, I find it hard to continue taking your words at face value.
I have enjoyed these interactions, so don’t get me wrong; but if I (possibly) catch you on spreading misinformation (even if unintentional), then I find it hard to keep engagement up as there’s no guarantee that anything else coming from you is actually correct.
I would love to be corrected on this though, so please feel free if I have misunderstood you or anything else that would revive this conversation. If not, then I would still like to thank you from the bottom of my heart for this friendly interaction we’ve had. Take care!
I linked the source but sure, I’ll link it more for you.
I am aware, but the same source seemingly contradicted your point^[1]^ regarding sub-sandboxing.
Wow, thanks a lot for the work you’ve put into this! It might take some time for me to go through this, but I’ll definitely take a look and perhaps I’ll return on this at a later point. Perhaps with this I will finally be able to install my Chromium-based browsers as a flatpak and don’t feel bad about it.
Once again, your engagement has been much appreciated! So please feel free to let me know if I can buy you a coffee or something 😊! Unfortunately, statements like “Thank you so much!” don’t quite capture the sheer magnitude of gratitude I feel towards you right now. For whatever it’s worth; I salute you, good human.
“It lets Chromium use flatpak sub-sandboxes” that you expressed in this comment.
The comment on there is odd, I’m not even sure what that issue is referring to. Not much exciting happened in that release for new features but there were subsandbox security fixes github.com/flatpak/flatpak/…/1.10.8...1.12.0
In general its not about the CPU or GPU. Even Nvidia works kinda okay on some Devices, at least according to Nick from TheLinuxExperiment. Some apps like Davinciresolve require it, and cuda is also only supported on Nvidia. Mobile AMD graphics are kinda underpowered for some tasks.
Its more about weird hardware that isnt supported, Fingerprint readers, even keyboards going into some weird hibernation and you need to hard reset the PC as you cant control it anymore (Acer swift). Some devices like Microsoft Surfaces need a custom kernel.
Lots ot refurbished business laptops like the Lenovo T series, HP or Dell business series works well, as they also dont have weird components.
Check linux-hardware.org and if you have a running laptop, install their HWprobe and run it, to share that your laptop is working. With comments you can add what is really working etc.
Personally I would also care about Coreboot. Checkout Novacuston (EU) or System76 or Starlabs, they have Coreboot laptops. I mean, installing Linux on some laptop with a proprietary garbage Bios that doesnt get updates (!!!) anymore is pretty hypocritical. Coreboot is awesome but rare, its awesome that there are some companies and people making it run on new hardware, so I would check those out.
good advice, thank you! oh ok, so since im on a budget and i’ll likely be buying refurbed or used, it’ll likely be an older machine. would older computers but from the good companies mentioned still be capable of running newer versions/kernels of distros?
Welcome to Linux! Every hardware runs everything. Its not Mac or Android. Old Devices work always, as the drivers already exist. Only reeeally old stuff gets thrown out of the kernel.
Thinkpad T430’s have a pretty high price on Ebay currently, I have one and its a great laptop, nice keyboard, Coreboot/Heads/Libreboot/1vyrain custom BIOS all run. But it is a really old Laptop.
Bought a Clevo MZ41 on Ebay, will attempt to flash coreboot. Was not pricey too.
Try Thinkpads, Dell, Hp. Normally older Acer or Asus too. If you find a laptop with
good 1080p display
good keyboard in your language/ you dont care about stickers
good battery life
everything normal broken, not completely old
Just search for “Linux MODEL” and you will probably find some reports.
For new hardware you want a recent Distro, Fedora (try Kinoite! ublue.it), OpenSuse Tumbleweed (try Kalpa) or EndeavorOS for easy Arch, are all good. Maybe avoid ubuntu, or use something like PopOS or TuxedoOS, which are better versions of Ubuntu, with newer packages and less annoying crap like Snap.
I am not sure if you already use Linux, but some general tips:
try to use Flatpaks from Flathub as much as possible. They are already often officially supported and have less bugs. Also the apps are isolated from your system, so they are more up to date, dont break your system, keep system upgrades small, and they have privacy advantages
use a Distro that supports Wayland very well. X11 is stupidly old and will be completely unsupported in a few years. Its already dead since a few years, as nothing changes.
try an “immutable”, image based Distribution like Fedora Atomic (Kinoite (KDE), Silverblue (Gnome)) or Opensuse Kalpa (KDE) or Aeon (Gnome). They are simply modern, stable, resettable and your changes are transparent.
if you want to do any crazy stuff like code, install apps with many dependencies, do it in a Distrobox. You can install apps normally, but they are still not bloating your system. If you dont need them, delete the Distrobox and your system is clean again. This goes especially for strange University etc. software that needs to be installed with some script or something.
use a root Distrobox if you need things like USB
use fish as your normal shell, simply by editing the Terminals “open command”. That way your shell in the Distroboxes has a different configuration, fish looks nice and colorful and has stuff like autocompletion.
do backups of your system and your data. Just do that always, on an extra drive. It saves so much horror of losing everything, if a drive breaks or your laptop gets stolen or whatever. If you want Cloud backups, use Cryptomator and any cloud you want.
use Syncthing, maybe disable global discovery for LAN only, for syncing your data between two or more specific devices.
use soundbound, SoundCloud Downloader (Firefox Addon) and youtube downloaders as long as they work. Download all of your music to not be dependend on those companies
try waydroid for Android apps on Linux. Use F-Droid basic as the application store, and check for “list of f-droid repositories” and add some.
Wow, I truly appreciate this response. So i’ve been using Linux for a decade and know a “fair” amount, never made it a goal to learn the ins and outs, though I am now. So I hear business laptops make great linux machines. My main question is, most of the computers within my budget that are “known” to be decent linux machines are very old. Are they capable of still keeping up with all the newest and latest versions of distros? or are you stuck on older models just because the nature of the device being older?
Rule of thumb, avoid intel generations younger than 7-8 and avoid i3, on AMD I am not sure but probably the same. Avoid weird cheap brands you never heard, chances are huge that nobody cared to support every hardware piece of them.
Best are noname OEMs like Tongfang and Clevo, if you get those, chances are very good and they are cheaper.
Also a little reminder from debloating a Windows “Gaming laptop” today. Windows doesnt support shit, its the manufacturers making the hardware work by bloating the system with horrible software.
No, these OEMs are noname but not cheap. They are noname because they produce PCs sold under different Brand names. Many Linux Laptops use Tongfang or Clevo hardware, put some branding on there and custom parts and thats it.
Aha I see! thanks for the info. I think i’m going thinkpad though, just gotta decide which model. they are incredibly cheap! especially for what you get
My first flavour was Red Hat back in the late 90s. It's a shame I didn't give it more of a go back then. Then Mint for a couple of years in the earlyish 2010s before finally settling on Arch where I've been for almost a decade now.
Old thinkpads are the golden standard of Linux compatible laptops, far superior build quality compared to the crap they put out today. Cheap and durable, if a little outdated in specs. TLP is a popular battery management tool that have specific built integration with thinkpads. I managed to snag a couple thinkpads through FB marketplace pre covid for under 200$ each, my daily driver being a t460 made in 2015. i7 quad core processor, 16gb ram, its weakest link is the Intel onboard GPU. The newer thinkpads let you use thunderbolt 3.0 to plug in an external GPU but there’s a trade off between how new a thinkpad is and its build quality. The old ones could be used as body armor plates and probably stop a 50 cal bullet and boot up fine afterwards, the new ones not much
so what i’ve been doing is finding various models through the generations and researching their cpu’s and oddly enough, nearly every one i’ve put in has had subpar ratings or rankings… idk if that really matters or not
It depends on what you expect your laptop to do. 8gb ram and a 2.4ghz i5 quad core processor is acceptable for almost any computing task out side of playing heavier load video games or specialty IT stuff like LLMs or cryptomining. If your main concern is video games go with the base model steam deck. Also, when you go check out listing for used think pads you will find they contain wildly different specs even if they are the same series. This is because the companies that bought them new X years ago spend some sweet corporate cash on decking them out with the at-the-time highest end options ordered custom from lenovo, and then they throw them in the literal trash a decade later. Some people who dig them out and resell on facebook don’t know a thing about computers and think they are only worth the base options used price.
Glad to have helped you out. Whatever you decide to get, I highly recommend you give Linux Mint a try next. I started with ubuntu, went to mint and haven’t looked back since. Its been my daily driver for half a decade now and has worked absolutely perfectly with every laptop and desktop ive ever owned. My elderly parents use mint without issue every day.
A quick cheat sheet for understanding computer spec lingo:
Ram:
4gb = bare minimum
8gb = pretty good
16gb = awesome
Intel CPU cores:
duo/two cores = bare minimum
quad core/four cores = pretty good, most common
more = awesome
Intel CPU processor
i3 = bare minimum
i5 = pretty good
i7 = awesome
Intel CPU processing speed measured in gigahertz ghz
2.x ghz = average
3.x ghz = awesome
hard drive
HDD = Slower and more limited lifespan but ok, tends to be higher storage space than SSD for cheaper
SSD = Faster and much longer lifespan, usually only goes up to 256GB but its possible to find 512GB. More expensive than HHDs
Harddrive Storage Space
100GB = bare minimum
256GB = average
512GB = pretty good
1TB = Awesome
Upgrading
You can have a computer shop upgrade harddrives to a multi terabyte SSD as well as replace the batteries for you if you do your research and provide it for them.
Another big win for thinkpads is theres lots of documentation on upgrading, and you can order official parts right from lenovo vendors through their website Which is huge for replacing batteries when they degrade to the point of annoyance. Thinkpads have an external battery and an internal one both you can replace to get supposedly about 10 hours of battery life. I get like 3 at this point so I may be considering this option soon. The Linux command TLP can help you get a good estimate on how degraded your batteries are.
linux
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.