I have tried with a couple myself and come to the conclusion that right now you’re probably better off buying an android tablet, putting a de-googled version of android on it and running termux if you need Linux on it
An overarching principle of security is that of minimum privilege: everything (every process, every person) should have the minimum privileges it needs to do what it does, and where possible, that privilege should be explicitly granted temporarily and then dropped.
This means that any issue: a security breach or a mistake can’t access or break anything except whatever the component or person who had the issue could access or break, and that that access is minimal.
Suppose that you hit a page which exploits the https://www.hkcert.org/security-bulletin/mozilla-firefox-remote-code-execution-vulnerability_20230913 vulnerability in Firefox, or one like it, allowing remote code execution. If Firefox is running as root, the remote attacker now completely controls that machine. If you have SSH keys to other servers on there, they are all compromised. Your personal data could be encrypted for ransom. Anything that server manages, such as a TV or smart home equipment, could be manipulated arbitrarily, and possibly destroyed.
The same is true for any piece of software you use, because this is a general principle. Most distributions I believe don’t let you ssh in as root for that reason.
In short: don’t log in to anything as root; log in as a regular user and use sudo to temporarily perform administrator actions.
P.S. your description of the situation shows you don’t know the nature of vulnerabilities and security - if you’re running servers then this is something you should learn more about in short order.
I am also thinking about making my own image based on silverblue. there is a video made by bigpod a youtuber about how to make your own custom ublue image
Personally, as a gamer, I use Bazzite, but recently I’ve rebased to a fork of it with my own customisations, and it’s been amazing.
Distrobox > Toolbox btw. Both use podman behind the scenes but Distrobox is a bit more easier to use/fleshed out for desktop usage (eg makes it easy to export/integrate container apps with your the host).
I’d also recommend checking out Nix for installing any packages not on Flatpak or your Distrobox distro, as Nix has its own advantages since it’s you’re running real application binaries directly on your host OS, instead of an exported script (as in the case of Distrobox), so you get better/direct access to system resources and won’t face some of the quirks/bugs you may get from running a containerised app.
My fave too as it’s closest to foobar, critically with the tagging interface I prefer. Have you added any additional plugins to your install? I tried adding a few (music library, Discord Rich Presence) but must be the right sort of stupid not to understand the instructions. facepalm
Timeshift. It has an easy to understand GUI that doesn’t really need much of an intro: You create snapshots of your system files and configs that can be restored if/when you bungle it up.
Timeshift works best if you use BTRFS for your root partition because snapshots can be taken instantly. I have mine setup to automatically take a snapshot every day.
There are many approaches, depending on what broke. In my case the system was fine, just xorg being completely borked. So I logged into the console and fixed it.
If regular console doesn’t work, something really went bad during boot, for which there’s single-user mode which is kind of similar to safe mode from Windows 98 (I’m sure there’s something similar in newer windows versions).
And of that doesn’t work, there’s the minimalistic rescue shell.
And if that doesn’t work, you can boot from a USB or some other external media and try to fix your system from that, maybe even using chroot to use the system somewhat normally.
Why does Timeshift only support btrfs? Is it just a lack of developers? LVM supports snapshots too, even if you’re just using ext4. ZFS supports snapshots too.
I am but a simple man. All my music is FLAC. It is arranged neatly in folders. I just want to select an album to play. I do not need album covers, playlists, search, streaming, tags, lyrics, analyzers, or scrobbling.
linux
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.