Immutability
Problems are easy to work around when there’s relatively little pressure on you to resolve the cause of the problems themselves.
It’s not until something gets an unusually high amount of publicity that it becomes a high priority, even if everyone was aware of the issues beforehand. Because now you have to actually do something about it.
It’s not easy. Accepting that you’ve silently let the issue go, and relied on an extremely volatile system to handle the most important components of your project when you knew it isn’t built to be resilient against even the most trivial of packages.
This isn’t a knock against APT. It’s not a knock against any particular distribution, either. I know this is an issue that goes beyond just one project or two. It’s an issue we have in the Linux space as a collective. Using tools that are exceptionally good at what they do, but follow a very traditional methodology that simply isn’t compatible with the kind of usage to be seen on users’ machines in the normal world.
This is where immutability comes into play. No, this is not something that will solve all of our problems. No, it’s not the silver bullet we’ve all been waiting for. But it is a pretty obvious solution to multiple issues that has been battle tested in some of the world’s most-used operating systems.
It’s simply the notion that your card game or web browser is not as important as your display stack. That no normal application has any reason to be modifying the most critical components of your system when they have absolutely no reason to.
In the meantime, we’ve proposed ways to make our traditional package managers less susceptible to these things by declaring certain packages to be more critical, and put blockers into them getting removed. This is a band-aid, but it’s a start. It shows that we acknowledge the problem, but doesn’t show our commitment to solving it, at least not yet.
I’ve taken to projects like Fedora Silverblue because they implement the kinds of tools that I consider critical in any modern operating system being deployed on user hardware. Immutability is not a word for some fancy tech we just can’t get our heads around… It’s working, in practice, demonstrated both on Linux, as well as systems like macOS, Android, iOS, etc.
It’s not easy to change, though. We’re used to things working in a very specific way, and when we create friction, it upsets users. I can’t say it wouldn’t. Solutions that both users and developers are used to “just working” now come with some workarounds or redirects, but they now pose little or no risk to the underlying operating system, which IMHO is more valuable. Especially when this reduces the amount of hellfire being slung towards the developers of distributions any time something like this could have happened.
It’s the obvious solution, but it’s not the easy one. Which is why I respect Silverblue as a project for dedicating the resources and time to make something like this and iterate on it. It’s something every operating system needs if it’s going to be deployed on user hardware, even if it’s optional.
As with many things… We have the tools. We’re just hesitant to implement them. No one likes change… But change is good. Change is necessary. Now, more than ever.
