Fedora Silverblue is using a very interesting feature. OSTree. This makes the operating system root filesystem read-only and the addition of software to the core operating system is something that can be rolled back at any time. This is rather like a Github repository. The underlying root filesystem is immutable and only the changes layered on top are what the user is worried about. But as I said, this is something that can be undone at any time. Software installation mostly uses Flatpak instead of dnf or yum. But this would be a very good Linux system to learn on and experiment. The ostree utility is used to manage all filesystem snapshots and create and delete deployment snapshots.
The ostree admin command.
[jason@localhost ~]$ ostree admin Usage: ostree admin [OPTION…] --print-current-dir|COMMAND Commands for managing a host system booted with ostree Builtin "admin" Commands: cleanup Delete untagged deployments and repository objects config-diff Diff current /etc configuration versus default deploy Checkout revision REFSPEC as the new default deployment init-fs Initialize a root filesystem os-init Initialize empty state for given operating system pin Change the "pinning" state of a deployment set-origin Set Origin and create a new origin file status List deployments switch Construct new tree from REFSPEC and deploy it undeploy Delete deployment INDEX unlock Make the current deployment mutable (as a hotfix or development) upgrade Construct new tree from current origin and deploy it, if it changed Help Options: -h, --help Show help options Application Options: --sysroot=PATH Create a new OSTree sysroot at PATH -v, --verbose Print debug information during command processing --version Print version information and exit |
Listing the current deployments on my system.
[jason@localhost ~]$ ostree admin status * fedora 208db1b2863eb85b15a756a70bc469ba4704fba07b337771a0889c2338f39f2e.0 Version: 32.20200915.0 origin refspec: fedora:fedora/32/x86_64/silverblue GPG: Signature made Wed 16 Sep 2020 01:46:18 using RSA key ID 6C13026D12C944D0 GPG: Good signature from "Fedora <[email protected]>" fedora 610b0f9be3141c79f19a65800f89746c70183cc7f14f3cfba29d695d49128075.0 (rollback) Version: 32.1.6 origin refspec: fedora:fedora/32/x86_64/silverblue GPG: Signature made Thu 23 Apr 2020 06:08:20 using RSA key ID 6C13026D12C944D0 GPG: Good signature from "Fedora <[email protected]>" |
I have installed pending updates after installation, so I have one snapshot I can rollback from. This is very good indeed. If an update breaks something, you can just roll back and it is fixed. This would be a very good system for Fedora Server products. Canonical does not come up with such advanced ideas as this.
This is the script I used to run this with qemu on Ubuntu.
1 2 3 4 5 6 7 8 9 10 11 | #!/bin/sh export QEMU_AUDIO_DRV=alsa DISKIMG=win7.img WIN7IMG=Fedora-Silverblue-ostree-x86_64-32-1.6.iso VIRTIMG=virtio-win.iso qemu-system-x86_64 --enable-kvm -drive format=raw,file=${DISKIMG},if=virtio -m 4096 \ -net nic,model=virtio -net user -cdrom ${WIN7IMG} \ -drive file=${VIRTIMG},index=3,media=cdrom \ -rtc base=localtime,clock=host -smp cores=4,threads=4 \ -soundhw ac97 -cpu host -vga vmware |
Imagine if Microsoft implemented this in Windows Server 2020, it would be awesome, but this will never happen. They are always adding stuff to Windows 10, but they are not fixing the core issues with updates. If Windows 10 had a system like this, then rolling back from a failed update would be very easy. Or if it was an update that killed some of your system files, then the system could be rolled back. I know about system snapshots, but a read-only base system, with updates and extra software installed on top, would be a great way to counter system updates or rogue software that damaged system files. Just roll back the installed snapshot and the system will work again. The only issue is the disk space it might take up. But Silverblue has tackled that and I am sure that Microsoft could as well. They are surely smart enough to create something like this. The installer for Silverblue is only 2.5 Gigabytes and then you get a lovely Gnome Shell desktop and base software to build on. So, this is a great Linux distribution with a very solid idea contained within. And you can create a snapshot on top to mess around in, and then rollback when you are done. A great testing OS.