On Tue, Jun 28, 2022 at 3:38 PM Frédéric Pierret <frederic.pier...@qubes-os.org> wrote: > > > > Le 6/28/22 à 10:15, Outback Dingo a écrit : > > On Tue, Jun 28, 2022 at 2:30 PM Frédéric Pierret > > <frederic.pier...@qubes-os.org> wrote: > >> > >> > >> > >> Le 6/28/22 à 06:13, Outback Dingo a écrit : > >>> Curiously, I often wonder why Qubes itself, as it claims to be > >>> security enhanced, relies on Fedora, and not Silverblue or Kinoite > >>> spins. > >>> > >>> I remember back in the day when it was plasma based, and actually was > >>> pretty decent. > >>> > >>> Silverblue/kinoite provides ostree and more reasonable updating > >>> methods, it's also based on fedora so now quite sure as to why you > >>> continue down the fedora vanilla path, other then maybe the work > >>> involved to switch out the base os flavor. > >>> > >>> It would surely add another layer of security having an immutable Os > >>> that is updateable with rpm-ostree update and rollback capability. > >>> > >>> Any enlightenment is appreciated > >>> > >> > >> We already discussed that with Marek a while ago and this is something we > >> want to take a look at. Right now, the reason is...we totally lack human > >> resources to study and work on that subject among all others tasks we have > >> to do. > >> > > well, i guess one could ask someone like me to join up and work on > > developing the solution, after all its going to be mostly build system > > modifications for "repos", then sorting out how it build a final image > > with ostree > > There is also the variant rpm-ostree that is now the default, no more > > dnf/rpm standard. > > > > I would say the first step would be to create a template because we are going > away from Fedora for dom0 soon or later (when sys-gui-gpu would be stable) > and it's probably going to be something like Yocto. Marek can give more info. >
You mention Yocto, as I'm quite familiar with it, would also be a good choice, especially with ostree onboard and the array of OTA update methods available. There is a similar in concept project though lxc based called OverC from wind river yet thats basically partitioning "various machine instances" for iot based type stuff they call "cubes", though there is a "cube-desktop", XFCE based also that can be built with it. > Best regards, > Frédéric -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/CAKYr3zzh3bTDUzviUmTY8XTHoS-boZ1yxL-FDCc%2B3dM%3Dx4XWiA%40mail.gmail.com.
