dino

we do restarts twice a month, they are in production

My server tells me a restart would be required because of:

linux-base linux-image-6.1.0-22-amd64

Does that have anything to do with the SSH package?

Question if I update my server and it has the new SSH (patched) package. Is that enough or do I have to restart the server as well? How can I check if the old SSH is in use currently?

Interesting. So, you never heard of Fedora CoreOS, Fedora Silverblue, Fedora Kinoite, uBlue, Aurora, Bazzite and Bluefin?

Silverblue yes, rest no.

Snapper also seems to be properly integrated on the derivatives of other distros; e.g. Garuda, Siduction and SpiralLinux to name a couple. So, again, this selling point doesn’t seem unique.

I have no clue how that is done on those distros, never tried any of those. I just know that it is even "hard" to replicate the configuration of snapper on a system like Void Linux. But that might also stem from my lack of knowledge. At least the guides I found didn't provide the same result.

Interesting. Like, in which cases would you recommend something else for example?

I am glad you also think highly of Tumbelweed, but I think it has the disadvantage of not having such an amazing documentation as other distros. If you stumble upon something and are looking for a fix online, you won't find as much resources for it as there are for debian based distros for example.

All in all, I have to thank you for this amazing exchange. I think this is one of the most friendly and informative exchanges I had on lemmy so far. :)

Thanks for the detailed reply. I see where you are coming from but I for example never head about Fedora Atomic whilst I am familiar with OpenSUSE MicroOS, GUIX, NixOS. I noticed that MicroOS is the server oriented immutable whilst Aeon is the new orientation for Desktop... ANYWAY, all this immutable talk is anyway pointless, because I was talking about general distributions and not a discussion about immutable distros.

On the topic which distro adopted what first, my confusion did stem from by what context. As I tried to make clear with my confusion about fedora not being rolling release. To cut all this talk short here my answer to your question:

The default value of OpenSUSE Tumbleweed is pretty strong because

• rolling release
• zypper having sane args for regular tasks (install, search etc.)
• btrfs as default filesystem
• optimal snapper integration which leads into
• making a rolling release distro suitable for non-technical people/daily usage without fear of regular updates

But this is just a general recommendation for "distros". If the requirements get more specific it makes much more sense to make proper recommendations.

I don’t understand why this is relevant. But, to answer your question, a modern system should already be on systemd

Dear lord...I will try to read the rest but you are not off to a good start. What has modern to do with systemd?

I am not sure I understand what you mean by:

Consider checking up on where Wayland, systemd, PipeWire, PulseAudio etc first appeared; so on which particular distro. Are you referring to use those packages as default? Afaik Fedora OS is not even rolling release, so I cannot fathom how it has packages earlier than the typical bleeding-edge candidates. Fedora Atomic Why are you mixing Fedora Atomic with the regular Fedora Distro? It’s also the most mature attempt. Derivatives like Bazzite are the product of this endeavour. From the OG distros, only openSUSE (with its Aeon) has released an attempt. However, it seems to be less ambitious in scope and vision. ...how is something like this objectively valid? I understand you like Fedora, but you make claims without any proof or just pure opinion based.

How does that contradict what I wrote? I even mentioned RHEL...

lol? are you trolling?

Being the first distro on which new technologies are introduced

Also atomic branch? SELinux might be a fair point, but I doubt that ss unique to Fedora tbh.

Fedora has no selling point at all besides being similar to RHEL.

systemd, dbus, and polkitd. If any one of those components are misconfigured, you risk an unauthorized user gaining root privileges.

Just for my own understanding, if any of those are misconfigured, do you not anyway have a big security problem already, regardless of run0?

I mean...all this and much more is part of the wireguard archwiki. And whoever wants to setup a wireguard server but doesn't know what ping is... Interesting would be an example on how to use tcpdump and how to read it.