• 0 Posts
  • 10 Comments
Joined 2 years ago
cake
Cake day: June 22nd, 2023

help-circle
  • The way I have always liked to put it specifically is that Linux is not inherently more secure than windows. However Linux is inherently easier to secure than Windows. Namespaces, apparmor, seccomp-bpf, and a very fine grain limited vs super user permission system. Just to name a few top level things.

    The tools are all there on basically any system, very well documented, relatively easy to use. And once you set them up they will not randomly change things on you. I say this as a system administrator having to deal with Windows constantly where Microsoft decides that they are smarter than you and fuck your group policy edits because we put out this update and we think this option is better so we’re going to revert like half the shit you did. Over half my fucking job and security is just checking what did Microsoft fuck up about my security set up with this update, and trying to rotate through security vendor 2094726 to fill in the absolute basic security processes that windows doesn’t provide





  • LordKitsuna@lemmy.worldtolinuxmemes@lemmy.worldDistro Focuses
    link
    fedilink
    arrow-up
    2
    arrow-down
    2
    ·
    9 days ago

    It’s definitely not something that will happen 100%. I’ve also had long standing debian systems that seem to not care. However I’ve had plenty that, for whatever reason couldn’t handle multiple major version hops and just eviscerated themselves, I’ve not had that with arch personally. You may need to download the latest statically built pacman depending on how old it is but that and a keyring update usually has you covered


  • LordKitsuna@lemmy.worldtolinuxmemes@lemmy.worldDistro Focuses
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    9 days ago

    I mean, if you want to use your system pacman sure. But you can just download the latest statically built pacman to do the large jump without issues. However i will concede that is more than JUST keyring update

    Edit: another fun way to get around that issue pretty easily. Boot any up to date arch installer, mount the old ass system root to /mnt and just run

    pacman -Sy

    pacman --sysroot /mnt

    Now just normal syu and the live environment pacman will update the old system, arch/pacman has a plethora of easy ways to get around what would otherwise be show stoppers on apt/dpkg :)


  • LordKitsuna@lemmy.worldtolinuxmemes@lemmy.worldDistro Focuses
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    10 days ago

    I mean when I can take an Arch Linux installation that I forgot about on my server and is now 8 years out of date and simply manually update the key ring and then be up to date without any issue but every time I’ve ever tried to do many multiple major version jumps on debian it’s died horrifically… I would personally call the latter less stable. Or at least less robust lol.

    I genuinely think that because Arch Linux is a rolling distribution that it’s update process is just somehow more thorough and less likely to explode.

    The last one with debian was a buster to bookworm jump. Midway through something went horrifically wrong and dpkg just bailed out. The only problem was that it somehow during all of that removed the entirety of every binary in /bin. Leaving the system completely inoperable and I attempted to Google for a similar solution as arch. Where i could chroot in and fix it with one simple line. But so far as I was able to find there is no such option with apt/dpkg. If I wanted to attempt to recover the system it would have been an entirely manual Endeavor with a lot of pain.

    I would also personally label having the tools to recover from catastrophic failure as being an important part of stability especially when people advocate for things like Debian in a server critical environment and actively discourage the use of things like Arch

    If the only thing granting at the title of stability is the lack of update frequency that can simply be recreated on Arch Linux by just not updating frequentlyಠ_ಠ


  • LordKitsuna@lemmy.worldtolinuxmemes@lemmy.worldDistro Focuses
    link
    fedilink
    arrow-up
    40
    arrow-down
    12
    ·
    10 days ago

    I’ll never stop hating that debian is labeled stable. I’m fully aware that they are using the definition of stable that simply means not updating constantly but the problem is that people conflate that with stability as in unbreaking. Except it’s the exact opposite in my experience, I’ve had apt absolutely obliterate debian systems way too often. Vs pacman on arxh seems to be exceptionally good at avoiding that. Sure the updated package itself could potentially have a bug or cause a problem but I can’t think of any instance where the actual process of updating itself is what eviscerated the system like with apt and dpkg.

    And even in the event of an update going catastrophically wrong to the point that the system is inoperable I can simply chroot in use a statically built binary pacman and in a oneliner command reinstall ALL native packages in one go which I’ve never had not fix a borked system from interrupted update or needing a rollback