Don’t get me wrong. I absolutely love Fedora Atomic (Silverblue, Bazzite, Kinoite, Aurora, IOT, etc.), more than any other distro I used, and I plant to continue using it.

It never made any problems on any of my devices, and because it is pretty much indestructible and self-managing, I even planned to install it on my Mum’s new laptop, in case her current one (basically a toaster with Mint on it) breaks.

But with the last days, my trust is damaged quite a bit.

First one, where I couldn’t update anymore on uBlue, because of faulty key pairs. This is a huge thing for me because uBlue updates in the background, and if I wouldn’t have read it here on Lemmy, I would have found out way too late, which is a security risk imo.

And now, my devices weren’t able to boot anymore due to some secure boot stuff. Again, if I wouldn’t have subscribed the Fedoramagazine, I would have noticed it way too late.
I was able to just boot into an older image and just paste a few commands from the magazine’s post, and it was resolved in just seconds (download time not included).

Both instances were only a minor thing for ME.
But both would have been a headache if I wouldn’t follow those blogs, which is a thing only nerds (like myself) do.
Nobody else cares about their OS, it is supposed to just work, hence why I use Atomic.

I don’t wanna blame the devs (both j0rge/ uBlue and the Fedora team), they were very quick, transparent and offered very simple fixes.
And, being able to just boot into an older image, just in case, is something I am very thankful for, but nothing I want to depend on.

Having to be informed about stuff like this and then having to use the CLI is just a no-go for most people.

Am I over-reacting about this too much? What’s your view on those things?

  • just_another_person@lemmy.world
    link
    fedilink
    arrow-up
    54
    arrow-down
    1
    ·
    5 months ago

    They owned up to it, and immediately dealt with the issue.

    It’s open source, free, and run by volunteers who bust their asses to make these releases happen. I wouldn’t worry too much about it if it’s been working the other 99% of the time for you, and this one issue has you on the fence about it…

    • Lazorne@lemmy.zip
      link
      fedilink
      English
      arrow-up
      15
      ·
      edit-2
      5 months ago

      I agree, mistakes and vulnerabilites happen in all software commercial and open. Now I can only speak for RetroDECK but, we also make mistakes and need to do minor patches to fix those.

      I think Jorge and the team handled it as you should: Be transparent, inform on all channels they can and learn from your mistakes.

      Me personally have full confidence in them.

      Those that try to hide or shift blame of mistakes are a bigger red flag in my book.

      • boredsquirrel@slrpnk.net
        link
        fedilink
        arrow-up
        10
        ·
        5 months ago

        What we need is a popup IN THE OS that tells users how to troubleshoot.

        Separate from the OS core, updatable individually, like an RSS feed with persistent popups using KDialog etc.

      • xavier666@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        ·
        5 months ago

        Those that try to hide or shift blame of mistakes are a bigger red flag in my book.

        People, please; look at this.

        It’s inevitable that mistakes will happen.

    • 4am@lemm.ee
      link
      fedilink
      arrow-up
      9
      ·
      5 months ago

      Exactly. These kind of things happen from time to time; hell even big corpo OSes mess up. They said they’d taken time to fix their process to prevent this problem happening again.

      If it becomes a pattern I’d become concerned. So far, it was inconvenient.

      • just_another_person@lemmy.world
        link
        fedilink
        arrow-up
        6
        ·
        5 months ago

        No, that’s not at all true.

        Red Hat owns the Fedora brand, sponsors the project financially, technically, and with some infrastructure, but does not own the project, nor pay everyone involved. Aside from a project lead here or there, it’s all community run. Literally anyone can contribute or volunteer.

        • people_are_cute@lemmy.sdf.org
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          edit-2
          5 months ago

          If Red Hat were to stop officially supporting Fedora tomorrow, can you guarantee the project will still survive?

          Can Android/AOSP survive if Alphabet were to give up on it tomorrow?

          • just_another_person@lemmy.world
            link
            fedilink
            arrow-up
            5
            arrow-down
            1
            ·
            5 months ago

            Sorry to be rude, but can’t you just go read the docs to understand this?

            Fedora is a fork of Red Hat, the same way Ubuntu is a fork of debian. Yes, it is now singular to being its own thing. It is also not corporate controlled.

            • DigitalDilemma@lemmy.ml
              link
              fedilink
              English
              arrow-up
              6
              arrow-down
              1
              ·
              5 months ago

              Fedora is a fork of Red Hat, the same way Ubuntu is a fork of debian.

              I think you’ve got your ordering and terms a bit confused, there. There’s no forking as such going on in the EL ecosystem.

              To explain it as simply as I can, as there are quite a few people mixing this up in here.

              Fedora is *upstream *of Red Hat (Or RedHat Enterprise Linux (RHEL) to be exact - Redhat is a company owned by IBM that does a bunch of stuff, not just RHEL).

              Fedora feeds into CentOS Stream (Essentially a staging area for RHEL). This has no relation to CentOS Linux, which is dead.

              RHEL is then built from CS at point releases and sold commercially through licencing.

              There are distros such as Rocky, Alma, Oracle Enterprise Linux and possibly some smaller ones that strive to be near exact clones of RHEL (Rocky claims bug-for-bug compatibility, Alma doesn’t any more as they build in a different way) - these follow RHEL’s point releases, and might be considered a poor and loose definition of forking, but rebuilding is a more accurate term.

              All these distros are under the blanket term of “Enterprise Linux” because it’s shaped around RHEL, even though most are free. Historically this worked well, as people learned Enterprise skills using Fedora and Centos Linux which turned into careers (including for me). Then Redhat went a bit mad and that all changed.

              The only similarity to Debian/Ubuntu is that Ubuntu uses Debian as a base, and builds upon it. Like RHEL, it adds commercially licenced bits to its distro and rebuilds other parts into something unique, and like RHEL, Rocky, Alma and OEL do with Fedora, it feeds back improvements and development into Debian.

      • boredsquirrel@slrpnk.net
        link
        fedilink
        arrow-up
        2
        arrow-down
        3
        ·
        5 months ago

        Says the person with a “Twitter verified badge” as profile pic LOL.

        What has this to do with ANYTHING I wrote?