5.1 C
New York
Tuesday, February 7, 2023

Buy now

Vanilla OS is a brilliant take on the Linux desktop

Jack Wallen takes a look at a new Linux distribution with a very unique and impressive way of applying security.

LINUX - word on wooden cubes on gray background.
Image: Zhanna/Adobe Stock

I’ve tried just about every concept behind every Linux desktop on the market. Some of those concepts are nothing more than a change to the user interface, while others become so complex that the distribution is nearly impossible to use, especially for those unfamiliar with Linux.

SEE: 40+ Open Source and Linux Terms You Need to Know (TechRepublic Premium)

But every now and then I come across a new idea that is so mind-boggling that I can’t believe someone hasn’t thought of it before. That’s what Vanilla OS is.

What is Vanilla OS?

Vanilla OS strives to be the most vanilla GNOME install possible: few changes have been made to the default GNOME desktop.

Of course, that’s not the mind-blowing part. What the developers have done is make it easy to switch between a read-write file system to a read-only file system. That’s right – this is on-demand immutability.

Vanilla OS usage scenarios

This feature allows you to create a desktop operating system that does not allow a user to install or make any changes. Set everything needed, set the immutable option and hand in the machine.

Although Vanilla OS is in beta, I tested this feature and it holds incredible promise. It’s far from ready for general use, but you can see exactly where the developer is going with the project.

Operating system immutability isn’t the only cool trick in the Vanilla OS case. Another great feature is that applications are all installed in isolated sandboxes for security. This is how it works:

  • First, the system must be in rw mode, which can be achieved with the command sudo almost enter rw.
  • Once the system is in rw mode, initialize a container with the command apx init.
  • After the container is created, you can install an app with a command like apx install htop.
  • After the installation is complete, you can run it from the GNOME application overview.

Another wonderful aspect of Vanilla OS is that you can select your package manager of choice. At the first login you can choose from Flatpk, snap or AppImage. Using the selector (Image A), you can choose one or all three.

Image A

Select the package manager for Vanilla OS.
Select the package manager for Vanilla OS.

Of course, Vanilla OS is not without its problems. For example, my favorite editor is nano. An attempt to install that software failed because no desktop entry for the app was found. Since nano is a command line tool, Vanilla OS doesn’t seem to know what to do with it.

What does that mean? From what I can see, Vanilla OS can only install applications that provide a GUI component. But as far as GUI apps go, everything runs smoothly. Use Snap or Flatpak to get around that. Snap allowed me to install nano.

Let’s go back to the problem of immutability. As I said, switch between rw and ro with the commands:

  • sudo almost enter rw: for read/write.
  • sudo almost enter ro: for read only.

You can check which mode you are in with the command:

sudo almost check

You see something like:

Mode: ro
System is read-only

Here another hiccup made itself known. Even after I set the system to read-only, I was still able to create files within the root filesystem. It seems to me that that should not be possible in ro mode.

Maybe that’s just a product of Vanilla OS being so young in its development lifecycle, but according to the project documentation, “Vanilla OS is an on-demand immutable distribution. The system is read-only to prevent unwanted changes and corruption by third-party applications or a faulty update. Some paths are still writable, such as the home directory. This allows the user to keep their files and ensure the normal operation of applications.”

It also turns out that three directories are immune to the immutability in Vanilla OS. Those directories are /home, /etc, and /var. Good to know. To test that out, I put the system in ro mode and run the command:

sudo touch /test

To my surprise, the file was created. I was also able to edit the file with the nano editor, using the command sudo nano /test. I didn’t expect to be able to write to that file, but it worked, even in read-only mode. As I mentioned, this is probably due to the beta nature of the OS, so I would expect the immutable mode behavior to change once the distribution is ready for the masses.

Who is Vanilla OS for?

This Linux distribution is certainly not for those new to Linux – at least from an admin perspective – but you could set up Vanilla OS exactly the way you need it, put it in read-only mode and hand it over to a user knowing that they could not make catastrophic changes to the system.

This distro would also be great for community computers, kiosks, and other situations where the inability to make changes outside of specific directories would be an advantage.

Vanilla OS isn’t ready for prime time yet, but the idea behind the system was long overdue. There are tools you can add to create a similar Linux setup, but Vanilla OS putting it all together in an easy-to-use package makes for a very intriguing setup.

This is going to be a project you’ll want to keep a close eye on. Once it’s ready for the masses, I think Vanilla OS could be a real game-changer.

Subscribe to TechRepublic’s How to make technology work on YouTube for all the latest technical advice for business professionals from Jack Wallen.

Source link

Related Articles


Please enter your comment!
Please enter your name here

Stay Connected


Latest Articles