After using every flavor of Linux imaginable, from the simplest to the most complex, and testing just about every approach an OS could come up with, I was surprised to find a Linux distro that emphasizes both security and usability: Vanilla OS.
Download Vanilla OS from the official website
The first official version of the OS was released recently, and my first test had been rather conclusive. So when the developers announced that the final version was finally ready, I decided to give it a shot.
A security-focused operating system
If I tell you about an operating system that emphasizes security, you will probably imagine a complicated and difficult to access OS. And let’s be honest: this was more the case for early versions of Vanilla OS, which used the Almost tool for immutability. Immutability is the idea that an OS cannot change without the express permission of its user.
With this new version, the developers have moved from Almost to ABRoot. Almost had indeed several problems. In particular, it was possible to enable read-only mode and still be able to create files in the root filesystem. Also, three important directories were immune to immutability: /home/, /etc/, and /var/.
The developers therefore chose ABRoot to replace it. The latter allows “atomic” operations (that is to say that cannot be interrupted) between two root partitions (A ⇔ B).
“ABRoot reached [l’atomicité] juggling between two root partition systems: A and B. Let’s take an example. Let’s say you want to install a new package. ABRoot will check which partition is the current root partition (the A), then it will mount an overlay on top of it and perform the operation. If successful, the overlay will be merged with the future root partition (i.e. B). On the next boot, the system will automatically switch to the new root partition (B). If it fails, the overlay will be aborted and the system will boot normally, without any changes to both partitions,” the OS developers explain about how the tool works.
FlatPak and AppImage compatibility
To illustrate all this, you can install the htop tool in Vanilla OS. This can be done in two different ways: with the apx package manager, or using ABRoot. If you opt for apx, htop will be installed inside a container with restricted access to system resources, yet still able to function as expected.
To install htop with apx, the command is therefore:
apx install htop
Note that you are not using sudo to gain increased privileges for installation, this is intentional.
The alternative installation method uses ABRoot, which is more complex and requires a reboot after installation. For example, you can install htop with the command:
sudo abroot exec apt install htop
After installing htop with this method, you will find that the command is not available until you restart the system. This is because the system has not yet switched to the new root partition which contains the newly installed application.
Vanilla OS also supports Flatpak and AppImage. You can even install Flatpak applications from the GNOME Software GUI, saving you from being confined to the command line.
Smart updates
Among the really interesting features, there are also “smart updates”, which can be activated in the OS control center. This tool ensures that the system will not update if it is under a heavy workload or the battery is low. To activate it, open the Vanilla OS control panel, click on the tab Updatesthen the SmartUpdate ON/OFF slider.
Picture: Jack Wallen.
SmartUpdate was designed so users don’t have to worry about updates. Once enabled, these use the ABRoot system and are not applied until the next reboot. Not only does this allow updates to install completely invisibly, but it also makes them atomic, only being installed once compatibility with the system is assured.
The only downside to this system is that the rate of updates is either weekly or monthly. There is no option to install updates daily. That said, the weekly rate is more than enough for most users.
Arch or Fedora just a click away
Vanilla OS also allows launching different containerized systems, based on Arch Linux, Fedora or Alpine Linux. From the Vanilla OS Control Center, click on the tab Subsystemthen the button + to launch a container based on the chosen system. For example, click on Fedora and a terminal window will open in a container. You can then work on it as if you were on a real Fedora distribution.
Picture: Jack Wallen.
Beyond advanced features
Beyond these niche features, Vanilla OS offers the cleanest GNOME desktop environment possible. It’s easy to use, reliable and very powerful… especially when you consider that it’s the first “stable” version of the system.
Would I recommend Vanilla OS to everyone? Absolutely. If you’re new to Linux, you might not quite understand all the inner workings, but you’ll still benefit from a safe and reliable operating system that puts even more emphasis on security than most. other Linux distributions.
You can find the Vanilla OS ISO image on the project’s GitHub page. And if you want to know more, the changelog of this first version is available on its official website.
Source: ZDNet.com