Vanilla OS shifting from Ubuntu to Debian
Vanilla OS, a lightweight, immutable operating system designed for developers and advanced users, has been using Ubuntu as its base. However, a recent announcement has revealed that in the upcoming Vanilla OS 2.0 Orchid release the project will be shifting to Debian unstable (Sid) as its new base operating system. Vanilla OS is making the switch due to Ubuntu's changes to its version of the GNOME desktop environment along with the distribution's reliance on the Snap packaging format. The decision has generated a fair amount of interest and discussion within the open-source community.
Other distributions have explored making a similar switch; for example, Linux Mint, as
Hacker News user "pyrophane" pointed out in a
comment on the Vanilla OS announcement. The
Linux Mint Debian
Edition (LMDE) was created "to ensure Linux Mint can continue to
deliver the same user experience if Ubuntu was ever to disappear
".
GNOME's customization by Ubuntu
The Vanilla OS announcement indicated that the decision to shift from Ubuntu
to Debian Sid was driven in part by the desire to
provide an unmodified experience for users. "Ubuntu provides a modified
version of the GNOME desktop, that
does not match how GNOME envisions its desktop.
" Debian is much closer
to a vanilla GNOME experience because it provides the software
without any major customization.
GNOME is designed to provide a consistent user experience across different Linux distributions. However, Ubuntu's modifications to the GNOME desktop often diverge from the upstream GNOME project's vision, leading to inconsistencies and compatibility issues with GNOME applications. This issue, that still persists today, was present as far back as 2020, when GNOME Designer, Tobias Bernard, noted the difficulties in dealing with Ubuntu:
This category also includes distributions overriding upstream decisions around system UX, as well as theming/branding issues, due to problematic downstream incentives. This means there is no clear platform visual identity developers can target.
For example, Ubuntu 18.04 (the current LTS) ships with GNOME 3.28 (from March 2018), includes significant changes to system UX and APIs (e.g. Unity-style dock, desktop icons, systray extension), and ships a branded stylesheet that breaks even in core applications.
Ubuntu's focus on Snap
One of the primary concerns cited in the announcement was the problems associated with Snap. Back in 2020, Linux Mint dropped Snaps, citing a number of problems with the format and its required connection to the Ubuntu Store. When Ubuntu decided to stop shipping Flatpak by default earlier this year, user "rtklutts" on Slashdot listed numerous problems they see with Snaps:
There are so many well documented cases where Snaps suck. Let me cover some of them here. Slow start up. No ability to control when updates happen.. i.e. forced updates that you can only delay. No ability to control what gets pulled in with the application. Many apps with same dependencies bringing in multiple copies of the same dependencies. Maker of an app has too much control over the environment on your PC. Theming doesn't apply correctly to Snap applications.
A few of these issues have also caught the eye of the developers at Vanilla
OS. "Based on our testing and many sources online, there are a lot of
issues that Snap hasn't addressed currently, like slow startups,
centralization, etc.
" Canonical controls the
official Snap store, and all Snaps must be approved by Canonical to be
distributed through it, centralizing control. That may be a concern
for Vanilla OS, since that control over the Snap store could lead to an
abuse of power.
Security and stability
As the unstable version of Debian, Sid's purpose is to be a test dummy for the distribution. That, coupled with its continuously updated model, places question marks over its stability and security for users. The Debian project warns about using the distribution:
Please note that security updates for unstable distribution are not managed by the security team. Hence, unstable does not get security updates in a timely manner. [...]
"sid" is subject to massive changes and in-place library updates. This can result in a very "unstable" system that contains packages that cannot be installed due to missing libraries, dependencies that cannot be fulfilled etc. Use it at your own risk!
Even though Debian warns against it, some users think its worth the risk and that the potential drawbacks aren't as bad as they are made out to be. In a Hacker News discussion about Vanilla's switch, user "tlamponi" compared the risks to those of Arch Linux:
I know the Debian project recommends against promoting the unstable Sid release for general (non-dev/maintainer) users, but IMO about as risky as running Arch Linux, i.e., quite safe. Debian Sid is the main initial entry point for new packages and so a rolling release which only pauses for a bit once every two years during the freeze for the stable releases.
Compared to Arch Linux it has a few advantages, like e.g., it actually cares about recording exact and sane versioned break/depends/conflicts so upgrading a system after year(s) will work out just fine without getting ones hand dirty. Further they track and install the kernel under a correctly ABI versioned path, so you can pull an upgrade with a new kernel and then still load a module from the currently booted kernel just fine, no reboot required, same for libraries. I mean I like Arch Linux, don't get me wrong it's my second favorite distro for sure, but having to immediately reboot after most updates as otherwise half the programs or kernel functionality is unavailable is a bit of a nuisance.
To address the concerns, however, the Vanilla OS developers have said that the distribution will limit the number of packages that it ships directly to the user to decrease the overall footprint of the system. Vanilla OS developers will keep up with Debian's security advisories to ensure that the base system remains secure. But they will only be testing the base image that is officially supported, where there are fewer potential sources of instability.
However, it is important to note that this limitation may be problematic for users who wish to install software outside of the core packages that Vanilla OS provides. Users will be left to their own devices for ensuring both security and system stability with regards to those packages.
While we don't know exactly which core packages will come with Vanilla's 2.0 Orchid release, we do know that they will be kept to the bare minimum, as noted in the announcement. This is not too dissimilar to its current version, which David Delony from MakeUseOf, reported on earlier this year:
The Vanilla OS desktop uses the regular GNOME 3 desktop environment. It comes with the default set of GNOME apps and not much else. This means you'll have to rely on the package manager, but Vanilla OS is hardly unusual among Linux distros for that.
Vanilla OS doesn't even come with an office suite. If you need to do word processing or spreadsheets, you'll have to install something like LibreOffice. Fortunately, it's easy to add new packages despite Vanilla OS's unorthodox architecture.
Before installing software like LibreOffice from the Sid repositories, users will now have to consider whether it will introduce instabilities or security vulnerabilities to their system, since it is not being tested (or updated) by Vanilla OS. While users are still free to install whatever they want, the knowledge of the risk it could bring may impose limitations on what users will want to install on top of the base image.
Conclusion
While Debian offers more "vanilla" experience and gives users the
freedom of choice that the Vanilla OS project values, it also comes with
potential instability and compatibility issues. Even though those concerns
may be alarming, the project will be keeping an eye on them
and has expressed a willingness to
change distributions in the future. "If we run into
stability and security issues down the line, then we will reconsider our
decision.
" We will have to wait and see how this transition
impacts the Vanilla OS community and the future growth of the distribution.
| Index entries for this article | |
|---|---|
| GuestArticles | Quin, Jeremiah |