None of this puts the user out of control; they’re free to add the Flathub repository should they wish to do so.

He

I hate to be that guy but OP gave no indication of their gender. English has the luxury of having a “natural” neutral pronoun; please just use that.

which these suggested Fedora Spins are designed to integrate with as tightly as possible

Could you explain what exactly this “tight integration” pertains? AFAIK these are just regular old global-state distros but with read-only snapshotting for said global state (RPM-ostree, “immutable”).
Read-only global system configuration state in pretty much requires usage of Flatpak and the like for user-level package application management because you aren’t supposed to modify the global system state to do so but that’s about the extent that I know such distros interact with Flatpak etc.

Bazzite is completely the opposite of an OS designed to run one app at once, which means you haven’t tried it before rubbishing it as a suggestion.

That is their one and only stated goal: Run games.

I don’t know about you but I typically only run one game at a time and have a hard time imagining how any gaming-focused distro would do it any other way besides running basic utilities in the background (i.e. comms software.).

Obviously you can use it to do non-gaming stuff too but at that point it’s just a regular old distro with read-only system state. You can install Flatpak, distrobox etc. on distros that have mutable system state too for that matter.

Could you point out the specific concrete things Bazzite does to improve separation between applications beyond the sandboxing tools that are available to any distribution?

It’s true that I haven’t used Bazzite; I have no use for imperative global state distributions and am capable of applying modifications useful for gaming on my own. It’s not like I haven’t done my research though.

“No your honour, we do not offer users any patented software, we merely ship a system which directs users to this other totally unrelated entity that we are fully aware ships patented software.” will not hold up in court.

I also imagine RH would simply like control over the repository content they offer to users by default. Flathub acts more like a 3rd party user repository than a “proper” distro.

I don’t assume you to be stupid, so lack of information is the most likely explanation for not knowing what “it” refers to here.

Read the linked issue first perhaps.

Offering patented software would open Fedora (a RedHat product mind you) up to legal issues in places that know software patents (primarily the U.S.).

There is no distribution that does what you’re looking for. All the ones recommended by others in this thread are just generic distributions that do nothing special to separate user applications and I have no idea why they saw fit to mention them at all.

The best recommendation here is Qubes but that’s arguably not a distro but rather its own operating system that can then run some instances of distros inside of it with strong separation between those units.

The only thing that somewhat goes the direction you want is Flatpak but it’s not anywhere close to Androids really quite solid app separation scheme.

The reality of it is that most Linux desktop apps are made with the assumption that they are permitted to access every resource the user has access to with no differentiation; your SSH or GPG private keys are in the same category as the app’s config file.

Standard APIs to manage permissions in a more fine-grained manner are slowly being worked on (primarily by the flatpak community IME) but it’s slow and mostly focused on container stuff which I’m not convinced is the way forward. There does not appear to be any strong effort towards creating a resource access control design that’s anywhere near as good as Android’s in any case though.

The closest thing we have is systemd hardening for system components but that’s obviously not relevant for desktop apps. It’s also (IMHO) inherently flawed due to using a blocklist approach rather than an allow-list one. It’s also quite rigid in what resources it controls.

I’m not convinced any of the existing technologies we have right now is fit for a modern user-facing system.

Here’s what I think we ought to have:

• A method to identify applications at runtime (e.g. to tell apart your browser from your terminal and your editor at runtime)
• A generic extensible way to declare resources to which access should be controlled within a single user context (i.e. some partition of your home filesystem or some device that your user generally has access to such as your camera)
• A user-configurable mapping between resources and applications; enforced by kernel-level generic mechanisms

No need for any containers here for any of this; they’re a crutch for poor legacy distro design that relies on global state. I don’t see a need for breaking the entire UNIX process model by unsharing all resources and then passing in some of them through by overly complex methods either.

Eventhough they’re quite simple and effective, I’m not convinced UNIX users are a good primitive to use for application identification like Android does it because that implies user data file ownership needs to be managed by some separate component rather than the standard IO operations that any Linux apps ever uses for everything.
I think this should instead be achieved using cgroups instead which are the single most important invention in operating systems that you can actually use today since UNIX IMHO.

The missing parts are therefore a standard for resource declaration and a standard and mechanism to assign them to applications (identified via cgroup).
I haven’t done much research into whether these exist or how they could me made to exist.

That is not relevant here in any way. That’s a distro made to easily run one app at a time without really caring about data security w.r.t. that app.

On the one hand yes but on the other hand this would also kind of set wrong incentives: to use Kagi search less because you’d need to pay more.
That’s not an incentive they or you would want.

I think what I’d like is how my mobile carrier handles their data limits: It’s not an entirely fair comparison because in that case, contrary to Kagi, there is no real cost associated with my degree of usage of the service, making them entirely arbitrary and unnecessary but besides that the unused data rolls over to the next month and that’s something Kagi could mirror.

I hover around 600-1000 searches per month but sometimes exceed 1000. If I could pay for 1000/month and accumulate a little buffer in the months where I search less, that would work for me. Though perhaps I’d still want to just simply pay for unlimited usage for peace of mind.

This sounds like FUD. Do you have a source for that?

As a paying member, I know that they started charging (and presumably transferring) VAT last year.

Before that, they claimed they were simply too insignificant to even be eligible for VAT.
I looked it up and there appears to be an exception for such cases where VAT is charged in the company’s jurisdiction rather that the customer’s (it’s usually the other way around) until you reach 10000€ annual turnover. Information on this is extremely intransparent however, so this might be wrong.

They do. The $10/month search plan is unlimited.

The only LLM stuff in their search product is the quick answers which can be turned off and page summaries which you have to explicitly click on in a submenu in any case.

As someone aware of how limited LLMs are, I’ve actually found both of these features to be useful for gauging whether a site is worth visiting or not at times which is part of the core feature set of a search engine IMHO.

A good while back they claimed that Google search index fees make up the vast majority of their costs, so I doubt any of your money is going towards LLM BS unless you actually pay for their assistant product.
I doubt Google has given them any discounts since then.

I’d expect the development of all of their product to be mostly funded by VC. If they can get VC idiots who fell for the “”“AI”“” hype to subsidise building an actually useful thing (the search product), that’s a win in my book, even if they also have to build the AI crap on the side to keep said VC idiots happy.

First of all you need to figure out which sensor this even is. On my nct6687, there’s a sensor on the PCIe slot that is constantly >90° and that appears to be totally normal.

Could you post the output of sensors?

Here is how it looks like on my machine:

nct6687-isa-0a20
Adapter: ISA adapter
+12V:           12.26 V  (min = +12.14 V, max = +12.46 V)
+5V:             5.06 V  (min =  +5.00 V, max =  +5.08 V)
+3.3V:           0.00 V  (min =  +0.00 V, max =  +3.40 V)
CPU Soc:         1.02 V  (min =  +1.02 V, max =  +1.04 V)
CPU Vcore:       1.27 V  (min =  +0.91 V, max =  +1.40 V)
CPU 1P8:         0.00 V  (min =  +0.00 V, max =  +0.00 V)
CPU VDDP:        0.00 V  (min =  +0.00 V, max =  +0.00 V)
DRAM:            1.11 V  (min =  +1.10 V, max =  +1.11 V)
Chipset:       202.00 mV (min =  +0.18 V, max =  +0.36 V)
CPU SA:          1.08 V  (min =  +0.61 V, max =  +1.14 V)
Voltage #2:      1.55 V  (min =  +1.53 V, max =  +1.57 V)
AVCC3:           3.39 V  (min =  +3.32 V, max =  +3.40 V)
AVSB:            0.00 V  (min =  +0.00 V, max =  +3.40 V)
VBat:            0.00 V  (min =  +0.00 V, max =  +2.04 V)
CPU Fan:        730 RPM  (min =  718 RPM, max = 1488 RPM)
Pump Fan:         0 RPM  (min =    0 RPM, max =    0 RPM)
System Fan #1:    0 RPM  (min =    0 RPM, max =    0 RPM)
System Fan #2:  490 RPM  (min =  421 RPM, max =  913 RPM)
System Fan #3:    0 RPM  (min =    0 RPM, max =    0 RPM)
System Fan #4:  472 RPM  (min =  458 RPM, max =  939 RPM)
System Fan #5:    0 RPM  (min =    0 RPM, max =    0 RPM)
System Fan #6:    0 RPM  (min =    0 RPM, max =    0 RPM)
CPU:            +37.0°C  (low  = +30.0°C, high = +90.0°C)
System:         +25.0°C  (low  = +22.0°C, high = +48.0°C)
VRM MOS:        +22.0°C  (low  = +20.5°C, high = +66.0°C)
PCH:            +21.5°C  (low  = +18.5°C, high = +49.0°C)
CPU Socket:     +21.0°C  (low  = +19.0°C, high = +56.5°C)
PCIe x1:        +92.0°C  (low  = +76.5°C, high = +97.0°C)
M2_1:            +0.0°C  (low  =  +0.0°C, high =  +0.0°C)

Note that I use the https://github.com/Fred78290/nct6687d/ kernel module though. The upstream one doesn’t label many temps.

From Windows

Low-latency VRR that works correctly

It does not feel quite right in kwin and the rather new “proper” support in Hyprland doesn’t feel right either.

In hyprland you actually have to enable a special option and set a lower bound for VRR because it doesn’t handle LFC with cursors, so a game running at 1fps will make your cursor jump around once per second which is totally unusable. With LFC that would typically result in at least e.g. 90Hz.

VRR in other apps works quite well though. I’m not sure how intended it is but it allows for some nice power savings on my Framework 16; when it’s just a terminal refreshing a few times a second, the screen goes all the way down to 48Hz and when I actually scroll some content or move the cursor it’s still buttery smooth 120Hz.

Sway feels very good w.r.t. VRR but it cannot handle cursors at all (visible or invisible): whenever you move the mouse, VRR is deactivated and you’re at full refresh rate until you stop moving the cursor. It might also not be fine because I could only test a racing game due to the mouse issue and it’s so light that it always ran at a constant rate, so that’s not a great test as what differentiates good VRR from bad VRR is how varying refresh rate is handled of course.

Xorg VRR also never felt right; it felt super inconsistent. Xorg is also dead.

VRR is fundamental for a smooth gaming experience and power efficient laptops.

From macOS

Mouse pad scroll acceleration.

If you’ve ever used a modern macbook for a significant amount of time, you’ll know that its touchpad is excellent. I’d actually prefer a macbook touchpad over a mouse for web browsing purposes.
On Linux however, it’s a complete shitshow and the most significant difference is not hardware but software. You might think that, surely, it can’t be that bad. Let me tell you: it is.

Every single application is required to implement touch pad scrolling on its own; with its own custom rules on how to interpret finger movement across the touch pad. I can’t really convey how insane that is. There is no coordination whatsoever. Some applications scroll more per distance travelled, some less. Some support inertial scrolling, some don’t. Some have more inertial acceleration, some less.

Configuring scrolling speed (if your compositor even allows that, isn’t that right Mutter?) to work well in e.g. Firefox will result in speeds that are way too quick for the dozens of chromiums you have installed and cannot reasonably configure while making it right for chromiums will make it impossible to use forwards/backwards gestures in Firefox and applications that don’t implement inertial scrolling at all (of which there are many) will scroll unusably slowly.

It’s actually insane and completely fucked beyond repair. This entire system needs to be fundamentally re-done.

There needs to be exactly one place that controls touch pad (and mouse for that matter) scrolling speed and intertial acceleration, configurable by the user. Any given application should simply receive “scroll up by this much” signals by the compositor with no regard for how those signals come to be. My browser should never need to interpret the way my fingers move across the touch pad.

Accel key

Command/super is just a better accel key than control. Super is almost entirely unused in Linux (and Windows for that matter). Using it for most shortcuts makes it trivially possible to make the distinction between e.g. copy and sending SIGTERM via ^C in a terminal emulator. No macOS user has ever been confused about which shortcut to use to copy stuff out of a terminal because CMD-c works like it does in any other program.

It also makes it possible to have e.g. system-wide emacs-style shortcuts (commonly prefixed with control) and regular-ass CUA shortcuts without any conflicts. C-f is one char forwards and CMD-f is search; easy.

Unified Top bar/global menu

Almost every graphical application has some sort of menu where there’s a button for about, help, preferences or various other application-specific actions. In QT apps aswell as most fringe UI frameworks, it’s placed in a bar below the top of each window as is usual on Windows. In GTK apps, it’s wherever the fuck the developer decided to put it because who cares about consistency anyways.

For the uninitiated: On macOS there is one (1) standardised menu for applications to put and sort all of their general actions into. It is part of the system UI: almost the entire left side of the top bar is dedicated to this global menu; populated with the actions of the currently focussed application.

If you’re used to each application having this sort of menu in the top of its window, having this menu inside a system UI element that is not connected to the application instead will be confusing for all of 5 seconds and then it just makes sense. It’s always in that exact place and has all the general actions you can perform in this application available to you.

There is always a system-provided “Help” category that, along with showing macOS help and custom help items of the application, has a search function that allows you to search for an action in the application by name. No scouring 5 different categories with dozens of actions each to find the one you’re looking for, you just simply search for the action’s name and can directly execute it. It even shows you where it’s located; teaching you where to find it quickly and allowing for easy discovery of related functions.

When you press a shortcut to execute some action in the app, the system UI highlights the category into which the executed action is organised; allowing you to find its name and (usually) related actions.

Speaking of shortcuts: When you expand a category, it shows the shortcut of every action right next to the name. This allows for trivial discovery of shortcuts; it says it right there next to the name of the action every time you go and use it.

This is how you design a UI that is functional, efficient, consistent and, perhaps even more importantly, accessible. Linux should take note.

Why is this being downvoted? It’s clearly labelled as Japanese; if you don’t want to see foreign languages, filter them out.

In this comparison, the devil is in the detail.

With Ansible, you have an initial condition onto which you add additional state through automatically executed steps dictated by you until you (hopefully) arrive at a target state. This all happens through modification of one set of state; each step receives the state of the previous step, modifies it and passes the entire state onto the next step. The end result is not only dependant on your declared steps but also the initial state. A failure in any step means you’re left in an inconsistent state which is especially critical for the case of updating an existing state which is the most common thing to do to a Linux system.

In NixOS, you describe the desired target state and the NixOS modules then turn that description into compartmentalised bits of independent state. These are then cheaply and generically combined into a “bundle”; wrapping them into one big “generation” that contains your entire target state.
Your running system state is not modified at any point in this process. It is fully independent, no matter what the desired system is supposed to be. It is so independent in fact that you could do this “realisation” of the NixOS system on any other system of the same platform that has Nix installed without any information about the state of the system it’s intended to be deployed on.
This “bundle” then contains a generic script which applies the pre-generated state to your actual system in a step that is as close to atomic as possible.
A good example for this are packages in your PATH. Rather than sequentially placing the binaries into the /usr/bin/ directory as a package manager would when instructed by ansible to install a set of packages, NixOS merely replaces the bin symlink with one that points at an entirely new pre-generated directory which contains the desired packages’ binaries (well, symlinks to them for efficiency). There cannot possibly be an in-between state where only some of the binaries exist; it’s all or nothing. (This concept applies to all parts that make up a Linux system of course, not just binaries in the PATH. I just chose that as an easy to understand example.)
By this property, your root filesystem no longer contains any operating system configuration state. You could wipe it and NixOS would not care. In fact, many NixOS users do that on every boot or even use a tmpfs for /.

(Immutability is a property that NixOS gains almost by accident; that’s not its primary goal.)

meaning every step of building the kernel, including the steps taken to build the C compiler toolchain, are produced by code that is simple enough to check for correctness and safety.

Full-source bootstrap isn’t about just the kernel, it affects every piece of software. With GUIX and Nix, every single package can be fully traced back to the bootstrap seed.

Though it should be noted that you do require a running Linux kernel on an x86 machine in order to bootstrap.

it is not quite to the point where it /just works/ on a lot of the computer hardware that I own.

Unless we get some serious money, effort and/or regulation w.r.t. OSS firmware, that will likely never be the case.
That has nothing to do with its technology though, that’s a political issue. GUIX is a GNU project and acts like proprietary software does not exist/is not a basic necessity in 2023.