Comment by rowanG077
6 days ago
Nix for me has been a great source of stability. I used to run ubuntu and was never happy. Packages randomly broke, the UI lagged a lot, I always had to dig to get things working. One day when I head a uni deadline an automated updated destroyed my wifi funcionality. I had some experience with nix from work so in anger I installed NixOS. Wifi worked and I finished my uni assignment. Haven't installed anything else on my computers since, and that was 6 years ago. Sure things can be a pain. But NixOS has never broken in unexpected ways. I know if I update things may go wrong. But I can always go back and try again a newer version a few weeks later.
The biggest drawback is really that "random executable from the internet" does not work out of the box. And sometimes you have to spend a lot of time to package something yourself. But all in all It has saved me time and a lot of pain. I dare even say I no longer have a toxic relationship with my OS.
NixOS literally just broke webcam drivers on alder lake and wake from sleep. That was a huge pain to deal with when updating for the rsync vulnerabilities. And a bunch of other issues.
Thank goodness for perfect rollbacks. I'll take rsync vulnerabilities over a super broken system and try again in a few weeks.
For those pesky random executables there's a couple of escape hatches -- buildFHSenv and nix-ld. This is also predicated on good provenance of the executables in question. One should probably not even ldd sketchy binaries:
https://jmmv.dev/2023/07/ldd-untrusted-binaries.html
Even proper packaging is far easier compared to other package managers. Typical distros push users away from packaging their own software, so users end up relying on ad-hoc solutions instead. Nix instead makes packaging easier by having proper tools to abstract away the nitty gritty details.
For random binaries, autoPatchelfHook works miracles.
It wasn’t that bad creating some new derivations my first week with Nixos, I was so used to Arch where I had maybe a handful modified pkgbuilds over a decade.
For better or worse it was a positive experience, especially when you usually already have a pkgbuild to go off of.
Every time I see a linux installation with a mess in /opt because it's faster than making a package, I get annoyed.
steam-run seems to be able to run everything. It uses bubble wrap to keep the OS isolated and add /usr/bin stuff most exes want.
*it won't be in the future because it is no longer the grabbag for everything.
Also linking things to /usr/bin is done by the fhs which uses bubblewrap, not steam-run.
I now use distrobox to run random binaries in a container. It's faster and convenient
> just run random binaries from the internet like it's 1998, bro
That world was fun but I don't want to go back to that place.