I did the whole distro chooser quiz but didnt help much.

Heres the things id like to hit

  • avoid systemd
  • stable
  • Wayland support
  • Minimal packages
  • no immutable (seems like to much of a pain)
  • full disk encryption but thats pretty standard nowdays.

Was going to go with devuan but the debian flavours dont have a stable with wayland yet. I was considering going with a testing or unstable build but would like to avoid headaches on a daily driver. Is testing/unstable got wayland and are they reliable enough? If so what do I go with.

Also hows the hardware comparability with framework i assume it wont be too bad to get set up.

  • Olissipo@programming.dev
    link
    fedilink
    arrow-up
    1
    ·
    4 months ago

    I don’t recommend going for (Debian’s/Devuan’s) testing (branch) as it targets a peculiar niche that I fail to understand; e.g. it doesn’t receive the security backports like Stable does nor does it receive them as soon as Unstable/Sid does. Unstable/Sid could work, but I would definitely setup (GRUB-)Btrfs + Timeshift/Snapper to retain my sanity.

    From https://backports.debian.org/ :

    Backports are packages taken from the next Debian release (called “testing”), adjusted and recompiled for usage on Debian stable

    So by definition, security backports in stable are present in Testing in the form of regular packages, right?

    • bsergay@discuss.online
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      Found on the same page you cited from (even same paragraph):

      “Backports are packages taken from the next Debian release (called “testing”), adjusted and recompiled for usage on Debian stable. Because the package is also present in the next Debian release, you can easily upgrade your stable+backports system once the next Debian release comes out. (In a few cases, usually for security updates, backports are also created from the Debian unstable distribution.)

      • Olissipo@programming.dev
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        Sure, but even in those “few cases” Testing will get them soon.

        I did read at some point that Testing may receive security updates later than stable, might be in those cases in which backports come straight from unstable.

        • bsergay@discuss.online
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          4 months ago

          Sure, but even in those “few cases” Testing will get them soon.

          Didn’t I allude to that with:

          "it doesn’t receive the security backports like Stable does nor does it receive them as soon as Unstable/Sid does.

          Though I do notice that the above sentence contains an error that is perhaps misleading. By definition, Unstable/Sid doesn’t receive security backports. Instead, the updates related to security are (usually) first received in Unstable/Sid. So, the above sentence tried to portray the following picture related to security:

          Unstable/Sid ~ Stable >> Testing

          I did read at some point that Testing may receive security updates later than stable, might be in those cases in which backports come straight from unstable.

          That’s basically the point I’ve been making 😉.

          I think the only remaining point of contention is the degree by which Stable does receive security backports right after Unstable/Sid does while Testing only receives it later.

          Honestly, I don’t know the specifics. But Debian Testing’s wiki entry notes security concerns multiple times. And it’s all related to the fact that they don’t receive the security backports as soon as Stable receives them. The explanation related to security updates concerning the three distinct branches is covered in even more detail over here.

          Basically, after I’ve read all of that, it’s clear as day that security is not a priority on Testing. And while band-aid solutions do exist, it’s simply not designed to be secure.

          • Olissipo@programming.dev
            link
            fedilink
            arrow-up
            3
            ·
            4 months ago

            Ok, I understand what you meant, thanks.

            Basically, after I’ve read all of that, it’s clear as day that security is not a priority on Testing. And while band-aid solutions do exist, it’s simply not designed to be secure.

            Yeah, I wouldn’t run it in a production environment.

            • bsergay@discuss.online
              link
              fedilink
              arrow-up
              3
              ·
              4 months ago

              Thank you for giving me the opportunity for a refresh 😛. And thank you for the very civilized conversation. I wish you a great day!