I won't update my review unless I can modprobe on Fedora.
With secure boot on you can't do that and that's what it's suppose to do. Secure boot only allows properly signed drivers to be loaded. Unless you break the chain of trust by installing your own key into your system, then you can modprobe your own stuff. But without the chain of trust the signing processes is simply weakened/useless. Fedora implemented secure boot as it should. I doubt you can modprobe randomly built modules in other distributions. If you can, then again, I would be worried.
The example you still use is about a situation that can easily be fixed with a Fedora signed kernel module you can pull in with a DNF command. So there is nothing to complain about. That combined with the fact that secure boot is suppose to prevent you from loading unsigned stuff makes the review kinda bad. Especially for those unfamiliar with these topics.
Also don't forget you can do dnf history undo last in Fedora to undo the last RPM transaction, or any of them listed in dnf history. It's not the same as a BTRFS snapshot, but at least it's portable throughout filesystems. I find Silverblue great and also non-techy people can work with it as they use it as a Chromebook-style workflow.
I don't know what you're talking about. I always have secure boot enabled, and I can modprobe on openSUSE and Ubuntu without any issue, as explained in my review. I will not trade a 1-sec solution for any messy one on Fedora. If modprobe any unsigned kernel module is such a security issue (which it isn't), you might not want to load that module in the first place, since you don't trust the module itself.
The same goes true for the snapshot and rollback system. I won't trade a well-established system on openSUSE for any half-baked one on Fedora. And I don't want to limit my workflow with any immutable OS either.
Fedora is like a test bed for RH but without the underlying system to save the users if things go wrong. The users need to resort to the immutable version of their OS just to fix one issue while creating tons of new issues in the process. Therefore, I really can't recommend Fedora to anyone who wants to work on their PC, as it is the worst in terms of usability.
you might not want to load that module in the first place, since you don't trust the module itself.
Exactly, and that's why you have secure boot, to protect you from untrusted software.
If modprobe any unsigned kernel module is such a security issue (which it isn't)
The kernel runs in ring 0, the most privileged tier of your system. So yes, modprobe is a dangerous thing with untrusted software. And if your system is compromised and someone has automated a modprobe in a cron, startup script or whatever to gain ring 0 control then you are F'ed. Such a thing is hard to detect and is the perfect place to hide a rootkit.
I won't trade a well-established system on openSUSE for any half-baked one on Fedora
What if you need a different filesystem than BTRFS? It's not a one size fits all filesystem, e.g. performance isn't the best with that filesystem. It's an awesome solution, but it isn't portable.
Fedora is like a test bed for RH but without the underlying system to save the users if things go wrong
I already explained to you that Fedora has a stable API and ABI, because it's not a rolling release. And Fedora also has an extensive QA. Furthermore, if things do go wrong, you can do dnf history undo last if you have a faulty update transaction. Or just rollback that single package and pin the version until it's fixed. While you can use whatever filesystem you want or need for your workflow. rpm-ostree based systems are more powerful in that regard, but aren't a requirement. It is the future though.
I really can't recommend Fedora to anyone who wants to work on their PC, as it is the worst in terms of usability.
My parents and partner use Fedora. They cannot break it and it always works for them. I use Fedora professionally for almost 10 years, I haven't encountered any issues so far. Linus Torvalds also uses Fedora, not that he's of any authority to base your distribution choice on. But it does put your comment in perspective, you can for sure work on a Fedora system, definitely not "the worst in terms of usability".
Please, read up on secure boot and update your review. Maybe even experiment a bit with malicious kernel modules to see what I mean. And if not, then I hope people read the comment section. Take care!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
With secure boot on you can't do that and that's what it's suppose to do. Secure boot only allows properly signed drivers to be loaded. Unless you break the chain of trust by installing your own key into your system, then you can modprobe your own stuff. But without the chain of trust the signing processes is simply weakened/useless. Fedora implemented secure boot as it should. I doubt you can modprobe randomly built modules in other distributions. If you can, then again, I would be worried.
The example you still use is about a situation that can easily be fixed with a Fedora signed kernel module you can pull in with a DNF command. So there is nothing to complain about. That combined with the fact that secure boot is suppose to prevent you from loading unsigned stuff makes the review kinda bad. Especially for those unfamiliar with these topics.
Also don't forget you can do
dnf history undo lastin Fedora to undo the last RPM transaction, or any of them listed indnf history. It's not the same as a BTRFS snapshot, but at least it's portable throughout filesystems. I find Silverblue great and also non-techy people can work with it as they use it as a Chromebook-style workflow.I don't know what you're talking about. I always have secure boot enabled, and I can
modprobeon openSUSE and Ubuntu without any issue, as explained in my review. I will not trade a 1-sec solution for any messy one on Fedora. Ifmodprobeany unsigned kernel module is such a security issue (which it isn't), you might not want to load that module in the first place, since you don't trust the module itself.The same goes true for the snapshot and rollback system. I won't trade a well-established system on openSUSE for any half-baked one on Fedora. And I don't want to limit my workflow with any immutable OS either.
Fedora is like a test bed for RH but without the underlying system to save the users if things go wrong. The users need to resort to the immutable version of their OS just to fix one issue while creating tons of new issues in the process. Therefore, I really can't recommend Fedora to anyone who wants to work on their PC, as it is the worst in terms of usability.
Exactly, and that's why you have secure boot, to protect you from untrusted software.
The kernel runs in ring 0, the most privileged tier of your system. So yes,
modprobeis a dangerous thing with untrusted software. And if your system is compromised and someone has automated amodprobein a cron, startup script or whatever to gain ring 0 control then you are F'ed. Such a thing is hard to detect and is the perfect place to hide a rootkit.What if you need a different filesystem than BTRFS? It's not a one size fits all filesystem, e.g. performance isn't the best with that filesystem. It's an awesome solution, but it isn't portable.
I already explained to you that Fedora has a stable API and ABI, because it's not a rolling release. And Fedora also has an extensive QA. Furthermore, if things do go wrong, you can do
dnf history undo lastif you have a faulty update transaction. Or just rollback that single package and pin the version until it's fixed. While you can use whatever filesystem you want or need for your workflow. rpm-ostree based systems are more powerful in that regard, but aren't a requirement. It is the future though.My parents and partner use Fedora. They cannot break it and it always works for them. I use Fedora professionally for almost 10 years, I haven't encountered any issues so far. Linus Torvalds also uses Fedora, not that he's of any authority to base your distribution choice on. But it does put your comment in perspective, you can for sure work on a Fedora system, definitely not "the worst in terms of usability".
Please, read up on secure boot and update your review. Maybe even experiment a bit with malicious kernel modules to see what I mean. And if not, then I hope people read the comment section. Take care!