One week with Fedora Silverblue 29

I’ve been a Linux power user for a long time, with Fedora having been my desktop operating system of choice for years. I recently found myself running into the hard limits of my custom disk partitioning. With my home partition being encrypted I figured I should pass on resizing and just do a clean new install. Not wanting to go through this hassle again any time soon I decided to go future-proof and install Fedora Silverblue 29 in stead of vanilla Fedora 29. Now that I’ve used it for about a week, I figured everyone working on it might benefit from some practical real-world user feedback.

The good: Installation was as easy and painless as vanilla Fedora. Faster too, so definitely happy with the leaner core OS footprint. Everything worked out of the box, initial impression was excellent!

Now for the not-so-goods:

  • Silverblue comes without the bare minimum of applications, in stead of a sane default set like vanilla Fedora. Even worse, it comes without a sane default source for applications. There are no Flatpak remotes whatsoever. I recommend adding Flathub and/or registry.fedoraproject.org as default remotes so there are actually some popular applications available by default.

  • Silverblue still comes with some GUI apps installed from RPM that I expected to be Flatpaks too, most notably Disks, Nautilus and Firefox.

  • As soon as I added Flathub I started clicking “install” buttons for various applications in the Software Center. It turned out not to be able to handle multiple concurrent installations very well, causing many to fail. It was probably related to several wanting to install the same shared platform/SDK dependencies, but still not very user-friendly. Ended up adding applications one at a time.

  • Those Flatpak installations proved to be quite a burden to my system (a relatively modern Dell XPS laptop). It locked up for many seconds several times, likely due to installation of Flatpaks which can be quite big. Perhaps we can lower the process priority?

  • The quality of some Flathub Flatpaks leaves something to be desired. My biggest gripe is with Atom, which has an extensive package system providing enhancements that often depend on external libraries and executables. I need a full PHP IDE, but there are currently no Flatpak extensions for PHP, Lint, et cetera.

  • I prefer to not install any additional RPM’s (as intended with immutable hosts), so I ended up installing the Firefox Nightly Flatpak to get proper H.264 support. Which also got me wondering…… if there is a Flatpak for Nightly releases, then why isn’t there for one for the current stable release?!?

  • In Firefox Nightly I enabled Facebook, WhatsApp Web and others to send desktop notifications, but they kept causing window focus to jump from my active window to Firefox every time I would receive a message. Not sure if this is caused by Flatpak or changes in the new Firefox, but this didn’t happen before on vanilla Fedora. Also, if I got a notification, Alt+Tab temporarily showed a second Firefox Nightly window, but without preview, indicating that the issue is notifications causing the spawning a sub-process in such a way that it captures active window focus. Temporary workaround is to block all websites from sending notifications :frowning:

  • Unfortunately I’m still missing several nice applications due to the absence of an official Flatpak. Most importantly: File Roller, Chromium, Google Chrome, gParted, Tilix terminal, Simple Scan, Virt Manager, Deja Dup and Rclone browser.

  • The Dropbox Flatpak took some effort to get working. First of all I had to modify the target from /home to /var/home to work around the ext4 support notifications. Then it turns out that unlike the traditional version this one has no indicator support so I’ll have to trust Dropbox to be running and syncing. Of course I did not install nautilus-dropbox because I don’t want to pollute my system and will wait untill both nautilus and nautilus-dropbox are provided as Flatpaks.

  • Haven’t found a way to have Flatpak apps “remember” filetype/URI associations to other apps. For example: every time I click a Magnet Link, I get the application selector pop-up to end up clicking the Transmission bittorrent client. Would be nice if default filetype/URI associations can be permanent and remembered by all Flatpak apps.

  • I installed all the GNOME extensions that I used to run on my previous F29. All those that added something to GNOME’s top bar suddenly made GNOME crash upon screen lock and/or suspend. So now I’m stuck without useful indicators like Weather, Caffeine, Docker and MPRIS player.

  • Gnome Software does not seem to pick up on RPM updates under Silverblue. Would be nice for novice and average users to be able to manage their “rpm-ostree upgrade” from the GUI….

  • Ostree upgrades were painstakingly slow untill I updated the remote in accordance with these instructions. They should be default.

  • It took me a while to get our company’s PHP development stack to work, which consists of scripts around a set of Docker containers. It started by getting Docker (or moby-engine as it turns out) installed, as discussed here. Then I find SELinux blocking access to my files from inside a container. Fixed by running “chcon -t svirt_sandbox_file_t” on some files, but this might also be complicating matters for users that have to adapt to the buildah/podman container workflow for CLI applications and are not accustomed to SELinux. Might be worth addressing the effect of SELinux on containers extensively in the official documentation.

All things considering I’m quite excited about Silverblue. As you can see there’s some polishing left and I assume many issues will already be addressed by release 30. I also don’t hold the Silverblue responsible for the availability of flatpaks, just tried looking at all of this from an average end-user perspective!

10 Likes

IIRC a Fedora Flatpak repo is in the works for 30.

I know Firefox is aiming to be moved to a Flatpak, the others likely as well.

With all due respect to the GNOME Software maintainer(s)…it’s not really what I’d consider to be the highlight of the Flatpak installation experience? Personally I usually just use the CLI, copy the flatpakref link the INSTALL button leads to and do flatpak install the-link.

I think it’s already supposed to be lower priority? Maybe try out the bfq scheduler like Endless did?

In the mean time, you can call host stuff by exposing the permission --talk-name=org.freedesktop.Flatpak via flatpak override, then you can run flatpak-spawn --host some-command from inside the sandbox.

You can even go full circle and do something like flatpak-spawn --host podman --rm -it -some-volume-mounts php to use a Docker image and such.

Might be because of either nightly status, the fact that it defaults to Wayland, or both. Maybe try the dev edition that’s X11-only as a point of comparison?

  • File Roller and DejaDup have Flatpak manifests on their master branches.
  • Working on a Chrome Flatpak.
  • Tilix has a Flatpak manifest but it randomly segfaults due to what I believe is a Gtkd issue that I can’t figure out.
  • Depending on how much flexibility you need, there’s always GNOME Boxes over virt-manager.

You have the AppIndicator extension installed right? They should work inside Flatpaks, might be a bug in the Dropbox manifest.

That is…incredibly odd, I’ve never had issues like this. Could you maybe check the journal post-crash for a stack trace?

It should pick up on updates on the Updates tab, they don’t appear?

Try mounting your volumes with a :z or :Z at the end to relabel them.

2 Likes

This is a lot of good feedback. I share a lot of the same thoughts. I don’t feel like Silverblue is quite ready yet, but I’m really excited about it and hope these things can be improved soon. I’m personally waiting until 30 before I switch my main systems over, as I’m expecting/hoping there’ll be improvements by then.

It’s also not that bad! Anyway the point of running a graphical desktop is to do things through a GUI app. That’s GNOME Software in this case. Besides, I tried keeping potential roadblocks and turnoffs for more novice users in mind too. I think either just serial installing all flatpak installations, or at least those who have one or more dependencies in common, would solve this for now.

I don’t know. This is only an issue when installing a lot at the same time, which usually only happens on new deployments, but any way when it comes to user experience it’s a bit of a bad start for new users…

I’ll dig into this one of these days

Nope, have yet to see any OS updates. I did enable automatic updates, but I assumed that only covers Flatpaks. Or does it also run “rpm-ostree upgrade” in the background?

That is so much better than permanently relabeling them on the host. Thanks a lot! Anyway this could become an issue for many novice users with Podman too. Still think this warrants attention in the documentation!

I have been getting rpm-ostree updates regularly via gnome-software. More so than flatpak ones normally.

Never mind. Forget I ever mentioned it! I see some OS-updates in Software’s updates tab now!

First of all thank you for great feedback!

More about Firefox below. For Disks and especially Nautilus I think they belong in the OS image. A file browser in an integral part of the desktop and it’s fuctionality is limited in flatpak.

Because we’re still working with Mozilla on providing it. It’s mostly delayed on their side. For that reason we’re planning to provide Firefox Stable in that testing repo and hopefully in the beta channel of Flathub as well. Once Mozilla is ready it will be made officially by them. We’re also working on providing Fedora-based Firefox, but building flatpaks still has a lot of obstacles and Firefox is a difficult app to build. Moreover we haven’t figured out how to solve the multimedia support yet.

Have you heard of fedora-toolbox? It provides you with an Fedora-RPM environment in a container. You can actually install and run (desktop) apps freely there. It’s not currently part of the F29 image, but it’s just a wrapper around podman, you can download it from the its repo and use it.
BTW Tilix will be a problem. You typically need privileged rights in the terminal which you can’t get over host running from an unprivileged flatpak.

Yeah Virt Manager doesn’t seem to like running on the fedora-toolbox container, and I seem to remember having issues with Deja-Dup running in the container as well. I think others on the site have used layering as the solution for libvirt/virt-manager. I did build the Deja-Dup flatpak, but it didn’t do anything but bring up the front end for me, and gave numerous errors. gParted, well gnome disks is in the utilities included with a bare install.

My use-case for Virt Manager would actually be as a graphical frontend to connect to remote servers running KVM, not for local use but I understand it would be more complicated than Boxes to get fully functional inside Flatpak as a local virtualization system.

Deja-Dup is not a hard requirement, but if not that then Silverblue users would need a decent alternative graphical application to at least make, schedule and manage backups of their important data inside their home directory. Open to suggestions!

TBH I think Silverblue should ship with GNOME Boxes from the RPMs, but installing it and VMM via rpm-ostree is relatively painless.

For backups, before I managed to hack SpiderOak One to work without root installation, I was perfectly happy with rclone and rclone-browser via rpm-ostree. You have to have cron jobs for scheduling but it will connect with almost every cloud storage account except SpiderOak.

I still don’t understand your gripe with Boxes. It works perfectly well for me as a Flatpak. Including running desktop operating systems.

You and me can do that, but this is the definition of not novice friendly. A desktop operating system should just have a simple application for this. Even I want something like Deja Dup that’s easy and quick because I can’t be bothered to waste my time on such fundamental stuff. You want an operating system that just works and makes life easier for you. Setting cron jobs yourself is not that…

1 Like

Don’t mean to but in on Boxes as a Flatpak, but what I have found is as a flatpak, it still doesn’t get all necessary access to the system devices, and in my particular use case it was merely a USB Networking device(s) to communicate with (sometimes open, sometimes not) PLC’s and other things such as drives for AC motors, or Servo Systems. The networks are things like Modbus and Modbus+, DH+, even RS-485 and RS-232C again with proprietary drivers for the equipment being used installed on the VM. Anyway, the end result with my efforts with Boxes as a flatpak was answered by the developer here Has anyone tried running a Windows VMWare image on Silverblue? check @feborges answer regarding flatpak (the API) needing to provide more (portals I would guess). So I think it (meaning flatpak the platform?) sandboxing needs a bit of attention when you look at how some software (especially the development packages I use for programming industrial controls) expects to have total control over a comm port or device attached to the system.

I don’t see R language and Julia language in Flathub. Do I still need to install them with command lines?

Take a look at fedora-toolbox, your best bet for these would be to install it inside the toolbox.

I have been using Lubuntu LTS versions for 8 years.
But I want to try out Wayland, so I downloaded Fedora-30 Workstation’s LXDE spin, burned it to a USB flash drive and tried it.
Installation went OK, but “reclaim space” is a bit odd. You only get a list of devices and a DONE button. The devices should be exploded into partitions and unallocated space, identified by partition labels, not manufacturers device labels.
It took my PC a few tries to get the boot order sorted out, and because I have 2 “monitors” plugged in, it decided to put the taskbar and mouse pointer on the big TV screen, and nothing on the monitor.

Once I got that sorted out, I reconfigured LXDE to my taste, changing from the GHASTLY background (what IS that?) and active title bar YELLOW (NOT BLACK!).
Then I did an update. This downloaded 715 MB of updates and means the 1.8 GB download was 40% a waste of time.
Someone should really release a “skeleton” spin with NO APPS, a let people choose and install their own apps. 2.5 GB downloaded and I still haven’t got Firefox, Thunderbird, LibreOffice, VLC.

The standard repositories do not have VLC and GUFW, but I was able to search for solutions and get them installed. VLC worked perfectly, GUFW didn’t.
I cannot work out how to use firewalld, even after reading various how-tos. I can’t even tell if it is disabled.
Gufw starts by asking for authentication, and then it closes without issuing any error messages. Running it from terminal the same.
Maybe firewalld was somehow blocking gufw, but /var/log/firewalld was empty, and /var/log/syslog doesn’t exist.

Without being able to control the firewall, I’m not going to start installing FTP/Web/Mail servers, any anyway iRedMail for Fedora is not available.

Thunderbird downloaded the Mail from remote mail servers, but the folder view was blank. Not acceptable.

Needs a few rough edges smoothing.

Please relocate this post to the most suitable place.

https://piware.de/post/2019-07-14-ostree-i3/ might be of interest.

/var/log hasn’t been the primary log target for quite a while in favor of systemd’s journald. Check out systemctl status firewalld and systemctl status ufw (gufw is just a graphical frontend to ufw).

That being said, there is also a firewalld gui available like the ufw <-> gufw relationship, which I’d recommend checking out.

Also for my personal firewalld usage, I’ve always just done something like:

$ firewall-cmd --get-active-zones # check to make sure we're in the public zone
# Add some services to expose. (You can add specific ports too.) 
$ firewall-cmd --zone=public --add-service=mdns # for mDNS to work, e.g. printer discover (this might be on by default now already?
# Save the state of the rules we've created.
$ firewall-cmd --runtime-to-permanent

This is the guide I used to learn firewalld btw.

For installing services like ftp, I highly recommend checking out the use of containers via podman, it makes it easy to keep your host system clean and control what the containers can do.

This most likely is a Thunderbird issue unrelated to Silverblue in particular.

1 Like

While I feel for your gripes, these are general issues related to Fedora LXDE. It’s not about Silverblue…

This most likely is a Thunderbird issue unrelated to Silverblue in particular.

I agree, my point was that Thunderbird shouldn’t have been released in this state.
I cannot see how to create a new sub-category called LXDE under Desktop.

Nobody has addressed the issue of what X-distro looks like the very first time it is installed.
Black taskbar and dark grey title bars for everything, and a horrible background image.
I would suggest a pleasant sunny image of trees, with flowers and little lambs/puppies/kittens happily frolicking about, you know, something to make you relax and go “Oh, that’s nice”, not something that makes you feel like you are just about to do something very dangerous.

I have always set up my Lubuntu by loading the Ubuntu Server edition then installing Xorg/Wayland, lxde and lxdm. Would this work for Fedora?

My personal choice of apps would be Dolphin (file manager), Kate (text editor), Firefox (web browser), Thunderbird (email client), VLC media player, LibreOffice Calc (spreadsheet), Pinta (photo editor), Gparted and gnome-disk-utility (disc handling).

I have always set up my Lubuntu by loading the Ubuntu Server edition then installing Xorg/Wayland, lxde and lxdm. Would this work for Fedora?

Network install should provide you exactly that.
More info here: https://www.if-not-true-then-false.com/2018/fedora-29-netinstall/
Also, you might wanna remove Silverblue tag from the topic, as this is not related to it in any way :wink:

Thanks for that.