--- title: swaywm on fedora silverblue - 從 fedora silverblue 看linux桌面的升級 tags: presentation slideOptions: transition: 'fade' # parallaxBackgroundImage: 'https://s3.amazonaws.com/hakim-static/reveal-js/reveal-parallax-1.jpg' allottedMinutes: 1 # 預計一張簡報花幾分鐘 --- ### swaywm on fedora silverblue 2021 社群議程 桌面套件大亂鬥 Shawn Wang @ COSCUP 2021 --- ### About me. | | | | -------- | -------- | | | - KaLUG 老面孔 <br /> - 任職於Easystack <br /> <br /> 主要使用Distro: <br/> - Ubuntu, Fedora <br /> <br /> 主要桌面環境: <br /> - sway, gnome 40 <br /> | | | | ---- <!-- .slide: data-background="https://i.imgur.com/yQMwAjP.png" --> #### 最在乎的功能 - terminal, ssh, browser - 中文輸入 / 線上會議 / 桌面分享 - 安裝套件 / 升級 / 玩新功能 - 之前習慣 一路 i3 (Xorg) -> sway (Wayland)  ---- #### 回首四年前 say goodbye to unity8 - Linux 世界突然失去 desktop + mobile convergence的夢想 - snap 還是我心目中最佳Linux套件選擇, 但... - 畢竟是新的套件格式, 轉換難度高 - 開始定位強調安全性 以 container 化來處理, 有一些衍生問題 --- ### why silverblue? * rpm-ostree [方便切換不同 base](https://fedoramagazine.org/discover-fedora-kinoite/) * 如果額外裝的包沒撞 * 裝包速度其實很慢 * 小修改後可以支援 * snapd / Guix / Nix * flatpak 官方推薦 ---- ``` [root@sb470 ~]# rpm-ostree status State: idle Deployments: ● ostree://fedora:fedora/34/x86_64/testing/silverblue Version: 34.20210629.0 (2021-06-29T01:01:12Z) BaseCommit: 619483c0f00e0a865e9f4573141fb414dc952402935057b279aecfdec5d86309 GPGSignature: Valid signature by 8C5BA6990BDB26E19F2A1A801161AE6945719A39 LayeredPackages: arm-image-installer asciinema blueman cmake cockpit expect fcitx5-chewing fcitx5-chinese-addons fcitx5-configtool freerdp libguestfs-tools podman-compose qemu snapd sshuttle sway vim virt-install virt-manager virt-top wayvnc wdisplays wf-recorder xdg-desktop-portal-wlr xrdp xterm LocalPackages: google-chrome-stable-90.0.4430.93-1.x86_64 rpmfusion-nonfree-release-34-1.noarch rpmfusion-free-release-34-1.noarch Pinned: yes ostree://fedora:fedora/34/x86_64/testing/silverblue Version: 34.20210629.0 (2021-06-29T01:01:12Z) BaseCommit: 619483c0f00e0a865e9f4573141fb414dc952402935057b279aecfdec5d86309 GPGSignature: Valid signature by 8C5BA6990BDB26E19F2A1A801161AE6945719A39 LayeredPackages: arm-image-installer asciinema blueman cmake cockpit expect fcitx5-chewing fcitx5-chinese-addons fcitx5-configtool freerdp libguestfs-tools podman-compose qemu snapd sshuttle sway vim virt-install virt-manager virt-top wdisplays wf-recorder xdg-desktop-portal-wlr xrdp xterm LocalPackages: google-chrome-stable-90.0.4430.93-1.x86_64 rpmfusion-nonfree-release-34-1.noarch rpmfusion-free-release-34-1.noarch ``` ---- ``` # step 1 # Add the temporary unofficial Kinoite remote $ curl -O https://tim.siosm.fr/downloads/siosm_gpg.pub $ sudo ostree remote add kinoite https://siosm.fr/kinoite/ --gpg-import siosm_gpg.pub # Optional, only if you want to keep Silverblue available $ sudo ostree admin pin 0 ``` ---- ``` # step 2 [root@sb470 ~]# rpm-ostree rebase kinoite:fedora/33/x86_64/kinoite ### 第一段 處理 base ostree (不含額外裝的包) ⠚ Receiving objects: 83% (56223/67324) 123.5 kB/s 1.2 GB Receiving metadata objects: 1/(estimating) 12 位元組/s 146 位元組... done Checking out tree f04ead7... done ### 第二段 處理額外裝的包 Enabled rpm-md repositories: fedora-cisco-openh264 updates fedora google-chrome updates-archive rpm-md repo 'fedora-cisco-openh264' (cached); generated: 2020-08-25T19:10:34Z rpm-md repo 'updates' (cached); generated: 2021-07-16T00:54:09Z rpm-md repo 'fedora' (cached); generated: 2020-10-19T23:27:19Z rpm-md repo 'google-chrome' (cached); generated: 2021-07-15T18:35:55Z rpm-md repo 'updates-archive' (cached); generated: 2021-07-16T02:07:43Z Importing rpm-md... done Resolving dependencies... done Will download: 306 packages (280.7 MB) ⠒ Downloading from 'updates' 32% [██████░░░░░░░░░░░░░░] (3m) Will download: 306 packages (280.7 MB) Downloading from 'updates'... done Downloading from 'fedora'... done Downloading from 'updates-archive'... done Importing packages... done Relabeling... done Checking out packages... done Running pre scripts... done Running post scripts... done Running posttrans scripts... done Writing rpmdb... done ### 第三段 寫入本地的 ostree commit ⠤ Writing OSTree commit... Staging deployment... done Freed: 66.3 MB (pkgcache branches: 0) Upgraded: ... Run "systemctl reboot" to start a reboot ``` ---- ``` # step 3 reboot ```  ---- ``` rpm-ostree rollback ; reboot ```  --- #### fedora silverblue 34 - default wayland - gnome 40 (ubuntu 21.10) - Audio to PipeWire - IBus 1.5.24 --- - Fedora Kinoite (35/KDE) ---- ### rpm-ostree - ostree + rpm ``` hybrid image/package system +----------------------------------+ | rpm-ostree (daemon + CLI) | +------> status, upgrade, rollback, <---+ | | pkg layering, initramfs --enable | | | +----------------------------------+ | +---|-----------------------+ +-------------------|--+ | libostree (image system) | | libdnf (pkg system) | |C API, hardlink fs trees, | |ties together | |system repo, commits, | |libsolv (SAT solver) | |atomic bootloader swap | | + librepo | +---------------------------+ +----------------------+ ``` ---- ``` [root@sb470 /]# ls -l / 總用量 52 lrwxrwxrwx. 4 root root 7 12月 10 2020 bin -> usr/bin drwxr-xr-x. 7 root root 4096 7月 16 22:32 boot drwxr-xr-x. 22 root root 4620 7月 17 06:15 dev drwxr-xr-x. 1 root root 4568 7月 15 13:06 etc lrwxrwxrwx. 4 root root 8 12月 10 2020 home -> var/home lrwxrwxrwx. 7 root root 7 12月 10 2020 lib -> usr/lib lrwxrwxrwx. 7 root root 9 12月 10 2020 lib64 -> usr/lib64 lrwxrwxrwx. 4 root root 9 12月 10 2020 media -> run/media lrwxrwxrwx. 4 root root 7 12月 10 2020 mnt -> var/mnt lrwxrwxrwx. 4 root root 7 12月 10 2020 opt -> var/opt lrwxrwxrwx. 4 root root 14 12月 10 2020 ostree -> sysroot/ostree dr-xr-xr-x. 320 root root 0 7月 16 22:33 proc lrwxrwxrwx. 4 root root 12 12月 10 2020 root -> var/roothome drwxr-xr-x. 53 root root 1460 7月 16 22:41 run lrwxrwxrwx. 4 root root 8 12月 10 2020 sbin -> usr/sbin lrwxrwxrwx. 1 root root 19 7月 15 13:06 snap -> /var/lib/snapd/snap lrwxrwxrwx. 4 root root 7 12月 10 2020 srv -> var/srv dr-xr-xr-x. 13 root root 0 7月 16 22:33 sys drwxr-xr-x. 1 root root 68 1月 11 2021 sysroot drwxrwxrwt. 26 root root 580 7月 17 06:29 tmp drwxr-xr-x. 1 root root 106 1月 1 1970 usr drwxr-xr-x. 1 root root 284 7月 16 21:59 var ``` ---- - /sysroot/ostree/deploy/fedora/deploy/\<hash\> - /usr -> read only - [The Case for the /usr Merge]( https://ostree.readthedocs.io/en/stable/manual/adapting-existing/) - /var -> 有本地異動需求 ``` /dev/sda2 on /boot type ext4 (rw,relatime,seclabel) /dev/sda1 on /boot/efi /dev/sda3 on /sysroot type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=257,subvol=/root) /dev/sda3 on / type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=257,subvol=/root) /dev/sda3 on /var type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=257,subvol=/root) /dev/sda3 on /var/home type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=256,subvol=/home) /dev/sda3 on /sysroot/ostree/deploy/fedora/var/home type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=256,subvol=/home) /dev/sda3 on /usr type btrfs (ro,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=257,subvol=/root) ``` --- #### immutable OS - 確保與開發者環境相同 - 確保每次升級穩定度 - ota (Over-the-air) 可能性 ---- ### 關於系統更新作法 - A/B 切換 - 傳統套件 A->B 的狀態, 如果失敗無法保證 - 升級需要重啟 (不方便的地方) - rpm-ostree 為 ostree base 加上客制特性 - 自選組合 但確保每個套件完整性 - snap / Guix /Nix - others - application only - AppImage - systemd 249 - Simple Whole-File-System A/B Updates ---- #### ubuntu snap | Pro | Con | | -------- | -------- | | store | a lot of mount points | | channel | 新格式 | | interfaces | Core18 / Core20 (IoT only) | | container | | | dev / classic mode | | --- ### rpm-ostree 一些基本指令 - 裝額外的套件 - rpm-ostree install \<pkg\> - sway ... - rpm-ostree remove \<pkg\> ---- #### override - 替換 base os 原有的套件 - rpm-ostree override replace \<pkg\> - replace - remove - reset ---- #### replace kernel pkg - rpm-ostree kargs - rpm-ostree override - rpm-ostree override remove kernel kernel-core kernel-modules kernel-modules-extra --replace ./kernel*.rpm - rpm-ostree override replace kernel-5.12.13 kernel-core-5.12.13 kernel-modules-5.12.13 kernel-modules-extra-5.12.13 ---- #### apply-live - Copying into an "underlay" - overlay on /usr type overlay (ro,relatime,seclabel,lowerdir=usr,upperdir=/var/tmp/ostree-unlock-ovl.IZ3Y50/upper,workdir=/var/tmp/ostree-unlock-ovl.IZ3Y50/work) --- #### rpm-ostree下 小工具 - toolbox - 預設配置container環境 - 快速安裝套件免重啟 - toolbox create --image registry.hub.docker.com/jmennius/ubuntu-toolbox:20.04 firmaredev ---- [](https://asciinema.org/a/8tpS6mc4RATqOTIiIoBj2IYkX) --- #### rpm-ostree + snapd [上游討論](https://discussion.fedoraproject.org/t/fhs-violating-package-managers-on-silverblue-nix-guix-snapd/1750/10) - nix-guix-snapd ``` ## /etc/systemd/system/mount-prepare.service #需要手動處理 /snap mount-prepare.service [Unit] Description=Prepare mount points Before=remote-fs-pre.target Wants=remote-fs-pre.target [Service] Type=oneshot ExecStartPre=chattr -i / ExecStart=/bin/sh -c "ln -s -f /var/lib/snapd/snap /snap" ExecStopPost=chattr +i / [Install] WantedBy=remote-fs.target ``` ---- #### scrcpy - rpm-ostree + snapd - 升上 android 12 beta後, 目前無法使用 ``` # rpm-ostree install snapd # snap install scrcpy <用 usb 接上 你的android 手機> # scrcpy ```  --- ### swaywm - tiling windows - i3-compatible Wayland compositor - wlroots - 約2~3x 個 Wayland compositor - Wayfire - 3D wayland compositor ---- #### Wayfire - 3D wayland compositor {%youtube Ban7wspkrNQ %} --- #### Thanks for listen