swaywm on fedora silverblue

2021 社群議程 桌面套件大亂鬥

Shawn Wang @ COSCUP 2021

About me.
Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →
- KaLUG 老面孔
- 任職於Easystack

主要使用Distro:
- Ubuntu, Fedora

主要桌面環境:
- sway, gnome 40

最在乎的功能

  • terminal, ssh, browser
  • 中文輸入 / 線上會議 / 桌面分享
  • 安裝套件 / 升級 / 玩新功能
  • 之前習慣 一路 i3 (Xorg) -> sway (Wayland)

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

回首四年前 say goodbye to unity8

  • Linux 世界突然失去 desktop + mobile convergence的夢想
  • snap 還是我心目中最佳Linux套件選擇, 但
    • 畢竟是新的套件格式, 轉換難度高
    • 開始定位強調安全性 以 container 化來處理, 有一些衍生問題

why silverblue?

  • rpm-ostree 方便切換不同 base
    • 如果額外裝的包沒撞
    • 裝包速度其實很慢
  • 小修改後可以支援
    • snapd / Guix / Nix
  • flatpak 官方推薦
[root@sb470 ~]# rpm-ostree status
State: idle
Deployments:
● ostree://fedora:fedora/34/x86_64/testing/silverblue
                   Version: 34.20210629.0 (2021-06-29T01:01:12Z)
                BaseCommit: 619483c0f00e0a865e9f4573141fb414dc952402935057b279aecfdec5d86309
              GPGSignature: Valid signature by 8C5BA6990BDB26E19F2A1A801161AE6945719A39
           LayeredPackages: arm-image-installer asciinema blueman cmake cockpit expect fcitx5-chewing fcitx5-chinese-addons fcitx5-configtool freerdp
                            libguestfs-tools podman-compose qemu snapd sshuttle sway vim virt-install virt-manager virt-top wayvnc wdisplays wf-recorder
                            xdg-desktop-portal-wlr xrdp xterm
             LocalPackages: google-chrome-stable-90.0.4430.93-1.x86_64 rpmfusion-nonfree-release-34-1.noarch rpmfusion-free-release-34-1.noarch
                    Pinned: yes

  ostree://fedora:fedora/34/x86_64/testing/silverblue
                   Version: 34.20210629.0 (2021-06-29T01:01:12Z)
                BaseCommit: 619483c0f00e0a865e9f4573141fb414dc952402935057b279aecfdec5d86309
              GPGSignature: Valid signature by 8C5BA6990BDB26E19F2A1A801161AE6945719A39
           LayeredPackages: arm-image-installer asciinema blueman cmake cockpit expect fcitx5-chewing fcitx5-chinese-addons fcitx5-configtool freerdp
                            libguestfs-tools podman-compose qemu snapd sshuttle sway vim virt-install virt-manager virt-top wdisplays wf-recorder
                            xdg-desktop-portal-wlr xrdp xterm
             LocalPackages: google-chrome-stable-90.0.4430.93-1.x86_64 rpmfusion-nonfree-release-34-1.noarch rpmfusion-free-release-34-1.noarch

# step 1

# Add the temporary unofficial Kinoite remote
$ curl -O https://tim.siosm.fr/downloads/siosm_gpg.pub
$ sudo ostree remote add kinoite https://siosm.fr/kinoite/ --gpg-import siosm_gpg.pub

# Optional, only if you want to keep Silverblue available
$ sudo ostree admin pin 0

# step 2

[root@sb470 ~]# rpm-ostree rebase kinoite:fedora/33/x86_64/kinoite

### 第一段 處理 base ostree (不含額外裝的包)
⠚ Receiving objects: 83% (56223/67324) 123.5 kB/s 1.2 GB 
Receiving metadata objects: 1/(estimating) 12 位元組/s 146 位元組... done
Checking out tree f04ead7... done
### 第二段 處理額外裝的包
Enabled rpm-md repositories: fedora-cisco-openh264 updates fedora google-chrome updates-archive
rpm-md repo 'fedora-cisco-openh264' (cached); generated: 2020-08-25T19:10:34Z
rpm-md repo 'updates' (cached); generated: 2021-07-16T00:54:09Z
rpm-md repo 'fedora' (cached); generated: 2020-10-19T23:27:19Z
rpm-md repo 'google-chrome' (cached); generated: 2021-07-15T18:35:55Z
rpm-md repo 'updates-archive' (cached); generated: 2021-07-16T02:07:43Z
Importing rpm-md... done
Resolving dependencies... done
Will download: 306 packages (280.7 MB)
⠒ Downloading from 'updates'  32% [██████░░░░░░░░░░░░░░] (3m) 
Will download: 306 packages (280.7 MB)
Downloading from 'updates'... done
Downloading from 'fedora'... done
Downloading from 'updates-archive'... done
Importing packages... done
Relabeling... done
Checking out packages... done
Running pre scripts... done
Running post scripts... done
Running posttrans scripts... done
Writing rpmdb... done
### 第三段 寫入本地的 ostree commit
⠤ Writing OSTree commit...
Staging deployment... done
Freed: 66.3 MB (pkgcache branches: 0)
Upgraded:
  ...
Run "systemctl reboot" to start a reboot

# step 3

reboot


rpm-ostree rollback ; reboot

fedora silverblue 34

  • default wayland
  • gnome 40 (ubuntu 21.10)
  • Audio to PipeWire
  • IBus 1.5.24
  • Fedora Kinoite (35/KDE)

rpm-ostree - ostree + rpm

hybrid image/package system
           +----------------------------------+
           |   rpm-ostree (daemon + CLI)      |
    +------> status, upgrade, rollback,       <---+
    |      | pkg layering, initramfs --enable |   |
    |      +----------------------------------+   |
+---|-----------------------+ +-------------------|--+
|  libostree (image system) | | libdnf (pkg system)  |
|C API, hardlink fs trees,  | |ties together         |
|system repo, commits,      | |libsolv (SAT solver)  |
|atomic bootloader swap     | | + librepo            |
+---------------------------+ +----------------------+

[root@sb470 /]# ls -l /    
總用量 52
lrwxrwxrwx.   4 root root    7 12月 10  2020 bin -> usr/bin
drwxr-xr-x.   7 root root 4096  7月 16 22:32 boot
drwxr-xr-x.  22 root root 4620  7月 17 06:15 dev
drwxr-xr-x.   1 root root 4568  7月 15 13:06 etc
lrwxrwxrwx.   4 root root    8 12月 10  2020 home -> var/home
lrwxrwxrwx.   7 root root    7 12月 10  2020 lib -> usr/lib
lrwxrwxrwx.   7 root root    9 12月 10  2020 lib64 -> usr/lib64
lrwxrwxrwx.   4 root root    9 12月 10  2020 media -> run/media
lrwxrwxrwx.   4 root root    7 12月 10  2020 mnt -> var/mnt
lrwxrwxrwx.   4 root root    7 12月 10  2020 opt -> var/opt
lrwxrwxrwx.   4 root root   14 12月 10  2020 ostree -> sysroot/ostree
dr-xr-xr-x. 320 root root    0  7月 16 22:33 proc
lrwxrwxrwx.   4 root root   12 12月 10  2020 root -> var/roothome
drwxr-xr-x.  53 root root 1460  7月 16 22:41 run
lrwxrwxrwx.   4 root root    8 12月 10  2020 sbin -> usr/sbin
lrwxrwxrwx.   1 root root   19  7月 15 13:06 snap -> /var/lib/snapd/snap
lrwxrwxrwx.   4 root root    7 12月 10  2020 srv -> var/srv
dr-xr-xr-x.  13 root root    0  7月 16 22:33 sys
drwxr-xr-x.   1 root root   68  1月 11  2021 sysroot
drwxrwxrwt.  26 root root  580  7月 17 06:29 tmp
drwxr-xr-x.   1 root root  106  1月  1  1970 usr
drwxr-xr-x.   1 root root  284  7月 16 21:59 var


/dev/sda2 on /boot type ext4 (rw,relatime,seclabel)
/dev/sda1 on /boot/efi

/dev/sda3 on /sysroot type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=257,subvol=/root)
/dev/sda3 on / type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=257,subvol=/root)

/dev/sda3 on /var type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=257,subvol=/root)
/dev/sda3 on /var/home type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=256,subvol=/home)
/dev/sda3 on /sysroot/ostree/deploy/fedora/var/home type btrfs (rw,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=256,subvol=/home)
/dev/sda3 on /usr type btrfs (ro,relatime,seclabel,ssd,space_cache,user_subvol_rm_allowed,subvolid=257,subvol=/root)

immutable OS

  • 確保與開發者環境相同
  • 確保每次升級穩定度
  • ota (Over-the-air) 可能性

關於系統更新作法

  • A/B 切換
    • 傳統套件 A->B 的狀態, 如果失敗無法保證
    • 升級需要重啟 (不方便的地方)
  • rpm-ostree 為 ostree base 加上客制特性
  • 自選組合 但確保每個套件完整性
    • snap / Guix /Nix
  • others
    • application only - AppImage
  • systemd 249
  • Simple Whole-File-System A/B Updates

ubuntu snap

Pro Con
store a lot of mount points
channel 新格式
interfaces Core18 / Core20 (IoT only)
container
dev / classic mode

rpm-ostree 一些基本指令

  • 裝額外的套件
    • rpm-ostree install <pkg>
      • sway
    • rpm-ostree remove <pkg>

override

  • 替換 base os 原有的套件
  • rpm-ostree override replace <pkg>
    • replace
    • remove
    • reset

replace kernel pkg

  • rpm-ostree kargs
  • rpm-ostree override
    • rpm-ostree override remove kernel kernel-core kernel-modules kernel-modules-extra replace ./kernel*.rpm
    • rpm-ostree override replace kernel-5.12.13 kernel-core-5.12.13 kernel-modules-5.12.13 kernel-modules-extra-5.12.13

apply-live

  • Copying into an "underlay"
    • overlay on /usr type overlay (ro,relatime,seclabel,lowerdir=usr,upperdir=/var/tmp/ostree-unlock-ovl.IZ3Y50/upper,workdir=/var/tmp/ostree-unlock-ovl.IZ3Y50/work)

rpm-ostree下 小工具

asciicast

rpm-ostree + snapd

上游討論 - nix-guix-snapd

## /etc/systemd/system/mount-prepare.service 
#需要手動處理 /snap  mount-prepare.service 
[Unit]
Description=Prepare mount points
Before=remote-fs-pre.target
Wants=remote-fs-pre.target

[Service]
Type=oneshot
ExecStartPre=chattr -i /
ExecStart=/bin/sh -c "ln -s -f /var/lib/snapd/snap /snap"
ExecStopPost=chattr +i /

[Install]
WantedBy=remote-fs.target

scrcpy

  • rpm-ostree + snapd
    • 升上 android 12 beta後, 目前無法使用
 # rpm-ostree install snapd
 # snap install scrcpy
 <用 usb 接上 你的android 手機>
 # scrcpy

swaywm - tiling windows

  • i3-compatible Wayland compositor
  • wlroots
    • 約2~3x 個 Wayland compositor
    • Wayfire - 3D wayland compositor

Wayfire - 3D wayland compositor

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

Thanks for listen

Select a repo