Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
- Immutable and atomic Linux distros are all the rage.
- Each has its pros and cons.
- Adoption of both is growing quickly.
Over the past few years, the immutability in Linux distributions has moved from concept to hot topic to broader reality. Immutable Linux distros have a lot of advantages and very few disadvantages.
But then there are atomic Linux distributions.
What the what?
On the surface, it's easy to confuse those two. However, once you start digging, you'll find they're very different -- yet very appealing.
Also: The first 5 Linux commands every new user should learn
Let's break down these two types of Linux distributions, so you can make a more informed choice as to which one to use.
Atomic Linux
The concept of atomicity boils down to transactional updates; with an atomic distro, an update to your operating system either succeeds completely or it doesn't happen. This avoids incomplete upgrades, which can lead to a broken system.
How do atomic updates work? The updates are installed onto a different (and isolated) system image or subvolume. Once the update finishes successfully, you can switch to the new system by rebooting.
Also: How to run a Windows app on Linux with Wine
Again, if the update isn't 100% successful, it will not happen. And because this all occurs on a separate partition (or image), you don't have to worry about it affecting your system's current state.
In other words, your system will always work.
Immutable Linux
With an immutable Linux distribution, the core directories are mounted as read-only. Those directories include/usr, /bin, /sbin, /lib, /lib64, /etc, /boot, and /opt. By mounting those directories as read-only, their contents cannot be altered.
Mounting those directories as read-only achieves a much tighter system security. Say, for example, you wind up with a malicious piece of software on your machine. The chances of that software wreaking havoc on an immutable OS are very slim. A standard Linux distribution doesn't have those same protections.
Also: Snap vs. Flatpak: How to decide which Linux package manager is right for you
On top of the security issue, immutable distributions are also more reliable because the core system files cannot be altered.
One caveat to using immutable distributions is that all apps are sandboxed, so you'll use either Flatpak or Snap for most of your applications.
When immutable is atomic and atomic is mutable
One could say that not all immutable distributions are atomic, and not all atomic distributions are immutable. However, because so many immutable distributions also use transactional updates, it's tempting to assume that all immutable distributions are atomic. But not all immutable distributions support transactional updates; instead, they use the traditional route.
The core files and directories of an immutable Linux distribution are essentially untouchable during use, so making any changes is challenging. Because of this, system updates are typically applied only during reboots. This is where immutable distributions can be confused with atomic, because if the update would break something, it's not applied.
Sounds atomic, doesn't?
Also: This fully atomic Linux distro is a challenge to install but a treat to use
With traditional distributions, updates can be applied as the system is running. One exception is the kernel; even then, the upgrade takes place, but the effects of a new kernel don't take effect until you reboot. That's not atomic.
There is another exception -- containerized applications. Because most immutable distributions depend on Flatpak and Snap, those apps can be updated while the system is running. The reason: Most Flatpak and Snap apps are installed in special directories that can be modified while the system is running. And most containerized apps are configured within a user's home directory.
So, are immutable distributions atomic, and are atomic distributions immutable? It can get very confusing, in part because even the creators of the distributions do not always agree on the definitions of atomic and immutable.
My opinion? All immutable Linux distributions use some form of atomic updates, while atomic distributions can be totally free of immutability.
Immutable versus atomix: Which is best?
If you ask me (which you sort of did by reading this article), the best option for any Linux user is an immutable distribution that is also atomic.
Here's a list of immutable/atomic distributions currently available:
- Fedora Silverblue/Kinoite
- Universal Blue (Bluefin/Aurora)
- openSUSE MicroOS
- SteamOS
- Endless OS
- Aurora
- Bazzite
- Bluefin
- Vanilla OS
If you want a Linux distribution that offers the highest level of security, as well as transactional updates, any one of the above distributions will work.
Pros and cons of immutable Linux
Compared to regular distros, the pros of immutable Linux are:
- Heightened security
- Improved system integrity
- Atomic updates and easy rollbacks
- Consistency
Also: I found an immutable Linux distro that never breaks and is effortless to use
The cons of immutable Linux are:
- Limited flexibility and customization
- Non-traditional software installation (these distributions typically lean into Snap and/or Flatpak)
- Steeper learning curve
Pros and cons of atomic Linux
Compared to regular distros, the pros of atomic Linux are:
- Improved stability and reliability
- Easy system rollbacks
- Heightened security (although not quite as secure as immutable Linux)
- Ideal for containers
The cons of atomic Linux are:
- Cannot directly modify system files
- Limited software availability
- Steeper learning curve
- Higher storage demands
- Depends on specialized tools
Also: 5 of the easiest, quickest Linux distros to install - and I've tried them all
I want a distribution to be both immutable and atomic, as that gives me the best of both worlds. Sure, there are hurdles to overcome, but the security and peace of mind are well worth the effort.
English (US) · 
