so a common claim I see made is that arch is up to date than Debian but harder to maintain and easier to break. Is there a good sort of middle ground distro between the reliability of Debian and the up-to-date packages of arch?
Fedora is generally pretty good
Debian Testing.
Manjaro?
I’ll throw in my vote for Manjaro because while it’s not perfect, it hits all of OP’s points nicely.
- arch based
- hard to break (but not impossible)
- biased a little towards Gnome but runs KDE and XFCE great too
- uses a curated rolling release
The last point is the most important. Rolling release means it updates regularly, so your packages will be mostly up to date. Curated means they do testing in an unstable repository. If an update breaks something, those changes aren’t pushed to stable.
I ended up with it after trying other distros but having trouble with my nVidia card. Manjaro’s MHWD tool installed their drivers easily (although slightly confusing with its unnecessary checkboxes) and more recently, I’ve upgraded to AMD and never had a single issue.
It’s not perfect but almost every issue I’ve had was located between the keyboard and the chair.
I like manjaro. It has been my most consistent with my nvidia hardware.
Not gonna act like I’m an expert or anything but manjaros been great for me. Tried fedora, mint, Debian, garuda, endeavor, maybe some others forgetting
I wouldn’t suggest Manjaro. On a theoretical basis the distro is a good one but in practice, and with the current management of the distro, It’s one of few I’d say is a bad choice. They’re destructive to the general linux ecosystem, often make incredibly wild and unnecessary errors stemming from the highest level, do not properly maintain their promise of delaying packages until they’re fixed, and give bad info which can harm a user. Their devs also help propagate the “toxic linux” stereotype by being just that.
I’m gonna list off a few but manjarno has some more, with context. This will be written by memory too.
Please, skip to the header that’s most important to you.
Harming the ecosystem
The first thing you’ll likely hear is that they’ve DDOS’d the AUR twice, the exact same way through their Pamac GUI. Now, to be clear, this was not on purpose. They made a mistake. However, like quite a few other issues, they made this mistake twice showing they did nothing to stop it from happening twice. Something else which will become clear is that they don’t do these things due to malice (usually) but shear incompetence.
Next, their lead arm dev, the guy in charge of arm development, changed a version on a library on asahi linux (an arm fork) known to break X11 in a change which had nothing to do with that library. This shows he did not try running his code beforehand. The only reason it wasn’t checked by the larger project is due to the trust given to this, supposedly, high end dev. This after the company made a large campaign claiming that “Manjaro runs on the m1 macbook!” months before asahi was ready shipping some random build, not the latest or a set release, which only showed a black screen. To be clear, this could have broken people who tried to run it’s hardware. This is in no way a forced error.
Delayed package promise broke
This will be a short header, but it’s important. The promise of Manjaro is that they delay their packages two weeks. This, to ensure that any issues which arise can be caught and Manjaro can skip the bad version. However, this is not always the case. Quite often there’s an issue in a library or package where they wait the allotted time and still ship. These are CVE’s mostly and quite often have a fix out which manjaro won’t ship until the two weeks are up.
Delaying packages is another problem in and of itself too if you’re using the aur. What is the aur? Well, if you don’t know you shouldn’t be using it for one. The next header will discuss this issue
The AUR
The aur, the Arch User Repository, is a collection of scripts which install an application in many different ways. To be clear, this script can do anything on your PC as it’s just arbitrary code. This is user submitted, meaning essentially anyone can upload a script to the aur including a person names anus kiss. This is a danger in many cases as we’ve seen before. For a fun example, anuskuss uploaded an update to the most popular wii emulators aur package which included two calls to an IP tracking website and a list of people who can “go fuck themselves” including homophobic comments and, if I remember, incel rage. The aur will also be where any malaware on linux is most likely to come from and to be distributed there first.
Luckily though, if you know how to read these scripts, it’s mostly fine. However, manjaro places the button to enable it right next to enabling snaps and flatpaks. Both of which are perfectly safe to install if not safer than average packages. You need to be able to read the AUR package scripts to be safe.
Secondly, the AUR packages assume ARCH Linux. This means, when you install an aur app, it’s assuming dependancies which may be up to two weeks out of date. Either that, or it’ll install packages up to two weeks early. Now, if the first happens the AUR package risks breaking. Which is mostly fine. The latter though means system packages can fail. This is not good.
Sure, many people never have a problem with it, but that’s not an excuse. This should be much more clear.
Bad info
Please don’t use sudo pacman -Syyu to install packages. This will put a heavy load on the arch repositories for no benefit. Please, don’t randomly install aur packages. The AUR break your system? Yeah, according to them you fucked up and it’s all your fault. I’ll admit this is all I can remember here.
Random points
Ever find a site and when you try and go to it firefox says a secure connection cannot be established? That’s an expired or non existant SSL cert. They’ve let their SSL certificates run out 5 times. This is something you can update in less than 5 minutes, and can set up to update automatically in less than 10. It should not happen twice let alone 5 times. The first time they gave users a command to run in a terminal which set their time back in order to trick the system into thinking the cert was good.
Imma stop at this point. Way too long man, and it’s way too early for me. I should probably save this somewhere to copy paste when someone suggests the distro
However, manjaro places the button to enable it right next to enabling snaps and flatpaks. Both of which are perfectly safe to install if not safer than average packages.
The snap store has already been used to distribute malware, one guy lost a lot of money in crypto, and I’m sure it wasn’t an isolated incident. I think it would be naive to think flathub isn’t being targeted in the same way. Same advice as the aur, be cautious.
Sure, but that wasn’t malicious code hacking your device just a simple phishing scheme. The aur runs arbitrary code each time which can do quite alot more on your system than any snap. That snap was just a fake app that sent your login to their server.
The aur is much more dangerous. Of course, when installing anything from anywhere be careful, but with the aur you need to be able to read the pkgbuild.
Thank you though for cautioning the snap store as you’re right. Those apps aren’t confirmed before they’re placed on the store
It was still malicious code. A different attack for sure, but no less devastating for the victims.
OpenSUSE tumbleweed is a good compromise IMO. it is also a rolling release distro with built in snapshotting. So if anything does go wrong it takes ~5 mins to roll back to the last good snapshot. You can set the same thing up on arch but it isn’t ootb and YAST is a great management tool as well.
I would say Tumblewees is better than traditional Fedora.
But the lack of desktops, variants, adoption, as well as the lack of being able to reset a system, makes it less stable than Fedora Atomic Desktops.
Resetting is huge. You can revert to a bit-by-bit copy of the current upstream.
It is not complete at all, but already works as a daily driver. uBlue deals with almost all the edges that are left.
Tbh my main gripe with Tumbleweed is the package manager as someone who likes to use the CLI, the weird naming convention, renames, etc are annoying. Also found some minor annoyances that all put together made me choose Fedora over Tumbleweed. I can see why some people would like it tho.
You can use dnf on OpenSuse, and it actually uses the correct
/etc/dnf.repos.d!zyppers UI is horrible, no idea at what internet speed those animations make sense, not on an even 2,4GHz wifi.
I used QGis as a Fedora Distrobox didnt install the language package, because it installs only the one from the OS. on Tumbleweed all languages were always installed, but it had some issue where no plugins worked or something.
Same with RStudio, which works creat with iucar/cran COPR and the R-CoprManager app that makes it use dnf underneath.
Rstudio should absolutely install them as libs though, into /var/lib. Then the Flatpak could be made working too I guess.
but then why use OpenSUSE instead of just Fedora?
Because they have Slowroll and working, automatic BTRFS snapshots.
I have no idea what dnf Fedora is doing, using BTRFS but no snapshots.
I think fedora does have some automatic snapshots, just not as much as OpenSUSE. Still tho, why not setup better snapshots on Fedora rather than switch package manager and repos altogether on openSUSE?
I found zypper package speed for download seems to vary a lot, sometimes superfast and other times it drips in like old dialup. Maybe server load or what default server it hits is too many hops away or something. It also does delta doownloads, ehich makes sense if your data is capped, but takes a lot longer to negotiate the lookup for update, compare versions, and pull delta only.
Good thing about zypper and SUSE setup is you can use the various patch, oatches list patches commands to see what is unneeded, recommended or critical, CVE, and if has already been applied to your system or not. Great tool for sysadmin
Yes I would love to have mail notifications etc for security updates.
Currently setting up a server, CentOS installer didnt boot so my lazy ass just rebased to securecore (Fedora IoT -> uBlue uCore -> secureblue) which is very nice but rolling.
With LUKS encryption, which I want and need, this is problematic, as I need to manually type the password afaik. TPM unlock didnt work even though I have a Nitrokey with a TPM integrated afaik.
I am not 100% sure, but I had something similar with passworded drive. There was a way to edit crypt tab stuff so that when system looks for pwd input on boot it went to the hashed file to get password. I forget the steps I did, but online there is a walk through and it was not too difficult to configure…just a few manual file edits
fedora maybe?
Absolutely. Here’s three options
Fedora updates every, or around every, 3 months. This is very stable but very up to date.Most professional devs particularly ones working in Linux projects use it fornit’s relative stability while having modern packages.
There’s also PopOS! which is a rolling release, updating daily, but much more delayed than arch thus being much more usable.
Now for my favourite, OpenSuse Tumbleweed. Same style as PopOs but with a KDE, or gnome spin or of the box. A bit more sleek too. It also has YAST which is the best GUI based managment system on Linux.
I use arch (btw) but have a second duel booted tumbleweed install for work related stuff in order tonensure stability
Wait, Pop_OS switched to rolling release?
From their website:
"Update on Your Terms
Pop!_OS provides the latest features and security patches through rolling updates and periodic OS version upgrades, to be performed at your discretion. And if you want a clean slate, the Refresh Install feature resets your OS while preserving the files in your Home folder. "
That’s not what a rolling release is…
I didn’t say it was. I posted the quote from the website to clarify.
It also has YAST which is the best GUI based managment system on Linux
Semi-offtopic. Suse was my first distro 20 years ago and in those few months I had such a nightmarish experience with dependency hell in YAST and Yum, and such a contrastingly good experience with APT after I finally moved to Debian, that I have only ever used Debian and Ubuntu since then and I am still traumatized by the mere sight of the name YAST.
Silly but alas true! Of course I didn’t understand anything back then and I’m sure YAST is much better these days.
Pop OS is very much not a rolling release
Manjaro has been specifically designed to have fresh packages (sourced from Arch) but to be user friendly, long term stable, and provide as many features as possible out of the box.
It requires some compromises in order to achieve this, in particular it wants you to stick to its curated package repo and a LTS kernel and use it’s helper apps (package/kernel/driver manager) and update periodically. It won’t remain stable if you tinker with it.
You’ll get packages slower than Arch (depending on complexity, Plasma 6 took about two months, typically it’s about two weeks) but faster than Debian stable.
I’m running it as my main driver for gaming and work for about 5 years now and it’s been exactly what I wanted, a balanced mix of rolling and stable distro.
I’ve also given it to family members who are not computer savvy and it’s been basically zero maintenance on my part.
If it has one downside is that you really have to leave it alone to do its thing. In that regard it takes a special category of user to enjoy it — you have to either be an experienced user who knows to leave it alone or a very basic user who doesn’t know how to mess with it. The kind of enthusiastic Linux user who wants to tinker will make it fall apart and hate it, and they’d be happier on Arch or some of the other distros mentioned here.
or you could use a distro made by competent people and that actually serves the purpose Manjaro claims to have.
You really shouldn’t go for Arch & derivatives if you don’t want to fiddle with your system (the whole point of Arch & co) and really want stability (not that arch is that unstable tbh as long as you manage it proprely). Manjaro included. In fact especially manjaro since it manages to be less stable than Arch specifically because of their update policy. I mean why even be on Arch if you can’t use the AUR and have the latest packages?
Aside from this and maybe a few others there isn’t really a wrong distro to choose, better alternatives would be NixOS (stable), Fedora, Debian testing and probably several other distros that you probably should avoid for being one-man projects or stuff.
There is no other Arch-based distro that strives to achieve a “rolling-stable” release.
Alternatives like Fedora have already been mentioned by other comments.
Debian testing is not a rolling release. Its package update strategy is focused on becoming the next stable so the frequency ebbs and flows around stable’s release cycle.
manjaro since it manages to be less stable than Arch specifically because of their update policy
This is false. Their delayed updates mitigate issues in latest packages. Plasma 6 was released late but it was a lot more usable, for example.
I mean why even be on Arch if you can’t use the AUR and have the latest packages?
Anybody who wants Arch should use Arch. Manjaro is not Arch.
Some of us don’t want the latest packages the instant they release, we’re fine with having them a week or a month late if it means extra stability.
There’s nothing magical about what Manjaro is doing, it stands to reason that if you delay packages even a little some bugs will be fixed.
Also you can use AUR on Manjaro perfectly fine, I myself have over 100 AUR packages installed. But AUR is not supported even by Arch so it’s impossible to offer any guarantees for it.
There’s also Flatpak and some people may prefer that since it’s more reliable.
that’s because you can’t have both. It’ arch or it’s very stable. Granted Arch by itself is not that unstable if you manage it well and know what you’re doing but we’re talking hardly ever having to troubleshoot something.
Manjaro doesn’t acieve any more stability than Arch, and in fact is actually worse than arch.
Debian testing is a rolling.
Manjaro is an arch derivative and has the bad parts of arch still. Again, why recommend manjaro when you have better alternatives that actually achieve what manjaro sets itself out to be? Fedora had KDE plasma 6 sooner than Manjaro afaik and it managed to be stable, it is a semi-rolling with up to date yet stable packages etc, same for OpenSUSE Tumbleweed. Manjaro has no purpose, it’s half-assed at being arch and it’s half-assed at being stable.
AUR isn’t a problem in Manjaro because of lack of support, it’s a problem because packages there are made with Arch and 99.999% of its derivatives in mind, aka latest packages not one week old still-broken packages. Also Manjaro literally accidentally DDoSes the AUR every now and then because again they’re incompetent.
And if you’re going to be using Flatpaks then all the more reason to not bother using Manjaro or any arch derivative and just use an actually stable distro with flatpaks.
Manjaro has no purpose, it’s half-assed at being arch and it’s half-assed at being stable.
My experience with Manjaro and Fedora, OpenSUSE etc. contradicts yours. Manjaro has the best balance between stability and rolling out of the box I’ve seen.
“Out of the box” is key here. You can tweak any distro into doing anything you want, given enough time and effort. Manjaro achieves a good balance without the user having to do anything. I remind you that I’ve tested this with non-experienced users and they have no problem using it without any admin skills (or any admin access).
Debian testing is a rolling.
It is not.
AUR isn’t a problem in Manjaro because of lack of support, it’s a problem because packages there are made with Arch and 99.999% of its derivatives in mind, aka latest packages not one week old still-broken packages.
And yet I’ve managed to install dozens of AUR packages just fine. How do you explain that?
Matter of fact, I’ve never run into an AUR package I couldn’t install on Manjaro. What package is giving you trouble?
Manjaro literally accidentally DDoSes the AUR every now and then because again they’re incompetent.
You’re being confused.
AUR had very little bandwidth to begin with and could not cope with the rise in popularity of Arch-based distros. That’s a problem that needs to be solved by the AUR repo first and foremost. Manjaro did what they could when the problem became apparent and has added caching wherever it could. Both Manjaro and Arch devs have worked together to improve this.
How do you explain that?
Easy: You were merely lucky that they didn’t break.
And no it wasn’t just a rise in popularity of Arch it was Manjaro’s PAMAC sending too many requests DDoSing the AUR.
You were merely lucky that they didn’t break.
Lucky… over 5 years and with a hundred AUR packages installed at any given time? I should play the lottery.
I’ve noticed you haven’t given me any example of AUR packages that can’t be installed on Manjaro right now, btw.
it wasn’t just a rise in popularity of Arch it was Manjaro’s PAMAC sending too many requests DDoSing the AUR.
You do realize that was never conlusively established, right? (1) Manjaro was already using search caching when that occured so they had no way to spam AUR, (2) there’s more than one distro using pamac, and (3) anybody can use “pamac” as a user agent and there’s no way to tell if it’s coming from an actual Manjaro install.
My money is on someone actually DDoS’ing AUR and using pamac as a convenient scapegoat.
Last but not least you’re trying to use this to divert from the fact AUR packages work fine on Manjaro.
Debian-Testing (Trixie) is the way to go. It’s a rolling release, but it’s very stable, because packages end up there after being tested in Sid (their unstable rolling release). Whatever makes it out of Trixie, ends up on the normal Debian. I’ve been running it since April without any breakages.
Slackware current.
OpenSUSE Tumbleweed. Rolling release, but has QA on the weekly builds. It fits between Debian and Arch for sure.
Fedora is a good middle ground, it’s what Asahi Linux uses as its official distro
Another upvote for Fedora. I tried SO many flavors over the years and every single one of them, while cool and neat up front eventually developed “something” that was too problematic.
So I asked for a recommendation with a very specific set of things that I needed from a distribution. Everybody told me to just stop messing around with different flavors and just go with plain old vanilla Fedora.
It has been rock solid and perfect in every way, and I no longer have that need to distrohop because I’m missing something.
+1 for Fedora. It is exactly what OP is asking for.
Is there a good sort of middle ground distro between the reliability of Debian and the up-to-date packages of arch?
This guy:
Or maybe Slowroll.
For private use? Hot take, but Arch. It’s easy to maintain and not easy to break at all. I think I spend zero time on maintenance other than running package updates. I only reinstall when I get a new computer.
(I say for private use only because you’ll be getting weird looks from people if you use arch on a server in a professional setting, and it might break if you try to update it after five years of not doing it since there aren’t any “releases” to group big changes - in practice I run arch on my home server too with no issues)
Save yourself some trouble and run something for servers. You can even setup automatic updates with reboots so you can set it up and forget. I did that with a Debian machine and I forgot about it for a terrifyingly long time. It just auto updated and patched itself when new updates hit.
Fedora, Ubuntu etc. use up to date packages if you’re using flatpaks and snaps. Nix I suppose fits the bill better but it’s a harder distro to “learn” than arch imo
How about Rhino? Rolling release of Debian Sid iirc
I like the idea of a stable distro as the host OS and Distrobox with Arch and the AUR for applications.
For most of my machines, I do not need the latest kernel or even the latest desktop environment. But it is a pain to have out of date desktop apps and especially dev tools.
I think this strikes a nice balance.
