Have you used Android? Has it ever failed an update or break due to an app install in a way that can’t be fixed by uninstalling it or factory resetting? Android is an immutable Linux OS. Its system files are stored on a read-only partition. They’re only mounted read-write during update. (That’s a lie, this is no longer the case, but it used to be, these days there are two partitions and the whole inactive partition is written during an update, or a volume snapshot pretending to be a partition is created and then merged, but functionally it’s consistent with the lie.) Apps are also stored in read-only form. One implication of this is that upon update, the partition/files you want to update are always in a predictable, unchanged state. That guarantees successful updates. It also allows trivial diff updates. The other implication of these facts is that you can always delete the mutable part of the OS, where your data and the apps’ data is stored, and you’ll always end up with a clean, working OS in a factory state. On Android you can also do this per-app by tapping “Clear data”.

Wouldn’t it be nice if you desktop or server behaved like this? Some folks think so and are trying to implement it.

There are few disadvantages beyond having to change how some systems work to accomodate this model. There’s typically more space wasted.

the whole concept of immutable is focused on stability and safety of your system – yes, it is still possible to break an immutable distro, but it’s a LOT harder and takes some actual effort – there’s also a few concepts wrapped up into the “immutable” phrasing:

• immutable filesystem – the root filesystem is set as read only, updates are queued up and applied during an upgrade (some distros require a reboot, some don’t)
  • VanillaOS keeps two copies of the root system (ABroot), upgrades the inactive copy and then swaps them out
  • NixOS has everything defined in a master config file and keeps an archive of previous generations of the config file allowing you to boot into whichever generation you want
• atomicity – updates are applied individually and checked, if the update breaks then it’s reverted to the previous working state (ie. you are never left with a borked system)
• containerized apps – user space apps isolated or sandboxed in some way like Flatpaks or Docker containers or OCI so if they break, they don’t take anything else down with them
• declarative systems – the whole system (and packages and configs) are defined (declared) in one master config file – back up that config file and if something happens to your system, you just need that one file to do a full rebuild (or make an identical copy of your system on another computer) – NixOS and GNU Guix are the two more well-known in this space
  • EDIT: minor side-effect of this is you can easily tell exactly what packages are installed on your system at any given time – no hunting through history or trying to remember what you installed last month when you were testing out video players

Immutable distros are locked-down versions of the traditional operating systems. Literally.

In the normal traditional world, you can use the package manager to remove python as a system package and all its dependencies if you so wished. You could rm -rf / too.

With immutable, the whole filesystem is on ro mode. Every system program that a user needs is bundled by the OS and no other changes can be made without breaking the model.

This model of having the OS immutable means less chances of malware getting persistence, high systems availability and reproducible environments since the OS controls the state of the versions available and makes this state available to all users of the distro.

[This comment has been deleted by an automated system]

TheLinuxExperiment has a good video about it: https://tilvids.com/w/3RjSzdS9jjK2y1nP3M6oJD

Security, Stability

As far as use cases where immutable distros would be more or less convenient, it appears to me that due to the security and reproducibility factors, immutable distros are better for server or enterprise environments where updates need to be rolled out quickly and smoothly, which are most actual Linux systems out there and where Linux companies make their money (hence why they seem like the hot new thing right now), and for desktops where people are primarily concerned with not wanting to “break” anything. But a classical distro, IMO, would be better for folks like me who do want the control to change or customize things down to the core parts of the OS. As far as I’m aware, you don’t have much freedom to tinker with an immutable distro until it’s wiped away with the next update.