Between this, and Guix, and Nix, and Fedora Silverblue, a lot of distributions are doing atomic upgrades.
Is there a reason atomic upgrades so popular now? Not that it's a bad thing. (Edit: The advantages of atomic upgrades are obvious. I'm asking what changed to make it practical.)
- Pushes the use of containers for apps, /usr is read-only (mostly). in most cases Flatpak and Podman/Docker/Distrobox/Toolbox
- Makes reproducible builds, your /usr is the base fedora image + whatever you have explicitly configured to add, the latter part makes it very easy to customise the base OS and undo changes (which are tracked), or share changes with others.
- Updates are atomic, you pull the power cord during an update? no bueno will just boot the old deployment. Additionally, because the system is always in a known and immutable state, updates should always work without any kind of dependency/package issue, your swapping one /usr for another.
- Makes malware harder as /usr is read only and you can use composefs to make sure content isn't changed, not really that secure though given any malware can just infect the initramfs
Aren't malware nowadays targetting the home directory? with so many users installing executables, language interpreters or cloud management binaries in their homedir I wouldn't even bother trying to elevate privileges and/or infect /usr if I was writing a malware. Especially as all the interesting parts that are worth being stolen are also in the homedir.
Is there a reason atomic upgrades so popular now? Not that it's a bad thing. (Edit: The advantages of atomic upgrades are obvious. I'm asking what changed to make it practical.)