Post B2qCAqVFcph14Akxm4 by lrvick@mastodon.social
(DIR) More posts by lrvick@mastodon.social
(DIR) Post #B2qCAo9YMX9FmIabg0 by lrvick@mastodon.social
2026-01-28T08:54:14Z
0 likes, 0 repeats
I should wait until this release is published next week, but I am too excited.Stagex is the first production ready Linux distro to be:- 100% deterministic- 100% full source bootstrapped- Maintainer signed on every commit and review- Reproduced and signed by multiple maintainers on every artifact- OCI container native- LLVM/compiler-rt/libunwind nativehttps://codeberg.org/stagex/stagex/pulls/761All the confs that turned us down and the people who said it could not be done can eat my entire ass.
(DIR) Post #B2qCApAIbFL4utwiTg by rekahsoft@fosstodon.org
2026-01-29T20:25:32Z
0 likes, 0 repeats
@lrvick really interesting work! I'm curious what you thing of #guix and where it falls short (re security)? It sounds like you view it overall quiet favorably (relative to other distros)A few things I can think of:- uses linux-libre (so no microcode updates); this is overcame by using non-guix which does supply them- depends on a central hydra, enabled by default; this too is overcomable by running an internal cuirass (guix's build server)Best wishes!
(DIR) Post #B2qCAqVFcph14Akxm4 by lrvick@mastodon.social
2026-01-29T20:41:27Z
0 likes, 0 repeats
@rekahsoft Guix goes further than any other distro and was a big inspiration, but it is not 100% reproducible/bootstrapped, trusts downloaded binaries, has a single-party trust model, chooses the GNU way of doing things above all others. As a desktop-first distro with thousands of packages it would make it incredibly difficult to ever fully clear those bars. Our threat model mandated the design a distro and release process built for supply chain security.https://codeberg.org/stagex/stagex#comparison
(DIR) Post #B2qCArH6ktyRSb9BMu by civodul@toot.aquilenet.fr
2026-01-31T00:01:28Z
0 likes, 0 repeats
@lrvick Hi! I’m not sure what the “GNU way of doing things” is but Guix has a long track record regarding #bootstrapping and #ReproducibleBuilds and is used in production:https://guix.gnu.org/en/blog/tags/bootstrapping/(The “like no distro before it” punchline on the stagex home page is… questionable.)That said, it’s good news that more distros are joining Guix and live-bootstrap on this journey!@rekahsoft
(DIR) Post #B2qCAs9LVFMKAoWUuO by tyil@fedi.tyil.nl
2026-01-31T10:18:26.159Z
0 likes, 0 repeats
@civodul@toot.aquilenet.fr @lrvick@mastodon.social @rekahsoft@fosstodon.org I’m not sure what the “GNU way of doing things” isIt seems to be the use of GNU tools and libraries, such as gcc, glibc, etc. instead of using LLVM, musl, etc.People who hate freedom often hate GNU, and all GNU tools and libraries by association.
(DIR) Post #B2qCAtdVyZ5Mmfe6ZU by lrvick@mastodon.social
2026-01-28T09:09:05Z
0 likes, 0 repeats
* My views and candor do not necessarily reflect that of the entire stagex team
(DIR) Post #B2qIMG75LZGjPCHKUK by Suiseiseki@freesoftwareextremist.com
2026-01-31T11:27:55.963205Z
0 likes, 0 repeats
@tyil @civodul @lrvick @rekahsoft Tools are only a handful of GNU packages.>Linux distro.>Look inside.>gperf, grub, glibc, gnupg, gcc, autoconf, automake, bash, bc, binutils, bison, coreutils, findutils, ed, gdbm, gettext, gawk, grep, gzip, make, readline, gdb, patch and a few more.It's GNU/Linux distro - except by default garbage inferior reimplementations of a handful of GNU packages are used.
(DIR) Post #B2rVjFuFm97jzCX4XQ by squid64@fedi.squid64.ca
2026-02-01T01:31:59Z
1 likes, 0 repeats
Just wait until you look inside most of the binaries there's even more GNU in there. It's everywhere. All compiled with GCC. Really the more you look into it the more GNU you find.CC: @tyil@fedi.tyil.nl @rekahsoft@fosstodon.org @lrvick@mastodon.social @civodul@toot.aquilenet.fr