Installing/Testing Vanilla OS2 in QEMU

I read through the thread from Jan 2023 on Vanilla OS and decided to see what has happened with that less than stellar OS since then. A lot, apparently. But only the beta is currently available and so I want to try it in the virtual machine (QEMU) first. Then maybe we can add to that thread considering all the changes, many of which I had never heard of. Details here.

Setting up the VM was simple enough, but I ran into the message: Vanilla OS requires UEFI. This I have not encountered before.

Is there something in the VM setup for this machine I need to change that would emulate UEFI?

YES. And it starts before installing the OS. So I deleted the vm and started over in order to use the UEFI OVMF_CODE file from the firmware dropdown box in virt-manager before beginning installation. Then it went through the normal install options. I did see grub briefly, but just let it timeout and proceed with install.

Next, I am going through the install & setup and will then update with info and plenty of questions from me, to be sure.

Thanks,
Sheila Flanagan

The previous link on the OS2 info has screenshots of the installation process. And the first thing you read is that VOS2 went from an OS based on Ubuntu to a hybrid.

Hybrid Debian Base

The system consists of a hybrid base of Debian packages and Vib modules. The major change in Orchid is the switch from Ubuntu to Debian, providing more flexibility and control over the system and update distribution.

Regarding updates, we transitioned from a package-based structure to an OCI image-based structure, using Vib, a technology developed by us. It allows us to assemble OCI images using modules of various types, such as Debian packages, software builds, scripts, etc. It enables us to provide updates in the exact state they got tested, ensuring every user receives the same updates.

*But I do want to walk through the options I chose and why you may or may not choose those from the start. And one thing that surprised me was something @nevj mentioned in a post about wishing there was a log to view after install of an OS. Well I was offered the option to see the log. The first 50 lines or so were meaningless to me but then it began to show each package installed, etc. *

First up, VM tools:

" If you decide to install them, the Installer will use a vm dedicated image, which includes the tools and drivers for the most common virtualization platforms."

I’m not sure, yet, what exactly those tools are composed of, but I will see if it is possible to “test a VM” with them inside a VM.

Besides the normal install options of language, keyboard, etc., there was the option to install apps (office, utilities, etc.) and I chose to do so. As I watched the list of them get installed, I regretted that decision. This OS also uses flatpak as first choice and so all of those apps like LibreOffice got the flatpak version installed. I prefer to install the .deb pkg offered from the sources.

After internet connection was the encryption option:

“You can choose to encrypt the /var partition (partition that holds all user data) with LUKS2 for maximum data security (recommended).”

I skipped this since I will not have any need for it in the VM.

Once I got to the first startup, that is where things differed from my other installs in the past.

I should have chosen Advanced, but I did not. So from there the first screen introduced Vanilla OS 2 updates info:

That did not sit well with me as I do not just apply updates randomly or at the suggestion of the OS unless I know what is going to be updated/installed. And I prefer the terminal as I like to see what is happening at the time, including any errors.

Configure updates gave me the normal option of not applying their “smart” updates and you can choose the frequency if you do not like being bothered by the normal updater on a daily basis (or more).

The rest of the first start info is pretty standard for setting up your system (i.e., bluetooth devices, introduction to the “store”) as well as some interesting items like the ability to use .deb and .apk files. They claim if your app is only availble on Android, you can install it on Vanilla OS 2.

I will definitely be testing that one out as the last time I tried Waydroid, it required a Wayland session. For me, there are still apps that do not work on Wayland so this could be the answer to that.

There was also something for developers. Which I am most certainly not.

If anyone would like to expound upon that and how it differs from other Linux OS options, I would be interested in hearing about it.

Then you are told that the Super key is used for seeing all open apps (and I expect workspaces, if they are an option, as well):

The next screen was of interest to me, but will not be able to test it in a VM.

PRIME Profiles

With the departure from Ubuntu as the base for the system, we had to rewrite support for switching PRIME profiles, a feature that allows quick and easy switching between graphics cards.

Due to the complexities of porting this feature to Vanilla OS 2 and its unique immutable structure, we developed a new tool (prime-switch) compatible with the new system.

prime-switch is a command-line tool, but we simplified its usage by integrating a new screen in Settings, under the Display section, allowing users to change the PRIME profile easily without resorting to the command line.

Following are some of the things that differ in this OS from other Linux distributions.

ABRoot v2

ABRoot, our implementation of A/B Partitioning, facilitates updates in an immutable system through atomic transactions between two partitions, ensuring a consistently functioning system.

In Vanilla OS 2 Orchid, we introduced ABRoot v2, a complete rewrite of the project designed to be more reliable and faster. Transactions now occur through OCI image expansion instead of applying package updates, ensuring the system receives an exact copy of the tested image.

ABRoot v2 brings additional features, such as the ability to dump the system state for support in case of issues, switching between flavors without data loss by changing the base image, auto-recovery of the ABRoot file system structure, and more.

Driver and System Changes

In ABRoot v1, users could access the transactional shell to make atomic system changes. In ABRoot v2, this feature was removed, and replaced by support for generating custom local images. For example, when installing a driver not present in the system, ABRoot can generate a custom image with the driver installed, similar to a traditional package manager but creating a local OCI image used for updates. While this feature was introduced out of necessity, it is not recommended for daily use and should only be used for driver installations, as it puts the system in an indeterminate state.

To minimize the need for this operation, Vanilla OS now includes a broad set of drivers, covering most peripherals. In some cases, multiple OCI images were created to cover different scenarios (i.e. NVIDIA, VM). During installation, Vanilla OS proposes the most suitable image based on detected hardware.

LVM Thin Provisioning

Addressing a major criticism of Vanilla OS 22.10, which was the allocated space for the two root partitions, totalling 20GB for root and taking up 40GB of disk space, we introduced support for LVM Thin Provisioning.

This technology allows the creation of logical volumes with variable sizes, optimizing disk space usage. Now, the two root partitions share a total of 20GB, dynamically allocated based on the size of the two partitions, providing more disk space for user data.

Sudon’t

Having sudo is a common practice in Linux, but it is not secure. In Vanilla OS 2 Orchid, we have replaced sudo with PolKit policies, allowing users to perform privileged operations in a more controlled and secure manner.

PolKit, unlike sudo, is integrated into the system as a centralized authentication authority and privileged operations are managed through specific policies defined for each action. This structure provides greater control and prevents users from inadvertently or intentionally running malicious scripts that could compromise the system. Normally, such scripts would use sudo to execute privileged operations, and even if adapted to use the counterpart pkexec, they can’t be executed without the safer graphical interaction of the user.

The user will still have access to sudo but within the VSO subsystem.

I hope I am interpreting that incorrectly as it sounds to me like the OS does not trust me to manage my own system with sudo and is making it more difficult to use that in CLI and instead, I will have to use the GUI to ensure I do not “inadvertently run malicious scripts” or otherwise “compromise my system.” That sounds very Windows-esque, for lack of a better term. You know, the “Windows kept you from harming your system” popup you get when you try to install an app you want and MS does not want you to use?

I was not aware of the previous criticism of 2 root partitions in the setup of VOS1, so I guess for those who will be transitioning, this LVM Thin Provisioning is a plus.

Vanilla System Operator and Apx

VSO (Vanilla System Operator) and Apx are familiar tools for Vanilla OS users. In Vanilla OS 2, both tools underwent significant rewriting to cover various scenarios.

VSO v2

VSO v2 is no longer just an update manager but also serves as the system shell, and package manager, and provides support for Android applications. In Vanilla OS 2, users no longer have direct access to the system shell; opening the console brings them to the VSO shell, an integrated and mutable Vanilla OS subsystem. It allows users to install and run applications as they would in any Linux distribution without affecting the system.

Additionally, VSO now supports Android applications, which can be installed and run as native applications without the need for an emulator. The Android subsystem is isolated from the system and can be initialized at the user’s discretion.

To simplify the experience, we integrated the F-Droid store into VSO, allowing users to install Android applications without relying on external sources.

So if VSO v2 is the “package manager” does that mean “sudo apt update” no longer works? Aside from “sudo” not working, that is.

I did not see the normal terminal icon on the dock in the Gnome desktop so I searched “terminal” and Black Box came up. Once I clicked on it, it opened a terminal-like black box and proceeded to install what I assum is VOS2’s terminal emulator. “sudo apt update” did, indeed, work. Okay. So far so good.

I will say I was surprised by the Gnome DE. And I did not see any other DEs from the login screen so I will be checking if others are available to install. Of course, being the beta, it may not be an option yet. But if it was available for VOS1, that would indicate their intent to have others available.

Then the further explanation of the subsytems.

DEB/APX Sideloading

Given the enhanced capabilities of VSO, we simplified the way users install unofficial packages. In Vanilla OS 2, users can install .deb and .apk packages by simply opening them with the Sideloading application, which handles the installation into the correct subsystem.

I will test this out further.

Now for the developer portion:

Apx v2

Apx v2 now plays an entirely new role by serving as a powerful tool for developers and creators. It allows the creation of custom environments (stacks) for various needs. While Apx v2 got rewritten from scratch, its usage method remains similar. Users can now create custom stacks, defining which packages to install and creating one or more subsystems based on these stacks.

Despite the rewrite, Apx v2 allows users to create custom stacks and access created subsystems through direct shells or by leveraging the declared package manager in the stack. Users can then export the applications to the main system and more. The only limit is their imagination.

Responding to a common request, Apx v2 supports package managers other than those provided in Apx v1, allowing users to define the package manager to use in a stack. For example, users can create a stack based on Arch Linux, defining yay as the package manager instead of pacman, and install packages from AUR without issues.

Apx GUI

Among the many new features of Apx v2, we introduced a graphical interface, Apx GUI, facilitating the management and access to created subsystems quickly and easily.

I do not have a grub menu since the initial install in VM, but I am assuming this is part of their grub. I did read that installing VOS2 in a dual-boot system is not recommended and I can see why.

FsGuard and FsWarn

One of the goals of Vanilla OS 2 Orchid is to make the system more secure and reliable. To achieve this, we introduced two new tools, FsGuard and FsWarn, developed in collaboration with Linux Immutability Tools.

FsGuard is the tool that initiates during the system boot, checking the integrity of the system binaries to ensure no discrepancies with the state provided by the system image. If a modification is detected, FsGuard will start FsWarn, which halts the system boot, notifying the user of the issue and advising them to restart the system to the previous state, ensuring system’s integrity. Users can choose to ignore the warning and start the system, but in this case, we cannot guarantee the system’s integrity and you may encounter serious issues.

The HELP documentation is very basic and I may be mistaken, but it could be due to the OS itself being very basic, at least at this point. There are no forums yet. Hmmm. So a forum did not emerge from the first release?

Here is what you find at their help site:

There is a glossary, which I expected to have to search for the items of interest. But this is all that is available as of now:

image806×820 32.7 KB

I will update with more findings as I have a chance to test them through this weekend. I look forward to hearing from everyone their thoughts on this new Linux OS and maybe help anyone interested in using it futuristically by looking at the system and comparing to other popular distributions.

Sheila

Hi Sheila,
Well done, I enjoyed reading about Vanilla

There are VM tools in the host, and VM tools in the guest.
You assumed these were host tools, I think they might be guest tools ( like spice-vdagent) so that is why they come in the image

You can indeed test a VM inside a VM

Some OS’s turn off the grub menu if it only contains one OS. It be doing that.

In general:
I think there is a bit of hype here and there in their writeup. That is OK, they all
do it to varying extents.

I dont see how Apx can install packages from repos of various distros. There are compatability considerations . Lots of packages depend on system setups which vary between distros.

I think you can drive video cards directly from a VM, if you setup the hardware access.
Not sure, never done it. I think people who play games in a VM do that.
I am not sure how a card would react to being driven by both the host and guest… there may be conflicts.

I dont like them fiddling with sudo. Can you become root and work that way?

You have to respect Vanilla for doing something different. … 2 root filesystems, one immutable… user software separate from all that like in BSD, … images not isos …

Oh, I cant see anything about UEFI in your second picture. I have struggled with that myself, and I cant remember now. Where is this UEFI OVMF_CODE file and what do you do to use it?

Thank you, I cant wait to see you use it.
Regards
Neville

I finally figured it out that after setting up the new machine, you check the configure before installation:

And then you select from the drop down; I had kept it at BIOS and that failed.

Once I did that, I began the install and it worked.

I did. That’s how I operate and would not use a distro that took that choice away.

They do turn it off, but when I started the VM within the VM, something happened and I was suddenly back at the login screen. And a message popped up saying I had “reverted” to a prior image. What? Well I rebooted and this time a grub-like menu came up, but it said two things:

Current image
Previous image

And that was it. So I chose current and went with it.

I could be wrong, but if those VM Tools were to use the Gnome VM app, and that is what came up when I selected the tools, I will say that “Boxes” which has been touted as an easier solution than QEMU/KVM, was definitely not. I thought at first it failed because of being within the VM. So I went to my host (LM) and installed and tried it there and it still failed. Needless to say, I’ll stick with virt-manager for the GUI for my VMs.

I have a couple more things to test and come back and report, but at least, like you said, the “hype” had me excited a bit, but after using, it is definitely Vanilla.

Though I may not be up to reviewing anything more complex yet, I am now working with Garuda in a VM. We’ll see how it compares to Endeavor.

Thanks,
Sheila

Hi Sheila,
Thank you, I needed the recipe

OK, I misunderstood. It adapts Gnome to a VM envionment… it doesnt try to run a VM within itself.

Your assesment … I agree from what you say. It is too new to make a final statement. Lets see how it rates.

Are you looking for something specific?
What is your list of criteria for accepting a distro?
Mine is it has to be rolling release and non-systemd… that cuts the field down quite a bit.
Regards
Neville

Well at least for the VMs, it downloads the .iso for you and the list of available is quite long. I mean like every different DE as well as older versions of the same OS. But since it failed and I still wonder what it did when it said I reverted. Did it mean I downloaded an older version of say, Garuda, and that changed my current OS? It would have been scary if I were not in a VM. LOL.

But if they are going to let you install .apks & .debs, that is my next test. Like you, not sure how that would work unless they are isolating that app much like a VM. We’ll see.

I am exploring the Arch family, as you called it. I am not ready for Arch, but like you, I have decided I want a rolling release. As for non-systemd, you are right. That definitely cuts the choices down and when I installed MX Linux and had to learn the SysVinit (and I still have much to learn) I decided I wanted to explore something beyond systemd. I guess, from my search at least, that leaves the Arches.

I have quickly installed (and deleted) some in a VM that I felt were not my cup of tea: Solus was one.

But I do like the AUR and multitude of other packages available from so many sources. That is something I have not always been able to use.

The downside is that it takes more time to do things. Since I am new, finding the package and installing was not difficult ,so I assume I can learn more. But the whole idea of “building” is a bit daunting. I am confident I can learn how, I just have to spend the time to research the steps and apply myself. I don’t think I can leave that stone unturned.

Thanks,
Sheila

Hi Sheila,
And Void… have you considered that? Not in Arch family. Have to learn xbps package system. Uses runit, not systemd or sysvinit.
but
rock solid. Mine has updated weekly for >3 years without a single hitch.
and
has a large repo and you can convert .deb files to .xbps.

Just a thought. You dont have to consider it.

Cheers
Neville

Maybe it’s more like a container or snap or flatpak where the dependencies are included, and applications are more isolated from each other to avoid dependency clashes.

That is what I assumed @pdecker as well. I am going to proceed to show you the menus and options once I got into the Apx app.

From what I can tell, VOS2 is allowing you to create a “subsystem” (maybe like Windows did for Linux?). In fact, you can have as many subsystems as you wish.

For instance, they have already included not only other package managers for you to use in creating a new subsystem, but they will even allow for your own and you have to write in the command structure.

As you can see from the image above, they already have the popular ones built-in, as they call it.

Note the 3 icons at the top of the APX app and that I am on the middle one.

Moving to the 3rd one, we find the in-built package managers, including .apk, and the commands included. Also note that we are unable to “edit” or “delete” them. I did not scroll through all the commands, but I have to wonder if there are only the most common commands written into this pkg, we may not be able to use everything CLI within that substack.

Then we have the apt pkg manager along with its commands, which again, cannot be edited.

I played around with using the + sign but given the options, this is definitely the field for developers. One could build their own subsystem with its own apps from here.

The one thing I found interesting after I used “Boxes” yesterday (without success, I believe) was that today, at the login screen, the two OS I installed yesterday were listed at the bottom–much like the DE options on other Linux logins. So I am assuming that the whole virtual discussion for VOS2 is how they have managed to add your VMs to the login so that you can go directly to the OS, bypassing the host system altogether. Perhaps this is because they advised that “dual boot” does not work well with VOS2, especially since they have their own grub, where you would not be able to add the other OS to it. Cool! If it works…

However, whether it is because this is the beta, or because I did not successfully get those VMs set up in Boxes, clicking on the lower item produced no results.

So I opened Boxes, deleted the other VMs that failed and created a new one and “this time” I saw that BIOS vs UEFI option and selected UEFI. Pretty sure I did not notice that yesterday (like when I first created the VOS2 VM) and that causes the install to fail. I also scrolled down to ensure all other options were okay and chose Debian 12. I thought all was going well until I left the computer and came back to the login screen (timeout) and Boxes was showing it as “installing.” So I opened it and had to go through the entire thing again. After repeating that exercise 2 more times, I gave up.

I had chosen the netinst and thought maybe that was the issue, so tried the DVD.iso and that, too, failed to ever complete and run.

I finally deleted that VM and tried Ubuntu the LIVE .iso and it would not even get into the install screen. But it DID, like yesterday, kick me back to login screen and trying to open it to get to the install again, it just went to the shell as if it was back to using BIOS.

Then I logged in and shut it down. When I rebooted, I got the grub with options
A) previous state
B) current state
So I chose A) and then got the confirmation below:

Maybe it’s just me, but I think it’s the Boxes app. So I am going to setup Qemu/KVM and use virt-manager (the way I always have) and see if we can get a VM running that way.

But at one point I got a message about running out of disk space. I thought I had made a 50G VM so I checked, and yes, Virt-manager says 50G. But when I used Disks inside VOS2, I got the following allocations:

I will update upon further testing.

Thanks,
Sheila

Hi @Sheila_Flanagan ,
If you want to persist with Boxes, have a look at this

In the Install section, there are 2 packages you may need to add to make Boxes work
I think they have not got its dependencies right in some distros.
I had the same trouble as you, until I installed these extra packsges. @Rosika had no trouble and did not need to install extra packages ?

Well apparently not if you had to and @Rosika did not. I will give it a read. One way or another, I shall get a VM running in a VM.

Thanks,
Sheila

Yes, that was the issue. So Debian 12 installed and booted to its grub menu. As a side note, this time in Boxes, I chose the unattended installation and watched everything happen terminal-style without a GUI. I had no input other than the initial username/password and when I booted from grub, it was waiting at the login screen for me to fill in.

So now we know that it is not an issue to install any OS in a VM via Boxes in VOS2.

I do want to say this, though. The reason you can use terminal, go root, etc. in CLI is because the shell itself is containerized.

This is what happens as soon as you choose “Black Box” before ever issuing a command.

So it would seem to me they have succeeded in giving the user the freedom to control things within their own system without being able to mess with the OS itself.

Perhaps someone else can sum it up in layman’s terms how much this OS differs from the mainstream Linux distros like Mint, Ubuntu, etc. in the way it protects itself (OS) by containerizing everything (User System included) and from within that container, even other subsystems can exist that allow working with different package systems, init systems and apps that would not be available to it otherwise.

I still have a few more tests to run, but so far I am in awe of how they chose to do it, and I would like to know how VOS2 systems and containers differ from the flatpaks we see being implemented broadly across all of Linux.

Thanks,
Sheila

Hi Sheila,
I am in shock. These people are innovative, if nothing else

So they containerised the user. I guess you cant containerize the OS.
Then they give the user extra tools like subsystems, init systems…
I would like to see what a user could do with init systems.

I think they will be simpler than flatpaks… more like docker containers. …they would not need the install side of flatpaks.

It is not easy understanding something as new and different as this.
Thank you for showing us.

Regards
Neville