Is there anything obviously wrong or bad about the idea to just use whatever distro you like on bare metal. Like rolling release to get the fastest updates or immutable to make it rock solid. And then just use distrobox or toolbx with Debian and maybe Arch to run software your base distro does not provide?
I run Fedora right now but want to switch to something else. I was thinking about Tumbleweed a lot but there is quite a big portion of software which does not ship on Tumbleweed. (Theoretically you could download the .rpm file which quite a few developers provide on and install it on Tumbleweed too? But I am not 100% sure about that so please correct me about that if I’m wrong.) So I thought about Nix but the drama around that distro made me loose interest. Obviously Arch is also an idea but I don’t like my base OS to be a project itself so I’d rather not use it for now.
And yes I thought about installing homebrew or nixpkg or pixi or whatever the name of the next new package manager is. But nearly all of them are only installable by executing a script and I don’t feel comfortable doing that. Would it be safer to run scripts like that in a distrobox/toolbx?
So yeah, my initial question was wether it is viable to just choose any distro and get along with distrobox to get your software from the AUR or through .deb packages. But the question developed if it would be wise to use distrobox to execute random internet scripts without altering your base OS/putting your data to risk.
distrobox is pretty cool. I do not use it right now, but i have used it and it worked fine.
no. go with anything that gives you recent-ish updates plus security stuff (most good distros satisfy both).
any reason why do you want to do that. just trying out or any problems. fedora to me seems like a nice distro already. If there is any problem, maybe we can help.
It can work, but most likely it will not. to put it simply - most linux packages are effectively very fancy zip files. they use different containers and different compression algorithms. some (for example arch packages) are just zip files (or tarballs to be precise), and metadata is to be handled by separate files downloaded by pacman, hence you would not see people packaging anything for arch (you dont have to do anything). some others (for example debian deb packages) are zip file contaiing 3 other zip files. one of them is the package it self, other being metadata stuff (which have information of requirements, file lists, etc.). RPM packages are similar.
While suse also uses the same rpm packaging format, there is no guarantee that package requirements are packaged same way in suse as fedora. If a package does not have many dependencies, it will likely work, but I would still not recommend it.
there is a reason for that. they want something that works across distros and setups. also this way, they know how and where they installed theemselves, and after installation, they can manage themselves.
but for these programs, I would not worry much (the ones you listed are big projects, and trusted, and you just do this once). but more importantly - these install scripts are often very simple. effectively they just download some file from server (something like github release) and then extract to some desired location. other things they do include specific setup quirks management. What I mean is that these are simple enough, that I recommend just downloading the script and reading it. if it is not downloading anything unknown, it is fine. if it is not very readable, then that is a bad sign.
no. things can escape containers. just try to not run scripts.