Immutable Linux is about as secure as an OS can get. By mounting certain directories as read-only, malicious code or bad actors cannot affect the data within. I could seriously place my full faith in immutable Linux and not worry about a thing.

Until I wanted to install an application using the distribution's built-in package manager.

With immutable Linux distributions, software is typically installed via containers, such as Flatpak or Snap. Installation of apps is done this way because of the read-only nature of certain directories. Because of that, standard package managers cannot install the necessary files, so using the likes of apt, dnf, or pacman is a no-go.

Does that mean you're limited to the apps you have available on an immutable distribution? Somewhat. Don't get me wrong, the average user won't feel as if they're missing out on anything because Flathub and Snapcraft have tons of apps.

But when I'm using an immutable distribution, and I want to install something like Ollama, I'm out of luck if I want to ensure I'm using the latest version of the app (I currently run Ollama 0.30.7 on my Pop!_OS desktop). I've attempted to install Ollama via Flatpak, and although the command completes, the app is nowhere to be found. I've tried several times, but the end result is a failure. However, running the command sudo dnf install ollama works just fine; it shouldn't, but it does.

Why should the DNF command fail? Because RakuOS is immutable, installing via DNF shouldn't be possible. That's where RakuOS says, nay, nay. How does RakuOS pull this off? According to the official site, "RakuOS uses a persistent overlay system mounted directly on /usr. Your base system is always pristine -- but you can install any native package you want, and it survives every system update."