Long before Linux was introduced, I worked as a Unix system administrator. In those days, I downloaded the source code, unpacked the tarball archive it arrived in, compiled it, and installed it whenever I needed to update my system or install a new package. It was a real pain in the rump.
With the arrival of Unix System V Release 4 (SVR4) in 1989, things got better with the first package manager system: pkgadd, pkgrm, and pkginfo. Companies such as IBM, with its AIX Unix distribution and its System Management Interface Tool (SMIT), and Sun, with Solaris 2.0, released their own proprietary versions, and my sysadmin life got a lot easier.
Also: How practical AI prevailed over hype at Red Hat Summit 2025
Meanwhile, Linus Torvalds, who had announced in 1991 that he was working on a (free) operating system (“just a hobby,” he said, “won’t be big and professional like gnu”) for 386(486) AT clones, was happy to see people adopting Linux and taking it seriously.
Evolution of package managers
Inspired by SVR4’s package managers, the first distros aiming to make Linux a rival to Unix for business servers picked up on the idea. By 1993-1994, the first Linux-specific package managers were emerging. Rik Faith’s Package Management System led the way with the little-known Linux distro BOGUS. What made it more than a footnote was that it would inspire the creation of the much more important Red Hat Package Manager (RPM) in 1994. At about the same time, Ian Murdock, creator of Debian Linux, built the Debian package manager (dpkg).
These package managers included basic dependency tracking. It wasn’t until more sophisticated tools such as Debian apt and Red Hat yum appeared in the late 1990s that automatic dependency resolution became standard. From this point on, package management became how almost everyone installed and managed operating system patches and programs.
<!–>
Beginning in the 2010s, the idea of an immutable Linux distribution began to take shape. Following the popularization of containers with the rise of Docker, people became interested in minimal Linux distributions where the core system files are locked as read-only and can only be updated as a whole (that is, atomically) instead of being updated package by package.
With immutable Linux distros, you don’t patch individual problems; you patch everyone at once, including system updates, during a reboot. This means everything is updated as a single transaction. If something goes wrong, you can easily switch back to a working system simply by rebooting the old image. No fuss, no muss.
This architecture approach significantly enhances system security and stability by preventing unauthorized changes and reducing the risk of system corruption. Instead of updating things piecemeal, the way most major Linux distributions do, everything is updated at once.
Also: What is immutable Linux? Here’s why you’d run an immutable Linux distro
Besides the rise of containers, security and reliability also drove this shift in platform design. With a read-only core, servers are less vulnerable to malware, accidental misconfiguration, and unauthorized changes. Containerization is a key feature, isolating applications from the core system and each other, further reducing the attack surface. Immutable distros also simplify maintenance by ensuring every server running the same image is consistent and predictable, making it easier to manage large-scale deployments.
The first major immutable Linux, CoreOS, appeared in 2013, and was designed specifically for running containers at scale. Its design ensured the core OS was read-only, with updates applied atomically and rolled out as new images. This made it ideal for cloud-native environments and Kubernetes clusters.
In 2018, Red Hat, knowing a good thing when it saw one, bought CoreOS for a song, $250 million. From CoreOS, Red Hat created three other significant Linux distros.
Also: Java at 30: How a language designed for a failed gadget became a global powerhouse
The first of these was Fedora CoreOS, built for minimalism and automatic, atomic updates. Fedora CoreOS is ideal for container hosting and Kubernetes clusters. It uses rpm-ostree to manage the immutable base and allows additional packages or containerized workloads.
Next came Fedora Silverblue, an immutable variant of Fedora Workstation. Silverblue brought immutability to the desktop, using Flatpak for application management and ostree for atomic updates.
RHEL 10 adopts immutable approach
Finally, there’s Red Hat Enterprise Linux (RHEL) 10. Yes, that’s right: Red Hat’s flagship operating system, RHEL 10, is the first major enterprise Linux distribution to adopt the immutable approach.
Why? At last month’s Red Hat Summit in Boston, Chris Wells, senior director of product marketing for RHEL, explained:
I talk to a lot of administrators, and they will tell me that just the bane of their existence is having to go through and update and upgrade systems. They know that they need to do it. They want to do it. They’re like, why does it have to be so hard? And if you think about it, how we take and patch those systems today really comes from the Unix world that we came from 20 years ago. That’s traditionally how we’ve done things. In the Unix/Linux world, we have small software packages. They’re all tied together, all the dependencies you have to go to update them, and cross your fingers. It all works.
And we thought, maybe there’s a better way to do this. So we got to thinking, “What if we containerized the operating system layer? What if I took and used that on my production systems? What if the next time I build a new set of systems, instead of doing it the traditional way, in package mode, what if I containerize both the application layer, containerize the OS, put that out into an image?” Now, all of a sudden, I have that image and I can deploy that out to those systems if something goes wrong. Instead of having to roll it back like in the old days, you just put the old image back there, because, again, it’s all going to be immutable.
Now, Red Hat isn’t the only company to figure out that an immutable Linux can be so useful. While not household names like Ubuntu and SUSE Linux Enterprise Server (SLES), there are many business-focused immutable Linux distributions, including Flatcar Container Linux, openSUSE MicroOS, Ubuntu Core, and Talos Linux. There are also security-first immutable distros like Chainguard OS.
Also: The Linux 6.15 kernel arrives – and it’s big a victory for Rust fans
However, there are trade-offs. Sysadmins accustomed to traditional package management must adapt to new workflows. Some customizations will also require workarounds. For example, say you need to change one package. That’s easy with the old methods; however, with immutable systems, you must reboot the system. That, in turn, can be a major pain for high-availability systems.
Still, Red Hat is convinced that going forward, the advantages of immutable Linux outweigh its disadvantages. Historically, Red Hat has long been the dominant enterprise Linux. I wouldn’t bet against them as they make this radical change.
Get the morning’s top stories in your inbox each day with our Tech Today newsletter.
