| DistroWatch Weekly
|DistroWatch Weekly, Issue 30, 5 January 2004
- Hardened Linux From Scratch
- JAMD and Xdefine Linux
- Most visited pages in 2003
- Released last week
- Upcoming releases: Knoppix 3.4
- New additions: Tilix, Shabdix, SCI.Linux, Overclockix, Tao, ZENIX, Polar Bear, Slix, WOMP!
- New on the waiting list: Litrux, Lineox, Rocks Cluster, Vermillion, Routix, Kanotix, LIVUX, Dave/Dina, Bluewall
- Reader feedback: TurboUpdate
Welcome to this year's first edition of DistroWatch Weekly. If pages seem to load slower than usual, that's because the Knoppix review published here yesterday proved extremely popular with the Slashdot crowd for much of today. Things should be slowly coming back to normal now, so let's get on with the programme.
Hardened Linux From Scratch
The 4th quarter of 2003 brought us a surprisingly high number of successful attacks on servers hosting high-profile Linux projects. Some of the compromised machines included servers running the Debian project, GNU, MPlayer, Savannah and others, and there was even an attempt to sneak a Trojan Horse into the Linux kernel development tree. While none of these attacks caused any serious damage to the affected projects, they have succeeded in making parts of the projects' web sites inaccessible for a prolonged period of time, causing annoyance to many of us. They have also highlighted the need to take security issues more seriously than ever.
One of the new projects aiming to educate Linux users about various methods of preventing common exploits is the newly launched Hardened Linux From Scratch (HLFS) project. This is part of the growing family of Linux From Scratch (LFS) projects, which includes the original LFS, as well as Automated Linux From Scratch (ALFS), Beyond Linux From Scratch (BLFS) and other subprojects. What is HLFS all about? Let the developers explain:
"Over the past few weeks, a discussion about a security-oriented LFS book has dominated the lfs-security list. Some clear ideas about the form and content of this initiative are crystalizing, and it was decided to give the initiators of this project a decent platform to work on. So far, a mailinglist (hlfs-dev)
has been created for Hardened Linux From Scratch, as it was dubbed. HLFS will become a book that provides the reader with a fundamental understanding of security that can be used as a base for further research. Part of the process in teaching this will be to build a hardened system step-by-step."
The security of Linux servers is something that, quite frankly, most of us would rather not deal with: an unexciting world of buffer overflows, hardened kernel patches and mandatory access control policies. Yet, that's the price to pay for the convenience of the World Wide Web of interconnected computers. And if the other LFS projects are anything to go by, Hardened Linux From Scratch will not only provide great educational value for absolutely free, it will do so in a hands-on and fun way for the benefit of all of us. Interested? Then join the mailing list and start learning.
JAMD and Xdefine Linux
Some of you might recall the good words we have put in for the JAMD Linux project, based on positive reviews and user feedback on the distribution's forums. Unfortunately, the project's future has become somewhat uncertain, due to the continued absence of the project's developer Jim Lucha from the forums, as well as a lack of any development roadmap. Upon some investigation, it turned out that Jim's name had resurfaced somewhere else, on a web site belonging to a new commercial Linux company called Xdefine. This is from the Xdefine's about pages:
"James Lucha, Chief Technical Officer, Xdefine, Inc. Graduated from University of California, Mr. Lucha who has extensive knowledge of Linux operating system joined Xdefine to take over the whole development of Xdefine Linux 2003. His feeling was that the customer has to always get 100% satisfaction and know they got a fair deal. Mr. Lucha met Mr. Sultani online, after talking for a while, he decided to join Xdefine as Chief Technical Officer."
The above note has since been removed from Xdefine's web site, but you can find a discussion about it on the JAMD Linux forums.
This brings up a question: do Free Software developers have some kind of responsibility towards the users of their products? Should they inform us about the project's status and any major changes to it? After all, many of them make no money from it and we are not paying customers, so why bother? On the other hand, there are human considerations - honesty and openness, especially in what we often perceive as our more honest and open world of Linux development, free of commercial considerations. Or is it all a lie? If a successful developer of Free Software is suddenly offered a regular paycheck to continue his or her work for a commercial company, can we really complain that we, the non-paying users, are suddenly abandoned?
If you are using one of the smaller distributions, how do you feel about it? Do you have a backup plan in case the developer gives up? Do you feel comfortable using one of the "one-man" distributions? Please discuss below.
Most visited pages in 2003
With the year 2003 behind us, let's take a quick look at the ranking of 20 most visited distribution-specific pages on this site and compare it to year 2002. The figures represent HPD or "Hits Per Day". Mandrake and Red Hat have retained their top two spots for the second year in a row, while some might be surprised by a rapid climb of Knoppix to the third position. You can view the 100 most visited pages of 2003 on the right column of the main index page.
|Released Last Week
LRs GNU/Linux Creme-13
A new version, Creme-13, of the recently revived LRs GNU/Linux distribution is out: "Merry Christmas and happy LRs with our brand new release Creme-13. Includes LFS-5.0, Linux-2.4.23, KDE-3.1.4 and much more. Some people don't need a full-blown LRs, so we will release three more ISO images in the next few days: LRs_with_X_and X-stuff (without KDE); LRs_Only_Console_tools; LRs_Pure_LFS." Visit the distribution's web site to learn more.
The long awaited CollegeLinux 2.5 has been released: "We are glad to announce the long awaited release of CollegeLinux 2.5 'Obi Wan'. Once again we did a release taking the necessary 6 months to bring something new, exclusive and never seen within the Linux community. Whilst there is a growing trend to release as often as possible, we have chosen to implement some important and innovative features and release only when there is something worth your time and bandwidth." Among the more interesting new features are a server robot which automatically installs and configures Apache, PHP, MySQL, SQLite, Webmin and PHPMyAdmin, and a slapt-get based auto-update engine integrated into Konqueror. See the full announcement for details. CollegeLinux is a Slackware-compatible Linux distribution designed for desktop and development workstations with many user-friendly enhancements.
Gibraltar Firewall 1.1
A new version of the Debian-based Gibraltar Firewall has been released. From the changelog: "Version 1.1, published 2003-12-23. This is the Christmas release, with only a few new features, but being a lot more resistant against buffer overflows and thus more secure due to the use of the PAX kernel patch. Updated the kernel to 2.4.23, which fixed the recently discovered brk() vulnerability. In addition to the update, the context patch (for virtual servers), the PAX patch and support for the zorp transparent proxy suite were added. Minor additions are an AES optimization and cryptoloop." Read the rest of the changelog for full details.
Openwall GNU/*/Linux 1.1
Openwall GNU/*/Linux 1.1 has been released: "After another year of development and many public Owl-current snapshots, Openwall GNU/*/Linux (Owl) release 1.1 is finally out. Owl 1.1 is currently available for purchase on a CD and will also be available for download after January 7, 2004. The major changes made since 1.0 are documented." Read the announcement on the distribution's web site and the complete changelog for further details. The product can be ordered from the distribution's online store for US$9.35. Openwall GNU/*/Linux is a security-enhanced operating system with Linux and GNU software as its core, intended as a server platform.
Ankur Bangla 1.0
FootNotes reports that Ankur Bangla 1.0 has been officially released: "The Ankur Bangla Project is proud to release version 1.0 final of the Ankur Bangla Live CD, running GNOME 2.4 localized into the Bangla (Bengali). The Live CD is based on Morphix and runs off the CD drive itself with little invasiveness to the existing setup. It is designed to be primarily a tool for collecting end user feedback on usability (especially of the translations of the GUI messages)." Read the rest of the announcement and release notes.
Aurox Live 1.2.0
This is a new release of Aurox Live CD, based on Aurox Linux 9.2. Changes: "This edition has NVIDIA binary drivers 44.96 and Macromedia Flash plugin installed. Aurox Live 1.2.0 contains: KDE 3.1.4 (default graphical desktop); web browsers Mozilla 1.5 and KDE's Konqueror; Office suites (KOffice 1.2.1, OpenOffice.org 1.1.0); multimedia support: sound and movie players Kaboodle, Xine (libs 1.0.0 RC2), non-accelerated games (KDE games); examples of games using hardware acceleration (Chromium, GLaxium); graphical e-mail clients (KMail, Evolution 1.4.5)..." Read the rest of the release notes.
Buffalo Linux 1.0.5
A new version of Buffalo Linux has been released: "This is a new bug-fix/update release in the 1.0.x series. Current version 1.0.5. Changes include: more cleanup of install procedure, includes patch for some hangs in AUTOSETUP. Improved integration with Codeweavers Crossover Office. Upgraded to latest version of Sylpheed (0.9.8a) mail client. Added more internal help files. Bug squashing and file cleanup." Buffalo Linux is a derivative distribution based on Vector and Slackware; it is targeted at the small business workstation market.
Damn Small Linux 0.5.2
Version 0.5.2 of Damn Small Linux has been released. From the changelog: "New for 0.5.2: mkisofs; cdrecord; bashburn (easy to use text mode CD burning utility); gTuxnes (interactive GUI for tuxness); smbclient; smbtree; a working /opt that is writable from the CD; midnight commander (many features stripped); skel now works for root when installed."
SLAX - Live CD 3.0.24
The honour of the first release of 2004 goes to SLAX - Live CD (formerly known as Slackware - Live CD), with the release of version 3.0.24 only a few hours into the new year. From the changelog: "v 3.0.24 (1th of January 2004): SLAX is the new name for Slackware-Live; now created by Linux Live scripts. Using KDE 3.2beta2 and KOffice 1.3beta2; removed quanta; configsave and configrestore doesn't work; added glut, libid3tag; added Linux kernel 2.4.23; removed printing and PDF/PS applications; sound volume is set to 88% automatically; rc.6 script modified, removed swap unmounting because of ovlfs..." Find out more on the distribution's new web site at slax.org.
Feather Linux 0.3.0 and 0.3.1
Feather Linux 0.3.1 has been released. From the distribution's changelog: "Fixed a known bug of LinNeighborhood; fixed HD install so that X starts automatically; removed mkcfm and mkfontdir, both extraneous with Kdrive; added script to save configuration to a USB pendrive and some bootup code to restore it." Feather Linux is a light-weight desktop Linux distribution based on Knoppix.
CRUX 1.3 (PowerPC edition)
A PowerPC edition of CRUX 1.3 is now available for download: "Port for PowerPC platform of CRUX 1.3. Uses kernel 2.4.23-ben1 with improved support for iBook G4 PowerMAC G5 and CPU Frequency Scaling. The distribution is source-based and uses the same ports tree from CRUX Linux Community available for CRUX x86." The project's web site has more information about the release (in Italian).
|Upcoming Releases and Announcements
Klaus Knopper has published information about the upcoming releases of the Knoppix live CD, with an updated version 3.3 expected this week and a brand new version 3.4 with kernel 2.6 before the end of March: "Preliminary release plan: update to Kernel 2.4.23 for the download edition of Knoppix 3.3, should be finished next week. ... Parallel working on version 3.4 with some major changes: switching to ISOLinux plus a 2 floppy boot option in order to allow inclusion of more drivers in the kernel and initrd (USB and Firewire, possibly), since the space on the 1.44 MB floppy is used up by the kernel 2.6 alone." Read the rest of the plan on the developers' mailing list.
|Web Site News
New on the waiting list
Removed from the waiting list
- Litrux. "What is Litrux? Litrux is a brand new Linux distribution, running completely from CD. No installation needed, just boot from CD. It automatically recognizes all supported types of network cards, graphic cards, sound cards, SCSI devices and other hardware devices."
- Lineox Enterprise Linux. "Lineox Enterprise Linux 3.0 contains all freely distributable packages from Red Hat Enterprise Linux 3.0 Advanced Server ($1499), Red Hat Cluster Suite ($499), and Red Hat Developer Suite (free as an introductory offer for RHEL subscribers). Lineox Enterprise Linux 3.0 does not contain any support. Lineox is however preparing a separately offered program package update option. Support option pricing and availability will be announced later."
- Rocks Cluster Distribution. Rocks is a specialist Linux distribution designed for clustering and cluster management.
- Routix. Routix is a Linux-based distribution for routers (web site in German).
- Vermillion. Vermillion is a custom Linux distribution based on Red Hat Linux.
- KANOTIX is a new Linux live CD based on Knoppix.
- Fermi Linux is a Linux distribution based on Red Hat Linux.
- LIVUX is a new Linux live CD based on Knoppix (web site in Spanish).
- The Dave/Dina Project. "The Dave/Dina Project was created to satisfy all the home entertainment needs of the average hacker. A Dave/Dina box is a computer connected to your TV screen, stereo, phone, and other stuff, running open-source software."
- Bluewall GNU/Linux. "Bluewall is a GNU/Linux distribution that allows you to install a system from a small set of preconfigured binary packages based on Debian Linux. Bluewall doesn't have any specific installation procedure, the idea behind it is that you can get installed Linux in the way you want, using command line tools."
DistroWatch database summary
- Zynot Linux. Zynot was a high-profile Gentoo fork when it started over 6 months ago, but now it seems to concentrate on development of embedded Linux solutions, rather than a general purpose distribution. As such, Zynot has been listed under Embedded Linux Distributions on the links page. Please let me know if my conclusion is incorrect.
- Momonga Linux. This is one of those never ending development projects, sprouted from the ashes of the discontinued Kondara MNU/Linux in July 2002. But despite its having been around for over 16 months and a promised final release by October 2002, we have yet to see any release.
- Number of distributions in the database: 230
- Number of discontinued distributions: 26
- Number of distributions on the waiting list: 66
On Turbolinux's TurboUpdate
"Turbolinux update utility seems to try to go to ftp.turbolinux.com. It has been down since I purchased the desktop 10D two weeks ago. Just thought I'd let someone know."
I have Turbolinux 10D installed and have had no problems using the TurboUpdate program to download and install all updates since the product release. Is there anybody else having the same problem as the reader above?
That's all for this week, see you next Monday :-)
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip.
(Tips this week: 0, value: US$0.00)
|• Issue 695 (2017-01-16): Zorin OS 12, Peppermint team fixes installer bug, Debian refreshes Jessie media, Ubuntu improves low graphics mode, Exciting things coming in 2017|
|• Issue 694 (2017-01-09): MX Linux 16, Fedora considers systemd security features, DragonFly BSD to support massive swap space, Ubuntu Touch roadmap, Puppy's newsletter, sudo's password prompt|
|• Issue 693 (2017-01-02): Comparing small distros, fig language, video driver comparsion, Debian+PIXEL, Wayland on FreeBSD|
|• Issue 692 (2016-12-19): Bodhi Linux 4.0.0, Cappsule containers, Calculate's new Utilities package, Solus and Ubuntu MATE build new application menu|
|• Issue 691 (2016-12-12): SalentOS 1.0, openSUSE improves YaST, Fedora considers slower release cycle, KDE neon gets LTS branch|
|• Issue 690 (2016-12-05): Fedora 25, Ubuntu adopts rolling HWE kernel, running Android apps on GNU/Linux, Haiku working toward EFI support|
|• Issue 689 (2016-11-28): openSUSE 42.2, Fedora's upgrade path, plans for Korora 25, transitioning from PC-BSD to TrueOS, Webconverger's reproducible builds|
|• Issue 688 (2016-11-21): Endless OS 3.0.5, KDE neon fixes security hole, FreeBSD's Quarterly Status Report, Rolling release trial #2 concludes|
|• Issue 687 (2016-11-14): NAS4Free 10.3.0.3, Fedora gains MP3 playback, budgie-remix becomes Ubuntu Budgie, Ubuntu flavours compared, Rolling release trial #2|
|• Issue 686 (2016-11-07): FreeBSD 11.0, rolling release trial #2, Debian announces supported architectures, Simplicity switching to antiX base, farewell to Mythbuntu|
|• Issue 685 (2016-10-31): elementary OS 0.4, SUSE gains ARM support, Mint improves language support, Dirty COW explained, Rolling release trial #2|
|• Issue 684 (2016-10-24): Ubuntu 16.10, Linux popularity in different markets, Fedora runs on Raspberry Pi, Ubuntu features live kernel patching|
|• Issue 683 (2016-10-17): Refracta 8.0, making packages for distributions, Alpine switches to LibreSSL, 386BSD website publishes classic code|
|• Issue 682 (2016-10-10): KDE neon 20160915, Android-x86 6.0, Fedora warns of update bug, HandyLinux drops English translation, LXQt benchmarks|
|• Issue 681 (2016-10-03): OpenBSD 6.0, DragonFly BSD to support LibreSSL in ports, systemd denial of service bug, upgraded Mintbox Mini|
|• Issue 680 (2016-09-26): Uruk GNU/Linux 1.0, blocking applications at the firewall, Lenovo controversy, Ubuntu running on the Nextcloud Box|
|• Issue 679 (2016-09-19): OpenMandriva 3.0, 32-bit vs 64-bit performance, openSUSE updates, KaOS unveils first run wizard|
|• Issue 678 (2016-09-12): Apricity 07.2016, Mageia adopts DNF, KDE neon to use Wayland, FreeBSD updates Linux compatibility, creating cron jobs|
|• Issue 677 (2016-09-05): Peppermint OS 7, Manjaro updates leadership, TrueOS becomes rolling release, organizing files, creating torrents|
|• Issue 676 (2016-08-29): Korora 24, Fedora 25 to use Wayland by default, Linux turns 25, PC-BSD becomes TrueOS, finding software licensing information|
|• Issue 675 (2016-08-22): Gentoo LiveDVD "Choice Edition", moreutils, Ubuntu improves terminal convergence, MATE packaged for Openindiana, FreeBSD improves video support|
|• Issue 674 (2016-08-15): Zenwalk Linux 8.0, Ubuntu phone follow-up, Lubuntu transitioning to LXQt, Steam running on FreeBSD|
|• Issue 673 (2016-08-03): noop linux and EasyNAS, Debian's GnuPG switch, Fedora "Flock", using "nice"|
|• Issue 672 (2016-08-01): Ubuntu Phone 15.04, Solus embraces rolling release model, interview with Jane Silber, FreeBSD Quarterly Report|
|• Issue 671 (2016-07-25): Slackware 14.2, Point Linux 3.2, OpenBSD disables usermount, KaOS releases significant changes, Fedora 22 reaches end of life.|
|• Issue 670 (2016-07-18): Linux Lite 3.0, Bodhi team plans 4.0.0, pfSense changes licensing, running software across distributions, Linux Mint upgrade path|
|• Issue 669 (2016-07-11): Linux Mint 18, proving a system is secure, LibreSSL in FreeBSD, Ubuntu plans phasing out 32-bit, pfSense status report|
|• Issue 668 (2016-07-04): Fedora 24, Linux Mint plans for 18.1, FreeBSD and DragonFly BSD improve their file systems, comparing Flatpak, Snap and AppImage|
|• Issue 667 (2016-06-27): GeckoLinux 421, Fedora supports Flatpak, Solus unveils new features, running GNU/Linux on tablets|
|• Issue 666 (2016-06-20): Comparing more live update methods, Ubuntu's snap packages, Antergos drops 32-bit media, GeckoLinux unveils Rolling edition, learning Linux resources|
|• Issue 665 (2016-06-13): BunsenLabs Linux Hydrogen, Fedora 24 delayed, NetBSD grows in size, Clonezilla questions|
|• Issue 664 (2016-06-06): Sabayon 16.05, Debian updates install media, the cost of free software, Qubes explains secure build process|
|• Issue 663 (2016-05-30): Comparing live update methods, Ubuntu MATE's progress, distros debate systemd change, DistroWatch turns 15|
|• Issue 662 (2016-05-23): Clonezilla Live, new Fedora community repository, DragonFlyBSD runs Wayland, a live edition of Slackware and kernel components|
|• Issue 661 (2016-05-16): FreeBSD 10.3, OpenMandriva adopts Clang, Debian adds ZFS packages, PCLinuxOS drops 32-bit and comparing CentOS with RHEL|
|• Issue 660 (2016-05-09): Ubuntu MATE 16.04, Mint's xapps, FreeBSD Quarterly Report, Debian updates 32-bit support, addressing GPL violations|
|• Issue 659 (2016-05-02): Ubuntu 16.04, compiling custom kernels, Cinnamon 3.0, Sabayon launches ARM build, Devuan ships Beta release|
|• Issue 658 (2016-04-25): Kali Linux 2016.1, elementary OS 0.3.2, Debian elects Project Leader, Fedora 24 feature preview, Nard reaches 1.0|
|• Issue 657 (2016-04-18): Redox, Linux Mint improves update manager, planned Fedora 24 features, Ubuntu 16.04 getting Snappy packages|
|• Issue 656 (2016-04-11): Qubes OS 3.1, Whonix offers bug bounties, Puppy's family tree, setting up disk partitions and running bash on Windows|
|• Issue 655 (2016-04-04): Parsix 8.5, Sabayon's Community repository, Red Hat offers free subscriptions, Ubuntu tablets, command line tips|
|• Issue 654 (2016-03-28): PCLinuxOS 2016.03, Using signatures to create a web of trust, Arch Linux rolls out Pacman update, GuixSD packages GNOME|
|• Issue 653 (2016-03-21): Antergos 2016.02.21, Debian prepares for election, a Unix-like OS written in Rust, watching Netflix on FreeBSD|
|• Issue 652 (2016-03-14): ReactOS 0.4.0, Debian swaps Iceweasel for Firefox, Fedora moving forward with Wayland, Verifying ISO files|
|• Issue 651 (2016-03-07): Korora 23, Linux Mint improves security, Ubuntu MATE on Raspberry Pi 3 computers, trying different file systems|
|• Issue 650 (2016-02-29): Haiku in 2016, running Android apps on GNU/Linux, 30 years of MINIX, Fedora plans Atomic Workstation|
|• Issue 649 (2016-02-22): Zorin OS 11, openSUSE launches new editions, Linux Mint website compromised, sandboxing applications using Firejail|
|• Issue 648 (2016-02-15): XStream Desktop 153, Raspbian unveils OpenGL feature, free hardware, Ikey Doherty talks desktop design|
|• Issue 647 (2016-02-08): Tails 2.0, KDE project launches Neon, Manjaro unveils ARM support, FreeBSD's quarterly report|
|• Issue 646 (2016-02-01): deepin 15, Mint plans X-Apps, FreeBSD to support boot environments, logging into the desktop as root|
|• Issue 645 (2016-01-25): Linux Mint 17.3 "Xfce", Chromixium changes its name, Ubuntu tablets coming soon, Linux vs BSD comparision|
|• Issue 644 (2016-01-18): Kwort 4.3, Sabayon tests ARM images, Slackware adopts PulseAudio, running Linux without GNU software|
|• Issue 643 (2016-01-11): Solus 1.0, Mint provide upgrade path to 17.3, Fedora developers work on stability, running the LXQt desktop|
|• Full list of all issues|
|Free Tech Guides
NEW! Apache Solr Cookbook
NEW! Solr (pronounced "solar") is an open source enterprise search platform, written in Java, from the Apache Lucene project.
FREE 86-page guide
|Free Tech Guides
Apache Tomcat Cookbook
Apache Tomcat is an open-source web server that implements several Java EE specifications including Java Servlet, JavaServer Pages (JSP), Java EL and WebSocket.
FREE 94-page Cookbook
DistroWatch.com is hosted at Copenhagen.
Contact, corrections and suggestions: Jesse Smith
Tips: BTC 1EqtE8vrBceFwiUUAu4JKef6HHNZbnviQG • PayPal.me/distrowatch