| DistroWatch Weekly
|DistroWatch Weekly, Issue 545, 10 February 2014
Welcome to this year's 6th issue of DistroWatch Weekly! Linux distributions usually get most of the attention in the open-source community, dominating the news. This week we turn the spotlight on FreeBSD, a popular server operating system that is introducing some important changes. Read this week's feature review to get the details behind FreeBSD's latest release. Also on the topic of servers, we talk this week about the challenge of finding a secure server platform that is easy to administer. Ubuntu is back in the news as the development team discusses whether to replace the distribution's default file manager and, in a surprising move, NVIDIA offers open-source code to the Nouveau project. We also talk about Xubuntu as the development team puts the project's artwork for their next release on-line for the community to see. Debian was in the news too this week as the project voted as to which init system to use for the next stable release of Debian GNU/Linux. Other topics covered in this issue include roadmap and feature list of the upcoming Bodhi Linux 3.0, opinion on the never-ending issue of the stability of Arch Linux, and introduction of ReactOS, a rather impressive open-source clone of the Microsoft Windows NT operating system. We wish you all a terrific week and happy reading!
Listen to the Podcast edition of this week's DistroWatch Weekly in OGG (28MB) and MP3 (45MB) formats
|Feature Story (by Jesse Smith)
First impressions of FreeBSD 10.0
The BSD family of operating systems is typically reputed to be conservative, stable and dependable. FreeBSD typically embodies these characteristics quite well, showcasing reliability and offering few surprises. That being said, the latest release of FreeBSD, version 10.0, introduced a few important changes which I felt deserved a look. Some of the new features shipping with FreeBSD 10.0 included support for ZFS on the root file system, TRIM and LZ4 compression support for ZFS, virtualization improvements and a new package manager. The latest version also swaps out the venerable GNU compiler for the Clang compiler on supported architectures. The 10.0 release is available for several architectures, including x86, Power PC and Sparc. I was interested in the x86 releases which can be downloaded in 32-bit or 64-bit builds. We can further narrow our selection by downloading either a CD-sized ISO or a 2.2 GB ISO image. I opted to try the larger image for my trial.
Installation and first boot
Booting from the installation media brings us to a text menu where we are asked if we would like to drop to a command line shell, launch a (text console) live environment or begin the installation process. The FreeBSD system installer is mostly a series of text menus with an occasional trip to a command line interface. Most steps in the process have sane defaults and users can generally just proceed to the next screen when in doubt of the proper configuration. The first screen asks us to confirm our computer's keyboard layout and then we are asked to provide a hostname for our computer. We are then asked which packages (documentation, games, ports and/or system source code) we would like to install. We are then given four partitioning options -- guided, an automated ZFS layout, manual using the installer or manual using command line utilities. I opted to take the automated ZFS configuration. With ZFS we can select which disk to use, optionally change the name of our data storage pool, set the size of our swap space, change disk layouts (GPT or MBR) and choose whether to enable encryption.
For the most part I tried to stick with the default settings. Some users may be interested to know that FreeBSD's installer supports RAID and mirroring for people with multiple disk drives. The following installer screens walk us through setting a password on the administrator's account, selecting our time zone from a list and configuring the network. We can also choose which system services to run, including secure shell, network time synchronization, kernel crash dumps and a dynamic CPU frequency daemon. At the end of the process we can choose to add user accounts to the system and we are given the chance to go back and change the settings we have selected. I was pretty happy with the latest iteration of the FreeBSD system installer. It worked well, offered good defaults and it completed so quickly I honestly wondered whether all the required files had been copied to my local drive or if an error had occurred -- that may be a first.
Once FreeBSD was installed I restarted the machine. FreeBSD booted in under a minute and dropped me at a text console with a login prompt. Signing into FreeBSD we are greeted by a welcoming message letting us know where we can find the project's documentation and security advisories. The system starts out using very few resources, around 10 MB of RAM and (depending on our choices at install time) around 1 GB of hard drive space. Looking around the system I found common UNIX utilities were available along with manual pages. The Clang compiler was available and the OpenSSH secure shell was running in the background. During the install process I had requested that FreeBSD set up 1GB of swap space for me, however I found the operating system did not have any swap space available to it. Further checking showed that the operating system was trying to activate a swap partition during the boot process -- a swap partition which did not exist. This seems to be a mistake on the part of the guided partition manager.
I had decided to set up FreeBSD using a ZFS data pool. During my time with FreeBSD I found that ZFS performed well and file copying and removals were performed quickly. By default ZFS is set up so that key sections of the file system are mounted as separate sub-volumes. This means that user home directories, system binaries, log files and software ports are all stored in different areas and can be handled separately. For example, we can create snapshots of system files and home directories separately and, if we need to roll back to previous versions of the file system, one group of files need not be affected when we restore a different area.
Software and package management
One attractive feature now available in FreeBSD 10.0 is the new package manager, called "pkg", which presents a unified approach to package management and provides a simplified syntax when compared against the previous FreeBSD package management utilities. The first time we run the new pkg command the system reports pkg is not fully installed and offers to download and install the package manager for us. Once pkg has been bootstrapped we find that pkg uses a similar syntax to the zypper or YUM package managers. We can perform software installations, upgrade software and remove unwanted packages. We can get lists of installed software and perform searches against the FreeBSD software repositories. As the FreeBSD ports and packages collection is a bit of a moving target, pkg allows us to lock specific packages at a specific version, preventing accidental upgrades. I found pkg worked quickly and presented lots of information while it was working, including helpful prompts.
The FreeBSD operating system, on its own, features lots of command line utilities, but it does not feature many services, nor a graphical user interface. Armed with the new pkg software manager I decided to change this. My first self-appointed task was to install the Xfce desktop environment from the project's binary package repositories. There is a meta package for Xfce which pulls in the various panels, menus and icons a desktop environment needs. These all installed cleanly, but I noticed there was an important omission. Installing the desktop environment does not install the necessary underlying X display server software. For some reason X is not considered a dependency of Xfce. The next hour was spent downloading X, trying to run the desktop, discovering X would not run, trouble-shooting X, reading the FreeBSD Handbook's entry on trouble-shooting X, manually reconfiguring X and trying again. Ultimately I never got X working quite right. Sometimes it would show me a desktop, but the interface wouldn't respond to keyboard input, or I could get keyboard input working, but X wouldn't display anything. Eventually I put X & Xfce aside and decided to focus on what FreeBSD is best known for, being a server.
Last month, when I was evaluating Linux-based server distributions, I tried setting up a few services, including secure shell and Wordpress on four GNU/Linux distributions. Since FreeBSD allows OpenSSH to be enabled at install time, I decided to focus on setting up a Wordpress service on my new FreeBSD box. At first this looked as though it would be blissfully straight forward as the FreeBSD software repositories include a Wordpress package. I installed the Wordpress package and, at the end of the process, was told to run a script to set up the Wordpress database. This seemed really convenient until I tried to run the script and found it did not exist. As it turned out, installing Wordpress only supplied the Wordpress files and didn't pull in dependencies such as a web server, database or the script file to automatically set up the Wordpress database. The phantom script referred to by the Wordpress package, as it turned out, was part of one of the database packages which I later installed.
I also downloaded the Apache web server (version 2.2) package using pkg and found the Apache server would not start, claiming it could not match my computer's hostname to an IP address. Fortunately I had seen this before and changed my hostname to something Apache would recognize as a fully qualified domain name. Thinking this should complete my Wordpress set up I tried to browse to my new website and discovered support for the PHP scripting language was not enabled in Apache by default and, for that matter, would require I re-install PHP from source code and change the port's configuration in the process. Once all of this was done I had to set up Apache and the MySQL database to start at boot time to complete the set up. It is a surprisingly long and error-prone process compared against the other server platforms I reviewed earlier in the year.
What most of my problems with FreeBSD came down to was the repeating issue that software installed using pkg did not also install all required dependencies. Some immediate dependencies might be installed, but not all the items further down the dependency chain. The above example of installing Xfce without getting X was one instance, installing Wordpress without getting a database or web server in the process was another example. On another day I installed a collection of "fortune" quotes to be displayed when I logged into my account. The fortune add-on installed properly and I could manually read its text file, but I found that the actual fortune program itself was not installed when the add-on was, it had to be found and installed separately.
Now, I suspect I may get a flood of emails from FreeBSD fans pointing out the fortune program is an optional part of the FreeBSD operating system itself rather than a port and therefore outside of the scope of the package manager. That may be true, but doesn't that make the problem worse? That means the package manager is not only installing software for which it is not checking dependencies, but also for which it cannot check dependencies. If the component is optional it really should be placed in the ports collection where it can be found by the package manager, otherwise we risk running into situations where software is broken. This does not appear to be a problem with the pkg software manager itself, but rather the underlying ports framework. Checking the dependency lists on FreeBSD's website show that the missing dependencies are not specified in the ports.
I tried running FreeBSD in two environments. The first was a VirtualBox virtual machine and the second was my desktop box (dual-core 2.8 GHz CPU, 6 GB of RAM, Radeon video card and Realtek network card). In both environments FreeBSD booted quickly, ran smoothly and remained stable. Sound worked out of the box and, with some effort, I was able to get X to work with my video card. The operating system was quite light on RAM, especially considering the many features of ZFS.
Largely due to the dependency gaps and troubles with getting third-party software up and running my impressions of FreeBSD came down to two main points. The first is that FreeBSD -- the command line tools, the kernel, the ZFS file system and installer -- is a great operating system. In both test environments FreeBSD was fast, stable and ran smoothly. I really like the work which has gone into the system installer for this release and I like that ZFS is so easy to enable and use. The documentation which comes with FreeBSD is detailed and helpful. The new package manager is fast and friendly when compared next to its predecessors. All of this means it is pretty easy to install FreeBSD, explore the system and, once it is up and running, an administrator is unlikely to encounter a broken system.
On the other hand, I got the impression that FreeBSD's ports collection does not receive the same level of care as the base operating system. Some of the available ports obviously have not been tested against a clean installation of FreeBSD to make sure all dependencies have been met. The state of the X port is, in short, unfortunate. This gap between the quality of the base FreeBSD operating system and its available ports is made all the more evident now that a quality package manager like pkg is present. It is easier than ever before to search for and install new software, but too much effort is required to hunt down dependencies and tweak the configuration of key ports. What this results in is a wonderful base operating system that is plagued by trouble once we try to add third-party functionality to it.
Another thing which stood out during my time with FreeBSD was not a feature which was there, but one which I feel was missing. FreeBSD has an amazingly useful feature, called Jails, for isolating processes in, what is essentially, a very low-resource virtual environment. There are some useful tools out there for working with jails and a jail makes running services, such as a web server, more secure. Jails also allow us to run software on our computer without affecting the rest of the operating system. What I feel is lacking is an official repository of pre-made jails. In the Linux ecosystem there is a project called Turnkey Linux which provides pre-made Linux images for common tasks such as serving web pages, running forums, running bug tracking software and hosting instant messaging software.
With FreeBSD jails it should be possible to make and redistribute templates of jails that do these same things. The FreeNAS and PC-BSD projects, both based on FreeBSD, supply a few vanilla jail templates for people who wish to experiment with ports or who want to have a clean container in which to set up services. However, neither of these projects, nor FreeBSD, appear to have a collection of Turnkey-style jails for specific tasks, such as hosting a Wordpress site, running a media server or a TorrentFlux host. The powerful technology included in FreeBSD, along with the operating system's combination of stability and low resource usage, seems ideal for this sort of pre-fabricated container solution. I hope such an idea is adopted as I think it would be great to be able to run a command like "pkg install-jail amp_server" and have an appropriate jail created on the host operating system.
- Advanced file systems (Btrfs/ZFS): 4
- Documentation: 5
- Ease of installation: 4
- Ease of maintaining/upgrading: 3
- Length of support for each release: 3
- Performance: 5
- Stability: 5
- Steps required to enable services: 1
* * * * *
A few additional notes on SME Server
Following my review of the SME Server distribution, John Crisp emailed me and introduced himself as "El Presidente" of Koozali SME Server, the not-for-profit running the SME Server project. Mr Crisp offered some additional notes and comments he felt would be helpful should I wish to revisit the SME Server distribution in the future. I thought his comments were both fair and informative and, with his permission, I am including some of his notes below:
"Our website does have a huge amount of documentation, but obviously you found that hard to find/navigate. I am going to look at seeing if we can get more "context sensitive" links to either local or server based help built into each area of the server manager. Speaking of which, I know the console looks limited, but you can actually get to a text-based version of the server manager and access everything with a local text browser. I use it a lot.
File systems: the new version 9 [of SME Server] (currently at beta 3 and based on CentOS 6.x), should have ext4. I am not sure what the scenario is with Btrfs or ZFS, but will talk to the developers about it as it is an interesting comment. We hope that version 9 will be launched sometime later this year.
Upgrading from CentOS 5 to CentOS 6: Everyone will have a problem with this due to problems with RPM package signatures (if I remember correctly). This is due to changes at RHEL and CentOS, not us. The CentOS default upgrade recommendation is to back up and restore. It is possible to upgrade, but very tricky and not recommended.
As far as the future is concerned we have tried to concentrate on moving the system pretty well "as is" to v9 / CentOS 6 and only changing things where necessary due to the base system. We hope that we can then turn our attention to some more exciting stuff: new server-manager panel and full LDAP integration. There is a lot we want to do, but that depends a lot on the help we get!
To get version 9 out we really need as many people as possible to get involved, be that installing and testing, verifying bugs, reporting bugs, writing code, editing wiki documents etc. It doesn't matter about your experience level -- please contact us if you would like to help and we will be more than happy to assist people get started."
I would like to thank Mr Crisp for his insightful feedback.
|Miscellaneous News (by Jesse Smith and Ladislav Bodnar)
Debian votes for systemd, Ubuntu considers own file manager, Xubuntu shows off new artwork, Bodhi unveils 3.0 roadmap, NVIDIA contributes to open-source drivers, Arch Linux and stability
Last week the developers of Debian GNU/Linux went to the polls over an important issue - whether the world's largest community distribution of Linux should adopt a new init system, such as systemd or Upstart. The init system is responsible for getting the operating system into a usable state at boot time and managing system services. After much debate over the benefits of systemd and Upstart by fans of the two init systems, it appears as though the next Debian Stable release will use systemd by default. This means that Debian will join other distributions such as Fedora, openSUSE and Arch Linux in using systemd while Upstart usage remains primarily in the Ubuntu family of distributions.
* * * * *
Some fans of the Nautilus file manager have been upset lately with the development team's choice to remove certain key features, such as dual pane file views. Oliver Grawert raised the idea of swapping out Nautilus from future versions of the Ubuntu distribution in favour of a new file manager which might better suit the needs of Ubuntu users. His mailing list post suggests developers collect a list of required features a file manager should have and look at alternative file managers as possible replacements for Nautilus. Some people saw this proposal and jumped to conclusions, assuming Ubuntu 14.04 would no longer ship with Nautilus as the default file manager. In response to the rumours, Ubuntu developer Jono Bacon took to Google+ to assure people that no decision has yet been made: "There are a set of considerations that we assess when determining which default apps to ship. This includes features, quality, integration, stability, and the health of the upstream. The Ubuntu Desktop team takes these considerations into account when making a decision, and the decision is always discussed out in the open at UDS and on [the] Ubuntu-desktop [mailing list]. What is important to note is that the decision has not been made yet. We are not even close."
* * * * *
While a great deal of the open-source community focuses on code development, many of our first impressions of an operating system come from its appearance and layout. Often times the design choices which go into a project are the work of artists rather than coders. The Xubuntu project gave a nod to the artistic members of its community last week by showcasing some of the new artwork which will appear in Xubuntu 14.04. "In a discussion lasting over two hours, we looked at and discussed all wallpapers in question. It has to be mentioned that one of our criteria was to end up with a diverse set of wallpapers, as in: Xubuntu isn't only 'all blue'. Today, we would like to present the winners and outline quickly what we like about them or why they were chosen." The favoured images can be found on the Xubuntu news page
* * * * *
With the upcoming release of Ubuntu 14.04, a special version that will be supported with security update for five years, many of the Ubuntu-based projects that follow the long-term support branch will spring into action. One of them is Bodhi Linux, a distribution building a highly customised desktop with the Enlightenment window manager. Last week founder Jeff Hoogland published a tentative feature plan and roadmap leading to Bodhi 3.0.0: "This coming year will mark our third major release - Bodhi Linux 3.0.0. First, let's cover a few FAQs I've been getting regarding this new major release. Q: Will you continue to support non-PAE Processors? A: Yep. I do not currently know which kernel version we will be using on our non-PAE disc, but we will continue producing an ISO image that works on older non-PAE computers. Q: Which version of Enlightenment will you use? A: Unless I am able to beat E18 into a form I am confident is consumable for 'normal' users Bodhi 3.0.0 will continue to use the E17 desktop by default. Regardless of which desktop we ship with by default - both desktops will be easily accessible/swappable in our repositories." Bodhi 3.0.0 is slated for final release at the end of June.
* * * * *
In a surprise move, NVIDIA, the notoriously proprietary company, has contributed code to open-source driver development. Alexandre Courbot posted source code patches for Nouveau, a project which creates open-source drivers for NVIDIA video cards. The patches are for GK20A, a Kepler-based GPU that will be used in Tegra K1 chips. Courbot wrote: "I guess my [NVIDIA] email address might surprise some of you, so let me anticipate some questions you might have. Yes, this work is endorsed by NVIDIA. Several other NVIDIAns, including core GPU experts, have provided significant technical guidance and will continue their involvement." This unusual move has pleased Linux founder Linux Torvalds who raised "a thumb for NVIDIA" on his personal Google Plus page. Hopefully this is one of many more open-source contributions from NVIDIA.
* * * * *
Arch Linux, one of the few genuine rolling-release distributions that one can install and continuously keep up-to-date, has become a very popular operating system among the more knowledgeable Linux users who like that cutting-edge experience. But how does this never-ending upgrade process impact the stability of the distribution? In "Opinion: Arch Linux and Stability", author Andrew Powell summarises his experiences with running Arch: "So long as some care is taken and you don't rush in and do something silly without any knowledge or consulting that amazingly good and famous Arch Wiki, things should go okay and be quite stable. But occasionally, they won't. Of course when it comes to updates and bugs/instability creeping into software, it can happen in any operating system out there. But with Arch Linux, it is bleeding edge and the updates tend to come pretty fast, plus the distribution is meant to be more hands-on in its approach, so there is that little bit extra risk. Whether the pros of Arch outweigh some of these cons, is purely dependent on you and your tastes or requirements in a Linux distribution."
|Tips and Tricks (by Jesse Smith)
Putting server security first
Looking-for-security asks: I am really glad you did your server showdown reviews. That said, I've still got some unresolved questions. Maybe you can answer these as an extension to your server showdown, or maybe it would be better done as a similar but separate series of articles? I'm looking for a "secure communications server for the rest of us", a hardened secure communications platform that a complete novice can set up and be reasonably sure that it is as secure as possible from intrusion. Personally, I want secure, encrypted email, and secure, encrypted instant messaging, maybe also some website hosting, maybe also some file sharing.
The typical process for getting to a secure server seems to be: Start from an insecure distribution, secure ad-nausium (a failure-prone process due to the nearly infinite steps required to implement a never-ending list of security recommendations) and activate server features. What I am looking for is more along the lines of: Start from a "secure by default" distribution, with all possible security features already enabled. Then use some convenient interface to turn on the server features, which also turns off only those security features required for the feature to function (a manageable, finite step process).
I really want this sort of Linux server appliance that is secure and hardened, and doesn't need a sea of configuration changes to make as secure as possible, but is still easy to reliably set up what I need, and not requiring me to be overly concerned about whether I have mangled the server security in the process of turning things on.
DistroWatch answers: You raise an interesting problem and I think you are going to run into is that secure is usually the opposite of convenient. You want to set up a server that just installs, you click a few buttons to enable features (or run a few commands) and it "just works". Which is great, a server like SMS or Zentyal will do that for you, Zentyal especially is designed for that. The problem though is that, by being easy, such distributions are not, by their nature, secure. Secure systems such as OpenBSD or Tails are designed to not have convenient features because such systems are almost universally insecure.
I feel your best bet is probably to get a fairly convenient system (like Zentyal) and make sure you enable the firewall and enable email transmission encryption. Maybe visit their community forums and get suggestions on the easiest way to do the other things you want. That would give you the easy setup and relatively finite steps of an appliance distribution. On the other end of the scale, if your primary interest is security, then you might want to look at OpenBSD, one of the few operating systems which is pretty much guaranteed to be secure by default. It takes more time and effort to set up OpenBSD and there is a sharp learning curve, but it will start you off with security-on-by-default. Alternatively you might want to look at Turnkey Linux, which packages services as appliances. These are designed to be more convenient than secure (typically), but they turn the operating system into a module. Running a series of these on separate machines may be more secure (on the whole) than trying to run many services all on one operating system.
One word of warning, if I may. You mention secure web hosting and encrypted email. Such things are only as secure as the weakest link, which means your emails may be encrypted going out to other people, but chances are no one is going to send you encrypted emails in return (or know how to open your encrypted messages). Your web server may be secure (have HTTPS enabled and be patched against known threats), but that won't save you from a SQL attack if your server-side code is sloppy. Sharing files securely can be difficult too because your files are only as safe as the weakest password/authentication system your users may utilize. This is why security is hard (and often at odds with convenience), there are a lot of pieces to a modern operating system and, as you add functionality, you add potential security weaknesses.
I would also like to point out that security is often a matter of ongoing processes rather than a set state. The question mentioned finding a distribution with "all possible security features already enabled". There are virtually limitless possible steps in adding layers of security to an operating system and many of them require vigilance. This is why it is difficult to find a fully functional operating system that is close to "secure by default". There are all sorts of account management tools, intrusion detection and access controls (such as SELinux or AppArmor) that may be added to a system to improve its security beyond a set of bare defaults.
|Released Last Week
Chakra GNU/Linux 2014.02
Neophytos Kolokotronis has announced the release of Chakra GNU/Linux 2014.02, the latest stable version of the project's Linux distribution, originally forked from Arch Linux, featuring the KDE 4.12.1 desktop: "The Chakra project team is delighted to announce the first release of Chakra 'Curie'. Curie is the name of a series of Chakra releases that follows the KDE Software Compilation 4.12 series. This new release includes some refinements as well as new features and updates: Chakra provides the first in a series of monthly stabilization updates to the KDE 4.12 series: 4.12.1; KDE Workspaces has been patched to display the width or height (depending on orientation) of Plasma panels when resizing them; we now provide KDE Connect, which aims at making your computer aware and seamlessly integrated with all your devices; enabled login/logout sounds...." Read the rest of the release announcement for more information and a screenshot.
Chakra GNU/Linux 2014.02 - the default KDE desktop
(full image size: 1,543kB, screen resolution 1280x1024 pixels)
Zorin OS 8 "Educational"
Artyom Zorin has announced the release of Zorin OS 8 "Educational" edition, an updated version of the project's specialist edition designed primarily for educational institutions: "The Zorin OS team has released Zorin OS 8 Educational, the education-oriented edition of our operating system designed for new Linux users. We have introduced a myriad of changes in Zorin OS including updated software, improvements to the user interface and entirely new software. As always, Zorin OS 8 uses the Zorin Desktop environment with Zorin Menu for unparalleled customization and the Zorin Look Changer for ultimate ease of use. We also include our Zorin Web Browser Manager to ease the installation of web browsers. In addition, we have now made it super easy to install the Zorin World Community Grid program in Zorin OS 8 to help humanity. Zorin OS 8 is based on Ubuntu 13.10." Here is the brief release announcement.
Tails 0.22.1.1, an updated release of the Debian-based distribution and live CD pre-configured for anonymous web browsing, has been released: "Tails, The Amnesic Incognito Live System, version 0.22.1, is out. All users must upgrade as soon as possible as this release fixes numerous security issues. Notable user-visible changes include: security fixes - upgrade the web browser to 24.3.0esr, upgrade the system NSS to 3.14.5, workaround to a browser size fingerprinting issue by using small icons in the web browser's navigation toolbar, upgrade Pidgin to 2.10.8; major improvements - check for upgrades availability using Tails Upgrader and propose to apply an incremental upgrade whenever possible; install Linux kernel 3.12.6; bug fixes - fix the keybindings problem introduced in 0.22, fix the Unsafe Browser problem introduced in 0.22...." Here is the complete release announcement with known issues and upgrade instructions.
Untangle NG Firewall 10.1
Untangle has announced the release of version 10.1 of Untangle NG Firewall (a product formerly known as "Untangle Gateway"), a Debian-based specialist distribution for firewalls and gateways: "Untangle, Inc., a network software and appliance company, today launched version 10.1 of its Next Generation Firewall software, a critical upgrade for disaster recovery support for small and medium businesses." One of the major changes of this release is that the applications are now pre-installed: "In 10.1 and the future, the applications will be preinstalled on the appliance or installed with the CD or USB key along with the platform. This makes the installation much quicker and simpler. Now when the user logs in for the first time they will register this server with their Untangle account and then they can install the applications. No download is required." Read the press release and check out the detailed changelog for a full list of changes and new features.
Colin Watson has announced the release of Ubuntu 12.04.4, the latest of the distribution's live and installation images that include all recent security and bug-fix updates. This is Ubuntu's LTS (long-term support) release, providing security updates until 2017. From the release announcement: "The Ubuntu team is pleased to announce the release of Ubuntu 12.04.4 LTS for its Desktop, Server, Cloud, and Core products, as well as other flavours of Ubuntu with long-term support. As with 12.04.3, 12.04.4 contains an updated kernel and X stack for new installations on x86 architectures. As usual, this point release includes many updates, and updated installation media has been provided so that fewer updates will need to be downloaded after installation." Please read also the release notes for more information.
Scientific Linux 6.5 "Live"
Urs Beyerle has announced the release of "Live" editions of Scientific Linux 6.5, a distribution built from source packages for Red Hat Enterprise Linux 6.5 but enhanced with extra software applications for use in academic and scientific environments: "Scientific Linux 6.5 LiveCD, LiveMiniCD and LiveDVD are officially released. Changes since 6.4: software based on Scientific Linux 6.5; CUPS, Pidgin, Brasero, Qt, Gcalctool, gdisk, LFTP, spice-client, minicom and nc were removed from 'LiveCD' to save disk space. Notes: the live images are based on the Fedora LiveCD tools; if you install LiveCD to hard drive, the installation of the live image is done by Anaconda similar to the normal SL6 installation, all changes done during LiveCD usage are lost; you can install LiveCD on an USB stick with persistent changes using liveusb-creator included in sl-addons." See the full release announcement for further information.
Jordan Hubbard has announced the release of FreeNAS 9.2.1, an updated version of the project's free network-attached storage (NAS) system based on FreeBSD and the ZFS file system: "After one beta, two release candidates, and many nightly builds (which many of you tested, to our everlasting gratitude) we are, as always, proud to announce the public availability of FreeNAS 9.2.1-RELEASE. FreeNAS 9.2.0 was a great release, and we're pleased to say that FreeNAS 9.2.1 is even better. Since 9.2.0 was released, we have fixed over 189 bugs, added new features, polished the UI, and improved the performance of FreeNAS even further. The documentation has also been updated for 9.2.1, though the source code is still a useful reference for features like the web API, which comes with several examples in the source tree. For the first time, we are also publishing an errata list for 9.2.1 so people will know about known issues that were not deemed severe enough to be 'show stoppers' for this release." Read the rest of the release announcement which includes detailed release notes.
Version 12.04.4 of LXLE, a respin of Lubuntu designed for older computers, has been released: "After patiently waiting for Ubuntu to officially announce their 12.04.4 update and once the number of seeders of LXLE grew to an adequate level to 'serve' it, LXLE 12.04.4 has been released. This particular release builds on the idea that many 'at idle' processes can be replaced by 'on demand' solutions, such as weather, battery, updates, power management, etc. It also introduces microcode kernel updates for your processor and preload, a readahead daemon, by default. Notable new features: LXLE PPA enabled by default; updated core LXDE components; updated BleachBit, Catfish, MiniTube; updated Elementary icon set; added Steam, VokoScreen, Schedule Tasks; GNOME Commander replaced with Sunflower; Fast Forecast replaced with Typhoon; GDiskDump replaced with Startup Disk Creator; enhanced Firefox and bookmarks toolbar...." See the full release announcement for more information and a video overview.
Sam Geeraerts has announced the release of gNewSense 3.1, a minor update of the project's Debian-based Linux distribution built strictly from free software as defined by Richard Stallman's Free Software Foundation: "Hi, I'm pleased to announce the release of gNewSense 3.1. This is a minor update to the current stable version with code name 'Parkes'. These are the most important changes: the correct country-specific package repository (instead of the beta one) is set at installation time; NetworkManager is included on the live image by default; the expert installer no longer suggests to install Debian's non-free repository. Current users of gNewSense 3.0 don't have to reinstall as they get all the updates automatically. However, they should fix their repository configuration. That repository will be disabled next week, in order to start development on gNewSense 4. I urge you to update your software sources to the correct ones as soon as possible." Here is the brief release announcement.
* * * * *
Development, unannounced and minor bug-fix releases
|Upcoming Releases and Announcements
Summary of expected upcoming releases
New distributions added to database|
* * * * *
New distributions added to waiting list
- BASIS. BASIS is a desktop Linux distribution based on openSUSE and built with SUSE Studio.
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 17 February 2014. To contact the authors please send email to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, suggestions and corrections: news, donations, distribution submissions, comments)
- Bruce Patterson (feedback and suggestions: podcast edition)
|Linux Foundation Training
|• Issue 837 (2019-10-21): CentOS 8.0-1905, Trident finds a new base, Debian plans firewall changes, 15 years of Fedora, how to merge directories|
|• Issue 836 (2019-10-14): Archman 2019.09, Haiku improves ARM support, Project Trident shifting base OS, Unix turns 50|
|• Issue 835 (2019-10-07): Isotop, Mazon OS and, KduxOS, examples of using the find command, Mint's System Reports becomes proactive, Solus updates its desktops|
|• Issue 834 (2019-09-30): FreedomBox "Buster", CentOS gains a rolling release, Librem 5 phones shipping, Redcore updates its package manager|
|• Issue 833 (2019-09-23): Redcore Linux 1908, why Linux distros are free, Ubuntu making list of 32-bit software to keep, Richard M Stallman steps down from FSF leadership|
|• Issue 832 (2019-09-16): BlackWeb 1.2, checking for Wayland session and applications, Fedora to use nftables in firewalld, OpenBSD disables DoH in Firefox|
|• Issue 831 (2019-09-09): Adélie Linux 1.0 beta, using ffmpeg, awk and renice, Mint and elementary improvements, PureOS and Manjaro updates|
|• Issue 930 (2019-09-02): deepin 15.11, working with AppArmor profiles, elementary OS gets new greeter, exFAT support coming to Linux kernel|
|• Issue 829 (2019-08-26): EndeavourOS 2019.07.15, Drauger OS 7.4.1, finding the licenses of kernel modules, NetBSD gets Wayland application, GhostBSD changes base repo|
|• Issue 828 (2019-08-19): AcademiX 2.2, concerns with non-free firmware, UBports working on Unity8, Fedora unveils new EPEL channel, FreeBSD phasing out GCC|
|• Issue 827 (2019-08-12): Q4OS, finding files on the disk, Ubuntu works on ZFS, Haiku improves performance, OSDisc shutting down|
|• Issue 826 (2019-08-05): Quick looks at Resilient, PrimeOS, and BlueLight, flagship distros for desktops,Manjaro introduces new package manager|
|• Issue 825 (2019-07-29): Endless OS 3.6, UBports 16.04, gNewSense maintainer stepping down, Fedora developrs discuss optimizations, Project Trident launches stable branch|
|• Issue 824 (2019-07-22): Hexagon OS 1.0, Mageia publishes updated media, Fedora unveils Fedora CoreOS, managing disk usage with quotas|
|• Issue 823 (2019-07-15): Debian 10, finding 32-bit packages on a 64-bit system, Will Cooke discusses Ubuntu's desktop, IBM finalizes purchase of Red Hat|
|• Issue 822 (2019-07-08): Mageia 7, running development branches of distros, Mint team considers Snap, UBports to address Google account access|
|• Issue 821 (2019-07-01): OpenMandriva 4.0, Ubuntu's plan for 32-bit packages, Fedora Workstation improvements, DragonFly BSD's smaller kernel memory|
|• Issue 820 (2019-06-24): Clear Linux and Guix System 1.0.1, running Android applications using Anbox, Zorin partners with Star Labs, Red Hat explains networking bug, Ubuntu considers no longer updating 32-bit packages|
|• Issue 819 (2019-06-17): OS108 and Venom, renaming multiple files, checking live USB integrity, working with Fedora's Modularity, Ubuntu replacing Chromium package with snap|
|• Issue 818 (2019-06-10): openSUSE 15.1, improving boot times, FreeBSD's status report, DragonFly BSD reduces install media size|
|• Issue 817 (2019-06-03): Manjaro 18.0.4, Ubuntu Security Podcast, new Linux laptops from Dell and System76, Entroware Apollo|
|• Issue 816 (2019-05-27): Red Hat Enterprise Linux 8.0, creating firewall rules, Antergos shuts down, Matthew Miller answers questions about Fedora|
|• Issue 815 (2019-05-20): Sabayon 19.03, Clear Linux's developer features, Red Hat explains MDS flaws, an overview of mobile distro options|
|• Issue 814 (2019-05-13): Fedora 30, distributions publish Firefox fixes, CentOS publishes roadmap to 8.0, Debian plans to use Wayland by default|
|• Issue 813 (2019-05-06): ROSA R11, MX seeks help with systemd-shim, FreeBSD tests unified package management, interview with Gael Duval|
|• Issue 812 (2019-04-29): Ubuntu MATE 19.04, setting up a SOCKS web proxy, Scientific Linux discontinued, Red Hat takes over Java LTS support|
|• Issue 811 (2019-04-22): Alpine 3.9.2, rsync examples, Ubuntu working on ZFS support, Debian elects new Project Leader, Obarun releases S6 tools|
|• Issue 810 (2019-04-15): SolydXK 201902, Bedrock Linux 0.7.2, Fedora phasing out Python 2, NetBSD gets virtual machine monitor|
|• Issue 809 (2019-04-08): PCLinuxOS 2019.02, installing Falkon and problems with portable packages, Mint offers daily build previews, Ubuntu speeds up Snap packages|
|• Issue 808 (2019-04-01): Solus 4.0, security benefits and drawbacks to using a live distro, Gentoo gets GNOME ports working without systemd, Redox OS update|
|• Issue 807 (2019-03-25): Pardus 17.5, finding out which user changed a file, new Budgie features, a tool for browsing FreeBSD's sysctl values|
|• Issue 806 (2019-03-18): Kubuntu vs KDE neon, Nitrux's znx, notes on Debian's election, SUSE becomes an independent entity|
|• Issue 805 (2019-03-11): EasyOS 1.0, managing background services, Devuan team debates machine ID file, Ubuntu Studio works to remain an Ubuntu Community Edition|
|• Issue 804 (2019-03-04): Condres OS 19.02, securely erasing hard drives, new UBports devices coming in 2019, Devuan to host first conference|
|• Issue 803 (2019-02-25): Septor 2019, preventing windows from stealing focus, NetBSD and Nitrux experiment with virtual machines, pfSense upgrading to FreeBSD 12 base|
|• Issue 802 (2019-02-18): Slontoo 18.07.1, NetBSD tests newer compiler, Fedora packaging Deepin desktop, changes in Ubuntu Studio|
|• Issue 801 (2019-02-11): Project Trident 18.12, the meaning of status symbols in top, FreeBSD Foundation lists ongoing projects, Plasma Mobile team answers questions|
|• Issue 800 (2019-02-04): FreeNAS 11.2, using Ubuntu Studio software as an add-on, Nitrux developing znx, matching operating systems to file systems|
|• Issue 799 (2019-01-28): KaOS 2018.12, Linux Basics For Hackers, Debian 10 enters freeze, Ubuntu publishes new version for IoT devices|
|• Issue 798 (2019-01-21): Sculpt OS 18.09, picking a location for swap space, Solus team plans ahead, Fedora trying to get a better user count|
|• Issue 797 (2019-01-14): Reborn OS 2018.11.28, TinyPaw-Linux 1.3, dealing with processes which make the desktop unresponsive, Debian testing Secure Boot support|
|• Issue 796 (2019-01-07): FreeBSD 12.0, Peppermint releases ISO update, picking the best distro of 2018, roundtable interview with Debian, Fedora and elementary developers|
|• Issue 795 (2018-12-24): Running a Pinebook, interview with Bedrock founder, Alpine being ported to RISC-V, Librem 5 dev-kits shipped|
|• Issue 794 (2018-12-17): Void 20181111, avoiding software bloat, improvements to HAMMER2, getting application overview in GNOME Shell|
|• Issue 793 (2018-12-10): openSUSE Tumbleweed, finding non-free packages, Debian migrates to usrmerge, Hyperbola gets FSF approval|
|• Issue 792 (2018-1203): GhostBSD 18.10, when to use swap space, DragonFly BSD's wireless support, Fedora planning to pause development schedule|
|• Issue 791 (2018-11-26): Haiku R1 Beta1, default passwords on live media, Slax and Kodachi update their media, dual booting DragonFly BSD on EFI|
|• Issue 790 (2018-11-19): NetBSD 8.0, Bash tips and short-cuts, Fedora's networking benchmarked with FreeBSD, Ubuntu 18.04 to get ten years of support|
|• Issue 789 (2018-11-12): Fedora 29 Workstation and Silverblue, Haiku recovering from server outage, Fedora turns 15, Debian publishes updated media|
|• Issue 788 (2018-11-05): Clu Linux Live 6.0, examining RAM consumpion, finding support for older CPUs, more Steam support for running Windows games on Linux, update from Solus team|
|• Issue 787 (2018-10-29): Lubuntu 18.10, limiting application access to specific users, Haiku hardware compatibility list, IBM purchasing Red Hat|
|• Issue 786 (2018-10-22): elementary OS 5.0, why init keeps running, DragonFly BSD enables virtual machine memory resizing, KDE neon plans to drop older base|
|• Issue 785 (2018-10-15): Reborn OS 2018.09, Nitrux 1.0.15, swapping hard drives between computers, feren OS tries KDE spin, power savings coming to Linux|
|• Full list of all issues|
Star Labs - Laptops built for Linux.
View our range including the Star Lite, Star LabTop and more. Available with a choice of Ubuntu, Linux Mint or Zorin OS pre-installed with many more distributions supported. Visit Star Labs for information, to buy and get support.
|Random Distribution |
Trusted End Node Security
Trusted End Node Security (TENS), previously called Lightweight Portable Security (LPS), is a Linux-based live CD with a goal of allowing users to work on a computer without the risk of exposing their credentials and private data to malware, key loggers and other Internet-era ills. It includes a minimal set of applications and utilities, such as the Firefox web browser or an encryption wizard for encrypting and decrypting personal files. The live CD is a product produced by the United States of America's Department of Defence and is part of that organization's Software Protection Initiative.