| DistroWatch Weekly
|DistroWatch Weekly, Issue 581, 20 October 2014
Welcome to this year's 42nd issue of DistroWatch Weekly! The world of technology changes at a remarkable rate and, in this rapid stream of progress it can be difficult to know how to stay secure. This week we turn our attention to the Qubes OS project which has an interesting approach to keeping our computers secure and our information private. This week we continue our discussion on rolling-release distributions and their reliability. Find out below which distributions are running smoothly and which ones are experiencing problems. Another rolling-release, SparkyLinux, is also in the spotlight in a first impressions review this week. Read on to find out how the Debian-based project performs. In the News section this week we share graphics improvements coming to Fedora via new drivers and to Kubuntu through the KDE desktop. We also share the highlights of FreeBSD's quarterly status report and talk about Debian's massive archive of packages and how the project plans to store the growing mountain of data. Plus, we discuss Debian's debate over whether to allow users to choose their preferred init system. As usual, we bring you the distribution releases of the past week and look forward to fun, new releases to come. We wish you all a fantastic week and happy reading!
|Feature Story (by Jesse Smith)
Since my time with Qubes was cut quite short I turned my attention to another project. SparkyLinux 3.5 was released a few weeks ago and I thought the Debian-based distribution looked interesting. According to the project's website, "SparkyLinux is a lightweight, fast and simple Linux distribution designed for both old and new computers featuring customized Enlightenment and LXDE desktops. It has been built on the "testing" branch of Debian GNU/Linux. SparkyLinux is available for i486 and x86_64 machines." SparkyLinux (hereafter referred to as Sparky) is available in several editions. At the time of writing there are 32-bit and 64-bit builds of LXDE, Enlightenment, MATE, Razor-qt, Xfce, Openbox and JWM editions. I opted to download the 64-bit build of the MATE edition of SparkyLinux. The ISO file we download is approximately 1.5 GB in size.
Booting from the SparkyLinux media brings up a menu where we can choose to run a live desktop environment with one of several languages. Once we select our preferred language we are brought to the MATE desktop environment. At the top of the display we find the application menu along with two menus for accessing directories and system settings. At the bottom of the screen we find a quick launch bar filled with popular open source applications. Over to the right side of the display we find a panel showing system status information. This panel displays network activity, memory usage statistics, current CPU usage and a short list of running processes. The wallpaper and, in fact, most of the controls and icons are drawn in shades of grey. As everything appeared to be working properly I turned my attention to the project's system installer.
SparkyLinux' graphical system installer appears to be the same one used by Linux Mint Debian Edition. We are walked thought a series of screens where we are asked to select our preferred language from a list, pick our time zone from a map of the world and we are asked to confirm our keyboard's layout. The next screen asks us to create a user account for ourselves. Next the installer offers to automatically set up disk partitions for us. By default SparkyLinux will create two partitions, one for our operating system and another for swap space. We can choose, at this time, to click a button to launch the GParted partition manager. Using GParted we can arrange our disk the way we like and then return to SparkyLinux' installer. Back on the partition management screen we are asked to click on partitions to assign them mount points, such as "/" and "/home". Next, we are asked to confirm whether we would like to install a boot loader on our computer and, assuming we do want a new boot loader, we are asked where it should be placed. The system installer then shows us what actions it will take and waits for us to confirm before it begins copying files to our hard drive. Once the installer has finished setting up SparkyLinux on our computer we are asked to reboot the machine.
Booting our new copy of SparkyLinux brings up a graphical login screen. Like the rest of the distribution the login screen is decorated in grey. Signing into our user account brings us back to the MATE desktop. Upon logging in I found there was no welcome screen or other pop-ups. Apart from the Conky status panel on the right side of the screen, the MATE desktop remains calm and empty. In the upper-right corner of the display I noticed an icon which I suspected indicated the availability of software updates. Clicking on this icon gives us the option of either opening the Synaptic package manager or opening a program called APTus.
SparkyLinux 3.5 - managing software packages with APTus
(full image size: 861kB, screen resolution 1280x1024 pixels)
APTus is a simple graphical front end to package management which focuses on providing users with an easy way to update software, fix broken packages and clear the package cache. The APTus window is divided into tabs, each tab containing modules of similar functionality. For example, there are tabs for accessing update features, repair features, adding new packages and removing unwanted software. I found APTus did a nice job as far as gathering new updates was concerned. Adding or removing packages is a bit less user friendly as trying to add/remove a package requires typing in the name of the package we wish to manipulate. APTus does not display lists of available packages and this makes it better suited to general actions, such as updating all software or clearing the cache of stale files. I used APTus mostly for performing updates and found that it worked well enough. Whenever we perform an action from APTus's interface a new terminal window opens and we see the appropriate APT command executed in command line fashion. When the action completes we are returned to the APTus window.
While APTus has its uses, I found the Synaptic graphical package manager was usually my preferred tool for managing software. Synaptic presents a fairly simple interface where we are shown an alphabetical list of available software packages. Clicking a checkbox next to a package allows us to install, remove or upgrade the package. Synaptic works quickly and allows us to create batches of actions to perform. SparkyLinux pulls much of its software from the Debian Testing repositories. The project also maintains its own repository for some custom items. Digging through the APT configuration files I found SparkyLinux has the ability to pull software from a number of third-party repositories, including one maintained by Google, another for PlayOnLinux and there are some personal package archives (PPA) too. These third-party repositories were disabled on my system, but could be activated to provide additional applications. The first day I used SparkyLinux there were 237 software packages which could be upgraded and these totalled 250 MB in size. All packages downloaded and installed without any problems.
SparkyLinux ships with a collection of useful software. Included in the distribution are the Iceweasel web browser (with an accompanying Flash player), the Pidgin instant messaging client, the Transmission bittorrent client, the XChat IRC client and the gFTP file transfer application. The LibreOffice productivity suite is installed for us along with a document viewer, the Camorama webcam viewer, the GNU Image Manipulation Program and a collection of small games. The distribution provides users with the Exaile audio player, the VLC multimedia player and a YouTube video browser. We are also given a collection of media codecs which allow us to play a wide range of multimedia files. SparkyLinux ships with the Xfburn optical disc burning application, the Midnight Commander terminal file manager, a system monitor and the Caja graphical file manager.
SparkyLinux further provides an archive manager, a text editor and a virtual calculator. The MATE desktop comes with a Control Centre application which acts as a hub for configuring the desktop and parts of the underlying operating system. The distribution provides Network Manager to help us get on-line. SparkyLinux additionally ships with a virtual keyboard, the WINE compatibility software that allows us to run Windows applications, Java and the GNU Compiler Collection. I found SparkyLinux ships with the 3.14 version of the Linux kernel and the distribution runs an e-mail server in the background.
SparkyLinux 3.5 - working with system services
(full image size: 302kB, screen resolution 1280x1024 pixels)
While most applications ran very well for me, I had mixed results while working with the project's Control Centre. Many modules of the Control Centre, those which dealt with the look and feel of the MATE desktop, worked well. I could change the desktop's appearance and alter which programs were launched when I logged in, for example. On the other hand, modules which handled the underlying operating system usually would not work. For instance, the user account manager, the services manager and Synaptic would not launch from the Control Centre. The systemd services manager front end would load and display the status of services, but I could not start/stop services or even refresh the list of running services.
Likewise the Device Driver Manager refused to load, claiming it could not be run from live media (though at this time I was running my local copy of SparkyLinux). I suspect the problem lies in the fact the modules which did not work all required administrative rights. My regular user account did not have admin access and the modules in the Control Centre do not prompt for the administrator's password when they are launched. This meant I either had to login as root to perform administrative tasks or manipulate SparkyLinux from the command line where I could use the su command to gain administrative access.
I tried running SparkyLinux on a physical desktop computer and in a VirtualBox virtual machine. In both environments the distribution performed well. The MATE desktop was very responsive and the distribution performed actions quickly. I found MATE looked quite bland with the default theme, but I was able to add a splash of colour through the distribution's Control Centre. SparkyLinux does not require a lot of resources and I found the distribution could run the MATE desktop with 270MB of RAM. When running on physical hardware SparkyLinux properly detected my screen resolution, sound worked out of the box and networking was set up automatically. When running in the virtual environment SparkyLinux provided similar, good results and good performance.
SparkyLinux 3.5 - changing the look of the MATE desktop
(full image size: 733kB, screen resolution 1280x1024 pixels)
About halfway through my week with the distribution I downloaded a second round of updates. The next time I booted into SparkyLinux I noticed the login screen's background was blank, a plain black instead of shades of grey. When I logged in I noticed several problems. There was no top panel on the MATE desktop, there was no quick-launch panel available and no application menu. The wallpaper had changed to a sort of rainbow pattern. I opened a virtual terminal by right-clicking on the desktop and found SparkyLinux was thrashing my hard drive and the MATE-panel process was taking up all available CPU cycles.
I killed the MATE-panel process and CPU usage returned to normal, but my desktop was still empty and decorated with odd colours. When I attempted to run MATE-panel from the command line a message appeared indicating the package was probably broken and that I could run a command to restore functionality. The provided command did not exist on my system and searches in the software repositories did not find a match. I also found my window manager no longer worked and running any graphical applications caused windows to pile up in the upper-left corner of the screen. After a time of trying to find a solution I decided I had reached the limit of what most users could be expected to attempt and brought my trial to an end.
Despite my time with SparkyLinux coming to an early close I found a good deal to recommend the distribution. SparkyLinux is easy to install, thanks to a pleasant graphical system installer. The distribution features a responsive desktop environment, it boots quickly and properly handled my hardware. SparkyLinux features relatively low resource usage and ships with a good selection of quality open source applications.
On the other hand I ran into several issues while playing with SparkyLinux. Many of the Control Centre modules did not work, probably because they did not prompt for administrator access. This means users must make the choice between logging into a graphical environment as root (not a recommended practice) or we need to manage the operating system from the command line, a practice that will turn off many users. The default desktop environment, with its heavy usage of grey, struck me as depressing. That's just my opinion and some people might like the plain grey theme, but I quickly decorated the desktop in more festive colours. Mostly though my concern with SparkyLinux is that an update broke my desktop after just three days. SparkyLinux' parent distribution, Debian Testing, has a well earned reputation for stability and I was surprised to see a package break, especially this close to Debian's upcoming feature freeze.
SparkyLinux 3.5 - typing with the on-screen keyboard
(full image size: 231kB, screen resolution 1280x1024 pixels)
All in all, SparkyLinux does some things well. It is fast and friendly in most aspects. However, some problems with admin modules and the distribution's style of package management will probably turn away novice Linux users. SparkyLinux may be a good choice for people who want to play with Debian Testing and run a lightweight desktop. All of SparkyLinux' editions feature low-resource desktop environments and I suspect the distribution will suit people running on older hardware, so long as they don't mind keeping up with a rolling repository of software.
* * * * *
Qubes OS 2
Several people wrote to me a few weeks ago and asked if I would review Qubes OS. The Qubes project recently released version 2 of their security-oriented operating system and I was happy to give this unusual project a try. Qubes runs Linux software, but it is not exactly a Linux distribution. As the project's website states "If you really want to call it a distribution, then it's more of a Xen distribution than a Linux one. But Qubes is much more than just Xen packaging. It has its own VM management infrastructure, with support for template VMs, centralized VM updating, etc. It also has a very unique GUI virtualization infrastructure."
The Qubes project implements what is called "security by isolation". There are a few different approaches to security in operating systems. Some projects, such as OpenBSD, attempt to create clean, bug-free code which is difficult to exploit. Attempting to avoid problems using high quality code and good design is called "security by correctness". Other projects attempt to hide details of their inner workings (often by not sharing their source code) and this is called "security by obscurity". What Qubes does is attempt to separate components into different containers. The idea behind the isolation approach is that modern operating systems contain many components and these components are often complex. It is not realistic then to assume every component can be properly audited to make sure it works correctly and cannot be compromised. Rather than try to make sure all of the thousands of components running on our computers work correctly and are secure themselves, Qubes isolates these components so that one misbehaving (or compromised) application is not a threat to the rest of the system or our data.
Using Qubes we can set up different security zones and the idea is applications and data stay within these zones. We might use one zone for banking and buying items on-line, another zone for playing games or casual web browsing and a third zone for work. Keeping our activities compartmentalized prevents our casual web browsing from placing our confidential work information at risk. It might be easiest to think of each zone as a lightweight virtual machine, a separate quarantined area.
I feel it is important to note Qubes is only available as a 64-bit build for x86 machines and Qubes does not strive to be a multi-user operating system. "Qubes does not pretend to be a multi-user system. Qubes assumes that the user who controls Dom0 controls the whole system. It would be very difficult to securely implement multi-user support."
The download for Qubes is approximately 3 GB in size. Booting from this media brought up a menu offering to either launch the installer or test the media and then launch the installer. Once the media check has completed we are brought to a text console where I was told the operating system could not launch the X display server. Instead the text-based version of the Anaconda system installer launches and shows us a hub menu. We access each node of the hub one at a time, providing information to the installer. Some items we are asked to provide include the time zone, the location of the source media (an ISO file, DVD or network location).
We are asked which hard drive to install Qubes on and whether to use available free space or take over a portion of the disk. We can choose to install Qubes on a standard partition, a LVM volume or using Btrfs. We are also asked to create a password for our administrative user account and create a regular user account for ourselves. When this information had been entered and I chose to proceed the installer crashed and offered to send a bug report. I went back through the installer a few more times, taking different install options. I tried different partition layouts, a different desktop environment (Xfce and KDE are available) and I tried installing Qubes on a second machine. In each case the system installer crashed before it could finish copying its files to my hard drive.
Qubes carries an interesting idea, one which I suspect is fairly practical. With modern, complex operating systems it does not make sense to assume all the programs we run will be secure and unexploitable. Nor does it make sense to think vulnerabilities can hide from today's exploit kits. Isolating processes, sandboxing applications and limiting access seem to be the most reasonable approaches to security today. For that reason I quite admire what Qubes is trying to do. I'm sorry to say I have not been able to get Qubes running in my test environments, either on physical hardware or in a virtual machine.
* * * * *
Hardware used in this review
My physical test equipment for this review was a desktop HP Pavilon p6 Series with the following specifications:
- Processor: Dual-core 2.8 GHz AMD A4-3420 APU
- Storage: 500 GB Hitachi hard drive
- Memory: 6 GB of RAM
- Networking: Realtek RTL8111 wired network card
- Display: AMD Radeon HD 6410D video card
|Miscellaneous News (by Jesse Smith and Ladislav Bodnar)
Fedora gets updated graphics software, FreeBSD shares quarterly report, Kubuntu supplies demo of KDE's Plasma 5.1, Debian's package archive finds new home, compiling Android ROMs, sneak peak at OpenBSD 5.6
With the release of Fedora 21 planned for later this year, the developers are eager to share some of the improvements coming to the Red Hat sponsored project. A post on Fedora Magazine shares some of the improvements coming to Fedora's graphics software. Fedora includes support for several additional video cards, logging X output via systemd, improved power management and multi-GPU laptops. From the article: "Mesa is a collection of open source libraries that implement the OpenGL API, and also contains the 3D drivers for Fedora. Mesa in Fedora 21 is updated to version 10.3 (Fedora 20 shipped version 9.2.3) This updated version of Mesa provides support for OpenGL 3.3 for many cards, including: NVIDIA GeForce 8 and newer, AMD Radeon HD2000 and newer, and the Intel HD Graphics featured in the Ivybridge and Haswell chipsets."
* * * * *
The FreeBSD project released its quarterly status report last week. The FreeBSD developers have certainly been busy and the report covers a great deal of information. Key elements include the status of the bhyve hypervisor, booting with UEFI support, running FreeBSD on boards with ARM processors and various desktop environments. The report also highlights new documentation added to the FreeBSD Handbook, including chapters on ezjail and working with ZFS storage pools.
* * * * *
Last week we shared a report of GNOME's progress in supporting Wayland. This week we share the KDE project's progress in supporting Wayland and other advancements. KDE's Plasma 5.1 was launched recently and it comes with several new features: "Those travelling regularly will enjoy better support for time zones in the panel's clock, while those staying at home a revamped clipboard manager, allowing you to easily get at your past clipboard's content. The Breeze widget style is now also available for Qt4-based applications, leading to greater consistency across applications. The work to support Wayland as display server for Plasma is still ongoing, with improved, but not complete support in 5.1. Changes throughout many default components improve accessibility for visually impaired users by adding support for screen readers and improved keyboard navigation. Aside from the visual improvements and the work on features, the focus of this release lies also on stability and performance improvements." The announcement includes links to Kubuntu ISO images which include snapshots of the new Plasma release.
* * * * *
Have you ever wanted to compile an Android ROM right on your desktop machine, but didn't know how to accomplish the task? Well, things have become a lot easier thanks to some interesting work by Nathan Fry who emailed DistroWatch last week: "I'd like to submit my project - Builduntu. It's a preconfigured compiling environment for Android ROMs. I felt there was a disconnect between the skill level required to set up Linux and that needed to start compiling ROMs from source, so I created both a virtual machine and a customized ISO image." The Builduntu install disc is a customised build of the Ubuntu 14.04 release: "Builduntu is a custom branch of the Ubuntu operating system, based on my guide here for preparing Ubuntu 14.04 to compile Android ROMs from source. It includes everything you need to sync with the repository of your choice (Cyanogenmod, AOKP, AOSP, etc) and start building." A Builduntu virtual machine which provides a way of compiling Android ROMs on Linux, Windows and OS X is also available.
* * * * *
The Debian GNU/Linux distribution is one of the largest open source projects in the world and also one of the oldest. With numerous branches, multiple repositories, thousands of packages and many ports, Debian requires a great deal of storage space. According to this post on the project's website, Debian's archive grows at a rate of about 5 TB per year. For a not for profit project, that represents a lot of storage space and a lot of bandwidth. Luca Filipozzi, a core member of the Debian system administration team says: "There are thousands of Debian software packages on the snapshot platform. It contains twenty years of history captured in a single place. If developers don't have a local repository available, they can easily find an old version from years ago, which makes the archive a valuable asset to them. But to have it all available online on a global base is a big request for most hosting providers." Enter LeaseWeb, a hosting provider who says Debian installs make up about a quarter of their client base and they want to support the popular Debian distribution. LeaseWeb has offered to host Debian's growing archive, free of charge, for at least three years.
Earlier this year the Debian distribution made the choice to adopt systemd as the new init software for Debian GNU/Linux. The choice to change init software was a controversial one and, while it appears systemd is going to stay the default for Debian, some developers are pushing to keep alternative options alive. Ian Jackson has put forward a proposal in which he calls for freedom of choice. He writes: "Debian has decided (via the technical committee) to change its default init system for the next release. The technical committee decided not to decide about the question of "coupling" i.e. whether other packages in Debian may depend on a particular init system. This GR seeks to preserve the freedom of our users now to select an init system of their choice, and the project's freedom to select a different init system in the future." While some Debian developers support the proposal, others are concerned that introducing new changes will throw off Debian's schedule and upcoming feature freeze.
* * * * *
Finally, a link to a sneak peak at the upcoming release of OpenBSD 5.6 (scheduled for arrival on 1 November), courtesy of OpenBSD developer Lawrence Teo: "OpenBSD 5.6 is of course the first OpenBSD release with LibreSSL, the now-famous fork of the OpenSSL library. But while LibreSSL is an important milestone for OpenBSD, there are many other things in the OpenBSD 5.6 release that warrant attention as well. The developers are still busy preparing the OpenBSD 5.6 release notes. Meanwhile, if you're curious about what's new in OpenBSD 5.6, you can get a sneak peek from various places on the Internet if you know where to look! I would like to highlight three places in particular. The first place to look at is the big list of changes between OpenBSD 5.5 and 5.6 that has been painstakingly compiled by Brett Mahar throughout the development cycle. I think Brett does an amazing job of collating all this information together for every release! I have no idea how he manages to go through every source-changes@ post to produce this list so consistently."
|Rolling-release trial (by Jesse Smith)
Rolling-release experiment - week two
My trial with rolling-release distributions got off to a good start last week. Granted, there were some minor quirks early on. For example, I noticed right away PCLinuxOS was going to need more than the recommended 10GB of hard drive space for a prolonged trial and performed a re-install on my first day to give the distribution more disk space. I had a desktop panel disappear briefly on my copy of PC-BSD and I had to modify my initial configuration of Arch Linux a little to get it to connect to the Internet. Still, nothing went badly, nothing outright broke during the initial stages of my trial to see how these rolling-release distributions would function. One week in, it was time to upgrade all five distributions and see how each one performed. Here is what happened:
* * * * *
The first operating system in my trial to be updated was PC-BSD. I booted up the machine and immediately took note of the fact an icon in the system tray indicated software updates were available. I opened the update manager and it did its own check for updates. The update manager soon told me it could find no new packages and my system was declared up to date.
I was a bit puzzled at the system tray icon telling me one thing while the update manager said another. After manually taking a snapshot of my current file system using PC-BSD's boot manager, I turned to the command line. Using the pkg command line package manager, I checked for updates and found a total of 100 new packages were waiting for me, totalling 200MB in size. I'm not sure why pkg saw these while the update manager did not, but I attempted to download the entire lot. Most packages updated cleanly, but several packages relating to the operating system's Linux compatibility layer would not install. As it turned out, PC-BSD recently updated their Linux compatibility software, transitioning from using Fedora 10 to CentOS 6 as their foundation. This caused some conflicts during the upgrade process.
I soon found this post in the PC-BSD development mailing list which explained how to properly upgrade from the Fedora-based packages to the CentOS-based packages. The instructions provided worked for me with no problems and I soon had a fully up to date PC-BSD Edge system. After a reboot, I checked to make sure all my applications were working properly and found no problems had developed following the upgrade.
* * * * *
Debian GNU/Linux "Sid"
The next project on my list was Debian GNU/Linux "Sid". I booted into Debian and, using the apt-get command line package manager, discovered 142 packages were waiting for me, totalling 189MB in size. The waiting packages downloaded quickly and installed cleanly. I made sure I could still boot into the system and that my applications continued to work and found Debian continued to perform without any problems.
I had similar experiences with both PCLinuxOS and Arch Linux this week. When I fired up PCLinuxOS and opened the Synaptic package manager I found just two new packages waiting for me, their size coming to 1MB in total. Synaptic downloaded both packages and these updates had no visible affect on my installation of PCLinuxOS.
My experience with updating Arch Linux was about the same. Using Arch's pacman command-line package manager, I found just ten new updates waiting for me, totalling 20 MB in size. The pacman utility downloaded these updates and applied them with no problems. My Arch installation continued to work as before.
* * * * *
Of the upgrades I performed this week, I had the most trouble with openSUSE "Factory". When I launched openSUSE and went into the YaST control panel my check for new packages showed no updates were available. Closing YaST, I turned to the zypper command line package manager. The zypper program reported it could not perform any actions on packages as PackageKit had locked the package database. The zypper program offered to close PackageKit for me, but when I asked zypper to terminate PackageKit I was told PackageKit could not be made to close. I went back into YaST and went into the services manager. The services manager showed PackageKit was not running and, in fact, PackageKit was shown as being disabled. Finally, I turned to the command line and manually forced the PackageKit process to terminate.
After PackageKit was out of the way, zypper was able to create a file system snapshot for me and download the available updates. There were 1,463 updated packages waiting for me in Factory's repositories, just five days after my previous upgrade had been performed. These updates totalled 1.25 GB in size. I got about halfway through the upgrade process when zypper reported it could not continue as it had run out of disk space. Originally, I had set up openSUSE on a 8 GB partition, usually enough for a fixed-point release. However, the operating system required around 5 GB and the upgrade process would need at least 4 GB on top of that.
Luckily, openSUSE defaults to using the Btr file system and it is beautifully easy to add a new storage device to systems running Btrfs. With a second 8GB disk handed to openSUSE, zypper was able to resume its upgrade process. Once the upgrade had finished, a few hours later, I found I could still login to KDE and my applications still worked. There were a few changes to the way openSUSE looked. There were new icons on the desktop for launching Firefox, LibreOffice, for bringing up hardware information and for accessing on-line help. Some icons in the system tray also looked different after the upgrade. Still, in the end, everything worked.
* * * * *
While most of the operating systems in my trial upgraded without serious problems this week, there were two minor issues. One was that the update managers of both PC-BSD and openSUSE failed to recognize available updates and forced me to switch to working from the command line. This is a relatively minor issue. What I am quickly finding though is rolling-release operating systems require a good deal more hard drive space than fixed point releases. In most of my week-long trials I provide operating systems with 8 GB of disk space and this supplies them with enough space for the operating system and swap space. However, in my trial with rolling-releases I've had to re-install PCLinuxOS on a 16 GB partition as 10 GB just was not enough.
PC-BSD recommends at least 50 GB to function on an on-going basis (though PC-BSD has only used about 6 GB to date) and I am finding openSUSE requires at least 10 GB of space, just for the first wave of updates. I suspect once file system snapshots begin to accumulate, the space requirements of openSUSE and PC-BSD will grow. Originally, I installed Arch on a 8GB partition and that drive threatens to overflow if I don't regularly clean its cache. Only Debian, so far, has maintained a small footprint, requiring less than 4 GB of hard disk space.
|Released Last Week
Scientific Linux 7.0
Pat Riehecky has announced the release of Scientific Linux 7.0, a distribution compiled from the source code for Red Hat Enterprise Linux 7: "Scientific Linux 7.0 x86_64 released." Scientific Linux differs from Red Hat Enterprise Linux and CentOS in that the project enhances the system with extra software applications and utilities: "elrepo-release - this package contains the ELRepo driver yum repo and GPG key; epel-release - this package contains the EPEL driver yum repo and GPG key; OpenAFS - this package contains the OpenAFS driver and client utilities; SL_gdm_no_user_list - this package will disable the GDM user list in the chooser; SL_enable_serialconsole - will setup a serial console for login; SL_no_colorls - will disable the automatic colorized ls output; sl-bookmarks - replaces redhat-bookmarks and removes upstream branding...." Read the brief release announcement and check out the more detailed release notes for further information.
Scientific Linux 7.0 - the project's first stable release in the 7.x series
(full image size: 623kB, screen resolution 1280x1024 pixels)
Red Hat Enterprise Linux 6.6
Red Hat, Inc. has announced the release of Red Hat Enterprise Linux (RHEL) 6.6, the sixth update in the 6.x series of Red Hat's enterprise-class Linux distribution: "The Red Hat Enterprise Linux team is pleased to announce the release of Red Hat Enterprise Linux 6.6, the latest version of our Red Hat Enterprise Linux 6 platform. With the release of Red Hat Enterprise Linux 6.6, we continue to refine the stable and secure Red Hat Enterprise Linux 6 platform which provides a reliable foundation for mission-critical systems across industries and regions. Red Hat Enterprise Linux 6.6 delivers a variety of improvements that provide increased system performance across physical, virtual, and cloud environments. These optimizations and tuning improvements include: kernel locking improvements to allow for more efficient CPU utilization on large NUMA systems...." Read the release announcement and consult the comprehensive release notes for further information.
IPFire 2.15 Core 84
Michael Tremer has announced the release of IPFire 2.15 Core 84, a new stable release of the specialist distribution designed for firewalls: "This is the official release announcement for IPFire 2.15 Core Update 84. This is a release that fixes some security issues in the GNU Bash package which are commonly known as 'Shellshock' and it comes with more fixes and minor feature enhancements. As you may have already seen on the news, the Shellshock issues made more people look into the code of the default shell of many *nix systems. Those people found many more programming errors and provided fixes for them which have been applied in this release. IPFire is now shipping GNU Bash 4.3.30 and the companion library readline in version 6.3. There have been some denial of service issues in the Squid web proxy which have been fixed in release 3.4.8. Those are of minor severity only and quite possibly cannot be exploited to inject code. The firewall got a couple of new features which I explained in detail in a post on the IPFire planet." Read the rest of the release announcement for a more detailed changelog.
Peter Manev has announced the release of SELKS 1.0, the inaugural version from the project developing a specialist Debian-based distribution that ships with a variety of pre-configured network security management tools: "Stamus Networks is proud to announce the availability of the SELKS 1.0 stable release. SELKS is both live and installable network security management ISO image, based on Debian GNU/Linux, implementing and focusing on a complete and ready-to-use Suricata IDS/IPS ecosystem with its own graphic rule manager. SELKS is comprised of the following major components: Suricata IDPS, Elasticsearch, Logstash, Kibana and Scirius. It offers proven, powerful, innovative and scalable open-source multi-threading technologies in a bundle. SELKS 1.0 comes with 10 pre-installed Kibana IDS/NSM dashboards. They cover analysis of the Suricata alerts and events with per-protocol dashboards (Alerts, HTTP, Flow, SSH, TLS, DNS)." Read the full release announcement for more details and screenshots.
SELKS 1.0 - a Debian-based distribution with network security tools
(full image size: 246kB, screen resolution 1280x1024 pixels)
Tails 1.2 has been released. Tails is a Debian-based live distribution developed with the goal of preserving privacy and anonymity of users on the Internet. From the release announcement: "Tails, The Amnesic Incognito Live System, version 1.2, is out. This release fixes numerous security issues and all users must upgrade as soon as possible. Major new features: install (most of) the Tor browser, replacing our previous Iceweasel-based browser, the version installed is from TBB 4.0 and is based on Firefox 31.2.0esr, this fixes the POODLE vulnerability; upgrade Tor to 0.2.5.8-rc; confine several important applications with AppArmor. Bug fixes: install Linux kernel 3.16.5. Minor improvements: upgrade I2P to 0.9.15 and isolate I2P traffic from the Tor Browser by adding a dedicated I2P Browser, also, start I2P automatically upon network connection, when the i2p boot option is added; make it clear that TrueCrypt will be removed in Tails 1.2.1 and document how to open TrueCrypt volumes with cryptsetup."
Arnault Perret has announced the release of HandyLinux 1.7, a novice-friendly distribution that features an intuitive start menu with application launchers and Internet bookmarks - based on the stable Debian GNU/Linux 7.0. According to the release announcement (in French only, even though the distribution supports English besides the default French language) the major change in this release is the replacement of Google's Chromium browser with GNU Iceweasel. The HandyMenu application, the distribution's main feature, has been upgraded to version 2.3; it sees the Facebook button is gone, replaced by a link to Framasoft's free services. Some of the other items in the changelog include: redesign of the browser's start page; addition of gpart and Yelp; clean-up of documentation files; addition of "social launchers" for direct access to popular social sites; addition of the Diaspora launcher; software updates to Debian 7.7.
HandyLinux 1.7 - a Debian-based distribution featuring the HandyMenu launcher
(full image size: 676kB, screen resolution 1280x1024 pixels)
* * * * *
Development, unannounced and minor bug-fix releases
|Upcoming Releases and Announcements
Summary of expected upcoming releases
Distributions added to database|
* * * * *
Distributions added to waiting list
- Community Linux. Community Linux is a live desktop distribution designed to be run from USB thumb drives.
- Cumulus Linux. Cumulus Linux is a networking focused Linux distribution based on Debian and it offers the entirety of the Linux experience on networking hardware.
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 27 October 2014. To contact the authors please send email to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, suggestions and corrections: news, donations, distribution submissions, comments)
- Bruce Patterson (feedback and suggestions: podcast edition)
|Linux Foundation Training
|• Issue 848 (2020-01-13): elementary OS 5.1, accessing USB ports directly, NetBSD expanding Wayland support, Fedora phasing out old Python packages|
|• Issue 847 (2020-01-06): Android-x86 9.0, Hypberbola switching to BSD base, Debian votes on init diversity, slow adoption of Wayland and delta packages|
|• Issue 846 (2019-12-23): NomadBSD 1.3, Tails publishes boot fix, Arch update requires intervention, Purism launches server lineup, password protecting files|
|• Issue 845 (2019-12-16): OpenIndiana 2019.10, BunsenLabs' "Lithium" preview, MX-Fluxbox, 10 years of Tails, installing local packages|
|• Issue 844 (2019-12-09): Project Trident Void alpha, alpha installer for "Bullseye", SparkyLinux portable edition, dealing with large log files|
|• Issue 843 (2019-12-02): Obarun 2019.11.02, Bluestar 5.3.6, using special characters on command line, Fedora plans to disable empty passwords, FreeBSD's quarterly status report|
|• Issue 842 (2019-11-25): SolydXK 10, System Adminstration Ethics book review, Debian continues init diversity debate, Google upstreaming Android kernel patches|
|• Issue 841 (2019-11-18): Emmabuntus DE3-1.00, changing keys in keyboard layout, Debian phasing out Python 2 and voting on init diversity, Slackware gets unofficial updated live media|
|• Issue 840 (2019-11-11): Fedora 31, monitoring user activity, Fedora working to improve Python performance, FreeBSD gets faster networking|
|• Issue 839 (2019-11-04): MX 19, manipulating PDFs, Ubuntu plans features for 20.04, Fedora 29 nears EOL, Netrunner drops Manjaro-based edition|
|• Issue 838 (2019-10-28): Xubuntu 19.10, how init and service managers work together, DragonFly BSD provides emergency mode for HAMMER, Xfce team plans 4.16|
|• Issue 837 (2019-10-21): CentOS 8.0-1905, Trident finds new base, Debian plans firewall changes, 15 years of Fedora, how to merge directories|
|• Issue 836 (2019-10-14): Archman 2019.09, Haiku improves ARM support, Project Trident shifting base OS, Unix turns 50|
|• Issue 835 (2019-10-07): Isotop, Mazon OS and, KduxOS, examples of using find command, Mint's System Reports becomes proactive, Solus updates its desktops|
|• Issue 834 (2019-09-30): FreedomBox "Buster", CentOS gains a rolling release, Librem 5 phones shipping, Redcore updates its package manager|
|• Issue 833 (2019-09-23): Redcore Linux 1908, why Linux distros are free, Ubuntu making list of 32-bit software to keep, Richard M Stallman steps down from FSF leadership|
|• Issue 832 (2019-09-16): BlackWeb 1.2, checking for Wayland session and applications, Fedora to use nftables in firewalld, OpenBSD disables DoH in Firefox|
|• Issue 831 (2019-09-09): Adélie Linux 1.0 beta, using ffmpeg, awk and renice, Mint and elementary improvements, PureOS and Manjaro updates|
|• Issue 930 (2019-09-02): deepin 15.11, working with AppArmor profiles, elementary OS gets new greeter, exFAT support coming to Linux kernel|
|• Issue 829 (2019-08-26): EndeavourOS 2019.07.15, Drauger OS 7.4.1, finding licenses of kernel modules, NetBSD gets Wayland application, GhostBSD changes base repo|
|• Issue 828 (2019-08-19): AcademiX 2.2, concerns with non-free firmware, UBports working on Unity8, Fedora unveils new EPEL channel, FreeBSD phasing out GCC|
|• Issue 827 (2019-08-12): Q4OS, finding files on disk, Ubuntu works on ZFS, Haiku improves performance, OSDisc shutting down|
|• Issue 826 (2019-08-05): Quick looks at Resilient, PrimeOS, and BlueLight, flagship distros for desktops,Manjaro introduces new package manager|
|• Issue 825 (2019-07-29): Endless OS 3.6, UBports 16.04, gNewSense maintainer stepping down, Fedora developrs discuss optimizations, Project Trident launches stable branch|
|• Issue 824 (2019-07-22): Hexagon OS 1.0, Mageia publishes updated media, Fedora unveils Fedora CoreOS, managing disk usage with quotas|
|• Issue 823 (2019-07-15): Debian 10, finding 32-bit packages on a 64-bit system, Will Cooke discusses Ubuntu's desktop, IBM finalizes purchase of Red Hat|
|• Issue 822 (2019-07-08): Mageia 7, running development branches of distros, Mint team considers Snap, UBports to address Google account access|
|• Issue 821 (2019-07-01): OpenMandriva 4.0, Ubuntu's plan for 32-bit packages, Fedora Workstation improvements, DragonFly BSD's smaller kernel memory|
|• Issue 820 (2019-06-24): Clear Linux and Guix System 1.0.1, running Android applications using Anbox, Zorin partners with Star Labs, Red Hat explains networking bug, Ubuntu considers no longer updating 32-bit packages|
|• Issue 819 (2019-06-17): OS108 and Venom, renaming multiple files, checking live USB integrity, working with Fedora's Modularity, Ubuntu replacing Chromium package with snap|
|• Issue 818 (2019-06-10): openSUSE 15.1, improving boot times, FreeBSD's status report, DragonFly BSD reduces install media size|
|• Issue 817 (2019-06-03): Manjaro 18.0.4, Ubuntu Security Podcast, new Linux laptops from Dell and System76, Entroware Apollo|
|• Issue 816 (2019-05-27): Red Hat Enterprise Linux 8.0, creating firewall rules, Antergos shuts down, Matthew Miller answers questions about Fedora|
|• Issue 815 (2019-05-20): Sabayon 19.03, Clear Linux's developer features, Red Hat explains MDS flaws, an overview of mobile distro options|
|• Issue 814 (2019-05-13): Fedora 30, distributions publish Firefox fixes, CentOS publishes roadmap to 8.0, Debian plans to use Wayland by default|
|• Issue 813 (2019-05-06): ROSA R11, MX seeks help with systemd-shim, FreeBSD tests unified package management, interview with Gael Duval|
|• Issue 812 (2019-04-29): Ubuntu MATE 19.04, setting up a SOCKS web proxy, Scientific Linux discontinued, Red Hat takes over Java LTS support|
|• Issue 811 (2019-04-22): Alpine 3.9.2, rsync examples, Ubuntu working on ZFS support, Debian elects new Project Leader, Obarun releases S6 tools|
|• Issue 810 (2019-04-15): SolydXK 201902, Bedrock Linux 0.7.2, Fedora phasing out Python 2, NetBSD gets virtual machine monitor|
|• Issue 809 (2019-04-08): PCLinuxOS 2019.02, installing Falkon and problems with portable packages, Mint offers daily build previews, Ubuntu speeds up Snap packages|
|• Issue 808 (2019-04-01): Solus 4.0, security benefits and drawbacks to using a live distro, Gentoo gets GNOME ports working without systemd, Redox OS update|
|• Issue 807 (2019-03-25): Pardus 17.5, finding out which user changed a file, new Budgie features, a tool for browsing FreeBSD's sysctl values|
|• Issue 806 (2019-03-18): Kubuntu vs KDE neon, Nitrux's znx, notes on Debian's election, SUSE becomes an independent entity|
|• Issue 805 (2019-03-11): EasyOS 1.0, managing background services, Devuan team debates machine ID file, Ubuntu Studio works to remain an Ubuntu Community Edition|
|• Issue 804 (2019-03-04): Condres OS 19.02, securely erasing hard drives, new UBports devices coming in 2019, Devuan to host first conference|
|• Issue 803 (2019-02-25): Septor 2019, preventing windows from stealing focus, NetBSD and Nitrux experiment with virtual machines, pfSense upgrading to FreeBSD 12 base|
|• Issue 802 (2019-02-18): Slontoo 18.07.1, NetBSD tests newer compiler, Fedora packaging Deepin desktop, changes in Ubuntu Studio|
|• Issue 801 (2019-02-11): Project Trident 18.12, meaning of status symbols in top, FreeBSD Foundation lists ongoing projects, Plasma Mobile team answers questions|
|• Issue 800 (2019-02-04): FreeNAS 11.2, using Ubuntu Studio software as an add-on, Nitrux developing znx, matching operating systems to file systems|
|• Issue 799 (2019-01-28): KaOS 2018.12, Linux Basics For Hackers, Debian 10 enters freeze, Ubuntu publishes new version for IoT devices|
|• Issue 798 (2019-01-21): Sculpt OS 18.09, picking a location for swap space, Solus team plans ahead, Fedora trying to get a better user count|
|• Issue 797 (2019-01-14): Reborn OS 2018.11.28, TinyPaw-Linux 1.3, dealing with processes which make desktop unresponsive, Debian testing Secure Boot support|
|• Issue 796 (2019-01-07): FreeBSD 12.0, Peppermint releases ISO update, picking the best distro of 2018, roundtable interview with Debian, Fedora and elementary developers|
|• Issue 795 (2018-12-24): Running a Pinebook, interview with Bedrock founder, Alpine being ported to RISC-V, Librem 5 dev-kits shipped|
|• Issue 794 (2018-12-17): Void 20181111, avoiding software bloat, improvements to HAMMER2, getting application overview in GNOME Shell|
|• Full list of all issues|
Star Labs - Laptops built for Linux.
View our range including the Star Lite, Star LabTop and more. Available with a choice of Ubuntu, Linux Mint or Zorin OS pre-installed with many more distributions supported. Visit Star Labs for information, to buy and get support.
|Random Distribution |
Network Security Toolkit
Network Security Toolkit (NST) is a bootable live CD based on the Fedora distribution. The toolkit was designed to provide easy access to best-of-breed open source network security applications and should run on most x86 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of open source network security tools. What we find rather fascinating with NST is that we can transform most x86 systems (Pentium II and above) into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner.