DistroWatch Weekly |
DistroWatch Weekly, Issue 649, 22 February 2016 |
Welcome to this year's 8th issue of DistroWatch Weekly!
One of the tallest hurdles new Linux users face when switching from other operating systems is that their computer looks and acts differently when running a Linux distribution. New Linux users not only need to deal with new ways of installing software and a different file system layout, but the interface looks alien too. The Zorin OS project strives to make new Linux users feel at home by providing a desktop environment that should feel pleasantly familiar to former Windows and OS X users. Joshua Allen Holm explores the latest release of Zorin OS and reports on his experience. In this issue we also discuss how to quickly and easily sandbox applications for enhanced security using Firejail. Sandboxing isolates programs and protects the rest of the operating system from misbehaving software and we explore the many ways in which Firejail can protect us. In our News section we discuss openSUSE's Tumbleweed and delays the project faces in making new snapshots. Plus, we share two new editions of openSUSE specifically designed with KDE users in mind. We also talk about new features coming to Ubuntu 16.04, the Antergos distribution's updated installer and plans to change the name of Debian's Iceweasel package. We also share a report about a link to a compromised Linux Mint ISO image being planted on the Mint distribution's web server. Then we share the torrents we are seeding and cover last week's releases. In our Opinion Poll we ask which package manager our readers are using. We wish you all a pleasant week and happy reading!
Content:
|
Feature Story (by Joshua Allen Holm) |
A review of Zorin OS 11 Core
Zorin OS is an Ubuntu-based distribution designed to provide a familiar desktop experience to Windows users. Normally, there are four different versions of Zorin OS for each release: Core, Lite, Business, and Ultimate. The Core and Lite versions are free, while the Business and Ultimate versions cost €8.99 and €9.99 respectively. The paid versions come with support and a few extra features. For Zorin OS 11, only Core and Ultimate are available at I write this. For this review, I will be looking at the Core release, but I will touch upon some of the extra features available in the paid versions.
Zorin OS 11 is based on Ubuntu 15.10 and uses version 4.2 of the Linux kernel. Zorin OS 11 Core and Zorin OS 11 Ultimate are both available in 32-bit and 64-bit versions. The 64-bit Zorin OS 11 Core ISO I downloaded for this review was 1.6GB. Version 11 will be supported until July 2016. Users interested in what Zorin OS offers, but in need of a distribution with a longer support period can use Zorin OS 9, which is based on Ubuntu 14.04 LTS and is supported until April 2019. In addition, the LTS release also has free Educational and Educational Lite versions along with the four editions listed above.
Because Zorin OS 11 is Ubuntu 15.10 with added packages, the installation experience will seem familiar to anyone who has ever used Ubuntu or one of its other derivatives. Create a bootable flash drive using the ISO, boot computer using the flash drive, and Zorin OS starts up. Very quickly, the user is presented with the option to try Zorin OS or install Zorin OS. The Try option loads the desktop environment and lets the user play around with a fully functional system, and the Install option runs a slightly customized version of Ubuntu's familiar Ubiquity installer.
Being based on Ubuntu does provides Zorin OS with the benefits of a familiar installer and a large selection of software packages, but it is what Zorin OS adds and changes that makes it stand apart. Instead of using Ubuntu's Unity desktop and changing the window decorations and other artwork, or doing the same with some other desktop environment, Zorin OS uses a combination of components in a unique desktop experience. Most of the applications used are from GNOME 3.16, but instead of GNOME Shell, Avant Window Navigator, Compiz, and a custom Zorin Start menu/launcher create a desktop experience that behaves a lot like Windows.
Zorin OS 11 -- The default desktop environment
(full image size: 894kB, resolution: 1366x768 pixels)
The default desktop is designed to work like Windows 7. It is not a perfect clone, but it does behave similarly enough that it should provide a comfortable experience for users who only have experience with using Windows. What is really nice about this Windows 7 clone is that it behaves like Windows 7, but it does have its own unique look. Zorin OS's look and feel is visually distinct and provides an attractive and consistent user experience. At least among the bundled applications, nothing ever looked out of place.
Zorin OS 11 -- Custom Firefox start page
(full image size: 154kB, resolution: 1366x768 pixels)
For users that want something a little different, two other desktop styles are available in Zorin OS Core. The desktop can work like Windows XP or GNOME 2. Switching to Windows XP mode changes the layout of the application menu to one that closely matches the Windows XP Start menu and makes other changes to make the system behave more like Windows XP. Switching to GNOME 2 mode uses the traditional, two-panel GNOME layout. Users of the paid versions also have the option of using Mac OS X, Unity, and Windows 2000 layouts. In addition to being able to change the behaviour of the desktop, Zorin OS comes with three color themes (White, Black, and Dark), each of which can be customized with five different highlight colours (Blue, Green, Orange, Red, and Grey).
Zorin OS 11 -- Look and theme changers
(full image size: 720kB, resolution: 1366x768 pixels)
Of the three desktop layouts available in Zorin OS 11 Core, I much prefer the Windows 7 mode. It seems to be the most polished of the three. When I tried to use Windows XP mode on my test machine, I found the right-click menu for items in the application menu to be completely unusable; it required me to hold down the right click button to keep the menu open, making it impossible to left-click on the items in the menu with my laptop's touchpad. I had no problem right-clicking in other places in Windows XP mode, only the Zorin application menu had problems. If my touchpad had two physical mouse buttons, it would probably work better. When I tried out Zorin OS in a virtual machine, the differences in how mouse/touchpad events were handled were enough for me to be able to use the right-click menus like I should be able to. GNOME 2 mode was nice, but oddly used monochrome icons in the application menu, which looked strange because only some of the applications had monochrome icons available, making the menu look very inconsistent.
Truthfully, I do not understand the logic behind making only half of the desktop layouts available to users of the free versions of the distribution. I can understand having a paid version, and I can understand having premium features. I just do not understand the reasoning behind the premium features the Zorin OS developers have selected. In addition to the three extra desktop layouts mentioned above, the paid versions also come with a utility to change the splash screen displayed during the boot process and a utility for using video as the desktop wallpaper. None of the premium features are ones that would entice me to move up to the paid versions.
Aside from the work done creating the multiple desktop layouts, the distribution is not much different than any other Debian style Linux running the GNOME desktop environment. The core bundled applications are largely what one would expect: Firefox, LibreOffice, and the usual GNOME applications and utilities. However there are some notable differences. The default e-mail client is Geary and the OpenShot video editor is installed by default. Even though Firefox is the default browser, a utility is included to help the user install Google Chrome, GNOME Web, and Midori, should they wish to use one of those browsers instead. Zorin OS also includes WINE, WineTricks and PlayOnLinux by default, making it easier for Windows users to make the transition to Linux. Like Ubuntu, Zorin OS does come with "restricted extras" like mp3 support and Adobe's Flash Player.
Zorin OS 11 -- Installing alternative web browsers
(full image size: 1.0MB, resolution: 1366x768 pixels)
If the bundled applications are not enough, Software Centre and Synaptic Package Manager are available for users to add whatever software they want. Everything that is available in the Ubuntu 15.10 repositories is there, so there is plenty of software to choose from. For hardware support, Zorin OS can install proprietary drivers just like Ubuntu and it even includes a graphical tool for using ndiswrapper to install Windows wireless networking card drivers.
On my test machine, Zorin OS 11 Core performed nicely. With no applications running, the system used approximately 950MB of RAM and switching between the different desktop layouts did not seem to alter the memory usage. Minor issues with the Windows XP and GNOME 2 desktop modes aside, Zorin OS 11 Core is a very solid release. It makes good use of its Ubuntu core while developing its own identity. It just is not a very exciting release.
My experience with Zorin OS 11 Core was positive. I liked it well enough, I am just not sure I would recommend this particular release of Zorin OS to Windows users looking to make the switch to Linux. The current Long Term Support release, sure. A future version based on Ubuntu 16.04 LTS, almost certainly. Do not get me wrong, Zorin OS 11 is very good, but it will only be supported for six months, making it a hard sell to Windows users used to longer time periods between releases. That said, I do encourage Linux users with an interest in user interface design to give Zorin OS a test drive. A user interface that can transition between three different desktop styles (six in the paid versions) on the fly is worth exploring if only just to learn from it.
* * * * *
Hardware used in this review
My physical test equipment for this review was an Acer TravelMate X483 laptop with the following specifications:
- Processor: Quad-core 1.5GHz Intel Core i3-2375M CPU
- Storage: Seagate 500GB 5400 RPM hard drive
- Memory: 4GB of RAM
- Networking: Qualcomm Atheros AR9462 Wireless Network Adapter
- Display: Intel HD Graphics 3000
|
Miscellaneous News (by Jesse Smith) |
Tumbleweed hits a speed bump, openSUSE launches two new editions, Ubuntu 16.04 to ship with ZFS support and GNOME Software, Antergos gains ZFS support, Debian's Iceweasel might be renamed to Firefox, Linux Mint's web server compromised
Tumbleweed is the openSUSE project's rolling release edition. Tumbleweed receives regular updates and snapshots which showcase the latest versions of open source packages. Last week the openSUSE project announced Tumbleweed has hit a speed bump as their testing systems (called workers) are overloaded. "The automated testing of openQA is currently running with only two workers left instead of the usual ten. The remaining workers are largely overloaded and can't cope with the workload to produce new snapshots. Various solutions are being evaluated to get new workers for openQA, which includes borrowing machines from other SUSE owned instances. Thank you SUSE! The team has opted to hold back creating new snapshots until more workers for openQA become available." This blog post provides a list of pending updates to Tumbleweed.
In other openSUSE news, the project has announced two new editions for people who want to experience the latest software coming out of the KDE project. "The release of Argon, which is a live installable image based on openSUSE Leap, and Krypton, which is a live installable image based on openSUSE Tumbleweed, offer packages built for KDE Git using stable and tested openSUSE technologies to track the latest development state of KDE software. Users have a choice on how they get up-to-date packages of Qt and other additional cutting-edge offerings from KDE through the Argon and Krypton live installable images, built directly from the latest sources in KDE Git through the Open Build Service." More information on the Argon and Krypton editions can be found on the project's news page.
* * * * *
Last week Dustin Kirkland, a member of the Ubuntu Product and Strategy Team, reported that Ubuntu 16.04 will be shipping with support for ZFS, an advanced storage pool and file system technology. ZFS has been popular in the Solaris and FreeBSD communities and provides such useful features as file system snapshots, copy-on-write and automatic repair. "What does `support' mean? You'll find [the] zfs.ko [kernel module] automatically built and installed on your Ubuntu systems. No more DKMS-built modules! The user space zfsutils-linux package will be included in Ubuntu Main, with security updates provided by Canonical (as soon as this MIR is completed). As always, industry leading, enterprise class technical support is available from Canonical with Ubuntu Advantage services." This news follows Debian's announcement stating ZFS will soon be an optional add-on through Debian's software repositories. Documentation for using ZFS storage pools on Ubuntu can be found on the distribution's wiki.
In related news, Ubuntu 16.04 is expected to drop the Ubuntu Software Centre as the primary package manager. In its place, the distribution will ship with GNOME Software, a more streamlined package manager. Iain Lane posted to the Ubuntu developer mailing list: "We're switching from Ubuntu Software Center to GNOME Software, and many packages need fixing in order to show up there. As you might know, we will be moving to GNOME Software for our default software management application for the 16.04 release."
* * * * *
The Antergos developers have updated their distribution's system installer, Cnchi. Among the changes and bug fixes, one feature in particular stands out: "The most notable change in Cnchi 0.14 is beta support for ZFS (in Automatic Installation Mode). It is now possible to install Antergos with ZFS as your chosen file system. You simply tell Cnchi which drive to use and it will take care of formatting the drive and configuring ZFS for you." Further details on Cnchi's ZFS support and other changes can be found in the project's announcement.
* * * * *
Years ago the Debian project renamed their Firefox package to Iceweasel. This change in brand was brought about due to a complex situation where Debian was patching the Firefox software and therefore running into conflict with Mozilla's trademark agreement. In short, Debian's copy of Firefox was different from Mozilla's version of Firefox and therefore Debian could no longer call their web browser Firefox. The Debian project named their patched version of Mozilla's web browser Iceweasel. Times change and it looks as though there may no longer be a conflict between Mozilla and the Debian project, meaning Debian may be able to call their copy of the Mozilla browser Firefox again. Sylvestre Ledru has suggested Debian resume using the name Firefox in order to avoid confusion and reduce the effort to maintain the web browser package. "Mozilla & Debian both acknowledge that the branding issue mentioned in bug 354622 is no longer relevant. The Firefox logo was released under a free copyright license which matches the DFSG. To simplify the maintenance of the current stable Debian release, the name Iceweasel will remain. Debian Stretch, the next release, will have Firefox as package name."
* * * * *
Linux Mint's lead developer, Clement Lefebvre, announced over the weekend that an attacker had broken into one of the project's servers and replaced a link to an ISO file with a link to a compromised version of the distribution. "What happened? Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it. Does this affect you? As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition. If you downloaded another release or another edition, this does not affect you. If you downloaded via torrents or via a direct HTTP link, this doesn't affect you either. Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th." The Linux Mint blog has additional details and checksums for the project's media so Mint users can verify the status of their installation media. Since the original post, the Linux Mint team has asked members of their support forum to change their passwords on other websites if people have been using the same password for multiple accounts.
|
Tips and Tricks (by Jesse Smith) |
The Firejail security sandbox
Sandboxing is a term which describes isolating programs from each other (or from specific system resources) by limiting their scope or access to parts of the operating system. There are many forms sandboxing can take, from virtual machines to Docker containers. Other mechanisms we can use to isolate processes from resources include SELinux, AppArmor and control groups. These tools are lightweight and powerful, but they can be quite tricky to set up, especially for inexperienced users. SELinux in particular uses a cryptic syntax which people find difficult to master.
Luckily, for those of us who want lightweight, powerful security that is easy to use there is Firejail. The Firejail project describes its software as follows:
Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table. Firejail can work in a SELinux or AppArmor environment, and it is integrated with Linux control groups.
Firejail allows us to quickly and easily prevent a process from accessing certain files or directories, disable a process's ability to gain access to the root account, block or limit networking access and set up temporary file systems for an application to use which will later be discarded. We will get to Firejail's long list of powerful features in a moment. First, we need to actually download and install Firejail.
The Firejail software is available in the repositories of Debian, Ubuntu and their derivative distributions. The Firejail project also maintains packages and installation instructions for a variety of Linux distributions, including Fedora, CentOS, openSUSE, Gentoo and Arch Linux. Apart from the Firejail command line software, the project also maintains a desktop application which can be used to sandbox some popular applications with a base level of security. I will come back to the desktop application later, first I would like to start with the command line program.
Before getting into my hands-on experiences with Firejail, I want to acknowledge Firejail has excellent documentation. The Firejail manual page clearly explains what Firejail does, covers the available options and provides a lot of practical examples we can try. It is not often I encounter a piece of software with such clear documentation and it really gave me a good first impression of Firejail.
Typically, when we want to run an application inside a Firejail sandbox, we can simply run the firejail command and pass it the name of the program we want to run. For example, we can launch Firefox using
firejail firefox
The above command sets up a sandbox and launches Firefox. The web browser will have limited access to our file system and only be able to save files in a few locations, such as our Downloads directory. This means that if a website hijacks our web browser, it will only be able to save files to designated places, like Downloads, but will not be able to over-write files in our Documents folder, protecting us from threats like randsomware.
When we run Firejail, the sandboxing software looks at the name of the application we want to run in the sandbox -- Firefox in the above example. Firejail then looks through a list of known profiles which are stored in the /etc/firejail/ directory. When a matching profile is found, that profile's rules are loaded and enforced. Firejail ships with a default set of profiles for around 50 applications, including Chrome, Firefox, Opera, Thunderbird, the VLC media player, XChat, Filezilla and Transmission. If we try to run an application inside a sandbox and Firejail has no existing profile for the application, a generic profile will be used. The generic profile blocks access to most sensitive files, including common virtual machine locations. Much of our home directory becomes read-only as do important configuration files. Access to the root user account is also blocked to prevent programs run with a generic profile from causing too much trouble on our operating system.
The profiles Firejail uses are written in a clear syntax with one rule on each line of the file. This makes it quite straight forward to modify existing rules or to create new ones. For instance, to block access to the /etc/ directory we could use the line
blacklist /etc
To grant read-only access to our personal collection of programs, stored in the bin directory of our home, we can use the rule
read-only ${HOME}/bin
To make sure our sandboxed program will always have access to our Downloads directory so it can save files, we can use the instruction
whitelist ${DOWNLOADS}
What I like about this fairly simple style of syntax is that it tends to be easier to read than AppArmor's profile files. Plus, it is much more clear what Firejail's instructions are doing when we compare them against SELinux's often cryptic rules.
Firejail does not just allow or block access to specific files and directories, the sandboxing software provides a number of other useful features. One of the options I explored was limiting upload and download bandwidth. Many programs include this feature built in, but bandwidth is usually a set-and-forget setting, meaning we cannot change it later. Firejail allows us to dynamically adjust bandwidth usage. This means we could start downloading a file at full speed, then limit its bandwidth with Firejail later, perhaps to allow us to stream a video. Then we can resume the download at full speed later on.
The Firejail software allows us to turn off some features. For example, we can disable sound using the "--nosound" command line parameter. Let's say we want to run a game with the sound disabled, we can use Firejail like this:
firejail --nosound supertuxkart
Another feature of Firejail I liked was the ability to disable access to the root account. Firejail can block access to the root user's account, preventing many types of local exploits. Access to networking features that require root access (like the ping command) is then unavailable. Sandboxes also disable access to tools used to become root, such as sudo and the su command.
Yet another aspect of Firejail I like is if we run the sandbox without any application specified, Firejail runs a command line shell in its sandbox. This allows us to run most command line programs is a very clean environment (there are just two processes visible to the sandboxed shell: Firejail and the shell itself). With access to most commands and features, but with access to root blocked and other users' processes rendered invisible, this gives us a relatively safe environment in which to experiment. (Though, by default, we can still delete many of our own files, so care should still be taken.)
We can use Firejail to open a command line shell that runs in a sandbox we have already opened. This means we can manipulate the process we are running in the sandbox via the command line shell after the sandbox has been created. This can be accomplished by listing the sandboxes we are currently running and then running Firejail with the "--join" flag. For example:
firejail vlc &
firejail --list
12733:jesse:firejail vlc
firejail --join=12733
In the above example, we launch a sandbox with the VLC multimedia player. The next command lists all running sandboxes with their identification numbers in the first field. We can then open a shell in the existing sandbox using the "firejail --join" command. When we are done exploring the sandbox, typing "exit" returns us to the normal, non-sandboxed environment while VLC continues to run in its sandbox.
One last feature of Firejail that I enjoyed was the ability to create a file system over top of the existing file system. This basically gives us an empty file system in which to work. Any files we create or destroy are temporary as the sandboxed file system is destroyed when our application is closed. This is a useful feature to have when we are dealing with a potentially destructive program or we need to set up a very specific test environment. The only downside I found to this feature is it requires relatively modern kernels, the system needs to be running Linux 3.18 (or newer) for the temporary file system to work.
Firetools 0.9.30 -- Running Firefox in a sandbox
(full image size: 383kB, resolution: 1280x1024 pixels)
Most of the powerful features of Firejail are accessible through its command line program, but the project does offer a desktop front-end that will provide the necessary features most people will want. The desktop sandbox launcher is called Firetools. The Firetools program displays a red launch bar on our desktop with a list of popular program icons. Double-clicking on a program's icon launches the selected application in a sandbox. Right-clicking on an icon gives us the option of changing the parameters the application runs with. There is an empty section of the Firetools launcher and right-clicking on it gives us the chance to add a new program to the launch bar. Right-clicking on the launcher and selecting "Tools" brings up an information screen where we can see a list of running applications and resource statistics. Clicking a button labelled "Join" opens a terminal window inside the selected sandbox. This is about the extent to which we can use Firetools, but it is what I think most people will find useful. People who want to run Firefox or Thunderbird without digging down to the command line will benefit from this point-n-click interface that requires no configuration on their part.
Firetools 0.9.30 -- Monitoring a sandbox
(full image size: 365kB, resolution: 1280x1024 pixels)
I am far from the first person to review Firejail and I peeked at some of the comments other people have made about the Firejail software. I was a bit disappointed to see many have a lukewarm opinion of the sandboxing software. Not because it lacks features or fails to produce the desired results: everyone seems to agree Firejail works as advertised. But some other reviewers have suggested that Linux is secure enough on its own. They seem to feel we have sane file permissions, SELinux, AppArmor and Docker containers, why do we need a new security tool? Open source software usually behaves itself so why do we even need to sandbox it?
I have a few thoughts to share on the nature of Firejail and its usefulness, some of which are in response to these sceptics. One point I would like to make is that SELinux and AppArmor are relatively cryptic to work with. SELinux in particular has a reputation for being hard to troubleshoot. Docker, while relatively easy to set up, still takes some command line know-how to get working properly and is not designed with end-users in mind. These tools are intended to be used by developers and system administrators. An end user will rarely fiddle with their features or even be aware if these technologies are working. In comparison, Firejail is end-user friendly. It has a nice graphical interface, so one need not drop to a command line shell. Even if we do end up exploring the command line options, Firejail has a simple, clear syntax and the documentation provides practical examples to follow.
Firejail may not be the best technical solution, but it is much more likely to be used by a wide audience because Firejail provides good security with virtually no effort on the part of the user. Firejail also makes it easier to set up profiles for new applications so the list of programs Firejail can work with can be expanded quickly.
On Linux our software is usually open source and comes from vetted repositories so there is less chance we will be hit by malware or misbehaving software. However, there are unknown bugs and exceptions to be considered. Many Linux users install non-open applications such as Steam or the Chrome web browser. Some of us might have other non-open programs on our systems and it is nice to have these locked down to prevent any unexpected behaviour. Firejail does this in a simple manner. All programs, even audited open source applications, can have exploitable bugs and Firejail limits the damage an attacker can do by hijacking our web browser or media player.
In brief, Firejail provides a useful layer of protection, is easy to set up and requires virtually no knowledge to use. This means Firejail can be used with very little effort and no understanding of the underlying technologies being leveraged. At first I was a little worried Firejail might gobble up resources or result in poor performance. However, I found Firejail had no visible impact on the performance of applications like Firefox, VLC and Steam. There was no increase in CPU usage when using Firejail. Running the Firefox web browser inside a sandbox used less than 50MB more memory than running Firefox without the sandbox. The Firejail software isolates processes, increases our security, uses very few resources and requires almost no effort to use. In today's world of security breaches and privacy concerns, my opinion is: Why wouldn't someone use Firejail?
|
Torrent Corner |
Weekly Torrents
Bittorrent is a great way to transfer large files, particularly open source operating system images, from one place to another. Most bittorrent clients recover from dropped connections automatically, check the integrity of files and can re-download corrupted bits of data without starting a download over from scratch. These characteristics make bittorrent well suited for distributing open source operating systems, particularly to regions where Internet connections are slow or unstable.
Many Linux and BSD projects offer bittorrent as a download option, partly for the reasons listed above and partly because bittorrent's peer-to-peer nature takes some of the strain off the project's servers. However, some projects do not offer bittorrent as a download option. There can be several reasons for excluding bittorrent as an option. Some projects do not have enough time or volunteers, some may be restricted by their web host provider's terms of service. Whatever the reason, the lack of a bittorrent option puts more strain on a distribution's bandwidth and may prevent some people from downloading their preferred open source operating system.
With this in mind, DistroWatch plans to give back to the open source community by hosting and seeding bittorrent files. For now, we are hosting a small number of distribution torrents, listed below. The list of torrents offered will be updated each week and we invite readers to e-mail us with suggestions as to which distributions we should be hosting. When you message us, please place the word "Torrent" in the subject line, make sure to include a link to the ISO file you want us to seed. To help us maintain and grow this free service, please consider making a donation.
The table below provides a list of torrents we currently host. If you do not currently have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.
Archives of our previously seeded torrents may be found here. All torrents we make available here are also listed on the very useful Linux Tracker website. Thanks to Linux Tracker we are able to share the following torrent statistics.
Torrent Corner statistics:
- Total torrents seeded: 165
- Total data uploaded: 29.4TB
|
Released Last Week |
Univention Corporate Server 4.1-1
Univention Corporate Server (UCS) is a Debian-based distribution for businesses that features Active Directory compatible domain services. The latest version of UCS, 4.1-1, offers a minor update to the project's 4.1 series and presents users with updated hardware support, improved Active Directory compatibility and improvements to the distribution's App Center. "We are pleased to announce the availability of UCS 4.1-1 for download, the first point release of Univention Corporate Server (UCS) 4.1. It includes all errata updates issued for UCS 4.0-0 and provides various improvements and bug fixes especially in the following areas: The Linux kernel has been updated to 4.1.16. This includes several security updates as well as new and updated drivers for better hardware support. The compatibility to Active Directory has been improved with the Samba update to 4.3.3...." Further details can be found in the project's release announcement and in the release notes.
ReactOS 0.4.0
Ziliang Guo has announced the release of ReactOS 0.4.0, a major new update of the built-from-scratch operating system that attempts to clone the design of the Microsoft Windows NT architecture. This release brings many dramatic improvements, including USB and wireless networking support: "Nearly ten years ago the ReactOS project released version 0.3.0. Today we are proud to announce the formal release of version 0.4.0. A great deal of work has gone into making this release happen and, as we look back, it is remarkable to consider how far the project has come since that release a decade ago. Here we document some of the highlights that separate 0.4.0 from not just the 0.3.17 release but also the cumulative achievements that the 0.3.x series achieved. User-centric improvements: ext2 read/write and NTFS read support; new explorer shell and theme support; SerialATA support; sound support; USB support; VirtualBox and VirtualPC support; wireless networking." Read the rest of the release announcement for detailed information and a screenshot.
ReactOS 0.4.0 -- The default desktop environment
(full image size: 24kB, resolution: 1280x1024 pixels)
Ubuntu 14.04.4
Adam Conrad has announced the availability of Ubuntu 14.04.4. This release represents an set of fresh and up-to-date installation media for Ubuntu 14.04 and does not represent a new version of the Ubuntu distribution. The release announcement mentions new installation media is available for the Ubuntu community editions: Edubuntu, Kubuntu, Lubuntu, Ubuntu Studio, Ubuntu GNOME, Ubuntu Kylin, Xubuntu and Mythbuntu. "The Ubuntu team is pleased to announce the release of Ubuntu 14.04.4 LTS (Long-Term Support) for its Desktop, Server, Cloud, and Core products, as well as other flavours of Ubuntu with long-term support. We have expanded our hardware enablement offering since 12.04, and with 14.04.4, this point release contains an updated kernel and X stack for new installations to support new hardware across all our supported architectures, not just x86." Download links and further information can be found in the release notes.
Webconverger 34.0
Kai Hendry has announced the release of Webconverger 34.0, the latest stable release of the specialist Linux distribution designed for web kiosks and featuring the latest Firefox web browser: "Webconverger 34 release. With the arrival of free SSL certificates from Let's Encrypt, together with a kind offer from Fastly CDN to help distribute Webconverger since we are an open-source project, we are now serving our ISO images over SSL. Serving over SSL greatly reduces the chance of some malicious actor intercepting your connection to our server and giving you a corrupt version of our ISO image. That has never happened to our knowledge, though why not make it even less likely going into the future? Updates include: Firefox 44; ongoing security updates including the recent CVE-2015-7547 which we patched quickly thanks to the fantastic work of the Debian security team; added Cambodian (Khmer) fonts via Google's fonts-noto package." Read the rest of the release announcement for more details and some hints concerning the project's future plans.
* * * * *
Development, unannounced and minor bug-fix releases
|
Upcoming Releases and Announcements |
Summary of expected upcoming releases
|
Opinion Poll |
Package managers
The open source ecosystem is home to many different package managers. Some of the more popular methods for working with software packages include the APT utilities on Debian-based distributions and YUM/DNF in the Red Hat family of distributions.
Of course, there are many other package managers and this week we would like to know which one you use. If your package manager is not on our list, please let us know which one you use in the comments.
You can see the results of our previous poll on customizing desktop environments here. All previous poll results can be found in our poll archives.
|
Package manager
APT: | 1460 (56%) |
DNF/YUM: | 198 (8%) |
Nix: | 18 (1%) |
Pacman: | 556 (21%) |
Portage: | 80 (3%) |
Urpmi: | 39 (1%) |
Zypper: | 113 (4%) |
Other: | 156 (6%) |
|
|
DistroWatch.com News |
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 29 February 2016. To contact the authors please send e-mail to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews/submissions, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, donations, comments)
- Joshua Allen Holm (feature review)
|
|
Tip Jar |
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip. (Tips this week: 0, value: US$0.00) |
|
|
|
bc1qxes3k2wq3uqzr074tkwwjmwfe63z70gwzfu4lx lnurl1dp68gurn8ghj7ampd3kx2ar0veekzar0wd5xjtnrdakj7tnhv4kxctttdehhwm30d3h82unvwqhhxarpw3jkc7tzw4ex6cfexyfua2nr 86fA3qPTeQtNb2k1vLwEQaAp3XxkvvvXt69gSG5LGunXXikK9koPWZaRQgfFPBPWhMgXjPjccy9LA9xRFchPWQAnPvxh5Le paypal.me/distrowatchweekly • patreon.com/distrowatch |
|
Extended Lifecycle Support by TuxCare |
| |
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Archives |
• Issue 1090 (2024-09-30): Rhino Linux 2024.2, commercial distros with alternative desktops, Valve seeks to improve Wayland performance, HardenedBSD parterns with Protectli, Tails merges with Tor Project, Quantum Leap partners with the FreeBSD Foundation |
• Issue 1089 (2024-09-23): Expirion 6.0, openKylin 2.0, managing configuration files, the future of Linux development, fixing bugs in Haiku, Slackware packages dracut |
• Issue 1088 (2024-09-16): PorteuX 1.6, migrating from Windows 10 to which Linux distro, making NetBSD immutable, AlmaLinux offers hardware certification, Mint updates old APT tools |
• Issue 1087 (2024-09-09): COSMIC desktop, running cron jobs at variable times, UBports highlights new apps, HardenedBSD offers work around for FreeBSD change, Debian considers how to cull old packages, systemd ported to musl |
• Issue 1086 (2024-09-02): Vanilla OS 2, command line tips for simple tasks, FreeBSD receives investment from STF, openSUSE Tumbleweed update can break network connections, Debian refreshes media |
• Issue 1085 (2024-08-26): Nobara 40, OpenMandriva 24.07 "ROME", distros which include source code, FreeBSD publishes quarterly report, Microsoft updates breaks Linux in dual-boot environments |
• Issue 1084 (2024-08-19): Liya 2.0, dual boot with encryption, Haiku introduces performance improvements, Gentoo dropping IA-64, Redcore merges major upgrade |
• Issue 1083 (2024-08-12): TrueNAS 24.04.2 "SCALE", Linux distros for smartphones, Redox OS introduces web server, PipeWire exposes battery drain on Linux, Canonical updates kernel version policy |
• Issue 1082 (2024-08-05): Linux Mint 22, taking snapshots of UFS on FreeBSD, openSUSE updates Tumbleweed and Aeon, Debian creates Tiny QA Tasks, Manjaro testing immutable images |
• Issue 1081 (2024-07-29): SysLinuxOS 12.4, OpenBSD gain hardware acceleration, Slackware changes kernel naming, Mint publishes upgrade instructions |
• Issue 1080 (2024-07-22): Running GNU/Linux on Android with Andronix, protecting network services, Solus dropping AppArmor and Snap, openSUSE Aeon Desktop gaining full disk encryption, SUSE asks openSUSE to change its branding |
• Issue 1079 (2024-07-15): Ubuntu Core 24, hiding files on Linux, Fedora dropping X11 packages on Workstation, Red Hat phasing out GRUB, new OpenSSH vulnerability, FreeBSD speeds up release cycle, UBports testing new first-run wizard |
• Issue 1078 (2024-07-08): Changing init software, server machines running desktop environments, OpenSSH vulnerability patched, Peppermint launches new edition, HardenedBSD updates ports |
• Issue 1077 (2024-07-01): The Unity and Lomiri interfaces, different distros for different tasks, Ubuntu plans to run Wayland on NVIDIA cards, openSUSE updates Leap Micro, Debian releases refreshed media, UBports gaining contact synchronisation, FreeDOS celebrates its 30th anniversary |
• Issue 1076 (2024-06-24): openSUSE 15.6, what makes Linux unique, SUSE Liberty Linux to support CentOS Linux 7, SLE receives 19 years of support, openSUSE testing Leap Micro edition |
• Issue 1075 (2024-06-17): Redox OS, X11 and Wayland on the BSDs, AlmaLinux releases Pi build, Canonical announces RISC-V laptop with Ubuntu, key changes in systemd |
• Issue 1074 (2024-06-10): Endless OS 6.0.0, distros with init diversity, Mint to filter unverified Flatpaks, Debian adds systemd-boot options, Redox adopts COSMIC desktop, OpenSSH gains new security features |
• Issue 1073 (2024-06-03): LXQt 2.0.0, an overview of Linux desktop environments, Canonical partners with Milk-V, openSUSE introduces new features in Aeon Desktop, Fedora mirrors see rise in traffic, Wayland adds OpenBSD support |
• Issue 1072 (2024-05-27): Manjaro 24.0, comparing init software, OpenBSD ports Plasma 6, Arch community debates mirror requirements, ThinOS to upgrade its FreeBSD core |
• Issue 1071 (2024-05-20): Archcraft 2024.04.06, common command line mistakes, ReactOS imports WINE improvements, Haiku makes adjusting themes easier, NetBSD takes a stand against code generated by chatbots |
• Issue 1070 (2024-05-13): Damn Small Linux 2024, hiding kernel messages during boot, Red Hat offers AI edition, new web browser for UBports, Fedora Asahi Remix 40 released, Qubes extends support for version 4.1 |
• Issue 1069 (2024-05-06): Ubuntu 24.04, installing packages in alternative locations, systemd creates sudo alternative, Mint encourages XApps collaboration, FreeBSD publishes quarterly update |
• Issue 1068 (2024-04-29): Fedora 40, transforming one distro into another, Debian elects new Project Leader, Red Hat extends support cycle, Emmabuntus adds accessibility features, Canonical's new security features |
• Issue 1067 (2024-04-22): LocalSend for transferring files, detecting supported CPU architecure levels, new visual design for APT, Fedora and openSUSE working on reproducible builds, LXQt released, AlmaLinux re-adds hardware support |
• Issue 1066 (2024-04-15): Fun projects to do with the Raspberry Pi and PinePhone, installing new software on fixed-release distributions, improving GNOME Terminal performance, Mint testing new repository mirrors, Gentoo becomes a Software In the Public Interest project |
• Issue 1065 (2024-04-08): Dr.Parted Live 24.03, answering questions about the xz exploit, Linux Mint to ship HWE kernel, AlmaLinux patches flaw ahead of upstream Red Hat, Calculate changes release model |
• Issue 1064 (2024-04-01): NixOS 23.11, the status of Hurd, liblzma compromised upstream, FreeBSD Foundation focuses on improving wireless networking, Ubuntu Pro offers 12 years of support |
• Issue 1063 (2024-03-25): Redcore Linux 2401, how slowly can a rolling release update, Debian starts new Project Leader election, Red Hat creating new NVIDIA driver, Snap store hit with more malware |
• Issue 1062 (2024-03-18): KDE neon 20240304, changing file permissions, Canonical turns 20, Pop!_OS creates new software centre, openSUSE packages Plasma 6 |
• Issue 1061 (2024-03-11): Using a PinePhone as a workstation, restarting background services on a schedule, NixBSD ports Nix to FreeBSD, Fedora packaging COSMIC, postmarketOS to adopt systemd, Linux Mint replacing HexChat |
• Issue 1060 (2024-03-04): AV Linux MX-23.1, bootstrapping a network connection, key OpenBSD features, Qubes certifies new hardware, LXQt and Plasma migrate to Qt 6 |
• Issue 1059 (2024-02-26): Warp Terminal, navigating manual pages, malware found in the Snap store, Red Hat considering CPU requirement update, UBports organizes ongoing work |
• Issue 1058 (2024-02-19): Drauger OS 7.6, how much disk space to allocate, System76 prepares to launch COSMIC desktop, UBports changes its version scheme, TrueNAS to offer faster deduplication |
• Issue 1057 (2024-02-12): Adelie Linux 1.0 Beta, rolling release vs fixed for a smoother experience, Debian working on 2038 bug, elementary OS to split applications from base system updates, Fedora announces Atomic Desktops |
• Issue 1056 (2024-02-05): wattOS R13, the various write speeds of ISO writing tools, DSL returns, Mint faces Wayland challenges, HardenedBSD blocks foreign USB devices, Gentoo publishes new repository, Linux distros patch glibc flaw |
• Issue 1055 (2024-01-29): CNIX OS 231204, distributions patching packages the most, Gentoo team presents ongoing work, UBports introduces connectivity and battery improvements, interview with Haiku developer |
• Issue 1054 (2024-01-22): Solus 4.5, comparing dd and cp when writing ISO files, openSUSE plans new major Leap version, XeroLinux shutting down, HardenedBSD changes its build schedule |
• Issue 1053 (2024-01-15): Linux AI voice assistants, some distributions running hotter than others, UBports talks about coming changes, Qubes certifies StarBook laptops, Asahi Linux improves energy savings |
• Issue 1052 (2024-01-08): OpenMandriva Lx 5.0, keeping shell commands running when theterminal closes, Mint upgrades Edge kernel, Vanilla OS plans big changes, Canonical working to make Snap more cross-platform |
• Issue 1051 (2024-01-01): Favourite distros of 2023, reloading shell settings, Asahi Linux releases Fedora remix, Gentoo offers binary packages, openSUSE provides full disk encryption |
• Issue 1050 (2023-12-18): rlxos 2023.11, renaming files and opening terminal windows in specific directories, TrueNAS publishes ZFS fixes, Debian publishes delayed install media, Haiku polishes desktop experience |
• Issue 1049 (2023-12-11): Lernstick 12, alternatives to WINE, openSUSE updates its branding, Mint unveils new features, Lubuntu team plans for 24.04 |
• Issue 1048 (2023-12-04): openSUSE MicroOS, the transition from X11 to Wayland, Red Hat phasing out X11 packages, UBports making mobile development easier |
• Issue 1047 (2023-11-27): GhostBSD 23.10.1, Why Linux uses swap when memory is free, Ubuntu Budgie may benefit from Wayland work in Xfce, early issues with FreeBSD 14.0 |
• Issue 1046 (2023-11-20): Slackel 7.7 "Openbox", restricting CPU usage, Haiku improves font handling and software centre performance, Canonical launches MicroCloud |
• Issue 1045 (2023-11-13): Fedora 39, how to trust software packages, ReactOS booting with UEFI, elementary OS plans to default to Wayland, Mir gaining ability to split work across video cards |
• Issue 1044 (2023-11-06): Porteus 5.01, disabling IPv6, applications unique to a Linux distro, Linux merges bcachefs, OpenELA makes source packages available |
• Issue 1043 (2023-10-30): Murena Two with privacy switches, where old files go when packages are updated, UBports on Volla phones, Mint testing Cinnamon on Wayland, Peppermint releases ARM build |
• Issue 1042 (2023-10-23): Ubuntu Cinnamon compared with Linux Mint, extending battery life on Linux, Debian resumes /usr merge, Canonical publishes fixed install media |
• Issue 1041 (2023-10-16): FydeOS 17.0, Dr.Parted 23.09, changing UIDs, Fedora partners with Slimbook, GNOME phasing out X11 sessions, Ubuntu revokes 23.10 install media |
• Issue 1040 (2023-10-09): CROWZ 5.0, changing the location of default directories, Linux Mint updates its Edge edition, Murena crowdfunding new privacy phone, Debian publishes new install media |
• Issue 1039 (2023-10-02): Zenwalk Current, finding the duration of media files, Peppermint OS tries out new edition, COSMIC gains new features, Canonical reports on security incident in Snap store |
• Issue 1038 (2023-09-25): Mageia 9, trouble-shooting launchers, running desktop Linux in the cloud, New documentation for Nix, Linux phasing out ReiserFS, GNU celebrates 40 years |
• Issue 1037 (2023-09-18): Bodhi Linux 7.0.0, finding specific distros and unified package managemnt, Zevenet replaced by two new forks, openSUSE introduces Slowroll branch, Fedora considering dropping Plasma X11 session |
• Issue 1036 (2023-09-11): SDesk 2023.08.12, hiding command line passwords, openSUSE shares contributor survery results, Ubuntu plans seamless disk encryption, GNOME 45 to break extension compatibility |
• Full list of all issues |
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
Random Distribution |
Monomaxos
Monomaxos was an Ubuntu-based distribution whose purpose was to provide a complete out-of-the-box functional Linux operating system by including browser plugins, media codecs, support for DVD playback, Java, Flash and other components. It also adds a custom desktop and menus, and a modified Wubi installer for making installation very easy. Monomaxos was compatible with Ubuntu software repositories.
Status: Discontinued
|
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
|