 DistroWatch Weekly |
| DistroWatch Weekly, Issue 1115, 31 March 2025 |
|
Welcome to this year's 13th issue of DistroWatch Weekly!
When a person creates something they share a bit of their outlook on the world, often giving us a glimpse into their worst fears or highest ideals. This is true whether the creator is a painter, writer, or coder. When a developer releases a project we can see what it is they look for in their software and in the world around them. This week we begin with a look at GrapheneOS, a mobile operating system in the Android family which takes a more minimal, more precise, and more secure approach to mobile computing. Read on to learn about GrapheneOS and its unique approach to powering smartphones. Which open source mobile operating system is your favourite? Let us know in this week's Opinion Poll. Then, in our News section, we talk about MidnightBSD and openSUSE introducing key new changes to their package managers. Meanwhile, one developer has resurrected the Plank project in a new fork of the minimalist dock and the postmarketOS team outlines their goals for the year. We also report on key infrastructure projects, which strive to support privacy and security, struggle as their funding is cut. In our Questions and Answers column we talk about the rise of portable package formats and how much these formats will push aside traditional package formats such as RPM and Deb. Plus we are pleased to share the releases of the past week and list the torrents we are seeding. Finally, we thank our donors who help keep us going. We wish all of you a wonderful week and happy reading!
This week's DistroWatch Weekly is presented by TUXEDO Computers.
Content:
|
| Feature Story (By Jesse Smith) |
GrapheneOS 2025
In March I noticed that my /e/OS-powered Samsung Galaxy S9, which I'd been using as my primary mobile device for five years, was starting to show signs of shuffling off this mortal coil. It had been a great, dependable, lightweight device, but all good things come to an end. I began casting about for a replacement for my phone and eventually decided to go with an older Pixel device since I'd had a good experience with iodeOS running on a demo Pixel earlier in the year. Plus, I had noticed most open source, mobile operating systems seem to support at least one Pixel phone.
I eventually settled on a refurbished Pixel 6a which came with Google's stock Android operating system and the usual dozen or so bundled proprietary apps. Quickly, I set about looking at replacement operating systems for the device.
This is when I remembered someone had asked me to take a look at GrapheneOS, a member of the Android family with a focus on security. I think the GrapheneOS website sums up the project well:
GrapheneOS is a privacy and security focused mobile OS with Android app compatibility developed as a non-profit open source project. It's focused on the research and development of privacy and security technology including substantial improvements to sandboxing, exploit mitigations and the permission model. It was founded in 2014 and was formerly known as CopperheadOS.
GrapheneOS improves the privacy and security of the OS from the bottom up. It deploys technologies to mitigate whole classes of vulnerabilities and make exploiting the most common sources of vulnerabilities substantially more difficult. It improves the security of both the OS and the apps running on it. The app sandbox and other security boundaries are fortified. GrapheneOS tries to avoid impacting the user experience with the privacy and security features. Ideally, the features can be designed so that they're always enabled with no impact on the user experience and no additional complexity like configuration options. It's not always feasible, and GrapheneOS does add various toggles for features like the Network permission, Sensors permission, restrictions when the device is locked (USB-C / pogo pins, camera, quick tiles), etc. along with more complex user-facing privacy and security features with their own UX.
The website goes on to point out that some Google-related services (and their equivalents) are stripped away from GrapheneOS:
GrapheneOS will never include either Google Play services or another implementation of Google services like microG. It's possible to install Play services as a set of fully sandboxed apps without special privileges via our sandboxed Google Play compatibility layer. See the FAQ section for more details on our plans for filling in the gaps from not shipping Play services and Google apps.
Installing
Something else which sets GrapheneOS apart from several other mobile-focused projects, such as Murena and iodeOS, is the Graphene project does not sell devices. It also does not endorse any stores which sell GrapheneOS-powered phones. One more feature which sets it apart is the Graphene project (currently) supports Pixel devices exclusively. This was good news for me and my latest purchase, though it is a narrow focus compared to most other open source, mobile-focused distributions.
Another thing Graphene does differently is the install process. Murena has its Easy Installer but it supports a small range of supported devices only and most devices must be flashed manually. UBports and iode have desktop installers which can run on a range of platforms. GrapheneOS tries to make things one step easier and provides a web-based installer for all of its supported devices. This means if you have a fairly modern web browser, running on most modern or mainstream operating systems (Linux, Windows, and macOS are supported), you can enable Developer Mode on your Pixel device, visit the GrapheneOS Web Installer page, and it will do almost all of the work. We need to plug our phone into the computer, click four buttons on the web page, and the install process is complete. This is one of the easiest approaches to transferring an operating system onto a phone I've encountered so far and the fact we don't need to download or install any applications is a real treat.
Once the new operating system is in place we can boot into it and go through a few steps provided by a first-run wizard. We're given the chance to select our preferred language, connect to wireless networks, make up a security PIN, and confirm our timezone. Unlike some members of the Android family, GrapheneOS does not offer any subscriptions or cloud-based services so there is no request for us to sign up for an account or enter any credentials.
GrapheneOS 2025030300 -- The Info app provides links to on-line resources
(full image size: 150kB, resolution: 864x1920 pixels)
Early impressions
The first thing I noticed about GrapheneOS is its interface is dark. The background is black, the few icon launchers on the home screen are grey. It's a very empty and dark environment. The default system them for applications is set to Dark. The brightness settings are turned down too, to about a third of their potential, so even with adaptive screen brightness enabled, everything looks dim.
As I mentioned, there are very few icons on the home screen and not a lot of launchers in the application drawer we can pull up from the bottom of the display. There are around a dozen applications in total, including the phone app, text messaging, gallery, camera, Vanadium web browser, software centre, and clock. There are several items missing that I'd usually expect to see included in a mobile operating system such as a calendar, note taking tool, and virtual terminal. This soon led me to the software centre.
GrapheneOS 2025030300 -- The home screen
(full image size: 42kB, resolution: 1080x2400 pixels)
Managing applications
Since GrapheneOS doesn't ship with many applications, one of the first things I did was open the software centre (it's called App Store). Here I was a bit surprised to discover there were just eleven applications available; seven of them were already installed. Of the remaining four items there were two other app stores (Google Play and its associated services alongside the Accrescent store), a photo editing tool, and an app called Android Auto which had no description. In other words, if we want to install additional applications we need to install another software centre (or two).
GrapheneOS 2025030300 -- The App Store software centre
(full image size: 171kB, resolution: 1080x2400 pixels)
I decided to fetch the F-Droid software centre from its website. This required that I first grant permission to the default web browser to install software, then confirm I really wanted to install F-Droid, then also grant F-Droid network access, and then grant F-Droid permission to install software. From that point I could use F-Droid to install most items I wanted and install the Aurora software centre to fetch the rest anonymously from Google's Play Store. (Setting up Aurora required another round of confirming the app should have network access and permission to install additional software.)
When I was finished I had three software centres, each pulling from a different repository and sending me update notifications. This isn't ideal and a step down from Murena's approach of combining multiple software centre repositories into one app store.
Adding more functionality
It surprises people that I, as a techie person, do not use many mobile applications. At most, my phones typically have about 20 apps on them, including the unused ones provided by the vendor. I'm also not usually picky about specific brands. I want a web browser, a camera, something with which to take notes, a calendar, and the ability to text. Throw in a map application and a tool that can make OpenSSH connections and I probably won't need to install anything else for months. Part of this uncluttered approach is due to me using a desktop computer for much of my computing needs (the phone is a communication device, the desktop computer is a work tool). Another aspect is I live in Canada where we don't need banking apps (the banking websites are better), WhatsApp (SMS is free), or two-factor authentication apps (everything is authenticated through e-mail or SMS). So my mobile app requirements are minimal.
Having a small app footprint generally makes it easy to switch between platforms. Moving from UBports to Murena's /e/OS, for example, was fairly straight forward. I was able to export some application data, synchronize files between the devices, and I was ready to be productive. Similarly, moving between Murena phones was easy because almost everything synced through their cloud service and it took only a few minutes to transfer everything over. When moving to GrapheneOS however, the process took just over three hours.
GrapheneOS 2025030300 -- The Settings panel
(full image size: 174kB, resolution: 1080x2400 pixels)
Part of the delay was caused by needing to install several applications and part of it was due to GrapheneOS not having a built-in sync client. There were additional hurdles though. For example, when I did install Nextcloud (and its associated apps, like Notes) I then also had to hunt down and install dependencies like DAVx5. When I wanted to transfer SMS messages from my old phone I discovered GrapheneOS's text client doesn't have an import/export feature, which meant I had to install a third-party SMS backup utility on both phones in order to transfer my messages to the new Pixel. Once I had Nextcloud working, I also had to install a third-party calendar because GrapheneOS doesn't provide one. Throughout the process I was regularly nagged for permissions - every app wanted network permissions or file access permissions or permission to access my photos/contacts/external storage.
I received so many notifications from apps wanting permissions or updates that, on multiple occasions, the underlying OS stepped in and muted new notifications for two minutes because I was receiving such a steady barrage. It's not a great sign when one aspect of the operating system needs to protect the user from another aspect of the operating system.
Eventually, I got everything transferred from my old phone to the new one, but it was the longest, most tedious process I've experienced in setting up a new phone. It also involved either replacing existing apps due to missing functionality or installing helper apps (or enabling features) to import/export data.
GrapheneOS 2025030300 -- The app drawer once all of my applications were installed
(full image size: 281kB, resolution: 1080x2400 pixels)
Security
If it seems like I'm harping on the limited functionality GrapheneOS offers out of the box, and the steps needed to get basic features in place, there is a reason. Bear with me a moment.
GrapheneOS, much like OpenBSD, places a strong focus on security. OpenBSD has an amazing security record and is well known for its focus on maintaining a small, clean codebase. While a big part of OpenBSD's fantastic security record is its proactive approach to security, another factor is OpenBSD doesn't do much by default. It doesn't have a desktop environment, many applications, Samba network shares, printing support, a web browser, and so on. Those are all add-ons, usually third-party add-ons. Which means, to get OpenBSD to do much of anything, apart from acting as a firewall, one needs to "open the gate" and install additional software, enable features, and generally break the system's security. OpenBSD doesn't offer MAC security controls, sandbox utilities, and similar tools to protect the system once third-party software enters the picture. An important piece of its security rests largely on the user never adding functionality to the minimal system.
GrapheneOS reminds me a lot of that approach. The project's OS is amount as minimal, locked down, and secure as one can get on a smartphone - offering texting, calls, a web browser, and a camera, but little else. This gives us a light, secure base from which to start. However, as soon as we want to import SMS messages, transfer bookmarks, connect to an app store with more than four applications, or sync files with another computer, then we need to toss aside the thin wall of security and we're exposed. To get anything done we need to grant applications access, install third-party tools, and generally remove the permission restrictions in place to protect us.
As a practical example, this week was one of the only times in the past ten years I've seen an in-app advertisement on my phone. I was so accustomed to my phone (running Murena or iodeOS) automatically blocking ads and trackers, that I didn't realize I was looking at an ad banner for a moment. Then I realized that GrapheneOS doesn't block trackers or ads, I suppose because none of its limited default apps show ads. But once we install third-party items, there is nothing in place to stop them from tracking us or popping up advertisements. If we want to install our own ad blocker, that means installing yet another third-party app, granting it network access, and granting it VPN permissions. I did end up installing a few tracking blockers, but found some of them were overzealous and prevented me from accessing websites. In other words, I ended up spending another hour testing and troubleshooting functionality that I'm accustomed to just having from my Android-based phones.
Further on the subject of security, something I was surprised by is GrapheneOS will show a pop-up with data sent to/from the clipboard. This appears at the bottom of the screen for a short time after data is transferred, showing a preview of the text. This preview includes passwords. In other words, if I'm signing into a website and copy a password from my password manager then it'll appear on my home screen for a few seconds. This seems like a pretty nasty security hole and a feature I quickly moved to disable.
On a positive note, I do like that GrapheneOS has an item in the pull-down menu for performing security checks. By tapping this button we can see an overview of security settings, such as memory protection, USB access, and network enabling/disabling. The security panel helps us set unlock codes and view crash reports. There are also controls for disabling app permissions, disabling location services, and hiding the notification about clipboard access. It's good to have a central area to see and modify a range of security options and I appreciated getting to go through the options to disable anything I didn't need.
GrapheneOS 2025030300 -- The Security and Privacy panel
(full image size: 141kB, resolution: 1080x2400 pixels)
Other observations
Earlier I made a comment about GrapheneOS having some similarities to OpenBSD and another area where I think that shows up is in the documentation. The Graphene project has better documentation than most mobile projects. Open source teams working on mobile operating systems tend to be small and overworked, leading to limited, old, or confusing documentation. Graphene is a rare exception in this field where the features, limitations, and practises of the operating system are clearly presented. In fact, the whole website is cleanly and elegantly presented with lots of useful information and this is not something I can say about a lot of open source projects.
Early on I tried to run GrapheneOS without Google Play services or microG installed. This proved to be counter-productive. Several apps failed to work properly, particularly anything which involved navigation (such as maps or GPS software) and any apps which accepted payments. I ended up installing Graphene's sandboxed Google Play Services bundle and this filled in the gaps in functionality.
Conclusions
I think it's fair to say I had quite a mixture of experiences and impressions from using GrapheneOS. As I just mentioned, the documentation is quite good and the project has clear goals which it executes well. People looking for a hardened version of Android with no proprietary apps or extra bloat would be well served by GrapheneOS. I also want to say the install method through the web browser is top notch. Not only is the install process well documented, but the website makes installing GrapheneOS a four-click process (once the phone is in developer mode).
The power and ease of the installer was especially key for me. I'm no stranger to flashing custom operating systems onto phones. It's been about a dozen years since I last ran a phone with its default operating system and I've had the chance to run a wide range of mobile systems, ranging from Manjaro, to UBports, postmarketOS, Murena's /e/OS, and iodeOS. The install processes vary a lot and I've grown accustomed to several. I mention this because, after I tried GrapheneOS, I tried to install a few other open source operating systems on my Pixel.
Murena's Easy Installer documentation was missing, apparently removed from its website. When I found the Easy Installer (which is also web-based) it reported my device wasn't supported (though my Pixel 6a was featured in the list of devices /e/OS supports). I then tried the manual install instructions for Murena and it rendered the phone unable to boot. Then I tried downloading iodeOS's desktop installer. It recognized my phone and downloaded the appropriate image, but choked (both times I ran the installer) during the flash and reboot phase. In the end, I went back to GrapheneOS's website and ran its web installer again, which worked perfectly.
My point is that, while GrapheneOS provides a very minimal, very locked down, and (at times) annoyingly nag-filled experience early on, it was the only system of these three Android-based operating systems to successfully install and run. I think that is worth a lot.
I will also say that while Graphene's highly minimal, locked down approach is not ideal for me (and probably not ideal for a lot of people who want to use their phones for typical smartphone tasks), it is well suited for people who want a small feature set and strict permissions. GrapheneOS gets in the way (both of the user and potential bad actors), it keeps things minimal, it encourages a "correct" approach over a feature-filled approach (again, like OpenBSD). This platform is some extra work to setup, much like Arch Linux or Slackware, but it means we end up with just what we want on the system with no extras and no bloat.
This isn't a platform for the non-techies in your life, it's not for someone who wants to run a lot of apps. But it is well suited for people who want to start small and add extra software or features as-needed. I, for one, plan to keep running GrapheneOS for a while. I was tempted to try a few other platforms, but now that I've settled into the flow of this OS (now that everything is configured the way I want it), I'm reluctant to give it up. Plus, GrapheneOS offers five-to-seven years of support, giving me another two and a half years of updates on this device. That's pretty good for an open source, mobile platform.
* * * * *
Visitor supplied rating
GrapheneOS has a visitor supplied average rating of: 9.8/10 from 8 review(s).
Have you used GrapheneOS? You can leave your own review of the project on our ratings page.
|
| Miscellaneous News (by Jesse Smith) |
MidnightBSD updates mport package manager, a reborn Plank dock, key privacy tools lose funding, openSUSE tests parallel package downloads, postmarketOS to focus on reliability
The MidnightBSD project has announced the release of a new version of the mport package manager. Version 2.7.0 of mport includes some major changes and, as a result, is not yet being merged into the operating system. "There's a new mport package manager release. Due to its massive changes, we're not going to merge it yet into the OS. (For one thing, the build will change a lot.) It does bump the master database version. There is a new table for storing conflicts. We don't make them visible in commands, but it will help with debugging the state when a package was added. Conflict detection is done at install time using the data in the package currently."
* * * * *
The Plank project created a minimal dock implementation for Linux desktops. Plank is "meant to be the simplest dock on the planet. The goal is to provide just what a dock needs and absolutely nothing more. It is, however, a library which can be extended to create other dock programs with more advanced features." The Plank project has been dormant for a while with the last release being published in 2019.
The inactivity has resulted in a fork of the original Plank and the creation of Plank Reloaded which seeks to pick up where the original project finished. "Plank Reloaded is a fork of the original Plank project, providing a simple dock for X11 desktop environments. While development began with a focus on Cinnamon, we now actively support multiple desktop environments including MATE and Xfce. Wayland is not supported at this time." The new project's GitHub page lists the new features and improvements offered by the young fork.
* * * * *
Fans of security and privacy on the Internet, along with installing open source applications on Android, may be in for a rough time in the near future. The government of the United States has cut its funding and support for the Open Technology Fund, an organization dedicated to a freely accessible and secure Internet. The Open Technology Fund (OTF) provides backing for several key infrastructure projects, including the open source F-Droid app centre, the Let's Encrypt security certificate project, and the Tor anonymous network project. As Heise reports: "Overall, the US government invests a lot of money in open source software. Last year, Let's Encrypt received around 800,000 US dollars in funding from the OTF, the Tor network received almost 500,000 US dollars and the open-source Android app store F-Droid received 396,000 US dollars. In total, the organization currently supports around 50 projects, including the development of the free VPN client OpenVPN. According to its information, the OTF has published around 2,500 patches for open-source software and the organization promotes VPNs for around 45 million people in countries with censorship." That investment has now been halted and the OTF (along with the projects it supports) will need to find alternative sources for funds.
* * * * *
The openSUSE project is experimenting with faster package management thanks to parallel connections introduced in the Zypper package management software. "The update provides two main features: an ability to fetch packages using concurrent connections, and a simplified media backend that improves connection reuse and metadata handling. Both features are currently in an experimental phase and must be manually enabled. Before the feature is officially enabled by default, parallel package downloading can be enabled by setting an environment variable before executing a Zypper operation. This allows multiple packages to be downloaded simultaneously, improving overall speed." Details on the change along with tips for enabling parallel downloads are provided in the project's news post.
* * * * *
The postmarketOS team have outlined a series of goals for 2025. Some of the key elements include finishing the migration to systemd, creating an immutable flavour of the distribution, and improving reliability: "As our community grows, we are increasing the focus we put on planning and organizing the work we do. Therefore we have been thinking hard about priorities for this year. And as we mentioned after our FOSDEM hackathon, the greatest goal for this year is reliability. So far, the postmarketOS community has mostly been focused on functionality: Hackers bring up devices and get them to a point where various device features such as audio, calls and wi-fi are usable once or most of the time. We want to get it to always." The complete overview of priorities is available in the project's blog post.
* * * * *
These and other news stories can be found on our Headlines page.
|
| Questions and Answers (by Jesse Smith) |
The rise of portable package formats
Going-portable asks: With Flatpak becoming more popular and Ubuntu replacing traditional packages with Snaps, will Flatpak and Snap eventually replace all traditional packages?
DistroWatch answers: My short answer is: portable package formats (like Snap, Flatpak, and AppImage) will probably not replace traditional package formats (such as RPM and Deb) entirely. In fact, I'd go so far as to say it's almost a certainty they will not. With that said, it wouldn't surprise me if traditional packages are, in my life time, largely regulated to hobbyist distributions and containers.
My longer answer involves some history.
First, something we need to acknowledge is that Linux distributions are unusual, borderline unique, in the way they are developed. Almost all operating systems (besides Linux distributions) are developed as an atomic unit, they are collections of software put together by united teams. An operating system - whether it is macOS, Windows, MINIX, Haiku, or one of the BSDs - is generally put together by a team working together to make a kernel, system library, shell, command line tools, and maybe a desktop environment. This approach has been almost universal for decades. One company or organization makes a complete, functional operating system and then they release it into the world. Once in the wild, third-party developers make and package software for the operating system.
The third-party applications are usually responsible for finding a way to bundle all the parts they need, aside from what they know is included in the base operating system. Different operating systems handle third-party software in various ways, but it is almost universal that the core operating system is a separate, distinct whole unit and we can pile applications on top of it. This is true whether we're talking about FreeBSD, iOS, or FreeDOS.
Linux distributions are the exception to this pattern. They never had a united base assembled by a united team. The Linux kernel was made by one team, the low-level userland utilities by another team, the desktop environments by other teams, the system library might be made by yet another team. Linux distributions are assemblies of components produced by separate groups, some of which may never work together directly. A Linux distribution is made up of hundreds, sometimes thousands, of separate pieces and it is the job of the distribution's team to stick all the various Lego-like elements together to make a whole which acts like a traditional, unified operating system.
Managing thousands of unrelated parts is a lot of work and it's one of the reasons the Linux ecosystem has massive repositories of "official" packages handled by powerful package managers - several powerful package managers - such as DNF, APT, and Pacman. These are the glue which hold together modern Linux distributions, allowing users to install new components and swap out pieces from the giant collection of unrelated parts.
These traditional package managers, their package formats, and the giant repositories are needed to maintain the disjointed, always moving collection of parts which make up Linux distributions.
In the earlier days of Linux, maintaining a few hundred packages using what we now call "traditional packages" made sense. It was actually a benefit as it made Linux distributions flexible and new software could be made available to a distribution's users by just tossing it into the growing repositories of pieces which could be bolted onto the operating system.
The problem people eventually had to face was: traditional Linux package management does not scale well. Back when we had a few hundred packages built and maintained by a dozen distributions, the situation was quite manageable and Linux's approach was pleasantly flexible and powerful. Over time though the number of packages a distribution was expected to carry grew. Debian and Fedora each offer over 60,000 packages in their latest stable releases. The NixOS repository recently topped 120,000 packages. At the time of writing, there are 45 active, independently maintained Linux distributions. Even at a conservative guess, that means there are around 2,250,000 actively maintained Linux packages in the world, not including derivatives found in child distributions such as Ubuntu, Linux Mint, Manjaro and so on. That's a lot of packages to be maintaining separately and doesn't even touch on the issue of maintaining separate versions of a package across different versions of a distribution.
Since Linux distribution maintainers have limited resources (and commercial distributions don't want to spend more money than they need to for developers and storage space) this situation creates incentive to get off the constantly accelerating treadmill of packaging more and more software. One solution to this problem is to create and encourage the use of portable packages (AppImage, Flatpak, and Snap). This allows distribution packagers to scale back, particularly on desktop applications, and leave packaging up to upstream, third-party developers. Portable packages mean, in theory, a piece of software only needs to be packaged once or twice and it can then run on virtually every distribution in the world. Plus, the distribution maintainers don't need to package, test, or fix it. This alone could cut the 2,250,000 unique packages burden in half.
Once portable packages have been introduced, the other thing distributions can do to save themselves work is to reduce the size of the core distribution and focus on making one (relatively minimal) consistent base upon which third-party software can be installed. The idea here is to make a distribution into a minimal, technically complete operating system that won't require as much maintenance while allowing users to bolt on any third-party software they want.
In short, many Linux distributions (particularly the commercially-backed ones) are trying to become more like every other operating system in the world, at least in terms of packaging. They are trying to supply a relatively small base while third-party projects will provide portable packages.
It probably sounds like I'm describing a world where classic packages (RPM, Deb, etc) are squeezed out. Their niche is going to get smaller, stuck between the immutable bases of some distributions and the portable packages running on top of them. I think, especially on commercial distributions, traditional package formats will be used less and less.
However, I don't think traditional packages are going away entirely, for two reasons. First, even immutable distributions need some way for system administrators and developers to get work done. This is often accomplished using either traditional packages or containers. And containers are usually made from traditional packages. The end users might not be interacting much with traditional packages in the future, but the old package formats still be there, behind the scenes. Probably for decades to come. The second reason traditional packages are sticking around, at least in many distributions, is their level of efficiency.
Portable packages are large, they take a long time to download, and they use a lot of disk space. Even with deduplication efforts, portable packages are big, heavy beasts that require a framework in place to operate. They don't integrate into the host operating system well and there are still performance issues to address. This means, especially for distributions where performance or flexibility are important, traditional package formats still make sense. Anyone trying to squeeze more performance from their workstation or server, anyone looking to do embedded work, anyone craving flexibility over reliability is going to prefer traditional packages. As a result, I suspect traditional packages and package managers will be with us for a long time.
In fact, some distributions pretty much rely on the classic packaging approach as a core part of their design. Any sort of highly customized distribution, such as Arch Linux and Gentoo, are philosophically at odds with immutable bases and portable packages because the whole point of these systems is to give the user the ability to customize the operating system in detail. These projects are not pre-packaged solutions, the Android is, the goal is to give users the power to mix and match pieces as they wish. As long as we have distributions geared toward do-it-yourself computer users, we're going to need traditional packages.
* * * * *
Additional answers can be found in our Questions and Answers archive.
|
| Released Last Week |
Emmabuntus DE5-1.04
Emmabuntüs is a lightweight, Debian-based distribution. The project's latest update introduces a series of key package updates as well as a German translation of the handbook. The release announcement reports: "The Emmabuntüs Collective is pleased to announce the release on March 24, 2025, of the update of its distribution, Emmabuntüs Debian Edition 5 1.04 (32-bit and 64-bit), based on Debian 12.10 'Bookworm' and the XFCE and LXQt desktop environments. This new version of our distribution mainly concerns updates to the software included in it following the release of Debian 12.10, with the update of the excellent Debian beginner’s handbook which now includes a German version included in our distribution, as well as the addition as standard of the Debian reference manuals included in it for the following languages: English, French, German, Italian, Spanish, Portuguese and Japanese. Emmabuntüs DE 5 1.04 includes the following new features and enhancements: based on the Debian 12.10 'Bookworm' operating system; Updates - Firefox 128.8.0esr, Thunderbird 128.7.0esr, deb-get 0.4.4, Ventoy 1.1.05, CTparental 5.1.23, Warpinator 1.8.8, Boot-Repair 4ppa2081, RadioTray-NG 0.2.9, Debian beginners handbook 12.10; accessibility feature updates - Ocrizer 1.4, Elograf 0.6.0."
Zorin OS 17.3
The Zorin OS project has published an update for the Ubuntu-based distribution which seeks to make former Windows users feel at home. The project's latest release, version 17.3, expands alternatives for Windows applications and changes the default web browser from Firefox to Brave. "Tailored alternatives to more Windows apps We've greatly expanded our built-in database to detect installer files for popular Windows apps. It now supports over 150 apps, recommending even more tailored alternatives to sideloading their Windows executables. For example, when you launch the Windows installer for an app like Obsidian, Zorin OS displays a dialog that directs you to the app's native Linux version in the Software store. It also suggests the closest native alternatives to other Windows-only apps, like the built-in Document Viewer instead of Adobe Acrobat Reader. To craft the most user-friendly experience for new users, we endeavor to support the widest selection of software. This update makes it easier to run the most compatible versions of your favorite apps in Zorin OS." Additional information can be found in the release announcement.
Zorin OS 17.3 -- Running the GNOME desktop
(full image size: 2.3MB, resolution: 1920x1080 pixels)
Q4OS 5.8
Q4OS is a Debian-based distribution which is available in KDE Plasma and Trinity Desktop Environment (TDE) flavours. The project's latest update is Q4OS 5.8 which introduces fresh translations to the Calamares system installer and Flatpak support is now included in the project's Desktop Profiler tool. The project's release announcement states: "The Q4OS project is pleased to announce the eighth update of its stable edition Q4OS 5 codenamed Aquarius. The new Aquarius 5.8 series receives important security and bug fixes, the recent Debian Bookworm 12.10 updates and updated Debian stable 6.1.0-32 kernel. This release brings along a few Q4OS specific improvements, fixes and a cumulative upgrade covering all the changes since the previous stable Aquarius release. The Calamares live installer has got new translations. Desktop profiler tool now features brand new plugin for handling Flatpak applications in case Flatpak framework is enabled in the system. In addition to the new plugin the Desktop profiler capabilities have been expanded and the code has been largerly rewritten to support true multithreading."
CachyOS 250330
CachyOS is a Linux distribution based on Arch Linu which focuses on speed and security optimisations. The project's latest snapshot introduces a new boot loader, re-adds NVIDIA firmware, and automates configuring Samba shares. "The first major change is that we have added a new Bootloader. Limine is a great bootloader, which can be used for BIOS and UEFI. Limine also supports some theming like GRUB. We have also added direct Btrfs snapshot support, like it works with 'grub-btrfs'. This has been greatly tested from our side and works well. The snapshots will be enabled out of the box for all installations which are using Btrfs as a filesystem. We have added a package, called 'cachyos-samba-settings', which configures and sets up Samba support. This has been requested by our users. After discussions with NVIDIA, we have re-enabled the GSP Firmware for the closed-source kernel module. The GSP Firmware had a bunch of improvements in recent releases, and most drawbacks seem to be solved now." Additional details can be found in the project's release announcement.
* * * * *
Development, unannounced and minor bug-fix releases
|
| Torrent Corner |
Weekly Torrents
The table below provides a list of torrents DistroWatch is currently seeding. If you do not have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.
Archives of our previously seeded torrents may be found in our Torrent Archive. We also maintain a Torrents RSS feed for people who wish to have open source torrents delivered to them. To share your own open source torrents of Linux and BSD projects, please visit our Upload Torrents page.
Torrent Corner statistics:
- Total torrents seeded: 3,184
- Total data uploaded: 46.9TB
|
| Upcoming Releases and Announcements |
|
Summary of expected upcoming releases
|
| Opinion Poll (by Jesse Smith) |
Favourite non-duopoly mobile operating system
In this week's review of GrapheneOS we talked about this security-focused mobile operating system and its minimal approach. This is one of several mobile operating systems we have talked about recently which provides alternatives to the duopoly of Apple's iOS and Google's stock Android platforms. This week we'd like to hear which alternative mobile system is your favourite. Let us know which mobile devices you are using to run these open mobile platforms in the comments.
You can see the results of our previous poll on the type of storage devices used in our readers' computers in our previous edition. All previous poll results can be found in our poll archives.
|
|
|
| Website News |
Donations and Sponsors
Each month we receive support and kindness from our readers in the form of donations. These donations help us keep the web server running, pay contributors, and keep infrastructure like our torrent seed box running. We'd like to thank our generous readers and acknowledge how much their contributions mean to us.
This month we're grateful for the $123 in contributions from the following kind souls:
| Donor |
Amount |
|---|
| J S | $50 |
| Jonathon B | $10 |
| Sam C | $10 |
| Joshua B | $7 |
| Brian59 | $5 |
| Chris S | $5 |
| Chung T | $5 |
| John B | $5 |
| Maki | $5 |
| surf3r57 | $5 |
| TaiKedz | $5 |
| J.D. L | $2 |
| PB C | $2 |
| aRubes | $1 |
| Colton D | $1 |
| Stephen M | $1 |
| Kai D | $1 |
| Lars N | $1 |
| Shasheen E | $1 |
| William E | $1 |
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 7 April 2025. Past articles and reviews can be found through our Weekly Archive and Article Search pages. To contact the authors please send e-mail to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews/submissions, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, donations, comments)
|
|
| Tip Jar |
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip.
(Tips this week: 0, value: US$0.00) |
|
|
|
 bc1qxes3k2wq3uqzr074tkwwjmwfe63z70gwzfu4lx  lnurl1dp68gurn8ghj7ampd3kx2ar0veekzar0wd5xjtnrdakj7tnhv4kxctttdehhwm30d3h82unvwqhhxarpw3jkc7tzw4ex6cfexyfua2nr  86fA3qPTeQtNb2k1vLwEQaAp3XxkvvvXt69gSG5LGunXXikK9koPWZaRQgfFPBPWhMgXjPjccy9LA9xRFchPWQAnPvxh5Le paypal.me/distrowatchweekly • patreon.com/distrowatch |
|
| Extended Lifecycle Support by TuxCare |
|
|
|
| TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite
Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
| Archives |
| • Issue 1117 (2025-04-14): Shebang 25.0, EndeavourOS 2025.03.19, running applications from other distros on the desktop, Debian gets APT upgrade, Mint introduces OEM options for LMDE, postmarketOS packages GNOME 48 and COSMIC, Redox testing USB support |
| • Issue 1116 (2025-04-07): The Sense HAT, Android and mobile operating systems, FreeBSD improves on laptops, openSUSE publishes many new updates, Fedora appoints new Project Leader, UBports testing VoLTE |
| • Issue 1115 (2025-03-31): GrapheneOS 2025, the rise of portable package formats, MidnightBSD and openSUSE experiment with new package management features, Plank dock reborn, key infrastructure projects lose funding, postmarketOS to focus on reliability |
| • Issue 1114 (2025-03-24): Bazzite 41, checking which processes are writing to disk, Rocky unveils new Hardened branch, GNOME 48 released, generating images for the Raspberry Pi |
| • Issue 1113 (2025-03-17): MocaccinoOS 1.8.1, how to contribute to open source, Murena extends on-line installer, Garuda tests COSMIC edition, Ubuntu to replace coreutils with Rust alternatives, Chimera Linux drops RISC-V builds |
| • Issue 1112 (2025-03-10): Solus 4.7, distros which work with Secure Boot, UBports publishes bug fix, postmarketOS considers a new name, Debian running on Android |
| • Issue 1111 (2025-03-03): Orbitiny 0.01, the effect of Ubuntu Core Desktop, Gentoo offers disk images, elementary OS invites feature ideas, FreeBSD starts PinePhone Pro port, Mint warns of upcoming Firefox issue |
| • Issue 1110 (2025-02-24): iodeOS 6.0, learning to program, Arch retiring old repositories, openSUSE makes progress on reproducible builds, Fedora is getting more serious about open hardware, Tails changes its install instructions to offer better privacy, Murena's de-Googled tablet goes on sale |
| • Issue 1109 (2025-02-17): Rhino Linux 2025.1, MX Linux 23.5 with Xfce 4.20, replacing X.Org tools with Wayland tools, GhostBSD moving its base to FreeBSD -RELEASE, Redox stabilizes its ABI, UBports testing 24.04, Asahi changing its leadership, OBS in dispute with Fedora |
| • Issue 1108 (2025-02-10): Serpent OS 0.24.6, Aurora, sharing swap between distros, Peppermint tries Void base, GTK removinglegacy technologies, Red Hat plans more AI tools for Fedora, TrueNAS merges its editions |
| • Issue 1107 (2025-02-03): siduction 2024.1.0, timing tasks, Lomiri ported to postmarketOS, Alpine joins Open Collective, a new desktop for Linux called Orbitiny |
| • Issue 1106 (2025-01-27): Adelie Linux 1.0 Beta 6, Pop!_OS 24.04 Alpha 5, detecting whether a process is inside a virtual machine, drawing graphics to NetBSD terminal, Nix ported to FreeBSD, GhostBSD hosting desktop conference |
| • Issue 1105 (2025-01-20): CentOS 10 Stream, old Flatpak bundles in software centres, Haiku ports Iceweasel, Oracle shows off debugging tools, rsync vulnerability patched |
| • Issue 1104 (2025-01-13): DAT Linux 2.0, Silly things to do with a minimal computer, Budgie prepares Wayland only releases, SteamOS coming to third-party devices, Murena upgrades its base |
| • Issue 1103 (2025-01-06): elementary OS 8.0, filtering ads with Pi-hole, Debian testing its installer, Pop!_OS faces delays, Ubuntu Studio upgrades not working, Absolute discontinued |
| • Issue 1102 (2024-12-23): Best distros of 2024, changing a process name, Fedora to expand Btrfs support and releases Asahi Remix 41, openSUSE patches out security sandbox and donations from Bottles while ending support for Leap 15.5 |
| • Issue 1101 (2024-12-16): GhostBSD 24.10.1, sending attachments from the command line, openSUSE shows off GPU assignment tool, UBports publishes security update, Murena launches its first tablet, Xfce 4.20 released |
| • Issue 1100 (2024-12-09): Oreon 9.3, differences in speed, IPFire's new appliance, Fedora Asahi Remix gets new video drivers, openSUSE Leap Micro updated, Redox OS running Redox OS |
| • Issue 1099 (2024-12-02): AnduinOS 1.0.1, measuring RAM usage, SUSE continues rebranding efforts, UBports prepares for next major version, Murena offering non-NFC phone |
| • Issue 1098 (2024-11-25): Linux Lite 7.2, backing up specific folders, Murena and Fairphone partner in fair trade deal, Arch installer gets new text interface, Ubuntu security tool patched |
| • Issue 1097 (2024-11-18): Chimera Linux vs Chimera OS, choosing between AlmaLinux and Debian, Fedora elevates KDE spin to an edition, Fedora previews new installer, KDE testing its own distro, Qubes-style isolation coming to FreeBSD |
| • Issue 1096 (2024-11-11): Bazzite 40, Playtron OS Alpha 1, Tucana Linux 3.1, detecting Screen sessions, Redox imports COSMIC software centre, FreeBSD booting on the PinePhone Pro, LXQt supports Wayland window managers |
| • Issue 1095 (2024-11-04): Fedora 41 Kinoite, transferring applications between computers, openSUSE Tumbleweed receives multiple upgrades, Ubuntu testing compiler optimizations, Mint partners with Framework |
| • Issue 1094 (2024-10-28): DebLight OS 1, backing up crontab, AlmaLinux introduces Litten branch, openSUSE unveils refreshed look, Ubuntu turns 20
| | • Issue 1093 (2024-10-21): Kubuntu 24.10, atomic vs immutable distributions, Debian upgrading Perl packages, UBports adding VoLTE support, Android to gain native GNU/Linux application support |
| • Issue 1092 (2024-10-14): FunOS 24.04.1, a home directory inside a file, work starts of openSUSE Leap 16.0, improvements in Haiku, KDE neon upgrades its base |
| • Issue 1091 (2024-10-07): Redox OS 0.9.0, Unified package management vs universal package formats, Redox begins RISC-V port, Mint polishes interface, Qubes certifies new laptop |
| • Issue 1090 (2024-09-30): Rhino Linux 2024.2, commercial distros with alternative desktops, Valve seeks to improve Wayland performance, HardenedBSD parterns with Protectli, Tails merges with Tor Project, Quantum Leap partners with the FreeBSD Foundation |
| • Issue 1089 (2024-09-23): Expirion 6.0, openKylin 2.0, managing configuration files, the future of Linux development, fixing bugs in Haiku, Slackware packages dracut |
| • Issue 1088 (2024-09-16): PorteuX 1.6, migrating from Windows 10 to which Linux distro, making NetBSD immutable, AlmaLinux offers hardware certification, Mint updates old APT tools |
| • Issue 1087 (2024-09-09): COSMIC desktop, running cron jobs at variable times, UBports highlights new apps, HardenedBSD offers work around for FreeBSD change, Debian considers how to cull old packages, systemd ported to musl |
| • Issue 1086 (2024-09-02): Vanilla OS 2, command line tips for simple tasks, FreeBSD receives investment from STF, openSUSE Tumbleweed update can break network connections, Debian refreshes media |
| • Issue 1085 (2024-08-26): Nobara 40, OpenMandriva 24.07 "ROME", distros which include source code, FreeBSD publishes quarterly report, Microsoft updates breaks Linux in dual-boot environments |
| • Issue 1084 (2024-08-19): Liya 2.0, dual boot with encryption, Haiku introduces performance improvements, Gentoo dropping IA-64, Redcore merges major upgrade |
| • Issue 1083 (2024-08-12): TrueNAS 24.04.2 "SCALE", Linux distros for smartphones, Redox OS introduces web server, PipeWire exposes battery drain on Linux, Canonical updates kernel version policy |
| • Issue 1082 (2024-08-05): Linux Mint 22, taking snapshots of UFS on FreeBSD, openSUSE updates Tumbleweed and Aeon, Debian creates Tiny QA Tasks, Manjaro testing immutable images |
| • Issue 1081 (2024-07-29): SysLinuxOS 12.4, OpenBSD gain hardware acceleration, Slackware changes kernel naming, Mint publishes upgrade instructions |
| • Issue 1080 (2024-07-22): Running GNU/Linux on Android with Andronix, protecting network services, Solus dropping AppArmor and Snap, openSUSE Aeon Desktop gaining full disk encryption, SUSE asks openSUSE to change its branding |
| • Issue 1079 (2024-07-15): Ubuntu Core 24, hiding files on Linux, Fedora dropping X11 packages on Workstation, Red Hat phasing out GRUB, new OpenSSH vulnerability, FreeBSD speeds up release cycle, UBports testing new first-run wizard |
| • Issue 1078 (2024-07-08): Changing init software, server machines running desktop environments, OpenSSH vulnerability patched, Peppermint launches new edition, HardenedBSD updates ports |
| • Issue 1077 (2024-07-01): The Unity and Lomiri interfaces, different distros for different tasks, Ubuntu plans to run Wayland on NVIDIA cards, openSUSE updates Leap Micro, Debian releases refreshed media, UBports gaining contact synchronisation, FreeDOS celebrates its 30th anniversary |
| • Issue 1076 (2024-06-24): openSUSE 15.6, what makes Linux unique, SUSE Liberty Linux to support CentOS Linux 7, SLE receives 19 years of support, openSUSE testing Leap Micro edition |
| • Issue 1075 (2024-06-17): Redox OS, X11 and Wayland on the BSDs, AlmaLinux releases Pi build, Canonical announces RISC-V laptop with Ubuntu, key changes in systemd |
| • Issue 1074 (2024-06-10): Endless OS 6.0.0, distros with init diversity, Mint to filter unverified Flatpaks, Debian adds systemd-boot options, Redox adopts COSMIC desktop, OpenSSH gains new security features |
| • Issue 1073 (2024-06-03): LXQt 2.0.0, an overview of Linux desktop environments, Canonical partners with Milk-V, openSUSE introduces new features in Aeon Desktop, Fedora mirrors see rise in traffic, Wayland adds OpenBSD support |
| • Issue 1072 (2024-05-27): Manjaro 24.0, comparing init software, OpenBSD ports Plasma 6, Arch community debates mirror requirements, ThinOS to upgrade its FreeBSD core |
| • Issue 1071 (2024-05-20): Archcraft 2024.04.06, common command line mistakes, ReactOS imports WINE improvements, Haiku makes adjusting themes easier, NetBSD takes a stand against code generated by chatbots |
| • Issue 1070 (2024-05-13): Damn Small Linux 2024, hiding kernel messages during boot, Red Hat offers AI edition, new web browser for UBports, Fedora Asahi Remix 40 released, Qubes extends support for version 4.1 |
| • Issue 1069 (2024-05-06): Ubuntu 24.04, installing packages in alternative locations, systemd creates sudo alternative, Mint encourages XApps collaboration, FreeBSD publishes quarterly update |
| • Issue 1068 (2024-04-29): Fedora 40, transforming one distro into another, Debian elects new Project Leader, Red Hat extends support cycle, Emmabuntus adds accessibility features, Canonical's new security features |
| • Issue 1067 (2024-04-22): LocalSend for transferring files, detecting supported CPU architecure levels, new visual design for APT, Fedora and openSUSE working on reproducible builds, LXQt released, AlmaLinux re-adds hardware support |
| • Issue 1066 (2024-04-15): Fun projects to do with the Raspberry Pi and PinePhone, installing new software on fixed-release distributions, improving GNOME Terminal performance, Mint testing new repository mirrors, Gentoo becomes a Software In the Public Interest project |
| • Full list of all issues |
| Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
| Random Distribution | 
Antomic GNU/Linux
Antomic was a free operating system. The Antomic GNU/Linux distribution was created with simplicity and adaptability in mind. It's quick to install, setup and boot. The focus was on simplicity and convenience for experienced users. GNOME was used as the desktop environment.
Status: Discontinued
|
| TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite
Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
| Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
|
• 
• 
• 
• 
• 
• 
• 
