DistroWatch Weekly |
DistroWatch Weekly, Issue 656, 11 April 2016 |
Welcome to this year's 15th issue of DistroWatch Weekly!
Security and privacy are increasingly popular topics in the field of software. The conversation seems to have changed in recent years from whether we should be concerned about on-line privacy to how much we should be concerned. For people who want to protect their operating systems and their data there are plenty of options out there and we talk about a few of them this week. We begin with a look at Qubes OS, a solution which tries to completely separate tasks and our data into different containers (or domains). In our News section we talk about Whonix, a project which forces all network traffic through the Tor network. We also discuss a new distribution featuring the Budgie desktop environment and the growing family tree of Puppy Linux editions. In our Questions and Answers column we discuss setting up disk partitions and trying to run Ubuntu's command line software on Windows. In our Opinion Poll we ask if our readers prefer running upstream or downstream distributions. Plus we share the releases of the past week and provide a list of the torrents we are seeding. We are also happy to welcome three new distributions to our database: AryaLinux, Lakka and PrimTux. We wish you all a terrific week and happy reading!
Content:
- Review: Isolating processes with Qubes OS 3.1
- News: Whonix offers bug bounties, Ubuntu Budgie edition planned, Puppy's family tree
- Questions and answers: Setting up disk partitions and bash on Windows
- Torrent corner: FreeBSD, NuTyX
- Released last week: FreeBSD 10.3, NuTyX 8.1, PC-BSD 10.3
- Opinion poll: Upstream or downstream distributions?
- DistroWatch.com news: Updated contact and feed information
- Distributions added to the database: AryaLinux, Lakka, PrimTux
- New distributions: X-LFS-2010, Open Network Linux, EasyNAS, JyllDeveloper
- Reader comments
Listen to the Podcast edition of this week's DistroWatch Weekly in OGG (30MB) and MP3 (41MB) formats
|
Feature Story (by Jesse Smith) |
Isolating processes with Qubes OS 3.1
There are several approaches to computer security. One method is to try to make every component work as correctly and error-free as possible. This is called security through correctness. Another approach is called security by obscurity and it involves hiding secrets or flaws. A third approach to security is isolation, which is sometimes called security by compartmentalization. This third method keeps important pieces separate so if one component is compromised, the other components can continue to work, unaffected.
These different styles of security might make more sense if we look at an example from the non-digital world. Imagine we have some valuables we want to keep locked away and we decide to buy a safe to store our precious documents, jewels and money. If we buy a high quality safe that is hard to force open, that is security through correctness. If we hide our safe behind a picture or in a secret room, that is security through obscurity. Buying two safes and placing half of our valuables in each so if one is robbed then we still have half of our items is an example of security by compartmentalization.
This week I want to talk about Qubes OS, a project which takes a strong stance in favour of security by compartmentalization. The project's website describes Qubes OS as follows:
Qubes takes an approach called security by compartmentalization, which allows you to compartmentalize the various parts of your digital life into securely isolated virtual machines (VMs). A VM is basically a simulated computer with its own OS which runs as software on your physical computer. You can think of a VM as a computer within a computer.
This approach allows you to keep the different things you do on your computer securely separated from each other in isolated VMs so that one VM getting compromised won’t affect the others. For example, you might have one VM for visiting untrusted websites and a different VM for doing online banking. This way, if your untrusted browsing VM gets compromised by a malware-laden website, your online banking activities won’t be at risk.
People who have used virtual machines to run alternative operating systems on their desktop might wonder how Qubes differs from running multiple instances of VirtualBox or KVM. There are two important characteristics which set Qubes apart. The first is that Qubes runs programs in Xen which essentially means Qubes is working at a lower level. VirtualBox runs on top of our existing operating system, effectively stacking operating systems, one on top of the other. The guest system can be compromised if the host is compromised. With Qubes, the Xen hypervisor is running directly on the computer's hardware and the various virtual machines are running beside each other instead of one on top of the other. This should make it harder for one compromised compartment to gain access to the others.
From the end user's perspective though the main difference is Qubes will run applications from different virtual machines on the desktop just as if they were regular applications. This means the separate virtual machines integrate with the desktop. As the project's website explains: "Qubes makes it so that multiple VMs running under a Type 1 hypervisor can be securely used as an integrated OS. For example, it puts all of your application windows on the same desktop with special coloured borders indicating the trust levels of their respective VMs."
Qubes OS is available in two editions, the main edition is a 2.3GB download and boots straight into a system installer which will help users set up Qubes on their computer. The second option is a Live edition which is available as a 4.6GB download. I have tried each major version of Qubes OS and have been unsuccessful in getting it to install, so this time I decided to try the new Live edition. Though the Live edition is considered to be of alpha quality, I was able to boot Qubes OS Live on my laptop and experiment with the new 3.1 release.
Booting from the live media takes a while, but we are eventually brought to a KDE desktop. Qubes runs KDE 4.14 with grey wallpaper. The application menu, task switcher and system tray are placed at the bottom of the screen. The application menu is presented in a classic tree layout. Shortly after logging in, an application called "Qubes VM Manager" appears on the desktop. This manager application, at a glance, looks like a task monitor for virtual machines. The Qubes VM Manager lists three virtual machines (or domains) by default: dom0, sys-net and sys-firewall. I will come back to the VM Manager and the domains it controls in a bit.
Qubes OS 3.1 -- The Qubes VM Manager
(full image size: 321kB, resolution: 1366x768 pixels)
At a glance, Qubes OS runs the KDE4 desktop and ships with quite a few common applications. LibreOffice, Firefox, the Thunar file manager and a text editor are available. Qubes uses Fedora 21 as a template for its virtual machines and this gives us access to a wide range of software in Fedora's repositories. Locally, we find Qubes uses the YUM package manager, systemd 208 and version 3.18 of the Linux kernel. Upon signing into the Qubes live session, I found the system actively used about 500MB of RAM, but had filled up my laptop's memory with about 4GB of cached files.
On the surface, Qubes OS looks a lot like any other desktop distribution. However, the system is divided into separate regions or domains. At the centre is dom0 (Domain Zero). We can think of this as the hub of Qubes. Domain Zero is where the management controls are, it is where we can configure other domains and it is where we can launch or terminate applications that are running in other domains. Another key component of Domain Zero is it has no Internet access. A domain called sys-net handles networking and sys-net can share its network connection with other domains, but not Domain Zero. This idea can take a while to get used to, but it means Domain Zero, the central managing domain of the system, is walled off from the Internet.
Let's look at some of the domains available to us and how they work. If we look in the KDE application menu we find a list of domains, each domain has its own sub-menu with a list of applications that domain can access. The listed domains include Banking, Personal, Untrusted, Work, sys-net, sys-firewall and Disposable. I would like to point out that the names of most of the domains (apart from sys-net) are fairly arbitrary. We can use the Work domain for entertainment and the Personal domain for banking, if we want, but it is easier to keep functionality straight if we perform tasks in their corresponding domains.
In each tree of the application menu we can see the applications which can be launched from a given domain. By default, each domain typically starts out with just the Firefox web browser and we can add more applications later. Each domain is associated with a colour: red, yellow or green. Launching an application, like Firefox, from the application menu opens the web browser and places a coloured border around the browser's window. The copy of Firefox run from the Personal domain will have a red border while the copy of Firefox running in the Banking domain will have a green border. This helps us tell programs apart in case we have multiple browsers or terminals open on the desktop.
Each domain has its own file system and its own applications. This means if we download a file using Firefox in our Personal domain, the file is not available in the Banking domain. On the positive side, this keeps malicious programs from spreading, but it also means it is difficult to share files between domains. The Qubes documentation claims there are two ways to share files between domains, one uses a command line program while the other method can be accessed through the file manager. I found that the cross-domain copying command did not exist in the Live edition of Qubes and two of the three file manager icons did not launch a file manager, instead opening a file manager configuration window. The third file manager icon launched the Thunar file manager and, from it, I was unable to find the cross-domain copying function.
Qubes OS 3.1 -- Applications in separate domains have their own files and directories
(full image size: 92kB, resolution: 1366x768 pixels)
The easiest way I found to transfer files between domains was to plug a USB thumb drive into my laptop, copy files onto the drive and then restore them from somewhere else. Copying files to another computer over the network and reading them back in another domain is a second option. However, as I mentioned before, Domain Zero does not have network access, limiting our options when it comes to transferring files.
Earlier I mentioned that each domain will have Internet access, assuming the sys-net domain has been connected to our network. Connecting sys-net to the Internet is fairly straight forward. There is a Network Manager icon in the KDE system tray, surrounded by sys-net's distinctive red border. We can click on the Network Manager icon to connect to local networks. Once we have logged into a network all domains, apart from dom0, can access the Internet. Early on I noticed DNS look-ups were not working, effectively making it impossible to browse the Internet. To fix this, I opened up a terminal in the sys-net domain and edited my /etc/resolv.conf file. I changed the default name servers in the resolv.conf file to valid ones and networking in each domain worked as expected afterwards. I noted at the time that we can use the sudo command, without a password, to perform administrative functions in each domain. This passwordless access may seem like a security issue at first, but since each domain is isolated from the others, having the ability to perform administrative actions in any one domain has minimal impact.
At the heart of the Qubes experience is the Qubes VM Manager. This application lists the running domains and provides us with CPU and memory usage statistics. From the VM Manager we can start/stop domains. The VM Manager also allows us to assign application launchers to each domain. This allows us to put, for example, the Transmission bittorrent application in the Personal domain and LibreOffice in the Work domain. Once an application has been added to a domain, its launcher appears in the KDE application menu under the selected domain's sub-menu.
Qubes OS 3.1 -- Assigning application launchers to a domain
(full image size: 120kB, resolution: 1366x768 pixels)
There is an option in the VM Manager to perform upgrades to Domain Zero. I was not certain whether this update function would cause the programs in each domain to also be updated or if the packages in each domain had to be upgrade separately. When I tried to install all waiting updates, a window appeared and told me the update process had started, but then nothing happened. After several minutes I tried to stop the update process and the VM Manager became unresponsive and I had to terminate the VM Manager. The VM Manager can be re-launched from the KDE application menu.
I had better luck working with packages from the command line. Qubes uses Fedora software and can install packages from Fedora repositories using the YUM command line package manager. I found it possible to install packages into each domain, giving me the chance to customize each isolated portion of the system with the tools I wanted to use.
Something I found interesting was that after I had run YUM for the first time in the Work domain, the system notified me that the sys-firewall domain was checking for software updates. A short time later the Apper package manager appeared and offered to download all waiting updates, 114MB of packages in total. While this use of Apper may be convenient, it was not clear which domain was being updated. I think Apper was updating Domain Zero, but there was no immediate information to support this idea.
Conclusions
This lack of clarity with regards to software updates underlines what was, for me, the biggest hurdle I had with Qubes. I was sometimes unclear as to whether I was updating all domains or just one; if my connection to the Internet was not working in dom0 by design or because I needed to adjust a configuration option; was I unable to take screen shots from within domains due to a security feature or a technical problem? With some trial and error, I was able to find my way around Qubes and make use of it, but the system felt awkward, at least during my first afternoon with it.
I had a revelation though on the second day of my trial when I realized I had been using Qubes incorrectly. I had been treating Qubes as a security enhanced Linux distribution, as though it were a regular desktop operating system with some added security. This quickly frustrated me as it was difficult to share files between domains, take screen shots or even access the Internet from programs I had opened in Domain Zero. My experience was greatly improved when I started thinking of Qubes as being multiple, separate computers which all just happened to share a display screen. Once I began to look at each domain as its own island, cut off from all the others, Qubes made a lot more sense. Qubes brings domains together on one desktop in much the same way virtualization lets us run multiple operating systems on the same server.
Qubes presents us with an interesting idea: running multiples applications on one desktop that are not only sandboxed (as with Firejail), but completely walled off from each other. This presents us with a great deal of security as it does not matter to our Banking applications if our Personal domain is taken over by attackers. Running multiple windows, each in its own, isolated domain requires some adjustment in thinking. It's not easy for me to look at a text editor and a web browser on the same screen and know they cannot share access to the same file. But, after experimenting with Qubes for a few days, the idea of each application as an island started to make sense. Qubes is probably more security than most people need right now; managing the applications in each separate domain would be confusing to a lot of people. However, I can certainly see the appeal of Qubes for people who need to keep their work safely separate from their personal life.
* * * * *
Hardware used in this review
My physical test equipment for this review was a de-branded HP laptop with the following
specifications:
- Processor: Intel i3 2.5GHz CPU
- Display: Intel integrated video
- Storage: Western Digital 700GB hard drive
- Memory: 6GB of RAM
- Wired network device: Realtek RTL8101E/RTL8102E PCI Express Fast
- Wireless network device: Realtek RTL8188EE Wireless network card
|
Miscellaneous News (by Jesse Smith) |
Whonix offers bug bounties, Ubuntu Budgie edition planned, Puppy's family tree
The Whonix project, which seeks to make web browsing more secure by forcing all network traffic through the Tor network, wants to create a more robust and secure distribution. In an effort to engage the community, some key Whonix tasks have been assigned bounties. Contributors who submit working solutions can earn cash, up to $3,000 USD. A list of the current outstanding tasks, including bootstrapping Debian packages from their source code, can be found on the Whonix blog. The bounty program allows users to contribute money towards projects they feel should be given more attention and gives developers a way to earn money working on open source projects.
* * * * *
Since the Budgie desktop made its debut in Solus there have been efforts to package the desktop environment for other Linux distributions. One such effort, currently called Budgie Remix, is seeking to create a new Ubuntu community flavour. "Budgie desktop is designed with the modern user in mind, it focuses on simplicity and elegance. A huge advantage for the Budgie desktop is that it is not a fork of another project, but rather one written from scratch with integration in mind. [This is a] community based distro based upon the Ubuntu base combined with the elegant Budgie desktop. Ideally we would like to become 'Ubuntu Budgie' - a member of the official community based Ubuntu distros." The progress of this project can be tracked on its GitHub page.
* * * * *
The Puppy Linux distribution has a well earned reputation for being easy to use and for offering older computers a new lease on life. The Puppy Linux distribution has grown more popular over the years and this has lead to a number of extra editions and forks. It can be difficult to keep track of Puppy's growing family and this has lead to the creation of the Puppy Linux family tree. This chart, and accompanying write-up, explain how the many flavour of Puppy relate to each other.
|
Questions and Answers (by Jesse Smith) |
Setting up disk partitions
Seeking-the-perfect-disk-layout asks: I am building a PC specifically for Linux distributions only and I've read a lot of opinions on partition arrangement. Other than having separate partitions for /home, swap, and root (for each distribution install), is there any need for a /boot partition or a separate /tmp partition? Secondly, during installation there is a check box for picking where to install that distribution's boot loader. Where should this point to and why? If there is a separate /boot partition, would it point there or is it always supposed to be the root partition for that distribution?
DistroWatch answers: First, I would like to say my general rule when it comes to disk partition layouts is to make things as simple as possible. While there are situations where separate /boot, /tmp or /var partitions make sense, for most people running Linux at home, these are not necessary. Quite often we will just need a single /home partition, some swap space and one root partition for each operating system installed. There are some exceptions to this general rule, but that is where I suggest people start. As for the specific questions asked:
1. Is there any need for a separate /boot partition? Often no, if you are using standard partitions. Having a /boot partition can be useful if you are using Btrfs, ZFS or other advanced file systems as some distributions do not support booting from these file systems directly. To make sure you can boot into a Btrfs, ZFS or another non-standard file system, set up a separate /boot partition and format it with the ext4 file system. When in doubt, it doesn't hurt anything to have a separate /boot.
2. Is there need for a separate /tmp? For a home computer, no. It can be useful in professional settings so malicious or careless users do not fill up the root partition by filling /tmp which is writable to everyone. Some people set up /tmp to function in RAM for improved speed. However, most applications tend not to use /tmp anymore so it is usually safe to ignore /tmp and just leave it as part of the root partition.
3. Where should the boot loader be installed? Usually in the MBR. That is where the system will look for it. In some situations where you boot multiple distributions you might want to give each OS its own boot loader on its own partition, but most people will be fine having a boot loader in the MBR. If you do end up giving each OS its own boot loader, then put one boot loader in the MBR and the rest in each distribution's /boot. Additional information on setting up the GRUB boot loader can be found in this helpful article.
Finally, I would like to suggest that you consider maintaining just one Linux distribution on your computer and run alternative distributions in virtual machines. Unless your computer has limited memory (less than 4GB of RAM) you should be able to run at least one distribution in a virtual environment while running your main operating system. Using virtual machines is convenient as it avoids the need to reboot the computer to switch operating systems. It also keeps your partition layout simple as each virtual machine is self contained and does not require an additional partition.
* * * * *
Does Ubuntu's bash run on Windows?
A few weeks ago we reported that both Canonical and Microsoft had announced it would soon be possible to run Ubuntu command line programs on Windows 10. This would be achieved through a compatibility layer, similar in concept to the way Linux distributions can run Windows software using WINE. Due to the timing of the announcement and Microsoft's past statements about Linux, there was some doubt as to whether the announcement was real or an April Fools joke.
There was a lot of debate over whether Ubuntu's bash shell really would run on Windows and, if so, how well the GNU command line utilities would run on Microsoft's operating system. As a curious soul who was asked to weigh in on the legitimacy of Microsoft's announcement, I decided to give running Ubuntu's bash on Windows a try. I have an Insider account that mostly collects dust and it gives me the opportunity to test previews of Microsoft technology.
For those of you who want to know what it was like for me, someone who uses Linux and BSD almost exclusively, to install and configure Windows 10, you can read my series of live tweets from last Thursday.
After following the directions to access the latest developer builds of Windows and installing all available updates, I found that the Ubuntu compatibility layer, mentioned on the Windows blog, was not available. I tried trouble-shooting the issue, removing and re-adding my computer to the Insider program, rebooting, manually checking for new builds/updates, but in each case I came up empty. My version of Windows was stuck on an older build (10586) and I was unable to find any way to upgrade to the new build (14316) which allegedly features Ubuntu compatibility. As it turned out, I was not alone. Several other members of the Insider program reported they too were unable to access the latest build.
In the end, I was unable to definitively answer the question as to whether Windows supports running Ubuntu software through a compatibility layer. Microsoft seems serious about the idea and it's mentioned on several pages of their website and in their Insider Hub application. One OSNews reader confirmed that the bash command line shell does work, in a limited way, under Windows. However, for those of us who have been unable to upgrade to the latest build of Windows, the feature effectively does not exist. At least not yet.
* * * * *
Past Questions and Answers columns can be found in our Q&A Archive.
|
Torrent Corner |
Weekly Torrents
Bittorrent is a great way to transfer large files, particularly open source operating system images, from one place to another. Most bittorrent clients recover from dropped connections automatically, check the integrity of files and can re-download corrupted bits of data without starting a download over from scratch. These characteristics make bittorrent well suited for distributing open source operating systems, particularly to regions where Internet connections are slow or unstable.
Many Linux and BSD projects offer bittorrent as a download option, partly for the reasons listed above and partly because bittorrent's peer-to-peer nature takes some of the strain off the project's servers. However, some projects do not offer bittorrent as a download option. There can be several reasons for excluding bittorrent as an option. Some projects do not have enough time or volunteers, some may be restricted by their web host provider's terms of service. Whatever the reason, the lack of a bittorrent option puts more strain on a distribution's bandwidth and may prevent some people from downloading their preferred open source operating system.
With this in mind, DistroWatch plans to give back to the open source community by hosting and seeding bittorrent files. For now, we are hosting a small number of distribution torrents, listed below. The list of torrents offered will be updated each week and we invite readers to e-mail us with suggestions as to which distributions we should be hosting. When you message us, please place the word "Torrent" in the subject line, make sure to include a link to the ISO file you want us to seed. To help us maintain and grow this free service, please consider making a donation.
The table below provides a list of torrents we currently host. If you do not currently have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.
Archives of our previously seeded torrents may be found here. All torrents we make available here are also listed on the very useful Linux Tracker website. Thanks to Linux Tracker we are able to share the following torrent statistics.
Torrent Corner statistics:
- Total torrents seeded: 182
- Total data uploaded: 34.1TB
|
Released Last Week |
FreeBSD 10.3
The FreeBSD project has announced the availability of a new version of their stable branch. The new release, FreeBSD 10.3 improves UEFI support, introduces ZFS boot environments and the ability to run 64-bit Linux applications on 64-bit x86 builds of FreeBSD. "The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 10.3-RELEASE. This is the third release of the stable/10 branch, which improves on the stability of FreeBSD 10.2-RELEASE and introduces some new features. Some of the highlights: The UEFI boot loader received several improvements: It now follows /boot/config and /boot.config files, multi-device boot support works and command line arguments are parsed. Additionally, its framebuffer driver has been enhanced with GOP (Graphics Output Protocol) and UGA (Universal Graphics Adapter) handling, allowing to set the current graphics mode on systems using one of these methods. Moreover, ZFS boot capability has been added to the UEFI boot loader, including support for multiple ZFS Boot Environments (BEs), e. g. those provided by sysutils/beadm..." Additional information can be found in the release announcement and in the detailed release notes.
NuTyX 8.1
The NuTyX project produces a French distribution based on the Linux From Scratch and Beyond Linux From Scratch guides. The project has released NuTyX 8.1 which contains many software updates and is available in both 32-bit and 64-bit x86 builds. The new release features version 4.4.6 of the Linux kernel, Firefox 45 and version 5.3 of the GNU Compiler Collection. "Six months after the first Houaphan 8.0 version release, I am proud to announce the release of NuTyX 8.1. The code name remains Houaphan. Time's flying, Houaphan is already the 8th major release since the first public version of NuTyX in 2007. This 8.1 version is available in 64- and 32-bits. Boths should have all the available packages." A list of important changes, along with upgrade instructions, can be found in the project's release announcement.
PC-BSD 10.3
Kris Moore has announced the launch of a new stable PC-BSD release. The project's latest version, PC-BSD 10.3, is intended to be the final release in the project's 10.x branch and is based on FreeBSD 10.3. PC-BSD 10.3 uses the FreeBSD boot loader with GRUB offered as an optional alternative. UEFI support has been improved in the system installer and the operating system ships with Lumina 0.8.8 as one of the available desktop environments. "The PC-BSD team is pleased to announce the availability of 10.3-RELEASE! This is currently planned to be the last maintenance release in the 10.X series, and we are currently working hard on the upcoming 11.0. A very special thanks to all the developers, QA, translation and documentation teams for helping to make this release possible." PC-BSD is available in two editions, the desktop edition and the TrueOS edition for servers. Additional changes and upgrade instructions for existing users can be found in the project's release announcement.
Univention Corporate Server 4.0-5
Univention has unveiled an new update to the organization's Univention Corporate Server (UCS) 4.0 series. The new release, Univention Corporate Server 4.0-5, features mostly minor updates and security fixes. "We are pleased to announce the availability of UCS 4.0-5 for download, the fifth point release of Univention Corporate Server (UCS) 4.0. It includes all errata and security updates issued for UCS 4.0-4 and provides various improvements and bug fixes especially in the areas of Active Directory compatibility and the UCS management system. The Linux kernel has been updated to 3.16.7-ckt20. This includes several stability and security updates. Diverse further security updates, among others for OpenSSL, Samba, NTP, GNU C library (glibc), sudo or Apache, are included..." Further information is available through the release announcement and release notes.
PrimTux Eiffel
The PrimTux project, which develops an education-oriented distribution based on Debian, has released a new version of the French language operating system. The new release, which carries the label "PrimTux Eiffel", features educational programs, LibreOffice 4, games and an easy to navigate interface designed with young children in mind. The distribution also features the Handy menu from Handylinux. "PrimTux is developed by a small team of school teachers and computer enthusiasts in the educational environment. For its lightness, it is not intended to replace or become the main operating system of a modern computer, but an upgrade obsolete equipment and pointing toward the school or educational environment in the spirit of education."Further information on this young distribution can be found on the project's information pages. This release of PrimTux is available for the 32-bit x86 architecture exclusively and can be either be installed on the user's hard drive or run as a live DVD.
PrimTux Eiffel -- Default desktop environment
(full image size: 889kB, resolution: 1024x768 pixels)
* * * * *
Development, unannounced and minor bug-fix releases
|
Upcoming Releases and Announcements |
Summary of expected upcoming releases
|
Opinion Poll |
Upstream or downstream distributions?
In the Linux ecosystem there are many upstream and downstream projects. Upstream projects, such as Fedora and Debian, tend to get access to new technologies and bug fixes sooner and often provide a lighter operating system. Downstream projects, like Linux Mint and Manjaro Linux, tend to have more user friendly features and added tools over their upstream parents, but may lag behind new software releases while they wait for their parent project to make new packages available.
This week we would like to know if you prefer using an upstream distribution or a downstream distro? Do you like the more vanilla experience offered by Arch Linux and Slackware, or the extra sauce provided by downstream projects like Korora and Zorin?
You can see the results of our previous poll on Ubuntu-powered mobile devices here. All previous poll results can be found in our poll archives.
|
Upstream or downstream distributions?
I prefer upstream distros: | 843 (40%) |
I prefer downstream disros: | 609 (29%) |
It depends on the situation: | 479 (23%) |
I have no preference: | 186 (9%) |
|
|
DistroWatch.com News |
Updated contact and feed information
There are a lot of ways to follow what is happening at DistroWatch. We have many RSS feeds, a handful of social media pages and e-mail addresses. Previously these were scattered around the website, but we have compiled them into one collection. Our new Contact page provides a list of e-mail addresses where we can be reached, official RSS feeds that can be followed (with a description of each feed) and a collection of social media pages which mirror on our announcements. Public security keys will also be made available through the new Contact page.
* * * * *
Distributions added to the database
AryaLinux
AryaLinux is a source-based GNU/Linux distribution that has been put together using Linux From Scratch (LFS) as a guide. The AryaLinux distribution uses a source/ports style of package management and a custom package manager called alps.
AryaLinux 2015 -- Running the Xfce desktop environment
(full image size: 377kB, resolution: 1366x768 pixels)
Lakka
Lakka is a lightweight Linux distribution that transforms a small computer into a full blown game console. The distribution is based on OpenELEC and runs the RetroArch console emulator. Lakka is capable of running on a variety of hardware, including personal computers, Raspberry Pi boards and WeTek Play devices.
PrimTux
PrimTux is a Debian-based distribution developed by a small team of school teachers and computer enthusiasts in the educational environment. It is not intended to replace or become the main operating system of a modern computer, but an upgrade for obsolete equipment and benefiting the school or educational environment in the spirit of education.
* * * * *
Distributions added to waiting list
- X-LFS-2010. X-LFS-2010 is a collection of build scripts which essentially automate the compiling and installation steps presented by Linux From Scratch. X-LFS-2010 automatically builds a minimal Linux distribution from source code.
- Open Network Linux. Open Network Linux is a Linux distribution for "bare metal" switches, that is, network forwarding devices built from commodity components. ONL uses ONIE to install onto on-board flash memory. Open Network Linux is a part of the Open Compute Project and is a component in a growing collection of open source and commercial projects.
- EasyNAS. EasyNAS is a storage management system for home and small office use. It is based on openSUSE Leap and uses Btrfs as its file system, providing flexible storage and data snapshots.
- JyllDeveloper. JyllDeveloper is a minimal desktop distribution for software developers. It is based on Ubuntu and is available in 32-bit and 64-bit x86 builds.
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 18 April 2016. To contact the authors please send e-mail to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews/submissions, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, donations, comments)
- Bruce Patterson (podcast)
|
|
Tip Jar |
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip. (Tips this week: 0, value: US$0.00) |
|
|
|
bc1qxes3k2wq3uqzr074tkwwjmwfe63z70gwzfu4lx lnurl1dp68gurn8ghj7ampd3kx2ar0veekzar0wd5xjtnrdakj7tnhv4kxctttdehhwm30d3h82unvwqhhxarpw3jkc7tzw4ex6cfexyfua2nr 86fA3qPTeQtNb2k1vLwEQaAp3XxkvvvXt69gSG5LGunXXikK9koPWZaRQgfFPBPWhMgXjPjccy9LA9xRFchPWQAnPvxh5Le paypal.me/distrowatchweekly • patreon.com/distrowatch |
|
Extended Lifecycle Support by TuxCare |
| |
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Archives |
• Issue 1091 (2024-10-07): Redox OS 0.9.0, Unified package management vs universal package formats, Redox begins RISC-V port, Mint polishes interface, Qubes certifies new laptop |
• Issue 1090 (2024-09-30): Rhino Linux 2024.2, commercial distros with alternative desktops, Valve seeks to improve Wayland performance, HardenedBSD parterns with Protectli, Tails merges with Tor Project, Quantum Leap partners with the FreeBSD Foundation |
• Issue 1089 (2024-09-23): Expirion 6.0, openKylin 2.0, managing configuration files, the future of Linux development, fixing bugs in Haiku, Slackware packages dracut |
• Issue 1088 (2024-09-16): PorteuX 1.6, migrating from Windows 10 to which Linux distro, making NetBSD immutable, AlmaLinux offers hardware certification, Mint updates old APT tools |
• Issue 1087 (2024-09-09): COSMIC desktop, running cron jobs at variable times, UBports highlights new apps, HardenedBSD offers work around for FreeBSD change, Debian considers how to cull old packages, systemd ported to musl |
• Issue 1086 (2024-09-02): Vanilla OS 2, command line tips for simple tasks, FreeBSD receives investment from STF, openSUSE Tumbleweed update can break network connections, Debian refreshes media |
• Issue 1085 (2024-08-26): Nobara 40, OpenMandriva 24.07 "ROME", distros which include source code, FreeBSD publishes quarterly report, Microsoft updates breaks Linux in dual-boot environments |
• Issue 1084 (2024-08-19): Liya 2.0, dual boot with encryption, Haiku introduces performance improvements, Gentoo dropping IA-64, Redcore merges major upgrade |
• Issue 1083 (2024-08-12): TrueNAS 24.04.2 "SCALE", Linux distros for smartphones, Redox OS introduces web server, PipeWire exposes battery drain on Linux, Canonical updates kernel version policy |
• Issue 1082 (2024-08-05): Linux Mint 22, taking snapshots of UFS on FreeBSD, openSUSE updates Tumbleweed and Aeon, Debian creates Tiny QA Tasks, Manjaro testing immutable images |
• Issue 1081 (2024-07-29): SysLinuxOS 12.4, OpenBSD gain hardware acceleration, Slackware changes kernel naming, Mint publishes upgrade instructions |
• Issue 1080 (2024-07-22): Running GNU/Linux on Android with Andronix, protecting network services, Solus dropping AppArmor and Snap, openSUSE Aeon Desktop gaining full disk encryption, SUSE asks openSUSE to change its branding |
• Issue 1079 (2024-07-15): Ubuntu Core 24, hiding files on Linux, Fedora dropping X11 packages on Workstation, Red Hat phasing out GRUB, new OpenSSH vulnerability, FreeBSD speeds up release cycle, UBports testing new first-run wizard |
• Issue 1078 (2024-07-08): Changing init software, server machines running desktop environments, OpenSSH vulnerability patched, Peppermint launches new edition, HardenedBSD updates ports |
• Issue 1077 (2024-07-01): The Unity and Lomiri interfaces, different distros for different tasks, Ubuntu plans to run Wayland on NVIDIA cards, openSUSE updates Leap Micro, Debian releases refreshed media, UBports gaining contact synchronisation, FreeDOS celebrates its 30th anniversary |
• Issue 1076 (2024-06-24): openSUSE 15.6, what makes Linux unique, SUSE Liberty Linux to support CentOS Linux 7, SLE receives 19 years of support, openSUSE testing Leap Micro edition |
• Issue 1075 (2024-06-17): Redox OS, X11 and Wayland on the BSDs, AlmaLinux releases Pi build, Canonical announces RISC-V laptop with Ubuntu, key changes in systemd |
• Issue 1074 (2024-06-10): Endless OS 6.0.0, distros with init diversity, Mint to filter unverified Flatpaks, Debian adds systemd-boot options, Redox adopts COSMIC desktop, OpenSSH gains new security features |
• Issue 1073 (2024-06-03): LXQt 2.0.0, an overview of Linux desktop environments, Canonical partners with Milk-V, openSUSE introduces new features in Aeon Desktop, Fedora mirrors see rise in traffic, Wayland adds OpenBSD support |
• Issue 1072 (2024-05-27): Manjaro 24.0, comparing init software, OpenBSD ports Plasma 6, Arch community debates mirror requirements, ThinOS to upgrade its FreeBSD core |
• Issue 1071 (2024-05-20): Archcraft 2024.04.06, common command line mistakes, ReactOS imports WINE improvements, Haiku makes adjusting themes easier, NetBSD takes a stand against code generated by chatbots |
• Issue 1070 (2024-05-13): Damn Small Linux 2024, hiding kernel messages during boot, Red Hat offers AI edition, new web browser for UBports, Fedora Asahi Remix 40 released, Qubes extends support for version 4.1 |
• Issue 1069 (2024-05-06): Ubuntu 24.04, installing packages in alternative locations, systemd creates sudo alternative, Mint encourages XApps collaboration, FreeBSD publishes quarterly update |
• Issue 1068 (2024-04-29): Fedora 40, transforming one distro into another, Debian elects new Project Leader, Red Hat extends support cycle, Emmabuntus adds accessibility features, Canonical's new security features |
• Issue 1067 (2024-04-22): LocalSend for transferring files, detecting supported CPU architecure levels, new visual design for APT, Fedora and openSUSE working on reproducible builds, LXQt released, AlmaLinux re-adds hardware support |
• Issue 1066 (2024-04-15): Fun projects to do with the Raspberry Pi and PinePhone, installing new software on fixed-release distributions, improving GNOME Terminal performance, Mint testing new repository mirrors, Gentoo becomes a Software In the Public Interest project |
• Issue 1065 (2024-04-08): Dr.Parted Live 24.03, answering questions about the xz exploit, Linux Mint to ship HWE kernel, AlmaLinux patches flaw ahead of upstream Red Hat, Calculate changes release model |
• Issue 1064 (2024-04-01): NixOS 23.11, the status of Hurd, liblzma compromised upstream, FreeBSD Foundation focuses on improving wireless networking, Ubuntu Pro offers 12 years of support |
• Issue 1063 (2024-03-25): Redcore Linux 2401, how slowly can a rolling release update, Debian starts new Project Leader election, Red Hat creating new NVIDIA driver, Snap store hit with more malware |
• Issue 1062 (2024-03-18): KDE neon 20240304, changing file permissions, Canonical turns 20, Pop!_OS creates new software centre, openSUSE packages Plasma 6 |
• Issue 1061 (2024-03-11): Using a PinePhone as a workstation, restarting background services on a schedule, NixBSD ports Nix to FreeBSD, Fedora packaging COSMIC, postmarketOS to adopt systemd, Linux Mint replacing HexChat |
• Issue 1060 (2024-03-04): AV Linux MX-23.1, bootstrapping a network connection, key OpenBSD features, Qubes certifies new hardware, LXQt and Plasma migrate to Qt 6 |
• Issue 1059 (2024-02-26): Warp Terminal, navigating manual pages, malware found in the Snap store, Red Hat considering CPU requirement update, UBports organizes ongoing work |
• Issue 1058 (2024-02-19): Drauger OS 7.6, how much disk space to allocate, System76 prepares to launch COSMIC desktop, UBports changes its version scheme, TrueNAS to offer faster deduplication |
• Issue 1057 (2024-02-12): Adelie Linux 1.0 Beta, rolling release vs fixed for a smoother experience, Debian working on 2038 bug, elementary OS to split applications from base system updates, Fedora announces Atomic Desktops |
• Issue 1056 (2024-02-05): wattOS R13, the various write speeds of ISO writing tools, DSL returns, Mint faces Wayland challenges, HardenedBSD blocks foreign USB devices, Gentoo publishes new repository, Linux distros patch glibc flaw |
• Issue 1055 (2024-01-29): CNIX OS 231204, distributions patching packages the most, Gentoo team presents ongoing work, UBports introduces connectivity and battery improvements, interview with Haiku developer |
• Issue 1054 (2024-01-22): Solus 4.5, comparing dd and cp when writing ISO files, openSUSE plans new major Leap version, XeroLinux shutting down, HardenedBSD changes its build schedule |
• Issue 1053 (2024-01-15): Linux AI voice assistants, some distributions running hotter than others, UBports talks about coming changes, Qubes certifies StarBook laptops, Asahi Linux improves energy savings |
• Issue 1052 (2024-01-08): OpenMandriva Lx 5.0, keeping shell commands running when theterminal closes, Mint upgrades Edge kernel, Vanilla OS plans big changes, Canonical working to make Snap more cross-platform |
• Issue 1051 (2024-01-01): Favourite distros of 2023, reloading shell settings, Asahi Linux releases Fedora remix, Gentoo offers binary packages, openSUSE provides full disk encryption |
• Issue 1050 (2023-12-18): rlxos 2023.11, renaming files and opening terminal windows in specific directories, TrueNAS publishes ZFS fixes, Debian publishes delayed install media, Haiku polishes desktop experience |
• Issue 1049 (2023-12-11): Lernstick 12, alternatives to WINE, openSUSE updates its branding, Mint unveils new features, Lubuntu team plans for 24.04 |
• Issue 1048 (2023-12-04): openSUSE MicroOS, the transition from X11 to Wayland, Red Hat phasing out X11 packages, UBports making mobile development easier |
• Issue 1047 (2023-11-27): GhostBSD 23.10.1, Why Linux uses swap when memory is free, Ubuntu Budgie may benefit from Wayland work in Xfce, early issues with FreeBSD 14.0 |
• Issue 1046 (2023-11-20): Slackel 7.7 "Openbox", restricting CPU usage, Haiku improves font handling and software centre performance, Canonical launches MicroCloud |
• Issue 1045 (2023-11-13): Fedora 39, how to trust software packages, ReactOS booting with UEFI, elementary OS plans to default to Wayland, Mir gaining ability to split work across video cards |
• Issue 1044 (2023-11-06): Porteus 5.01, disabling IPv6, applications unique to a Linux distro, Linux merges bcachefs, OpenELA makes source packages available |
• Issue 1043 (2023-10-30): Murena Two with privacy switches, where old files go when packages are updated, UBports on Volla phones, Mint testing Cinnamon on Wayland, Peppermint releases ARM build |
• Issue 1042 (2023-10-23): Ubuntu Cinnamon compared with Linux Mint, extending battery life on Linux, Debian resumes /usr merge, Canonical publishes fixed install media |
• Issue 1041 (2023-10-16): FydeOS 17.0, Dr.Parted 23.09, changing UIDs, Fedora partners with Slimbook, GNOME phasing out X11 sessions, Ubuntu revokes 23.10 install media |
• Issue 1040 (2023-10-09): CROWZ 5.0, changing the location of default directories, Linux Mint updates its Edge edition, Murena crowdfunding new privacy phone, Debian publishes new install media |
• Issue 1039 (2023-10-02): Zenwalk Current, finding the duration of media files, Peppermint OS tries out new edition, COSMIC gains new features, Canonical reports on security incident in Snap store |
• Issue 1038 (2023-09-25): Mageia 9, trouble-shooting launchers, running desktop Linux in the cloud, New documentation for Nix, Linux phasing out ReiserFS, GNU celebrates 40 years |
• Issue 1037 (2023-09-18): Bodhi Linux 7.0.0, finding specific distros and unified package managemnt, Zevenet replaced by two new forks, openSUSE introduces Slowroll branch, Fedora considering dropping Plasma X11 session |
• Full list of all issues |
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
Random Distribution |
Ubuntu Budgie
Ubuntu Budgie (previously budgie-remix) is an Ubuntu-based distribution featuring the Budgie desktop, originally developed by the Solus project. Written from scratch and integrating tightly with the GNOME stack, Budgie focuses on simplicity and elegance, while also offering useful features, such as the Raven notification and customisation centre.
Status: Active
|
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
|