The Friday Distro
Posted by Randall Wood on Tuesday, November 22. 2016
For a few months in 2014, I had fun reviewing one Linux distro every Friday for
Pipedot.org, a tech site to which I was a regular contributor. Generally what I
would do is visit DistroWatch.org, choose a distro, download, install, and run
it in a virtual machine, and explore for a bit. Sounds unadventurous, but after
years of using the same Linux distros and FreeBSD regularly, it was a bump out
of my comfort zone to see what else was out there. It was also a spectacular
opportunity to explore some of the innovative approaches being pursued. Here
are some of my reviews, with links to the Pipedot original (where you'll find
the embedded links).
Can't believe a full year has gone by since I posted the Selokang article. 2016
has been something else.
GRML
Grml Linux is a bit of a unique distro whose vision and focus have shifted over
the past ten years. It represents the personalities of its developers, who
prefer the zshell, focus on sysadmin tasks (deployment, disk cloning, backup,
forensics, and rescuing borked systems). Lastly, one of the developers is
visually handicapped. Thus: grml focuses on scripting, tools managed from the
command prompt, and has chosen zsh as the basis for its innovations. Its
Distrowatch page is here.
These days grml is a live CD or USB-stick based on Debian. You're not supposed
to install it. It requires little more than 256MB of memory, and though it's
intended to be mostly a command line environment, they've packaged Fluxbox and
you can get there via startx. That's useful if you want to launch a browser to
read up on a issue, but most of your day you'll be sitting at the command
prompt in a zsh. Have a look at their zsh introduction page or their reference
card then to get a sense of the shortcuts, command aliases, and scripts that
help you administer your systems, or the dpkg package list showing installed
packages.
I find the package list to be limited, and to my knowledge, there are no tools
available that you can't find on other distros. But I find grml's advantage to
be that they love and have put a lot of energy into the zshell, and if you're
interested in the zsh this is a good place to see it showcased. It's also an
easy distro to carry around on a USB stick if you're a command prompt warrior
and want to quickly boot up to a useable command prompt from where you can do
other things. For example, you simply run the grml-network script from the
command prompt to discover, configure, and connect to a wireless network. And
of course it's based on Debian's excellent hardware recognition and
configuration system. This is a niche distro that won't appeal to everybody,
but odds are better than average you'll soon find yourself at the ZSH Reference
page looking into additional resources for using the amazing zshell (For
starters, try the 429 and dense page ZSH Manual and this 14 page zshell
reference card from the guys at bash2zsh. Have fun.
Trisquel/GNU
Ahoy there. Let's say you'll be wantin' a Linux distro that's been blessed by
his ownself the Grand Admiral of the GNU revolution, Richard Stallman. Arrr.
And supposin' you can't abide by the wretched bilge that's binary blobs
infectin' yer own GNU/Linux system, foisted upon ya by the likes of those lowly
bastards Adobe and NVidia, whose scurvy, un-transparent and despicable rot goes
against your very bein'. Well then, you'll be wantin' to make sure yer own good
ship Linux hoists the latest version of Trisquel GNU/Linux, and smartly at
that.
Off with ya then, to the grimy bastards at Distrowatch, with some right fine
background for ya. Trisquel hails from Spain, a piratin' and thievin' port of
call if ever there was one. Arrr. But they've chosen what's proper over what's
easy. Turn away if you've got an Nvidia graphics card, or if ya can't stand the
likes of a distro based on the latest Ubuntu. Trisquel is a fine lookin' ship
if ever I've laid my eyes on one, hoistin' aloft clean versions of LXDE, XFCE,
and KDE desktops, but believe you me when I tell ya they've been stripped bare
of any software that isn't cut from the purest, GPL cloth. I sailed that ship
in a virtual machine while hittin' no reefs, aaar, but I do reckon if your
hardware isn't the plainest of vanilla, you may find it chafes your britches
when you install 'er.
That said though, avast, she's a smart little distro, she sails a beaut, and
she's right easy on the eyes, if I do say so myself. As for the package
selection, aaar, when I'm at the tiller and the mainsail's drawin' wind, most
of the packages I use I found sittin' sweet as a lily in the repos. Your own
position at sea might be affected, though, if you find yerself needin'
something exotic.
I myself am as pure as the next Linux captain, who be supportin' the cause of
throwin' all those lily-livered binary blobs in the brig. But not if it means I
can't sail my ship. That's why you won't be findin' this pirate sailin'
Trisquel myself. But if ideological purity be yer cup-o-rum, well then,
aaaarrr: raise the plank on Trisquel, and may fine winds be at yer back. Drop
in at the Trisquel tavern where you can break yer jaw askin' yer questions, and
tell 'em Captain Zafiro17 sent ya, like the devil himmself. Aaaar haar haar har
har har.
Absolute Linux
AbsoluteLinux [screenshots] is different from most other niche distros because
it’s built on a Slackware base instead of Debian/Ubuntu, so I installed it in a
VM and have been giving it a test drive for a while. It’s the work of one man:
Paul Sherman, of Rochester, New York, who took his extensive customizations to
Slackware and began making them available to the public as a distro.
Absolute fits on a single CD, and focuses on being a lightweight OS optimized
for speed and designed to stay out of your way. It’s a desktop, with no
pretensions of being installed on a server. It uses the IceWM windowmanager, so
you get a fast, traditional desktop, task bar and tray with none of the
bulkiness of modern KDE or Gnome desktops, and a set of apps judged to be ‘best
of class’ as well as a couple of utilities he wrote himself (the volume control
is a stand-alone app that avoids having to install another package that
would’ve had other dependencies).
Because Absolute is based on Slackware you get all of Slackware’s simplicity,
stability, and dependability. But you also get Slackware’s thin package
selection and install mechanism. Absolute has its own repo, and you can add
Slackware’s repository too [file list is here], as Absolute is 100% compatible
with Slackware. But you will soon find yourself over at www.slackbuilds.org
looking for 3rd party packages. You also have to manage your own dependencies -
a good thing if you want to avoid finding out that a simple app brought all the
underlying base packages with it, but a bad thing if you prefer the ease of
simple apt-getting your way to the desktop you like. That said, you can use
gslapt-get, which comes preinstalled, and takes some of the hassle out of
package management.
That said, I like it. It boots quickly, and I do appreciate Slackware’s
simplicity and straight-forwardness. By installing Absolute instead of straight
Slackware you get a graphical, lightweight desktop by default. I think I prefer
FreeBSD’s ports system or Debian’s apt-get for installing software, and it’s
true Slack - and therefore Absolute - aren't for just anybody. But if you’re
looking for a refreshing change from the quotidian, Absolute Linux is pretty
enjoyable. And above all, it's a reminder that the most interesting things
don't come out of corporations trying to be everything to everybody, they come
out of willful and skilled hackers that focus on doing one thing and doing it
well - much like the Unix tradition itself.
Kali
In the Hindu pantheon, Kali represents death and change, the dispelling of evil
and the devouring of the unwanted. She is forbidden, and even death itself, but
therefore also an element of salvation. In the Linux world, she is like opening
a can of whoop-ass on your server.
Kali Linux (appropriately named, if I may say so) is a Linux distro focused on
penetration and exploit testing, and therefore the element of change that will
get you to shore up all those gaping configuration gaps in your systems: it's
perhaps your salvation! But enough metaphors. Practically, Kali Linux installs
on a DVD or pendrive, and contains dozens and dozens of specialized penetration
testing tools to test your system. It's developed by the folks at Offensive
Security, and grew out of the well-acclaimed Backtrack Linux, which had the
same focus.
It's based on Debian rather than Ubuntu so you get a dated version of the Gnome
2 desktop, but who cares? It's not really a desktop, just a platform for
launching tools. Over three hundred of them, from information gathering to
vulnerability analysis, password attacks, wireless attacks, spoofing, stress
testing, reverse engineering, hardware hacking, forensics, and more. As
mentioned, you can run it from a DVD, pendrive, or even remote-boot from PXE or
install to Amazon cloud. To make it as useful as possible they support ARM
aggressively including ARMEL and ARMHF (and of course Raspberry Pi and
cousins), plus as many different wifi devices as humanly possible.
They're innovating, too, producing opensource products like the ISO of Doom
(hardware backdoor), custom images, the Evil Wireless Access Point, and more.
Fun stuff if you want to ensure your system is as safe as possible; scary stuff
if you don't want to bother. Kali's Distrowatch page has more information
including a link to their excellent documentation (the best place to start if
you want to know what else Kali does), but ZDNet has a good review and
LinuxBSDOS has another cursory review with some decent screenshots.
PC-BSD (now "True OS")
These two XKCD comics about installing FreeBSD are increasingly out of date
(but just as funny). But getting FreeBSD on your system has gotten easier than
ever, and PC-BSD is a big part of that. Started as a hobby by FreeBSD
enthusiast Kris Moore1 in 2005, PC-BSD's goal was just to make a pleasant,
well-constructed desktop with a good installer on top of a FreeBSD system. They
succeeded so wildly that not only did FreeBSD system provider iXsystems decide
to buy them, but rival project Desktop-BSD essentially gave up the ghost
(they're back now, and thinking about striking off in a new direction.
What's PC-BSD? It's not a "distro" in the Linux sense. It's FreeBSD with a
better installer, configured to build you a desktop, not a server (although you
can do that too). It's a project that makes it easier to use FreeBSD's systems
and architecture to create a great desktop experience. Put in the installer
disk, pour yourself a coffee, and twenty minutes later you are at a KDE4
desktop and online. But PC-BSD pioneered another technology that makes it easy
to use: the PBI installer packages. PBIs ("push button installer") are
essentially the equivalent of Mac OSX Applications, which install into a
top-level "Applications" directory and include within all the relevant
libraries. That makes them bigger than your typical Unix package installs, but
you can also delete, upgrade, or install them without touching any other part
of your system, which is useful. Because iXsystems also bought the FreeNAS
project, FreeNAS installs now benefit from the technology too: with a single
click, FreeNAS will create a FreeBSD jail and install a PBI into it, giving you
compartmentalised functionality on your NAS (the Plex media server is one of
them, for example).
Why would a Linux user bother with something like PC-BSD? The old adage, "Linux
is for those who hate Microsoft; BSD is for those who love Unix" is probably
appropriate. But because PC-BSD is FreeBSD, you get all of the benefits of
FreeBSD too: fantastic documentation, and system components that were all
designed, managed, packaged, and tested together. You also get FreeBSD's quirks
and hardware compatibility challenges too (the installer never noticed my USB
wifi, for example) but if you can get past the hardware issues, you are sitting
at a tight, well-designed system that is pretty easy to tinker with and pretty
hard to mess up. obviously, if you manage a FreeBSD server, this makes it easy
to test things off your production system, too.
More about PC-BSD at their webpage, and at distrowatch.org. I also wrote about
my first impressions with PC-BSD in 2006 here. 1Kris Moore is the guy behind
the BSDNow podcast, too.
LinuxBBQ
Some say, "Linux should reduce complexity by standardizing on a specific subset
of tools, packages, and desktop environments." To that, the guys at LinuxBBQ
respond, "Sorry, can't hear you, too busy having fun!" LinuxBBQ is a riot of
diversity, but not complexity, and guarantees you can have not just the
workspace you want but that it will be your very own.
Check out their website, "Get Roasted!", where they boast an environment of 100
different specific editions (micro-editions, really, in my opinion) and an
unprecedented choice of 70 different window managers. The haters might say,
"Too many!" I say, "Sounds like fun." Turns out, at the base, LinuxBBQ isn't
that complicated: it used to be based on Debian Sid, but now starts with Ubuntu
13.10, and has integrated some scripts, kernels, and tools from the guys at
GRML, Siduction, and Linux Mint. Then they add in the window managers. Offhand,
I can only name about 13, so these guys have dug deep: everything from KDE to
Razor-QT, WMii, Monsterwm, Herbstluftwm, xmonad, nullwm, oroborus, tmux,
spectrwm, and another 30 beyond what's on their wiki page.
Then they break it up into editions. Here's where you can tell these guys are
just hackers having fun, and they're well removed from the starchiness of some
of the big, 'classic' distros, who have to look over their shoulders at their
lawyers and worry about being politically correct. Check out just a sample of
what they produce:
RMS: (No X, compiled for 486 with a full emacs Psychedelic shitstorm: based on
windowlab gangbang: 53 window managers on a live CD neckbeard: ratpoison and
emacs cameltoe: based on the jwm window manager There's more, and yes you could
probably get most of these packages on another distro with some effort, but you
know when you can download the "clit", "noob-killah", or "pringles" editions,
you are fully in the realm of hackers having fun. So, where to begin? Start
with Cream, their June 2014 release, including netsurf and firefox as browsers,
mc, ranger, and pcmanfm as file managers, and cmus for listening to music. Or
as they say, "Follow that crap on G+" where you can see a screenshot or two.
Finally, here's their own introduction to the distro, and I think it reveals
their philosophy very well:
Why is LinuxBBQ not recommended for me?
We do not say that LinuxBBQ is the best distro under the sun - quite the
opposite. It will most probably not fit the average users needs. There are
many, many reasons not to come to BBQ-Land. 1) LinuxBBQ is more or less default
Debian Unstable 2) You will probably not have "plug-and-play" out of the box,
for example your printer needs to be set up via CUPS (and CUPS is also not
pre-installed) - in our opinion not everybody needs to have all services and
daemons ticking in the background. If you need additional services, you will
have to set them up by yourself. Of course the BBQ staff is happy to help you.
But think twice if you want to get your hands *greasy*. 3) You have to edit
configuration files to make things look like you want them and you will need to
spend countless hours customizing the look & feel. Believe us, you will
probably want to go back to the "fast-food" distros, and enjoy the defaults
there. 4) The BBQ philosophy is: provide the meat, let the user season. So, you
will have to download your favourite applications. They are partly coming from
experimental sources and carry much higher version numbers than what you find
in Debian Stable. If you don't want to run the newest GIMP, Inkscape, Iceweasel
browser or WINE, look somewhere else. Securepoint Security Solutions
Securepoint Security Solutions, a firewall and VPN distro that offers a
full-featured suite of firewall tools designed for enterprisewide deployment.
Not only can it protect an internal network from outside attacks, it also helps
segregate parts of your internal network and define custom protection rules for
each. Securepoint lets you create and manage VPN tunnels for remote users and
define traffic filters, reports, and alerts for your entire network.
Securepoint Freeware is a very secure and free firewall solution for protecting
your Internet gateway. Securepoint can as well be used with existing firewalls
and to protect interconnected locations or divisions.
These days a lot of distros are built off of Debian or Ubuntu. This isn't one
of them. In fact it appears the distro is simply the software side of a
hardware solution they sell at http://www.securepoint.cc/ along with VPN
clients, email archiving storage, and other products aimed for the modern
corporation or enterprise.
I've tried building a system like this myself though and realized it's not
easy. If they are making it easier to build and manage segregated networks they
are probably going to find a ready market interested in this software.
KaOS
This Friday's distro is KaOS Linux, and the K stands for KDE. But this isn't
just a "lean KDE distro," as is their motto: the focus is quite a bit better
defined even than that:
The idea behind KaOS is to create a tightly integrated rolling and transparent
distribution for the modern desktop, built from scratch with a very specific
focus. Focus on one DE (KDE), one toolkit (Qt), one architecture (x86_64) plus
a focus on evaluating and selecting the most suitable tools and applications.
... It targets users who have tried many Operating
Systems/Distributions/Desktop Environments and have found they prefer a
Distribution that uses all its available resources to work on one DE to make
that the best it can be, and know that after their searches, the best for them
is KDE. The KaOS Linux website was my first reference point for familiarizing
myself with this distro, but we're lucky in that it's recently gotten quite a
bit of press, too. ZDNet looked at it and called it "solid and focused: The
reviewer wasn't thrilled with the installer but found it a reasonable package
selections (that even transcends the "QT only" philosophy by also providing
LibreOffice and GIMP). And HecticGeek also gave it a spin, though the site was
down as I write this.
For me, the killer decision point is really the choice of the Calligra office
suite as primary productivity suite. And the fact that LibreOffice is in the
repos tells me that it is still not totally baked as an office suite; too bad
because I've always rooted for what was once called Koffice and would love to
see it blossom, though it always seems to let me down: font kerning was still a
mess the last time I tried it in 2012.
Anyway, the folks behind KaOS admit this distro isn't going to be for everyone.
But for people that have tried the other options and decided on KDE, this is a
distro that promises you that all its effort has gone into ensuring this
KDE-centric distro gives you a great experience. I'm looking forward to giving
it a whirl.
Alpine Linux
This week's Friday distro is Alpine Linux, a surprisingly interesting distro
specialized for Routers, VPNs, VOIP service, and firewalls that takes an
aggressive, proactive approach to security. It's therefore minimalist, so you
can install it on a router, and includes the absolute minimum (no Perl, for
example). It began life as a branch of the LEAF project, which wanted a
router/vpn system that could be booted from a floppy disk and run from memory:
the Alpine hackers decided that config was a bit too minimal and chose instead
a slightly larger package set that also provided squid, samba, dansguardian,
and some other heavier applications. I thought for sure I'd learn it was
developed by a bunch of Swiss or Austrian hackers, but no: it simply stands for
"A Linux Powered Integrated Network Engine." Distrowatch reports it comes
originally from Norway.
Most interesting of all, Alpine incorporates two security enhancements I
haven't yet found on any other distro: PaX and Buffer Overflow Protection
(Stack Smashing Protection). PaX is a Linux kernel patch that implements least
privilege protection for memory pages. It flags data memory as non-executable,
program memory as non-writable and randomly arranges the program memory.
Inclusion of these two systems kept Alpine Linux protected from the vmsplice
0-day Linux kernel vulnerability: even though the attack would crash the OS,
there would be no system compromise.
If you're interested in trying it, it's easy: you can run it from a USB stick,
back up your config to a single file, and its simple package management and
init systems make it possible to be up and running in under 10 minutes.
GALPon MiniNo
I got the idea when writing up that article about Distrowatch: they cover so
many distros and so many of them are so obscure; I decided to check some of
them out. Conveniently - as though they're tempting me - there's a "Random
Distribution" button on the front page of Distrowatch, which makes it easy.
Every Friday I propose a roll of the dice, and a quick look at some distro
you've probably never heard of. I'll try to give equal coverage to the BSDs
too.
If this is annoying or not interesting to you, quick! Flame me to a cinder in
the comments. Otherwise, enjoy what will hopefully be a weekly feature that
will lead to interesting commentary and comparison. I'll be skipping the big
guys (RedHat, openSUSE, Ubuntu, etc.) since the purpose is to give some
exposure to the obscure/niche stuff. These aren't reviews since I don't have
time to install and try each one.
Today's distro is GALPon MiniNo, which gets my vote for the "least memorable
name for a distro, ever." But it can be explained: GALPon is the Linux User's
Group of Pontevedra, Spain, in the region of Galicia. And they're actively
working to get Linux in schools, especially where equipment is old or
low-powered and often recycled. No surprise then that GALPon MiniNo emphasizes
low system requirements: it installs on machines with 128M of RAM and 4GB hard
drives, and uses IceWM or Openbox, RoxFiler, and the like to stay light. It
also supports Galician and Catalan - regional languages of Spain - out of the
box. Looks like it will install nicely on a netbook or liveCD.
I'm a big fan of lightweight distros to counter the otherwise endless bloat of
the big guns. I might have to try this one out and give Puppy a run for its
money. Read more (in Spanish) at their homepage, their help and documentation
(also Spanish/Galician), or their Google group forum.