For a few months in 2014, I had fun reviewing one Linux distro every Friday for Pipedot.org, a tech site to which I was a regular contributor. Generally what I would do is visit DistroWatch.org, choose a distro, download, install, and run it in a virtual machine, and explore for a bit. Sounds unadventurous, but after years of using the same Linux distros and FreeBSD regularly, it was a bump out of my comfort zone to see what else was out there. It was also a spectacular opportunity to explore some of the innovative approaches being pursued. Here are some of my reviews, with links to the Pipedot original (where you'll find the embedded links).
Can't believe a full year has gone by since I posted the Selokang article. 2016 has been something else.
Grml Linux is a bit of a unique distro whose vision and focus have shifted over the past ten years. It represents the personalities of its developers, who prefer the zshell, focus on sysadmin tasks (deployment, disk cloning, backup, forensics, and rescuing borked systems). Lastly, one of the developers is visually handicapped. Thus: grml focuses on scripting, tools managed from the command prompt, and has chosen zsh as the basis for its innovations. Its Distrowatch page is here.
These days grml is a live CD or USB-stick based on Debian. You're not supposed to install it. It requires little more than 256MB of memory, and though it's intended to be mostly a command line environment, they've packaged Fluxbox and you can get there via startx. That's useful if you want to launch a browser to read up on a issue, but most of your day you'll be sitting at the command prompt in a zsh. Have a look at their zsh introduction page or their reference card then to get a sense of the shortcuts, command aliases, and scripts that help you administer your systems, or the dpkg package list showing installed packages.
I find the package list to be limited, and to my knowledge, there are no tools available that you can't find on other distros. But I find grml's advantage to be that they love and have put a lot of energy into the zshell, and if you're interested in the zsh this is a good place to see it showcased. It's also an easy distro to carry around on a USB stick if you're a command prompt warrior and want to quickly boot up to a useable command prompt from where you can do other things. For example, you simply run the grml-network script from the command prompt to discover, configure, and connect to a wireless network. And of course it's based on Debian's excellent hardware recognition and configuration system. This is a niche distro that won't appeal to everybody, but odds are better than average you'll soon find yourself at the ZSH Reference page looking into additional resources for using the amazing zshell (For starters, try the 429 and dense page ZSH Manual and this 14 page zshell reference card from the guys at bash2zsh. Have fun.
Ahoy there. Let's say you'll be wantin' a Linux distro that's been blessed by his ownself the Grand Admiral of the GNU revolution, Richard Stallman. Arrr. And supposin' you can't abide by the wretched bilge that's binary blobs infectin' yer own GNU/Linux system, foisted upon ya by the likes of those lowly bastards Adobe and NVidia, whose scurvy, un-transparent and despicable rot goes against your very bein'. Well then, you'll be wantin' to make sure yer own good ship Linux hoists the latest version of Trisquel GNU/Linux, and smartly at that.
Off with ya then, to the grimy bastards at Distrowatch, with some right fine background for ya. Trisquel hails from Spain, a piratin' and thievin' port of call if ever there was one. Arrr. But they've chosen what's proper over what's easy. Turn away if you've got an Nvidia graphics card, or if ya can't stand the likes of a distro based on the latest Ubuntu. Trisquel is a fine lookin' ship if ever I've laid my eyes on one, hoistin' aloft clean versions of LXDE, XFCE, and KDE desktops, but believe you me when I tell ya they've been stripped bare of any software that isn't cut from the purest, GPL cloth. I sailed that ship in a virtual machine while hittin' no reefs, aaar, but I do reckon if your hardware isn't the plainest of vanilla, you may find it chafes your britches when you install 'er.
That said though, avast, she's a smart little distro, she sails a beaut, and she's right easy on the eyes, if I do say so myself. As for the package selection, aaar, when I'm at the tiller and the mainsail's drawin' wind, most of the packages I use I found sittin' sweet as a lily in the repos. Your own position at sea might be affected, though, if you find yerself needin' something exotic.
I myself am as pure as the next Linux captain, who be supportin' the cause of throwin' all those lily-livered binary blobs in the brig. But not if it means I can't sail my ship. That's why you won't be findin' this pirate sailin' Trisquel myself. But if ideological purity be yer cup-o-rum, well then, aaaarrr: raise the plank on Trisquel, and may fine winds be at yer back. Drop in at the Trisquel tavern where you can break yer jaw askin' yer questions, and tell 'em Captain Zafiro17 sent ya, like the devil himmself. Aaaar haar haar har har har.
AbsoluteLinux [screenshots] is different from most other niche distros because it’s built on a Slackware base instead of Debian/Ubuntu, so I installed it in a VM and have been giving it a test drive for a while. It’s the work of one man: Paul Sherman, of Rochester, New York, who took his extensive customizations to Slackware and began making them available to the public as a distro.
Absolute fits on a single CD, and focuses on being a lightweight OS optimized for speed and designed to stay out of your way. It’s a desktop, with no pretensions of being installed on a server. It uses the IceWM windowmanager, so you get a fast, traditional desktop, task bar and tray with none of the bulkiness of modern KDE or Gnome desktops, and a set of apps judged to be ‘best of class’ as well as a couple of utilities he wrote himself (the volume control is a stand-alone app that avoids having to install another package that would’ve had other dependencies).
Because Absolute is based on Slackware you get all of Slackware’s simplicity, stability, and dependability. But you also get Slackware’s thin package selection and install mechanism. Absolute has its own repo, and you can add Slackware’s repository too [file list is here], as Absolute is 100% compatible with Slackware. But you will soon find yourself over at www.slackbuilds.org looking for 3rd party packages. You also have to manage your own dependencies - a good thing if you want to avoid finding out that a simple app brought all the underlying base packages with it, but a bad thing if you prefer the ease of simple apt-getting your way to the desktop you like. That said, you can use gslapt-get, which comes preinstalled, and takes some of the hassle out of package management.
That said, I like it. It boots quickly, and I do appreciate Slackware’s simplicity and straight-forwardness. By installing Absolute instead of straight Slackware you get a graphical, lightweight desktop by default. I think I prefer FreeBSD’s ports system or Debian’s apt-get for installing software, and it’s true Slack - and therefore Absolute - aren't for just anybody. But if you’re looking for a refreshing change from the quotidian, Absolute Linux is pretty enjoyable. And above all, it's a reminder that the most interesting things don't come out of corporations trying to be everything to everybody, they come out of willful and skilled hackers that focus on doing one thing and doing it well - much like the Unix tradition itself.
In the Hindu pantheon, Kali represents death and change, the dispelling of evil and the devouring of the unwanted. She is forbidden, and even death itself, but therefore also an element of salvation. In the Linux world, she is like opening a can of whoop-ass on your server.
Kali Linux (appropriately named, if I may say so) is a Linux distro focused on penetration and exploit testing, and therefore the element of change that will get you to shore up all those gaping configuration gaps in your systems: it's perhaps your salvation! But enough metaphors. Practically, Kali Linux installs on a DVD or pendrive, and contains dozens and dozens of specialized penetration testing tools to test your system. It's developed by the folks at Offensive Security, and grew out of the well-acclaimed Backtrack Linux, which had the same focus.
It's based on Debian rather than Ubuntu so you get a dated version of the Gnome 2 desktop, but who cares? It's not really a desktop, just a platform for launching tools. Over three hundred of them, from information gathering to vulnerability analysis, password attacks, wireless attacks, spoofing, stress testing, reverse engineering, hardware hacking, forensics, and more. As mentioned, you can run it from a DVD, pendrive, or even remote-boot from PXE or install to Amazon cloud. To make it as useful as possible they support ARM aggressively including ARMEL and ARMHF (and of course Raspberry Pi and cousins), plus as many different wifi devices as humanly possible.
They're innovating, too, producing opensource products like the ISO of Doom (hardware backdoor), custom images, the Evil Wireless Access Point, and more.
Fun stuff if you want to ensure your system is as safe as possible; scary stuff if you don't want to bother. Kali's Distrowatch page has more information including a link to their excellent documentation (the best place to start if you want to know what else Kali does), but ZDNet has a good review and LinuxBSDOS has another cursory review with some decent screenshots.
PC-BSD (now "True OS")
These two XKCD comics about installing FreeBSD are increasingly out of date (but just as funny). But getting FreeBSD on your system has gotten easier than ever, and PC-BSD is a big part of that. Started as a hobby by FreeBSD enthusiast Kris Moore1 in 2005, PC-BSD's goal was just to make a pleasant, well-constructed desktop with a good installer on top of a FreeBSD system. They succeeded so wildly that not only did FreeBSD system provider iXsystems decide to buy them, but rival project Desktop-BSD essentially gave up the ghost (they're back now, and thinking about striking off in a new direction.
What's PC-BSD? It's not a "distro" in the Linux sense. It's FreeBSD with a better installer, configured to build you a desktop, not a server (although you can do that too). It's a project that makes it easier to use FreeBSD's systems and architecture to create a great desktop experience. Put in the installer disk, pour yourself a coffee, and twenty minutes later you are at a KDE4 desktop and online. But PC-BSD pioneered another technology that makes it easy to use: the PBI installer packages. PBIs ("push button installer") are essentially the equivalent of Mac OSX Applications, which install into a top-level "Applications" directory and include within all the relevant libraries. That makes them bigger than your typical Unix package installs, but you can also delete, upgrade, or install them without touching any other part of your system, which is useful. Because iXsystems also bought the FreeNAS project, FreeNAS installs now benefit from the technology too: with a single click, FreeNAS will create a FreeBSD jail and install a PBI into it, giving you compartmentalised functionality on your NAS (the Plex media server is one of them, for example).
Why would a Linux user bother with something like PC-BSD? The old adage, "Linux is for those who hate Microsoft; BSD is for those who love Unix" is probably appropriate. But because PC-BSD is FreeBSD, you get all of the benefits of FreeBSD too: fantastic documentation, and system components that were all designed, managed, packaged, and tested together. You also get FreeBSD's quirks and hardware compatibility challenges too (the installer never noticed my USB wifi, for example) but if you can get past the hardware issues, you are sitting at a tight, well-designed system that is pretty easy to tinker with and pretty hard to mess up. obviously, if you manage a FreeBSD server, this makes it easy to test things off your production system, too.
More about PC-BSD at their webpage, and at distrowatch.org. I also wrote about my first impressions with PC-BSD in 2006 here. 1Kris Moore is the guy behind the BSDNow podcast, too.
Some say, "Linux should reduce complexity by standardizing on a specific subset of tools, packages, and desktop environments." To that, the guys at LinuxBBQ respond, "Sorry, can't hear you, too busy having fun!" LinuxBBQ is a riot of diversity, but not complexity, and guarantees you can have not just the workspace you want but that it will be your very own.
Check out their website, "Get Roasted!", where they boast an environment of 100 different specific editions (micro-editions, really, in my opinion) and an unprecedented choice of 70 different window managers. The haters might say, "Too many!" I say, "Sounds like fun." Turns out, at the base, LinuxBBQ isn't that complicated: it used to be based on Debian Sid, but now starts with Ubuntu 13.10, and has integrated some scripts, kernels, and tools from the guys at GRML, Siduction, and Linux Mint. Then they add in the window managers. Offhand, I can only name about 13, so these guys have dug deep: everything from KDE to Razor-QT, WMii, Monsterwm, Herbstluftwm, xmonad, nullwm, oroborus, tmux, spectrwm, and another 30 beyond what's on their wiki page.
Then they break it up into editions. Here's where you can tell these guys are just hackers having fun, and they're well removed from the starchiness of some of the big, 'classic' distros, who have to look over their shoulders at their lawyers and worry about being politically correct. Check out just a sample of what they produce:
- RMS: (No X, compiled for 486 with a full emacs
- Psychedelic shitstorm: based on windowlab
- gangbang: 53 window managers on a live CD
- neckbeard: ratpoison and emacs
- cameltoe: based on the jwm window manager
There's more, and yes you could probably get most of these packages on another distro with some effort, but you know when you can download the "clit", "noob-killah", or "pringles" editions, you are fully in the realm of hackers having fun. So, where to begin? Start with Cream, their June 2014 release, including netsurf and firefox as browsers, mc, ranger, and pcmanfm as file managers, and cmus for listening to music. Or as they say, "Follow that crap on G+" where you can see a screenshot or two. Finally, here's their own introduction to the distro, and I think it reveals their philosophy very well:
Why is LinuxBBQ not recommended for me?
We do not say that LinuxBBQ is the best distro under the sun - quite the opposite. It will most probably not fit the average users needs. There are many, many reasons not to come to BBQ-Land. 1) LinuxBBQ is more or less default Debian Unstable 2) You will probably not have "plug-and-play" out of the box, for example your printer needs to be set up via CUPS (and CUPS is also not pre-installed) - in our opinion not everybody needs to have all services and daemons ticking in the background. If you need additional services, you will have to set them up by yourself. Of course the BBQ staff is happy to help you. But think twice if you want to get your hands *greasy*. 3) You have to edit configuration files to make things look like you want them and you will need to spend countless hours customizing the look & feel. Believe us, you will probably want to go back to the "fast-food" distros, and enjoy the defaults there. 4) The BBQ philosophy is: provide the meat, let the user season. So, you will have to download your favourite applications. They are partly coming from experimental sources and carry much higher version numbers than what you find in Debian Stable. If you don't want to run the newest GIMP, Inkscape, Iceweasel browser or WINE, look somewhere else.
Securepoint Security Solutions, a firewall and VPN distro that offers a full-featured suite of firewall tools designed for enterprisewide deployment. Not only can it protect an internal network from outside attacks, it also helps segregate parts of your internal network and define custom protection rules for each. Securepoint lets you create and manage VPN tunnels for remote users and define traffic filters, reports, and alerts for your entire network. Securepoint Freeware is a very secure and free firewall solution for protecting your Internet gateway. Securepoint can as well be used with existing firewalls and to protect interconnected locations or divisions.
These days a lot of distros are built off of Debian or Ubuntu. This isn't one of them. In fact it appears the distro is simply the software side of a hardware solution they sell at http://www.securepoint.cc/ along with VPN clients, email archiving storage, and other products aimed for the modern corporation or enterprise.
I've tried building a system like this myself though and realized it's not easy. If they are making it easier to build and manage segregated networks they are probably going to find a ready market interested in this software.
This Friday's distro is KaOS Linux, and the K stands for KDE. But this isn't just a "lean KDE distro," as is their motto: the focus is quite a bit better defined even than that:
The idea behind KaOS is to create a tightly integrated rolling and transparent distribution for the modern desktop, built from scratch with a very specific focus. Focus on one DE (KDE), one toolkit (Qt), one architecture (x86_64) plus a focus on evaluating and selecting the most suitable tools and applications. ... It targets users who have tried many Operating Systems/Distributions/Desktop Environments and have found they prefer a Distribution that uses all its available resources to work on one DE to make that the best it can be, and know that after their searches, the best for them is KDE.
The KaOS Linux website was my first reference point for familiarizing myself with this distro, but we're lucky in that it's recently gotten quite a bit of press, too. ZDNet looked at it and called it "solid and focused: The reviewer wasn't thrilled with the installer but found it a reasonable package selections (that even transcends the "QT only" philosophy by also providing LibreOffice and GIMP). And HecticGeek also gave it a spin, though the site was down as I write this.
For me, the killer decision point is really the choice of the Calligra office suite as primary productivity suite. And the fact that LibreOffice is in the repos tells me that it is still not totally baked as an office suite; too bad because I've always rooted for what was once called Koffice and would love to see it blossom, though it always seems to let me down: font kerning was still a mess the last time I tried it in 2012.
Anyway, the folks behind KaOS admit this distro isn't going to be for everyone. But for people that have tried the other options and decided on KDE, this is a distro that promises you that all its effort has gone into ensuring this KDE-centric distro gives you a great experience. I'm looking forward to giving it a whirl.
This week's Friday distro is Alpine Linux, a surprisingly interesting distro specialized for Routers, VPNs, VOIP service, and firewalls that takes an aggressive, proactive approach to security. It's therefore minimalist, so you can install it on a router, and includes the absolute minimum (no Perl, for example). It began life as a branch of the LEAF project, which wanted a router/vpn system that could be booted from a floppy disk and run from memory: the Alpine hackers decided that config was a bit too minimal and chose instead a slightly larger package set that also provided squid, samba, dansguardian, and some other heavier applications. I thought for sure I'd learn it was developed by a bunch of Swiss or Austrian hackers, but no: it simply stands for "A Linux Powered Integrated Network Engine." Distrowatch reports it comes originally from Norway.
Most interesting of all, Alpine incorporates two security enhancements I haven't yet found on any other distro: PaX and Buffer Overflow Protection (Stack Smashing Protection). PaX is a Linux kernel patch that implements least privilege protection for memory pages. It flags data memory as non-executable, program memory as non-writable and randomly arranges the program memory. Inclusion of these two systems kept Alpine Linux protected from the vmsplice 0-day Linux kernel vulnerability: even though the attack would crash the OS, there would be no system compromise.
If you're interested in trying it, it's easy: you can run it from a USB stick, back up your config to a single file, and its simple package management and init systems make it possible to be up and running in under 10 minutes.
I got the idea when writing up that article about Distrowatch: they cover so many distros and so many of them are so obscure; I decided to check some of them out. Conveniently - as though they're tempting me - there's a "Random Distribution" button on the front page of Distrowatch, which makes it easy. Every Friday I propose a roll of the dice, and a quick look at some distro you've probably never heard of. I'll try to give equal coverage to the BSDs too.
If this is annoying or not interesting to you, quick! Flame me to a cinder in the comments. Otherwise, enjoy what will hopefully be a weekly feature that will lead to interesting commentary and comparison. I'll be skipping the big guys (RedHat, openSUSE, Ubuntu, etc.) since the purpose is to give some exposure to the obscure/niche stuff. These aren't reviews since I don't have time to install and try each one.
Today's distro is GALPon MiniNo, which gets my vote for the "least memorable name for a distro, ever." But it can be explained: GALPon is the Linux User's Group of Pontevedra, Spain, in the region of Galicia. And they're actively working to get Linux in schools, especially where equipment is old or low-powered and often recycled. No surprise then that GALPon MiniNo emphasizes low system requirements: it installs on machines with 128M of RAM and 4GB hard drives, and uses IceWM or Openbox, RoxFiler, and the like to stay light. It also supports Galician and Catalan - regional languages of Spain - out of the box. Looks like it will install nicely on a netbook or liveCD.
I'm a big fan of lightweight distros to counter the otherwise endless bloat of the big guns. I might have to try this one out and give Puppy a run for its money. Read more (in Spanish) at their homepage, their help and documentation (also Spanish/Galician), or their Google group forum.
The author does not allow comments to this entry