| DistroWatch Weekly
|DistroWatch Weekly, Issue 545, 10 February 2014
Welcome to this year's 6th issue of DistroWatch Weekly! Linux distributions usually get most of the attention in the open-source community, dominating the news. This week we turn the spotlight on FreeBSD, a popular server operating system that is introducing some important changes. Read this week's feature review to get the details behind FreeBSD's latest release. Also on the topic of servers, we talk this week about the challenge of finding a secure server platform that is easy to administer. Ubuntu is back in the news as the development team discusses whether to replace the distribution's default file manager and, in a surprising move, NVIDIA offers open-source code to the Nouveau project. We also talk about Xubuntu as the development team puts the project's artwork for their next release on-line for the community to see. Debian was in the news too this week as the project voted as to which init system to use for the next stable release of Debian GNU/Linux. Other topics covered in this issue include roadmap and feature list of the upcoming Bodhi Linux 3.0, opinion on the never-ending issue of the stability of Arch Linux, and introduction of ReactOS, a rather impressive open-source clone of the Microsoft Windows NT operating system. We wish you all a terrific week and happy reading!
Listen to the Podcast edition of this week's DistroWatch Weekly in OGG (28MB) and MP3 (45MB) formats
|Feature Story (by Jesse Smith)
First impressions of FreeBSD 10.0
The BSD family of operating systems is typically reputed to be conservative, stable and dependable. FreeBSD typically embodies these characteristics quite well, showcasing reliability and offering few surprises. That being said, the latest release of FreeBSD, version 10.0, introduced a few important changes which I felt deserved a look. Some of the new features shipping with FreeBSD 10.0 included support for ZFS on the root file system, TRIM and LZ4 compression support for ZFS, virtualization improvements and a new package manager. The latest version also swaps out the venerable GNU compiler for the Clang compiler on supported architectures. The 10.0 release is available for several architectures, including x86, Power PC and Sparc. I was interested in the x86 releases which can be downloaded in 32-bit or 64-bit builds. We can further narrow our selection by downloading either a CD-sized ISO or a 2.2 GB ISO image. I opted to try the larger image for my trial.
Installation and first boot
Booting from the installation media brings us to a text menu where we are asked if we would like to drop to a command line shell, launch a (text console) live environment or begin the installation process. The FreeBSD system installer is mostly a series of text menus with an occasional trip to a command line interface. Most steps in the process have sane defaults and users can generally just proceed to the next screen when in doubt of the proper configuration. The first screen asks us to confirm our computer's keyboard layout and then we are asked to provide a hostname for our computer. We are then asked which packages (documentation, games, ports and/or system source code) we would like to install. We are then given four partitioning options -- guided, an automated ZFS layout, manual using the installer or manual using command line utilities. I opted to take the automated ZFS configuration. With ZFS we can select which disk to use, optionally change the name of our data storage pool, set the size of our swap space, change disk layouts (GPT or MBR) and choose whether to enable encryption.
For the most part I tried to stick with the default settings. Some users may be interested to know that FreeBSD's installer supports RAID and mirroring for people with multiple disk drives. The following installer screens walk us through setting a password on the administrator's account, selecting our time zone from a list and configuring the network. We can also choose which system services to run, including secure shell, network time synchronization, kernel crash dumps and a dynamic CPU frequency daemon. At the end of the process we can choose to add user accounts to the system and we are given the chance to go back and change the settings we have selected. I was pretty happy with the latest iteration of the FreeBSD system installer. It worked well, offered good defaults and it completed so quickly I honestly wondered whether all the required files had been copied to my local drive or if an error had occurred -- that may be a first.
Once FreeBSD was installed I restarted the machine. FreeBSD booted in under a minute and dropped me at a text console with a login prompt. Signing into FreeBSD we are greeted by a welcoming message letting us know where we can find the project's documentation and security advisories. The system starts out using very few resources, around 10 MB of RAM and (depending on our choices at install time) around 1 GB of hard drive space. Looking around the system I found common UNIX utilities were available along with manual pages. The Clang compiler was available and the OpenSSH secure shell was running in the background. During the install process I had requested that FreeBSD set up 1GB of swap space for me, however I found the operating system did not have any swap space available to it. Further checking showed that the operating system was trying to activate a swap partition during the boot process -- a swap partition which did not exist. This seems to be a mistake on the part of the guided partition manager.
I had decided to set up FreeBSD using a ZFS data pool. During my time with FreeBSD I found that ZFS performed well and file copying and removals were performed quickly. By default ZFS is set up so that key sections of the file system are mounted as separate sub-volumes. This means that user home directories, system binaries, log files and software ports are all stored in different areas and can be handled separately. For example, we can create snapshots of system files and home directories separately and, if we need to roll back to previous versions of the file system, one group of files need not be affected when we restore a different area.
Software and package management
One attractive feature now available in FreeBSD 10.0 is the new package manager, called "pkg", which presents a unified approach to package management and provides a simplified syntax when compared against the previous FreeBSD package management utilities. The first time we run the new pkg command the system reports pkg is not fully installed and offers to download and install the package manager for us. Once pkg has been bootstrapped we find that pkg uses a similar syntax to the zypper or YUM package managers. We can perform software installations, upgrade software and remove unwanted packages. We can get lists of installed software and perform searches against the FreeBSD software repositories. As the FreeBSD ports and packages collection is a bit of a moving target, pkg allows us to lock specific packages at a specific version, preventing accidental upgrades. I found pkg worked quickly and presented lots of information while it was working, including helpful prompts.
The FreeBSD operating system, on its own, features lots of command line utilities, but it does not feature many services, nor a graphical user interface. Armed with the new pkg software manager I decided to change this. My first self-appointed task was to install the Xfce desktop environment from the project's binary package repositories. There is a meta package for Xfce which pulls in the various panels, menus and icons a desktop environment needs. These all installed cleanly, but I noticed there was an important omission. Installing the desktop environment does not install the necessary underlying X display server software. For some reason X is not considered a dependency of Xfce. The next hour was spent downloading X, trying to run the desktop, discovering X would not run, trouble-shooting X, reading the FreeBSD Handbook's entry on trouble-shooting X, manually reconfiguring X and trying again. Ultimately I never got X working quite right. Sometimes it would show me a desktop, but the interface wouldn't respond to keyboard input, or I could get keyboard input working, but X wouldn't display anything. Eventually I put X & Xfce aside and decided to focus on what FreeBSD is best known for, being a server.
Last month, when I was evaluating Linux-based server distributions, I tried setting up a few services, including secure shell and Wordpress on four GNU/Linux distributions. Since FreeBSD allows OpenSSH to be enabled at install time, I decided to focus on setting up a Wordpress service on my new FreeBSD box. At first this looked as though it would be blissfully straight forward as the FreeBSD software repositories include a Wordpress package. I installed the Wordpress package and, at the end of the process, was told to run a script to set up the Wordpress database. This seemed really convenient until I tried to run the script and found it did not exist. As it turned out, installing Wordpress only supplied the Wordpress files and didn't pull in dependencies such as a web server, database or the script file to automatically set up the Wordpress database. The phantom script referred to by the Wordpress package, as it turned out, was part of one of the database packages which I later installed.
I also downloaded the Apache web server (version 2.2) package using pkg and found the Apache server would not start, claiming it could not match my computer's hostname to an IP address. Fortunately I had seen this before and changed my hostname to something Apache would recognize as a fully qualified domain name. Thinking this should complete my Wordpress set up I tried to browse to my new website and discovered support for the PHP scripting language was not enabled in Apache by default and, for that matter, would require I re-install PHP from source code and change the port's configuration in the process. Once all of this was done I had to set up Apache and the MySQL database to start at boot time to complete the set up. It is a surprisingly long and error-prone process compared against the other server platforms I reviewed earlier in the year.
What most of my problems with FreeBSD came down to was the repeating issue that software installed using pkg did not also install all required dependencies. Some immediate dependencies might be installed, but not all the items further down the dependency chain. The above example of installing Xfce without getting X was one instance, installing Wordpress without getting a database or web server in the process was another example. On another day I installed a collection of "fortune" quotes to be displayed when I logged into my account. The fortune add-on installed properly and I could manually read its text file, but I found that the actual fortune program itself was not installed when the add-on was, it had to be found and installed separately.
Now, I suspect I may get a flood of emails from FreeBSD fans pointing out the fortune program is an optional part of the FreeBSD operating system itself rather than a port and therefore outside of the scope of the package manager. That may be true, but doesn't that make the problem worse? That means the package manager is not only installing software for which it is not checking dependencies, but also for which it cannot check dependencies. If the component is optional it really should be placed in the ports collection where it can be found by the package manager, otherwise we risk running into situations where software is broken. This does not appear to be a problem with the pkg software manager itself, but rather the underlying ports framework. Checking the dependency lists on FreeBSD's website show that the missing dependencies are not specified in the ports.
I tried running FreeBSD in two environments. The first was a VirtualBox virtual machine and the second was my desktop box (dual-core 2.8 GHz CPU, 6 GB of RAM, Radeon video card and Realtek network card). In both environments FreeBSD booted quickly, ran smoothly and remained stable. Sound worked out of the box and, with some effort, I was able to get X to work with my video card. The operating system was quite light on RAM, especially considering the many features of ZFS.
Largely due to the dependency gaps and troubles with getting third-party software up and running my impressions of FreeBSD came down to two main points. The first is that FreeBSD -- the command line tools, the kernel, the ZFS file system and installer -- is a great operating system. In both test environments FreeBSD was fast, stable and ran smoothly. I really like the work which has gone into the system installer for this release and I like that ZFS is so easy to enable and use. The documentation which comes with FreeBSD is detailed and helpful. The new package manager is fast and friendly when compared next to its predecessors. All of this means it is pretty easy to install FreeBSD, explore the system and, once it is up and running, an administrator is unlikely to encounter a broken system.
On the other hand, I got the impression that FreeBSD's ports collection does not receive the same level of care as the base operating system. Some of the available ports obviously have not been tested against a clean installation of FreeBSD to make sure all dependencies have been met. The state of the X port is, in short, unfortunate. This gap between the quality of the base FreeBSD operating system and its available ports is made all the more evident now that a quality package manager like pkg is present. It is easier than ever before to search for and install new software, but too much effort is required to hunt down dependencies and tweak the configuration of key ports. What this results in is a wonderful base operating system that is plagued by trouble once we try to add third-party functionality to it.
Another thing which stood out during my time with FreeBSD was not a feature which was there, but one which I feel was missing. FreeBSD has an amazingly useful feature, called Jails, for isolating processes in, what is essentially, a very low-resource virtual environment. There are some useful tools out there for working with jails and a jail makes running services, such as a web server, more secure. Jails also allow us to run software on our computer without affecting the rest of the operating system. What I feel is lacking is an official repository of pre-made jails. In the Linux ecosystem there is a project called Turnkey Linux which provides pre-made Linux images for common tasks such as serving web pages, running forums, running bug tracking software and hosting instant messaging software.
With FreeBSD jails it should be possible to make and redistribute templates of jails that do these same things. The FreeNAS and PC-BSD projects, both based on FreeBSD, supply a few vanilla jail templates for people who wish to experiment with ports or who want to have a clean container in which to set up services. However, neither of these projects, nor FreeBSD, appear to have a collection of Turnkey-style jails for specific tasks, such as hosting a Wordpress site, running a media server or a TorrentFlux host. The powerful technology included in FreeBSD, along with the operating system's combination of stability and low resource usage, seems ideal for this sort of pre-fabricated container solution. I hope such an idea is adopted as I think it would be great to be able to run a command like "pkg install-jail amp_server" and have an appropriate jail created on the host operating system.
- Advanced file systems (Btrfs/ZFS): 4
- Documentation: 5
- Ease of installation: 4
- Ease of maintaining/upgrading: 3
- Length of support for each release: 3
- Performance: 5
- Stability: 5
- Steps required to enable services: 1
* * * * *
A few additional notes on SME Server
Following my review of the SME Server distribution, John Crisp emailed me and introduced himself as "El Presidente" of Koozali SME Server, the not-for-profit running the SME Server project. Mr Crisp offered some additional notes and comments he felt would be helpful should I wish to revisit the SME Server distribution in the future. I thought his comments were both fair and informative and, with his permission, I am including some of his notes below:
"Our website does have a huge amount of documentation, but obviously you found that hard to find/navigate. I am going to look at seeing if we can get more "context sensitive" links to either local or server based help built into each area of the server manager. Speaking of which, I know the console looks limited, but you can actually get to a text-based version of the server manager and access everything with a local text browser. I use it a lot.
File systems: the new version 9 [of SME Server] (currently at beta 3 and based on CentOS 6.x), should have ext4. I am not sure what the scenario is with Btrfs or ZFS, but will talk to the developers about it as it is an interesting comment. We hope that version 9 will be launched sometime later this year.
Upgrading from CentOS 5 to CentOS 6: Everyone will have a problem with this due to problems with RPM package signatures (if I remember correctly). This is due to changes at RHEL and CentOS, not us. The CentOS default upgrade recommendation is to back up and restore. It is possible to upgrade, but very tricky and not recommended.
As far as the future is concerned we have tried to concentrate on moving the system pretty well "as is" to v9 / CentOS 6 and only changing things where necessary due to the base system. We hope that we can then turn our attention to some more exciting stuff: new server-manager panel and full LDAP integration. There is a lot we want to do, but that depends a lot on the help we get!
To get version 9 out we really need as many people as possible to get involved, be that installing and testing, verifying bugs, reporting bugs, writing code, editing wiki documents etc. It doesn't matter about your experience level -- please contact us if you would like to help and we will be more than happy to assist people get started."
I would like to thank Mr Crisp for his insightful feedback.
|Miscellaneous News (by Jesse Smith and Ladislav Bodnar)
Debian votes for systemd, Ubuntu considers own file manager, Xubuntu shows off new artwork, Bodhi unveils 3.0 roadmap, NVIDIA contributes to open-source drivers, Arch Linux and stability
Last week the developers of Debian GNU/Linux went to the polls over an important issue - whether the world's largest community distribution of Linux should adopt a new init system, such as systemd or Upstart. The init system is responsible for getting the operating system into a usable state at boot time and managing system services. After much debate over the benefits of systemd and Upstart by fans of the two init systems, it appears as though the next Debian Stable release will use systemd by default. This means that Debian will join other distributions such as Fedora, openSUSE and Arch Linux in using systemd while Upstart usage remains primarily in the Ubuntu family of distributions.
* * * * *
Some fans of the Nautilus file manager have been upset lately with the development team's choice to remove certain key features, such as dual pane file views. Oliver Grawert raised the idea of swapping out Nautilus from future versions of the Ubuntu distribution in favour of a new file manager which might better suit the needs of Ubuntu users. His mailing list post suggests developers collect a list of required features a file manager should have and look at alternative file managers as possible replacements for Nautilus. Some people saw this proposal and jumped to conclusions, assuming Ubuntu 14.04 would no longer ship with Nautilus as the default file manager. In response to the rumours, Ubuntu developer Jono Bacon took to Google+ to assure people that no decision has yet been made: "There are a set of considerations that we assess when determining which default apps to ship. This includes features, quality, integration, stability, and the health of the upstream. The Ubuntu Desktop team takes these considerations into account when making a decision, and the decision is always discussed out in the open at UDS and on [the] Ubuntu-desktop [mailing list]. What is important to note is that the decision has not been made yet. We are not even close."
* * * * *
While a great deal of the open-source community focuses on code development, many of our first impressions of an operating system come from its appearance and layout. Often times the design choices which go into a project are the work of artists rather than coders. The Xubuntu project gave a nod to the artistic members of its community last week by showcasing some of the new artwork which will appear in Xubuntu 14.04. "In a discussion lasting over two hours, we looked at and discussed all wallpapers in question. It has to be mentioned that one of our criteria was to end up with a diverse set of wallpapers, as in: Xubuntu isn't only 'all blue'. Today, we would like to present the winners and outline quickly what we like about them or why they were chosen." The favoured images can be found on the Xubuntu news page
* * * * *
With the upcoming release of Ubuntu 14.04, a special version that will be supported with security update for five years, many of the Ubuntu-based projects that follow the long-term support branch will spring into action. One of them is Bodhi Linux, a distribution building a highly customised desktop with the Enlightenment window manager. Last week founder Jeff Hoogland published a tentative feature plan and roadmap leading to Bodhi 3.0.0: "This coming year will mark our third major release - Bodhi Linux 3.0.0. First, let's cover a few FAQs I've been getting regarding this new major release. Q: Will you continue to support non-PAE Processors? A: Yep. I do not currently know which kernel version we will be using on our non-PAE disc, but we will continue producing an ISO image that works on older non-PAE computers. Q: Which version of Enlightenment will you use? A: Unless I am able to beat E18 into a form I am confident is consumable for 'normal' users Bodhi 3.0.0 will continue to use the E17 desktop by default. Regardless of which desktop we ship with by default - both desktops will be easily accessible/swappable in our repositories." Bodhi 3.0.0 is slated for final release at the end of June.
* * * * *
In a surprise move, NVIDIA, the notoriously proprietary company, has contributed code to open-source driver development. Alexandre Courbot posted source code patches for Nouveau, a project which creates open-source drivers for NVIDIA video cards. The patches are for GK20A, a Kepler-based GPU that will be used in Tegra K1 chips. Courbot wrote: "I guess my [NVIDIA] email address might surprise some of you, so let me anticipate some questions you might have. Yes, this work is endorsed by NVIDIA. Several other NVIDIAns, including core GPU experts, have provided significant technical guidance and will continue their involvement." This unusual move has pleased Linux founder Linux Torvalds who raised "a thumb for NVIDIA" on his personal Google Plus page. Hopefully this is one of many more open-source contributions from NVIDIA.
* * * * *
Arch Linux, one of the few genuine rolling-release distributions that one can install and continuously keep up-to-date, has become a very popular operating system among the more knowledgeable Linux users who like that cutting-edge experience. But how does this never-ending upgrade process impact the stability of the distribution? In "Opinion: Arch Linux and Stability", author Andrew Powell summarises his experiences with running Arch: "So long as some care is taken and you don't rush in and do something silly without any knowledge or consulting that amazingly good and famous Arch Wiki, things should go okay and be quite stable. But occasionally, they won't. Of course when it comes to updates and bugs/instability creeping into software, it can happen in any operating system out there. But with Arch Linux, it is bleeding edge and the updates tend to come pretty fast, plus the distribution is meant to be more hands-on in its approach, so there is that little bit extra risk. Whether the pros of Arch outweigh some of these cons, is purely dependent on you and your tastes or requirements in a Linux distribution."
|Tips and Tricks (by Jesse Smith)
Putting server security first
Looking-for-security asks: I am really glad you did your server showdown reviews. That said, I've still got some unresolved questions. Maybe you can answer these as an extension to your server showdown, or maybe it would be better done as a similar but separate series of articles? I'm looking for a "secure communications server for the rest of us", a hardened secure communications platform that a complete novice can set up and be reasonably sure that it is as secure as possible from intrusion. Personally, I want secure, encrypted email, and secure, encrypted instant messaging, maybe also some website hosting, maybe also some file sharing.
The typical process for getting to a secure server seems to be: Start from an insecure distribution, secure ad-nausium (a failure-prone process due to the nearly infinite steps required to implement a never-ending list of security recommendations) and activate server features. What I am looking for is more along the lines of: Start from a "secure by default" distribution, with all possible security features already enabled. Then use some convenient interface to turn on the server features, which also turns off only those security features required for the feature to function (a manageable, finite step process).
I really want this sort of Linux server appliance that is secure and hardened, and doesn't need a sea of configuration changes to make as secure as possible, but is still easy to reliably set up what I need, and not requiring me to be overly concerned about whether I have mangled the server security in the process of turning things on.
DistroWatch answers: You raise an interesting problem and I think you are going to run into is that secure is usually the opposite of convenient. You want to set up a server that just installs, you click a few buttons to enable features (or run a few commands) and it "just works". Which is great, a server like SMS or Zentyal will do that for you, Zentyal especially is designed for that. The problem though is that, by being easy, such distributions are not, by their nature, secure. Secure systems such as OpenBSD or Tails are designed to not have convenient features because such systems are almost universally insecure.
I feel your best bet is probably to get a fairly convenient system (like Zentyal) and make sure you enable the firewall and enable email transmission encryption. Maybe visit their community forums and get suggestions on the easiest way to do the other things you want. That would give you the easy setup and relatively finite steps of an appliance distribution. On the other end of the scale, if your primary interest is security, then you might want to look at OpenBSD, one of the few operating systems which is pretty much guaranteed to be secure by default. It takes more time and effort to set up OpenBSD and there is a sharp learning curve, but it will start you off with security-on-by-default. Alternatively you might want to look at Turnkey Linux, which packages services as appliances. These are designed to be more convenient than secure (typically), but they turn the operating system into a module. Running a series of these on separate machines may be more secure (on the whole) than trying to run many services all on one operating system.
One word of warning, if I may. You mention secure web hosting and encrypted email. Such things are only as secure as the weakest link, which means your emails may be encrypted going out to other people, but chances are no one is going to send you encrypted emails in return (or know how to open your encrypted messages). Your web server may be secure (have HTTPS enabled and be patched against known threats), but that won't save you from a SQL attack if your server-side code is sloppy. Sharing files securely can be difficult too because your files are only as safe as the weakest password/authentication system your users may utilize. This is why security is hard (and often at odds with convenience), there are a lot of pieces to a modern operating system and, as you add functionality, you add potential security weaknesses.
I would also like to point out that security is often a matter of ongoing processes rather than a set state. The question mentioned finding a distribution with "all possible security features already enabled". There are virtually limitless possible steps in adding layers of security to an operating system and many of them require vigilance. This is why it is difficult to find a fully functional operating system that is close to "secure by default". There are all sorts of account management tools, intrusion detection and access controls (such as SELinux or AppArmor) that may be added to a system to improve its security beyond a set of bare defaults.
|Released Last Week
Chakra GNU/Linux 2014.02
Neophytos Kolokotronis has announced the release of Chakra GNU/Linux 2014.02, the latest stable version of the project's Linux distribution, originally forked from Arch Linux, featuring the KDE 4.12.1 desktop: "The Chakra project team is delighted to announce the first release of Chakra 'Curie'. Curie is the name of a series of Chakra releases that follows the KDE Software Compilation 4.12 series. This new release includes some refinements as well as new features and updates: Chakra provides the first in a series of monthly stabilization updates to the KDE 4.12 series: 4.12.1; KDE Workspaces has been patched to display the width or height (depending on orientation) of Plasma panels when resizing them; we now provide KDE Connect, which aims at making your computer aware and seamlessly integrated with all your devices; enabled login/logout sounds...." Read the rest of the release announcement for more information and a screenshot.
Chakra GNU/Linux 2014.02 - the default KDE desktop
(full image size: 1,543kB, screen resolution 1280x1024 pixels)
Zorin OS 8 "Educational"
Artyom Zorin has announced the release of Zorin OS 8 "Educational" edition, an updated version of the project's specialist edition designed primarily for educational institutions: "The Zorin OS team has released Zorin OS 8 Educational, the education-oriented edition of our operating system designed for new Linux users. We have introduced a myriad of changes in Zorin OS including updated software, improvements to the user interface and entirely new software. As always, Zorin OS 8 uses the Zorin Desktop environment with Zorin Menu for unparalleled customization and the Zorin Look Changer for ultimate ease of use. We also include our Zorin Web Browser Manager to ease the installation of web browsers. In addition, we have now made it super easy to install the Zorin World Community Grid program in Zorin OS 8 to help humanity. Zorin OS 8 is based on Ubuntu 13.10." Here is the brief release announcement.
Tails 0.22.1.1, an updated release of the Debian-based distribution and live CD pre-configured for anonymous web browsing, has been released: "Tails, The Amnesic Incognito Live System, version 0.22.1, is out. All users must upgrade as soon as possible as this release fixes numerous security issues. Notable user-visible changes include: security fixes - upgrade the web browser to 24.3.0esr, upgrade the system NSS to 3.14.5, workaround to a browser size fingerprinting issue by using small icons in the web browser's navigation toolbar, upgrade Pidgin to 2.10.8; major improvements - check for upgrades availability using Tails Upgrader and propose to apply an incremental upgrade whenever possible; install Linux kernel 3.12.6; bug fixes - fix the keybindings problem introduced in 0.22, fix the Unsafe Browser problem introduced in 0.22...." Here is the complete release announcement with known issues and upgrade instructions.
Untangle NG Firewall 10.1
Untangle has announced the release of version 10.1 of Untangle NG Firewall (a product formerly known as "Untangle Gateway"), a Debian-based specialist distribution for firewalls and gateways: "Untangle, Inc., a network software and appliance company, today launched version 10.1 of its Next Generation Firewall software, a critical upgrade for disaster recovery support for small and medium businesses." One of the major changes of this release is that the applications are now pre-installed: "In 10.1 and the future, the applications will be preinstalled on the appliance or installed with the CD or USB key along with the platform. This makes the installation much quicker and simpler. Now when the user logs in for the first time they will register this server with their Untangle account and then they can install the applications. No download is required." Read the press release and check out the detailed changelog for a full list of changes and new features.
Colin Watson has announced the release of Ubuntu 12.04.4, the latest of the distribution's live and installation images that include all recent security and bug-fix updates. This is Ubuntu's LTS (long-term support) release, providing security updates until 2017. From the release announcement: "The Ubuntu team is pleased to announce the release of Ubuntu 12.04.4 LTS for its Desktop, Server, Cloud, and Core products, as well as other flavours of Ubuntu with long-term support. As with 12.04.3, 12.04.4 contains an updated kernel and X stack for new installations on x86 architectures. As usual, this point release includes many updates, and updated installation media has been provided so that fewer updates will need to be downloaded after installation." Please read also the release notes for more information.
Scientific Linux 6.5 "Live"
Urs Beyerle has announced the release of "Live" editions of Scientific Linux 6.5, a distribution built from source packages for Red Hat Enterprise Linux 6.5 but enhanced with extra software applications for use in academic and scientific environments: "Scientific Linux 6.5 LiveCD, LiveMiniCD and LiveDVD are officially released. Changes since 6.4: software based on Scientific Linux 6.5; CUPS, Pidgin, Brasero, Qt, Gcalctool, gdisk, LFTP, spice-client, minicom and nc were removed from 'LiveCD' to save disk space. Notes: the live images are based on the Fedora LiveCD tools; if you install LiveCD to hard drive, the installation of the live image is done by Anaconda similar to the normal SL6 installation, all changes done during LiveCD usage are lost; you can install LiveCD on an USB stick with persistent changes using liveusb-creator included in sl-addons." See the full release announcement for further information.
Jordan Hubbard has announced the release of FreeNAS 9.2.1, an updated version of the project's free network-attached storage (NAS) system based on FreeBSD and the ZFS file system: "After one beta, two release candidates, and many nightly builds (which many of you tested, to our everlasting gratitude) we are, as always, proud to announce the public availability of FreeNAS 9.2.1-RELEASE. FreeNAS 9.2.0 was a great release, and we're pleased to say that FreeNAS 9.2.1 is even better. Since 9.2.0 was released, we have fixed over 189 bugs, added new features, polished the UI, and improved the performance of FreeNAS even further. The documentation has also been updated for 9.2.1, though the source code is still a useful reference for features like the web API, which comes with several examples in the source tree. For the first time, we are also publishing an errata list for 9.2.1 so people will know about known issues that were not deemed severe enough to be 'show stoppers' for this release." Read the rest of the release announcement which includes detailed release notes.
Version 12.04.4 of LXLE, a respin of Lubuntu designed for older computers, has been released: "After patiently waiting for Ubuntu to officially announce their 12.04.4 update and once the number of seeders of LXLE grew to an adequate level to 'serve' it, LXLE 12.04.4 has been released. This particular release builds on the idea that many 'at idle' processes can be replaced by 'on demand' solutions, such as weather, battery, updates, power management, etc. It also introduces microcode kernel updates for your processor and preload, a readahead daemon, by default. Notable new features: LXLE PPA enabled by default; updated core LXDE components; updated BleachBit, Catfish, MiniTube; updated Elementary icon set; added Steam, VokoScreen, Schedule Tasks; GNOME Commander replaced with Sunflower; Fast Forecast replaced with Typhoon; GDiskDump replaced with Startup Disk Creator; enhanced Firefox and bookmarks toolbar...." See the full release announcement for more information and a video overview.
Sam Geeraerts has announced the release of gNewSense 3.1, a minor update of the project's Debian-based Linux distribution built strictly from free software as defined by Richard Stallman's Free Software Foundation: "Hi, I'm pleased to announce the release of gNewSense 3.1. This is a minor update to the current stable version with code name 'Parkes'. These are the most important changes: the correct country-specific package repository (instead of the beta one) is set at installation time; NetworkManager is included on the live image by default; the expert installer no longer suggests to install Debian's non-free repository. Current users of gNewSense 3.0 don't have to reinstall as they get all the updates automatically. However, they should fix their repository configuration. That repository will be disabled next week, in order to start development on gNewSense 4. I urge you to update your software sources to the correct ones as soon as possible." Here is the brief release announcement.
* * * * *
Development, unannounced and minor bug-fix releases
|Upcoming Releases and Announcements
Summary of expected upcoming releases
New distributions added to database|
* * * * *
New distributions added to waiting list
- BASIS. BASIS is a desktop Linux distribution based on openSUSE and built with SUSE Studio.
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 17 February 2014. To contact the authors please send email to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, suggestions and corrections: news, donations, distribution submissions, comments)
- Bruce Patterson (feedback and suggestions: podcast edition)
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip.
(Tips this week: 0, value: US$0.00)
|Linux Foundation Training
|• Issue 746 (2018-01-15): deepin 15.5, openSUSE's YaST improvements, new Ubuntu 17.10 media, details on Spectre and Meltdown bugs|
|• Issue 745 (2018-01-08): GhostBSD 11.1, Linspire and Freespire return, wide-spread CPU bugs patched, adding AppImage launchers to the application menu|
|• Issue 744 (2018-01-01): MX Linux 17, Ubuntu pulls media over BIOS bug, PureOS gets endorsed by the FSF, openSUSE plays with kernel boot splash screens|
|• Issue 743 (2017-12-18): Daphile 17.09, tools for rescuing files, Fedora Modular Server delayed, Sparky adds ARM support, Slax to better support wireless networking|
|• Issue 742 (2017-12-11): heads 0.3.1, improvements coming to Tails, Void tutorials, Ubuntu phasing out Python 2, manipulating images from the command line|
|• Issue 741 (2017-12-04): Pop!_OS 17.10, openSUSE Tumbleweed snapshots, installing Q4OS on a Windows partition, using the at command|
|• Issue 740 (2017-11-27): Artix Linux, Unity spin of Ubuntu, Nitrux swaps Snaps for AppImage, getting better battery life on Linux|
|• Issue 739 (2017-11-20): Fedora 27, cross-distro software ports, Ubuntu on Samsung phones, Red Hat supports ARM, Parabola continues 32-bit support|
|• Issue 738 (2017-11-13): SparkyLinux 5.1, rumours about spyware, Slax considers init software, Arch drops 32-bit packages, overview of LineageOS|
|• Issue 737 (2017-11-06): BeeFree OS 18.1.2, quick tips to fix common problems, Slax returning, Solus plans MATE and software management improvements|
|• Issue 736 (2017-10-30): Ubuntu 17.10, "what if" security questions, Linux Mint to support Flatpak, NetBSD kernel memory protection|
|• Issue 735 (2017-10-23): ArchLabs Minimo, building software with Ravenports, WPA security patch, Parabola creates OpenRC spin|
|• Issue 734 (2017-10-16): Star 1.0.1, running the Linux-libre kernel, Ubuntu MATE experiments with snaps, Debian releases new install media, Purism reaches funding goal|
|• Issue 733 (2017-10-09): KaOS 2017.09, 32-bit prematurely obsoleted, Qubes security features, IPFire updates Apache|
|• Issue 732 (2017-10-02): ClonOS, reducing Snap package size, Ubuntu dropping 32-bit Desktop, partitioning disks for ZFS|
|• Issue 731 (2017-09-25): BackSlash Linux Olaf, W3C adding DRM to web standards, Wayland support arrives in Mir, Debian experimenting with AppArmor|
|• Issue 730 (2017-09-18): Mageia 6, running a completely free OS, HAMMER2 file system in DragonFly BSD's installer, Manjaro to ship pre-installed on laptops|
|• Issue 729 (2017-09-11): Parabola GNU/Linux-libre, running Plex Media Server on a Raspberry Pi, Tails feature roadmap, a cross-platform ports build system|
|• Issue 728 (2017-09-04): Nitrux 1.0.2, SUSE creates new community repository, remote desktop tools for GNOME on Wayland, using Void source packages|
|• Issue 727 (2017-08-28): Cucumber Linux 1.0, using Flatpak vs Snap, GNOME previews Settings panel, SUSE reaffirms commitment to Btrfs|
|• Issue 726 (2017-08-21): Redcore Linux 1706, Solus adds Snap support, KaOS getting hardened kernel, rolling releases and BSD|
|• Issue 725 (2017-08-14): openSUSE 42.3, Debian considers Flatpak for backports, changes coming to Ubuntu 17.10, the state of gaming on Linux|
|• Issue 724 (2017-08-07): SwagArch 2017.06, Myths about Unity, Mir and Ubuntu Touch, Manjaro OpenRC becomes its own distro, Debian debates future of live ISOs|
|• Issue 723 (2017-07-31): UBOS 11, transferring packages between systems, Ubuntu MATE's HUD, GNUstep releases first update in seven years|
|• Issue 722 (2017-07-24): Calculate Linux 17.6, logging sudo usage, Remix OS discontinued, interview with Chris Lamb, Debian 9.1 released|
|• Issue 721 (2017-07-17): Fedora 26, finding source based distributions, installing DragonFly BSD using Orca, Yunit packages ported to Ubuntu 16.04|
|• Issue 720 (2017-07-10): Peppermint OS 8, gathering system information with osquery, new features coming to openSUSE, Tails fixes networking bug|
|• Issue 719 (2017-07-03): Manjaro 17.0.2, tracking ISO files, Ubuntu MATE unveils new features, Qubes tests Admin API, Fedora's Atomic Host gets new life cycle|
|• Issue 718 (2017-06-26): Debian 9, support for older hardware, Debian updates live media, Ubuntu's new networking tool, openSUSE gains MP3 support|
|• Issue 717 (2017-06-19): SharkLinux, combining commands in the shell, Debian 9 flavours released, OpenBSD improving kernel security, UBports releases first OTA update|
|• Issue 716 (2017-06-12): Slackel 7.0, Ubuntu working with GNOME on HiDPI, openSUSE 42.3 using rolling development model, exploring kernel blobs|
|• Issue 715 (2017-06-05): Devuan 1.0.0, answering questions on systemd, Linux Mint plans 18.2 beta, Yunit/Unity 8 ported to Debian|
|• Issue 714 (2017-05-29): Void, enabling Wake-on-LAN, Solus packages KDE, Debian 9 release date, Ubuntu automated bug reports|
|• Issue 713 (2017-05-22): ROSA Fresh R9, Fedora's new networking features, FreeBSD's Quarterly Report, UBports opens app store, Parsix to shut down, SELinux overview|
|• Issue 712 (2017-05-15): NixOS 17.03, Alpha Litebook running elementary OS, Canonical considers going public, Solus improves Bluetooth support|
|• Issue 711 (2017-05-08): 4MLinux 21.0, checking file system fragmentation, new Mint and Haiku features, pfSense roadmap, OpenBSD offers first syspatch updates|
|• Issue 710 (2017-05-01): TrueOS 2017-02-22, Debian ported to RISC-V, Halium to unify mobile GNU/Linux, Anbox runs Android apps on GNU/Linux, using ZFS on the root file system|
|• Issue 709 (2017-04-24): Ubuntu 17.04, Korora testing new software manager, Ubuntu migrates to Wayland, running Nix package manager on alternative distributions|
|• Issue 708 (2017-04-17): Maui Linux 17.03, Snaps run on Fedora, Void adopts Flatpak, running Android apps on GNU/Linux, Debian elects Project Leader|
|• Issue 707 (2017-04-10): PCLinuxOS 2017.03, Canonical stops Unity development, OpenBSD on a Raspberry Pi, setting up a VPN for privacy|
|• Issue 706 (2017-04-03): Super Grub2 Disk, Snap packages of deepin applications, Subgraph OS routes network traffic for one application, announcements from Linux Mint|
|• Issue 705 (2017-03-27): Minimal Linux Live, sharing control of the operating system, new KaOS features, Uplos32 provides 32-bit fork of PCLinuxOS|
|• Issue 704 (2017-03-20): ToarusOS 1.0.4, Linux Mint's security record, Debian starts Project Leader election, Ubuntu 12.04 reaches end-of-life|
|• Issue 703 (2017-03-13): SolydXK 201701, CloudReady, Solus announces new features, KDE Connect sends text messages from desktop, openSUSE's YaST module for Let's Encrypt|
|• Issue 702 (2017-03-06): Fatdog64 Linux, elementary OS bundled with new netbook, Haiku announces new features, security and the size of a distro's development team|
|• Issue 701 (2017-02-27): OBRevenge 2017.02, Mageia 6 delays, NetBSD reproducible builds, questions about swap space, trying to steam video on a Raspberry Pi|
|• Issue 700 (2017-02-20): RaspBSD, Debian replaces Icedove with Thunderbird, Fedora's licensing guidlines, tips for switching shells, finding battery charge, getting IP address and killing processes|
|• Issue 699 (2017-02-13): Clear Linux, GhostBSD network utility ported to FreeBSD, Ubuntu coming to Fairphone, elementary OS crowd funding an app store|
|• Issue 698 (2017-02-06): Solus 2017.01.01, comparing containers with portable applicatins, Tails dropping 32-bit support, Debian Stretch enters freeze|
|• Issue 697 (2017-01-30): Subgraph OS 2016.12.30, running Ubuntu on an Android phone, Arch Linux phasing out 32-bit support, Linux Mint testing updated LMDE media|
|• Issue 696 (2017-01-23): GoboLinux 016, remotely running desktop applications, Solus adopting Flatpak, KDE neon using Calamares, TrueOS tests OpenRC|
|• Issue 695 (2017-01-16): Zorin OS 12, Peppermint team fixes installer bug, Debian refreshes Jessie media, Ubuntu improves low graphics mode, Exciting things coming in 2017|
|• Full list of all issues|
|Random Distribution |
HP Secure OS Software for Linux
HP Secure OS Software for Linux helps businesses secure their Linux environments by offering intrusion prevention, real-time protection against attacks, and damage containment. HP was first to market with this business-critical security solution for Linux. HP Secure OS Software for Linux provides high reliability, performance, availability, flexibility and scalability. Additionally, it was easy to install and manage, making it attractive to businesses that don't have large IT organizations.
|Tips, Tricks, Myths and Q&As |
|Questions and answers: All about shells|
|Tips and tricks: Basename, for loop, dirname, aliases, bash history, xsel clipboard|
|Tips and tricks: Running openSUSE "Factory"|
|Tips and tricks: Command line weather, ionice, rename files, video preview snapshot, calednar, ls colour settings|
|Tips and tricks: All about package signing|
|Questions and answers: Gaming on Linux|
|Questions and answers: Open source licences|
|Questions and answers: Security and the size of a distribution's team, update on streaming Netflix on Raspbian|
|Questions and answers: Personal firewall applications|
|Questions and answers: Getting a Linux tablet PC|
|More Tips & Tricks and Questions & Answers|