-
essential theory
- Other ways
- need to disable encryption on the disk in use
- doesn’t matter if you delete volumes (the encryption will stay, at least for bitlocker)
- always check FSF (highest standard of free software)
- it’s a pack of pre-made decisions - src
- Debian, Fedora, Arch are the main parent distros & really different
- other distros are children, for more specific use-cases, or bad
-
software dev models
- rolling release - updates as soon as ready & tested
- don’t have to re-install system, just update
- doesn’t mean stuff are not stable, they still get tested
- great for hardware compatibility
- latest software versions
- cons
- bad for new users - stuff breaks more often
- you need to update stuff at least 1 time a week - src
- you can’t really specify version number to get help
- details - it has no
- version numbers (at most there’s date or kernel ver)
- fixed release cycles
- end-of-life dates
- stable release
- details
- core software/libraries kernel on majors releases
- security, patches, on minor releases
- it has version numbers
- cons
- no “cutting edge” software
- if there is problem, need to wait more for fix
- eventually you’ll version will meet end-of life
- some distros need you to re-install, no upgrade
- rolling release - updates as soon as ready & tested
-
resources
- linux
- repository stats -
- linux
-
Options by use case
- generally
- OG - Linux
- arch lin
- Gentoo - harder to install than arch. Source based OS
- why?
- “Linux end game” -MentalOutl
- great to learn linux
- need to compile most stuff from source
- you can compile stuff to delete bloat and custom optimize it
- need to know use flags, kernel modules to to these stuff
- portage pkg manager
- you can compile stuff to delete bloat and custom optimize it
- meta distro - can support many architectures
- void linux - no systemd, 2 pkg manager
- has void installer
- not a fork
- pkg manager & build system from scratch
- pkg managers
- binaries
- compile from source
- XBPS (X Binary Package System)
- efficiency and the ability to handle partial upgrades
- allows users to roll back certain packages
- philosophy
- separates free & non-free into different repos
- minimalistic & efficient - runit & fast pkg managers
- no AUR but community driven
- all packages in its official repositories are vetted and maintained by the Void team & community
- arco linux
- 3 branches + extended version with all window managers
- bloated (main philosophy?) & minimal version & custom
- great installer
- with many options about third party software
- doesn’t care about closed source -
- with many options about third party software
- arco linux tweak tool -
- 3 branches + extended version with all window managers
- Privacy
- tails
- qubeOS
- whonix - virt machines that looses memory like tails
- lightweight - I would still go to minimal arch though
- alpine OS
- security, simplicity & resource efficiency.
- use cases
- Ideal for
- containers, embedded systems, low-resource devices, & servers
- not really intended to be used w GUI
- Ideal for
- different toolset than most other OS
- musl libc - no glibc (C Library)
- busy box - GNU coreutils
- open RC - no systemd
- apk - package manager
- Resources
- storage
- Base image is ~5 MB
- compared to 100–200MB for Ubuntu/CentOS
- installation to disk requires ~130MB
- container requires no more than 8 MB
- Base image is ~5 MB
- Boots fast
- consumes minimal RAM and CPU.
- storage
- security
- compiles all userland binaries, all outside the kernel w…
- SSP - stack smashing protection - overflows tripwires
- small, random value (the “canary”) is placed on the stack before the return address
- If a buffer overflow tries to overwrite the return address, it will also overwrite the canary
- Sys checks canary before returning from a function
- if it’s been changed, the program crashes instead of executing malicious code.
- PIE - Position Independent Executables
- userland binaries are compiled as
- code can be loaded at any memory address.
- enables Address Space Layout Randomization (ASLR) — a security technique that randomizes where code is loaded in memory.
- If an attacker tries to exploit a vulnerability (like a buffer overflow), they can’t predict where to jump to — because the memory layout changes every time.
- n
- less pkgs available
- Antix - 300mb ram idle - no systemD, debian, 32bit
- Lubuntu - 500mb ram idle
- Ram src
- Ram src
- Peppermint - 652mb ram with xfce idle
- Tiny core - smallest graphical env distro, not really usable
- alpine OS
- nooby friendly
- manjaro
- aur
- endevourOS???
- great installer
- specialized hardware support
- de
- plasma
- gnome
- xfce
- mint
- android, lol
- debian - because of stability
- zorinOS - based on ubuntu, looks like windows
- ubuntu - it uses wayland by default… wtf
- discord & anydesk will have problems on sharing screen (maybe even impossible)
- manjaro
- enterprise/server
- generally
- debian & ubuntu server seems the only viable routes for most use cases
- web server? almost always windows
- file server? any OS, doesn’t matter
- why would I need support if I’m technical?
- offloading part of the potential damage/responsabilities/costs if something goes wrong
- you don’t have expertise in everything
- like linus when losing tb/pb of stuff calling other people to help
- Proxmox and…
- debian
- non consistant schedule for LTS
- no company backing it up (neither their support)
- less cutting edge but one of the most stable
- doesn’t really matter if you use containers
- company backed + support
- ubuntu server
- predictable LTS schedule (2 years)
- spyware+bloat? going into non-free direction?
- redhat (RHEL Red Hat Enterprise Linux)
- suse enterprise
- windows server…
- mostly for…
- active directory
- printers/devices w only windows drivers
- web servers
- mostly for…
- ubuntu server
- openBSD
- better network stack?
- no containers here…
- Archived
- CentOS - discountinued foss version of redhat
- debian
- archived
- centOS - based on redhat - sadly not an option anymore
- generally
- Specific use cases
- Router
- switch
- NAS
- True NAS
- ew
- free NAS - ZFS as filesystem
- freeBSD as it’s base
- paid
- unraid
- free NAS - ZFS as filesystem
- E-reader - E-ink device
- pen testing - why not just building it from debian?
- kali - debian with pen test bloat
- parrot - debian with pen test software
- gaming
- BSD
- FreeBSD - also used on desktops
- difference
- BSD license instead of GPL (non-copyleft)
- people like apple are abusing it…
- monolithich
- kernel
- user land tools
- drivers
- all in the same pkg
- Lower adoption & compatibility w hardware
- BSD license instead of GPL (non-copyleft)
- Similarities
- FOSS
- UNIX
- Most of the software is from linux
- difference
- OpenBSD - one of the most secure OS for servers mostly
- FreeBSD - also used on desktops
- meh
- nixOS - unnecessary for most people
- Artix - arch but uses openRC instead of systemd
- clean linux - fast if using intel
- slackware -
- solus - new desktop env
-
Options by dev model
- sr
- Debian - nooby friendly - yearly release cycle
- fedora - company backed semester release cycle
- ubuntu
- popOS
- mintOS
- rr
- arch
- manjaro
- artix
- void linux
- parent distros
- slackware - old
- Debian
- Arch
- redhat
- openSuse - company backed
- android
- gentoo
- freeBSD
- openBSD
- sr
