Thread dedicated to Linux distro (and other OS) recommendations, notes, resources, etc. What Linux distros do you use? What advice do you have for installing those distros and what to do after installation?

[bold: Advice to Lambda for choosing a distro]
You want an independent distro with a good track record. Alpine, Arch, NixOS, and Gentoo are all recommended for advanced users. Non-technical users or users who want something that just works should install Debian or Fedora and setup automatic updates/unattended upgrades. If you choose to install Fedora, you probably want to use the network installer (https://alt.fedoraproject.org/).
>for Fedora: https://docs.fedoraproject.org/en-US/quick-docs/autoupdates/
>for Debian: https://wiki.debian.org/UnattendedUpgrades

Desktop users should consider using a rolling release distro with up-to-date packages. From my experience these distros are just as stable as fixed release distros like Debian but I don't have to reinstall the system every 6 months to 2 years.
>Distro repository stats (good to see which distros are the most up-to-date and also which packages are in which distros): https://repology.org/repositories/statistics

Stay away from most Arch and Debian derivitaves, especially Manjaro and Ubuntu which are both known for invasive telemetry and/or inclusion of proprietary software. All of these are essentially reskins of Arch and Debian with preinstalled desktops and lots of bundleware to cater to non-technical users.

Systemd, while being an overly complex piece of software which goes beyond what an init system should do and defaults to Google DNS and NTP servers, also has some security benefits, such as the ability to sandbox system services and TPM2 support, and most of the Systemd "hate" comes from memes. Init systems shouldn't be taken into consideration unless you wanted to fall for the "software minimalism" meme where everything is "bloat". But if you do fall for the memes, Alpine doesn't use Systemd, Glibc, or GNU.

[bold: Tips for new Linux users]
> [bold: IMPORTANT]: Always select full-disk encryption during install. If your distro's installer does not support FDE, then you picked the wrong distro, motherfucker.
> How to use the Linux commandline: https://linuxcommand.org/index.php
> Read the man pages. They explain how different software works. I suggest reading at least [bold: man-pages(7)] to learn about how man pages work, and [bold: hier(7)] to learn about the Linux filesystem hierarchy. Also read the info pages in addition to man pages since info pages are usually more comprehensive (especially with the GNU coreutils).
>Read your distro's documentation and the Arch Wiki (https://wiki.archlinux.org/) when stuff breaks.
>General Recommendations: https://wiki.archlinux.org/title/General_recommendations
>List of Applications: https://wiki.archlinux.org/title/List_of_applications
>You probably want to use Pipewire or the standard ALSA utilities (alsa-utils). The ALSA utilities includes alsamixer, which is an ncurses-based program for changing the volume and other settings. Do not use PulseAudio.
>It's probably better to use Wayland since it has GUI isolation, but it's also much slower and more unstable than Xorg. Use Xfce or KDE (supports Wayland) if you want a full desktop, i3-gaps or sway if you want a tiling window manager, or IceWM or labwc if you want a stacking window manager.
>Use your desktop environment's default terminal emulator, or Alacritty or urxvt (rxvt-unicode) if your desktop didn't come with one.
>Linux Hardening Guide: https://privsec.dev/os/desktop-linux-hardening/
>Another Linux Hardening Guide: https://wiki.archlinux.org/title/Security

There is no Linux distribution better than Kiss Linux™ at the moment.
Simple as.

DATAMINING THREAD DO NOT REPLY

I'd just like to interject for a moment. What you're referring to as Linux,
is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux.
Linux is not an operating system unto itself, but rather another free component
of a fully functioning GNU system made useful by the GNU corelibs, shell
utilities and vital system components comprising a full OS as defined by POSIX.

Many computer users run a modified version of the GNU system every day,
without realizing it. Through a peculiar turn of events, the version of GNU
which is widely used today is often called "Linux", and many of its users are
not aware that it is basically the GNU system, developed by the GNU Project.

There really is a Linux, and these people are using it, but it is just a
part of the system they use. Linux is the kernel: the program in the system
that allocates the machine's resources to the other programs that you run.
The kernel is an essential part of an operating system, but useless by itself;
it can only function in the context of a complete operating system. Linux is
normally used in combination with the GNU operating system: the whole system
is basically GNU with Linux added, or GNU/Linux. All the so-called "Linux"
distributions are really distributions of GNU/Linux.

No, Richard, it's 'Linux', not 'GNU/Linux'. The most important contributions that the FSF made to Linux were the creation of the GPL and the GCC compiler. Those are fine and inspired products. GCC is a monumental achievement and has earned you, RMS, and the Free Software Foundation countless kudos and much appreciation.

Following are some reasons for you to mull over, including some already answered in your FAQ.

One guy, Linus Torvalds, used GCC to make his operating system (yes, Linux is an OS -- more on this later). He named it 'Linux' with a little help from his friends. Why doesn't he call it GNU/Linux? Because he wrote it, with more help from his friends, not you. You named your stuff, I named my stuff -- including the software I wrote using GCC -- and Linus named his stuff. The proper name is Linux because Linus Torvalds says so. Linus has spoken. Accept his authority. To do otherwise is to become a nag. You don't want to be known as a nag, do you?

(An operating system) != (a distribution). Linux is an operating system. By my definition, an operating system is that software which provides and limits access to hardware resources on a computer. That definition applies whereever you see Linux in use. However, Linux is usually distributed with a collection of utilities and applications to make it easily configurable as a desktop system, a server, a development box, or a graphics workstation, or whatever the user needs. In such a configuration, we have a Linux (based) distribution. Therein lies your strongest argument for the unwieldy title 'GNU/Linux' (when said bundled software is largely from the FSF). Go bug the distribution makers on that one. Take your beef to Red Hat, Mandrake, and Slackware. At least there you have an argument. Linux alone is an operating system that can be used in various applications without any GNU software whatsoever. Embedded applications come to mind as an obvious example.

Next, even if we limit the GNU/Linux title to the GNU-based Linux distributions, we run into another obvious problem. XFree86 may well be more important to a particular Linux installation than the sum of all the GNU contributions. More properly, shouldn't the distribution be called XFree86/Linux? Or, at a minimum, XFree86/GNU/Linux? Of course, it would be rather arbitrary to draw the line there when many other fine contributions go unlisted. Yes, I know you've heard this one before. Get used to it. You'll keep hearing it until you can cleanly counter it.

You seem to like the lines-of-code metric. There are many lines of GNU code in a typical Linux distribution. You seem to suggest that (more LOC) == (more important). However, I submit to you that raw LOC numbers do not directly correlate with importance. I would suggest that clock cycles spent on code is a better metric. For example, if my system spends 90% of its time executing XFree86 code, XFree86 is probably the single most important collection of code on my system. Even if I loaded ten times as many lines of useless bloatware on my system and I never excuted that bloatware, it certainly isn't more important code than XFree86. Obviously, this metric isn't perfect either, but LOC really, really sucks. Please refrain from using it ever again in supporting any argument.

Last, I'd like to point out that we Linux and GNU users shouldn't be fighting among ourselves over naming other people's software. But what the heck, I'm in a bad mood now. I think I'm feeling sufficiently obnoxious to make the point that GCC is so very famous and, yes, so very useful only because Linux was developed. In a show of proper respect and gratitude, shouldn't you and everyone refer to GCC as 'the Linux compiler'? Or at least, 'Linux GCC'? Seriously, where would your masterpiece be without Linux? Languishing with the HURD?

If there is a moral buried in this rant, maybe it is this:

Be grateful for your abilities and your incredible success and your considerable fame. Continue to use that success and fame for good, not evil. Also, be especially grateful for Linux' huge contribution to that success. You, RMS, the Free Software Foundation, and GNU software have reached their current high profiles largely on the back of Linux. You have changed the world. Now, go forth and don't be a nag.

Thanks for listening.

marefaggotry should be deleted like wojaks are.

P6975
Suppose I install Tor Browser on a Linux.
Next I want to configure the Linux to allow connections for the tor binary, but deny them for the firefox binary.
Also deny DNS altogether.

How do I configure the firenigger to achieve this?

Lambdanons, how do I boat my Canoe/Fishsticks system? The boatloader won't launch the Canoe/Fishsticks kernel. The grub is on the hook but I still can't bait the system. Is there a special Fishsticks command line I need to get the grub to bait the system?

Halp plz. I yearn for my shell fish. Rob Pike never could've predicted such a sea pickle as this. We've got a real marlin on our hands.

https://alpinelinux.org/
https://wiki.alpinelinux.org/wiki/Main_Page
Alpine is a truly lightweight distro (unlike Arch) for servers. It can be used as a desktop operating system.

+ Uses OpenRC instead of systemd
+ Uses musl instead of glibc
+ Uses the apk package manager (not the same as Android's package manager)
+ Uses BusyBox instead of the GNU core utilities (your interjections are invalid)
+ Stable release distro but a rolling release (edge) is available
+ Offers an install script or you can just install manually like Arch/Artix
+ All userland binaries are compiled as Position Independent Executables (PIE) with stack smashing protection.
+ Uses a hardened kernel by default
+ Designed to run from RAM but can be installed onto your hard disk

[bold: Documentation:]
>https://wiki.alpinelinux.org/wiki/Alpine_newbie
>https://wiki.alpinelinux.org/wiki/Installation
>https://wiki.alpinelinux.org/wiki/Post_installation
>https://wiki.alpinelinux.org/wiki/Package_management
>https://wiki.alpinelinux.org/wiki/Abuild_and_Helpers
>https://wiki.alpinelinux.org/wiki/APKBUILD_Reference

P7110
sounds based tbh

Void Linux is a lightweight distro for desktops. It used to be fucking good but then their lead developer left and a lot of shit happened. Shame since it was an interesting distro that could have been amazing.

+ Uses the runit init system
+ Can choose between glibc and musl
+ Uses the XBPS package manager (which from my experience is faster than Arch and supports partial upgrades)
+/- Rolling release (but not as bleeding edge as Arch, Gentoo, or even Debian unstable)
+/- Offers an installer but it doesn't support full-disk encryption, so you should install manually like Arch/Artix
- Repositories are hosted on github and are devoid of packages
- Void maintainers support BLM: https://nitter.net/VoidLinux/status/1267525360679354374#m

[bold: Links:]
>Website: https://voidlinux.org/
>Void Handbook: https://docs.voidlinux.org/

>Stay away from most Arch and Debian derivitaves, especially Manjaro and Ubuntu which are both known for invasive telemetry and/or inclusion of proprietary software.
Can you tell me momre about manjaro? I hate it but sometimes I have to work with a device running it.

P6975
P7169
Do [bold: not] post ponies. Thanks.

P7172
https://itsfoss.com/libreoffice-freeoffice-manjaro-linux/

>reinstall every 6 months / 2 years
What are you talking about? Just dist-upgrade.

I used void, alpine, arch, fedora, debian and oasis.
I order of "dont have to babysit" to "absolute control":

Fedora > Debian > Void > Gentoo > KISS > oasis > LFS

Fedora is more up to date, and just as stable. Good out of the box (just manually make dnf faster). You decide if beta testing for Red Hat and a bunch of soyftware like gnome and flatpak is fine with you.
Debian, where I reside. Comfy, no bullshit, no babysitting. No problem with muh outdated packages. I dont need the latest stuff, and if there is a package that needs more recent depends, I just use chroot, or statically compile. Only ran in this problem once.
Arch is stupid and didnt make into the list. Void is better in every way, and I dont have to keep manually intervening and checking rss before updating.
Void is fast, and rolling release. Also stable and comfy.
Gentoo: coompile, but make it easy with emerge (eww python).
Kiss: coompile everything yourself, but there are some niceties
Oasis:kiss, but with suckless everything, and everything is statically built. Also cool lua setup.
Lfs:if nothing else satisfyies you, take matters to your own hands.

Oasis and kiss are meta-distributions. They barelly have repos.
Also gento barely qualifies as a distro too.

[spoiler: insert image of Ed here]

P7184
Arch has more packages and is more bleeding edge. If you don't like systemd just use Artix.
>I dont have to keep manually intervening and checking rss before updating
Like maybe once every six months or a year. You can check RSS after updating if pacman doesn't work.

>You decide if a bunch of soyftware like gnome is fine with you
Fedora supports other desktop environments, dumbass. Download one of the spins or use the network installer to choose which desktop you want.

https://archlinux.org/
https://wiki.archlinux.org/

+ No handholding or pre-installed software
+ Bleeding-edge rolling release distro
+ Lots of packages thanks to the Arch User Repository (AUR)
+ Excellent documentation
- Uses systemd
- Pacman doesn't support partial upgrades and downgrading packages, and upgrading sometimes requires manual intervention

[bold: Notable Arch-based Distros:]
>Artix Linux: https://artixlinux.org/ ([bold: Warning:] Artix website is Cloudflared)
>Hyperbola GNU/Linux-Libre: https://www.hyperbola.info/ (will drop Linux for BSD)
>Parabola GNU/Linux-Libre: https://www.parabola.nu/

[bold: Documentation:]
>https://wiki.archlinux.org/title/Installation_guide
>https://wiki.archlinux.org/title/General_recommendations
>https://wiki.archlinux.org/title/Pacman
>https://wiki.archlinux.org/title/Arch_User_Repository

P7193
>Arch has more packages
True I guess, ignoring different ways of packaging.
Altough, for me, lack of packages never was a problem. In all the distros I used mostly the repos, and if a package wasnt there, then it were in none of the repos. In that cases just git gud.

>and is more bleeding edge.
Not that much of a good thing

>If you don't like systemd just use Artix.
It sucks. Void is better.
Derivatives are never good.

>You can check RSS after updating if pacman doesn't work
Babysitting. For me, unnaceptable. Besides, this flaw doesnt get outweighted by any "advantages" of Arch.
The final nail in the coffin is that I didnt had to go through this bs in Void

>Fedora supports other desktop environments,
Like any other distro. But a guy that is interested in fedora is interested at the main spin.

>or use the network installer to choose which desktop you want
I dont think the average Fedora user, or someone that is interested in it would use the network installer.
I used the network Debian's installer, but it almost makes more sense considering its more usefull as a server.

P7302
>Derivatives are never good.
So you think journalists and whistleblowers who require anonymity shouldn't use TAILS or Whonix just because they're derivatives of Debian?

P7316
[spoiler: no]
Lemme rephrase. Derivatives are never good (for general computing).
I'm shure those serve their purpose well, although, there's also that meme about making live a openbsd image with all the configuration necessary.
>TAILS
nope

P7110
Alpine uses the security by magic meme "stable" software release model. This involves freezing packages for a very long time and only ever backporting security fixes that have received a CVE. However, this approach misses the vast majority of security fixes. Most security fixes do not receive CVEs because either the developer simply doesn’t care or because it’s not obvious whether or not a bug is exploitable at first.

Distribution maintainers cannot analyse every single commit perfectly and backport every security fix, so they have to rely on CVEs, which people do not use properly. For example, the Linux kernel is particularly bad at this. Even when there is a CVE assigned to an issue, sometimes fixes still aren't backported, such as in the Debian Chromium package, which is still affected by many severe and public vulnerabilities, some of which are even being exploited in the wild.

This is in contrast to a rolling release model, in which users can update as soon as the software is released, thereby acquiring all security fixes up to that point.

[spoiler: [bold: Original source:] https://madaidans-insecurities.github.io/linux.html#stable-release-models]

P7326
So why don't servers use rolling release distros? Security should be in their best interest too.

P7328
More updates = more shit breaking

btw

P7948
very cute femstallion
what's him name? installation autism?

P7965
First off, it's a she/her, not a he/him.
Second, her name is Arch GUHNOO slash LEENIX

None of you are certified security researchers so you are not allowed to have an opinion on Linux.

I only listen to certified researchers like Tommytran and Madaidan. The latter only recommends using trusted OS like Windows and MacOS.
https://tommytran.io/
https://madaidans-insecurities.github.io/

ponies are boring

P8000
I wonder if his silk hose matches his wig

laughed at "Windows and MacOS" as "secure" OS.

I use Debian because they seem to be serious about the idea of free software.

P7195
What's handholding in this context and what's bad about it?

Fabrice Bellard

P8436
i wish there was an up to date guide to make debian schizo compliant

If you're going to choose a distro, make sure you choose one that fully supports DNS lookups. I'm looking at you, Alpine. >512 byte DNS lookups just break.

P8547
A persistent storage oriented distro doesn't seem too schizo compliant to me.

I am using Windows. I found Linux is a bit hard to use and not as user-friendly as Windows.

I've heard GNU Guix is great at reproducibility with a sane language (vs Docker's pile of shell scripts) and can build both OS level virtualization containers and lower level ISO images. Has anybody used GNU Guix?

P12307
stop distrohopping (or as I've taken to calling it distrocoping)

Why are there distros other than Ubuntu? Linux should change its name to Linux/Ubuntu.

P12312
Your shitposts are very funny

P12307
Guix is barely maintained and irrelevant

P12323
Fitting for a kernel as equally deprecated.

[bold: Alternatives to Guix:]
Fedora Silverblue - has the most sane defaults (systemd, wayland, GNOME) and is suitable towards novices and anyone who wants something that just works
OpenSUSE MicroOS
NixOS - for advanced users with specific needs

P12354
Also Clear Linux
https://clearlinux.org/

[bold: Most popular GNU/Linux distros]
1. Android GNU/Linux (98% market share)
2. Chrome GNU/Linux (2% market share)
3. Ubuntu GNU/Linux (0.01% market share)

P13054
I'd just like to interject for a moment. What you're referring to as Android GNU/Linux, is in fact, Android/Linux, or as I've taken to calling it Android plus Linux. Android/Linux is not a free software operating system itself, unlike a GNU/Linux operating system. All of the GNU free software that enables user freedom and personal choice is missing on a normal Android/Linux installation. Obstacles are put up to stop users from installing the software of their choice, not sending personal information to Google, and even using their computers to the full extent as defined by POSIX.

P13054
I thought android was trannyware kernel and gnu were replaced with toybox. Calling something goyphony from google a gnu+linux is not correct, and only worth mention for curious cattle which will be forgotten after 10 seconds.

GNU is a organization for PEDOPHILES
Don't put the shit to our Linux anymore.
Linux is Linux and must NOT be G*U/Linux bullshit.

P13288
k, and where do you suppose you are?

P15518
Google 🤝

debian or arch or GTFO!

nanochanrayhy7nuuhldw2n4sq7tmv7xzdwaxtbptetss5eaznwfknyd.onion/g/46991

P15593
>nanochanray
I wouldn't use imageboards that censor former names the admin has used and lie about how they're moderated with fake logs.
Real nanochan is at http://nanochanqzaytwlydykbg5nxkgyjxk3zsrctxuoxdmbx5jbh2ydyprid.onion/ but it's been pretty broken for a while.
For questions or more details see the drama thread: P2781

whats the difference between parabola and hyperbola anyway? dont they have the same gimmick of "arch for libretards"?

P15624
[bold: Parabola]
> Parabola GNU/Linux-libre is listed by the Free Software Foundation (FSF) as a fully free software distribution
> Libre-kernal
> More DE evironements
> Image Size (MB) 900-1800

[bold: Hyperbola
> slightly more lightweight then Parabola [bold: Image Size (MB) 1100-1200]
> more community driven?

> https://distrowatch.com/table.php?distribution=parabola
> https://distrowatch.com/table.php?distribution=hyperbola

What thoughts about [bold: EndeavourOS?]
> https://endeavouros.com/

P6975
> [bold: Tips for new Linux users]
> [bold: Linux Hardening Guide:] https://privsec.dev/os/desktop-linux-hardening/
> Encrypted Swap
What about NOT having or setting up a swap partition and mounting /tmp to /tmpfs?

[bold: How can I make my install like Kali Linux's "Forensics Mode" or TailsOS in which no hard drives are mounted and anything performed on the system does not leave any trace. [spoiler: (everything is on RAM)]

Is my understanding correct that if you have swap u mount to ramfs if no swap mount to tmpfs?

P6975
P15627
> [bold: Linux Hardening Guide:] https://privsec.dev/os/desktop-linux-hardening/

> https://privsec.dev/privacy
> We use Matrix as our primary communication method.

haha wtf lol just like [bold: MaDaIdAn's] stuff that is good but other opinions/advice has some reeee in it.

P15627
> https://www.kali.org/docs/general-use/kali-linux-forensics-mode/

> First, the internal hard disk is never touched. If there is a swap partition it will not be used and no internal disk will be auto mounted. We verified this by first taking a standard system and removing the hard drive. A hash was taken of the drive using a commercial forensic package. We then reattached the drive to the computer and booted Kali Linux “Live” in forensic mode. After using Kali for a period of time, we then shut the system down, removed the hard drive, and took the hash again. These hashes matched, indicating that at no point was anything changed on the drive in any way.

> https://tails.boum.org/contribute/design/memory_erasure/

In order to protect against memory recovery such as cold boot attack, most of the system RAM is overwritten when Tails is being shutdown or when the boot medium is physically removed. Also, memory allocated to processes is erased upon process termination.

P15593
P15618
This isn't the n*nochan drama thread. Take it to P2781.

>>P15631

You have to boot to ram, not just erase ram. And you have to disconnect the hard drive. Software prevention of mounting a drive can be subverted.

I've seen evidence for live USB distros being modified to carry malicious modifications to the next boot.

1. Boot to ram.
2. Physically remove the flash drive before connecting to the internet.

Now, while an attacker can still compromise your system, it is limited only to 1 boot and nothing remains in the ram or on any hard drives after you unplug it and hold down the power button for 20 seconds to clear the ram.

The biggest security threat isn't the initial attack, it's RATS and vulnerabilities from modifying the operating system that can watch you continuously until you wipe and reinstall a clean OS.

There are issues with booting to ram, if you open too many web pages or use up too much memory it stalls out. But if you're not booting to ram and pulling all your OS containing drives, you are not doing everything you can to keep your system secure.

If you boot to ram, there are no logs on your system to find, there are not RATS in your OS loading up when you start the computer,

I think it's also confusing for system infiltrators when they use an exploit to get into a system and find there are no mounted drives at all.

The boot to ram way of life also encourages top knotch data security practices. Since you cannot save things on your hard drive, you have to save them on a separate flash drive or external drive, and you might as well encrypt the hell out of it.

You literally can't save some sensitive files that a system infiltrator could find later on your hard drive when booting to ram, in addition, there are no swap files, system recovery backups, or any of that shit for an infiltrator to find.

On a conventional OS, you can collect logs of all the files that have EVER been on that machine, along with the identifiers for all the drives that have ever connected to it, and you can remotely download that off a computer really easily and analyze it. I assume when a state hacker infiltrates a computer, that's the first thing they do. But there isn't anything like that when booting to ram.

When you boot to ram, you are really keeping system infiltrators in the dark to the maximum extent possible while connecting to the internet with the same device.

If you aren't pulling the LIVE USB drive, you aren't getting the full protection of boot to ram since the LIVE USB drive can modified by a system infiltrator to install RATS that will phone home whenever you boot from it.

It's not enough to unmount it and the switch on things like SD card readers doesn't actually prevent reading or writing. You have to physically disconnect it.

You have to unplug it between boots to ensure the ram is wiped.

P15735
P15740

my fellow chads what do u need to modify on a linux install to make it like tails & kali foresnic mode?

> You have to unplug it between boots to ensure the ram is wiped.
So if u don't have WiFi card in the said machine or onboard ethernet port and just unplug the the ethernet USB adapter are u safe?

Like u keep the Live system plugged in and just unplug ethernet (only connection source)?

P15735
so modify the squashfs, make sure no swap partition when intial partition set up, mount /tmp to /tmpfs and anything else. Certain grub kernel boot parameters like page poisen. What else?

[bold: Someone should write a script or guide.]

P15779
> [bold: Someone should write a script or guide.]

yes plz somebuddy [spoiler: tooo lazyyyy]

P15778
>just unplug the the ethernet USB adapter are u safe

Yes, ye cou'de do that with radio adapters too. My PC has killswtitches, like wireless "on and off" on Gameboy and Nintendo 3DS.

What are ports?

not everyonehas that type of money mate.

Do tell us what it takes to make any linux (arch/debian) install boot from RAM like certain distros mentioned above >P15631

P18442
https://wiki.ubuntu.com/BootToRAM
you can edit your grub boot entry and add: [bold: toram] but I believe u need to edit SQUASHFS aswell.

P20799 the RAM really is the RAM

P20811
what do you think fine chap?
Do tell us what it takes to make any linux (arch/debian) install boot from RAM like certain distros mentioned above?

What ended up replacing grsecurity for a hardened kernel? Has linux-hardened kept up with the features grsecurity had or at the very least PaX?

Of course not, say bye-bye to grsec. You can read about hardened kernel on archwiki and then check what is disabled/enabled in your kernel. Aside from that, it is rather interesting what propriety blobs hardened kernels have as they are not consindered libre.

Have any of you had luck using Alpine Linux as a desktop/workstation distribution? A year or so back there was a few packages still missing from their package manager that made me hesitate but they all seem to have a well maintained package now.

P21788
No. Unfortunately lots of things don't work (segfaults on startup as installed, etc). Musl is not as good as Glibc. It is indeed less code, but also not as good.

Linux distros are a meme. Everypone knows you should just build your own Linux-based OS from scratch by compiling your own kernel then choosing your own packages and defaults because there is no such thing as sane defaults. Gentoo is bloat for normies.

> Systemd, while being an overly complex piece of software which goes beyond what an init system should do and defaults to Google DNS and NTP servers, also has some security benefits
P6975
you talking about the [bold: lo] loopback interface or the [bold: /etc/resolv.conf] file?

Whatever /g/ likes is trash.
Whatever /g/ hates is good.

P61560
welcome to japan nanon

Install [bold: Solaris], OpenVMS, or Slackware.

Also,
>Always select full-disk encryption during install
Don't do this.

>fall for ecrypt everything meme
>libgcrypt or openssl updates
>symbols, functions, or other things removed/changed
>sorry kiddo, LUKS/ecryptfs doesn't work with the new libgcrypt/openssl - hope you didn't need those files
>that's your whole system? sucks to be you

This happened to me but I didn't go the "encrypt everything" route and so I only had to downgrade libgcrypt to get back access to my encrypted container. Had I done the entire system, I'd not been able to do anything about it.

P6975
>top tier
OpenBSD, Alpine Linux, FreeDOS,
>very good tier
NetBSD, SerenityOS, QubesOS+Whonix
>good tier
Gentoo-hardened-musl, CRUX, KISS
>okayish, but everything above is better
...
>better than nothing tier
FreeBSD
>death is preferable tier
All other Linux, Windows, MacOS, all mobile OSes

P61568
uh doesn't LUKS encrypt everything beside the bootloader meaning you could just chroot or cd back into the system after unlocking it from live medium you used to intall with?

Try to find a flaw with Guix. (pro tip: you can't)

>>P61572
back to reddit, lainfag
im gonna deliberately do the quote wrong so you think im contradicting myself and think you owned me in some unrelated argument

There is a USE flag in gentoo labeled 'olde-gentoo' that is designed to be an option in /etc/portage/make.conf. It is set during USE="-*" builds. Does anybody know what this does or have documentation on it? It is not in USE flag index.

P61580
LUKS is able to encrypt is able to encrypt an entire disk, a singular partition, a loop device. There is no set method LUKS uses to encrypt a drive. For full disk encryption only one partition is made on the drive, then encrypted with LUKS, and finally managed with LVM. LVM on LUKS. This would mean that there is no separate boot partition. Instead, /boot (where the bootloader resides) is a managed volume, and is able to be mounted during installation as any regular boot partition would.

P61706
*provided the bootloader is smart enough to do that

P61706
full disk by default when prompted from a new installation of a distro does NOT encrypt the bootloader aka grub

P61672
Apparently they can't format PDFs.

p61769
is there an easy way to convert a pdf to an html?
cuz i feel this could be useful since people inject malicious things in pdfs

P61736
>when prompted
Prompted by who? I always encrypt bootloader. It does not matter what distribution is being used. Cryptsetup works on all of them.

P16772
app-text/poppler
pdftohtml file.pdf

P61815
seems bloated ngl anon

P61818
Ask admin what this site is running on if you want to see bloat rofl.

P6975
>>Use Xfce or KDE (supports Wayland) if you want a full desktop, i3-gaps or sway if you want a tiling window manager, or IceWM or labwc if you want a stacking window manager.
I fail to find the difference between a 'desktop environment' and a window manager. I have been using dwm with xfce4-panel patch in floating mode and dmenu. It works exactly the same as xfce4-meta. How is a desktop environment not everything running an xsession?

P22539
>Gentoo is bloat for normies.
Gentoo is not for normies. The name is literally the abbreviation of [bold: The Gentleman's Toolchain®]. And normies are not gentlemen, mind you.

P61672
whats up with the gnu projects obsession to make logos look like wombs, first gnunet, now guix

P22539
Literally this. Ahem!

Prepackaged Kernel
Prepackaged Tools
Prepackaged InitSys
Its all for normies and fools
I say keep it KISS
Retardation goes a long way
One kernel compilation a day
keep the gay way
I say keep it KISS
Just do it from scratch
No prepackaged crap
and youll nothing miss

P62701
Are you serious? I never knew that. I did BLFS once and it was alot of work. Most of the work was keeping stuf up to date. Every now and again something would break, big. glibc would update and cause stuff not to compile. That time they moved RPC out of glibc and into tirpc was a mess.

P62714
Symbolizes fertility.

P61769
happens when you delete al metadata with programs like mat2

P6975
>Systemd, while being an overly complex piece of software which goes beyond what an init system should do and defaults to Google DNS

sudo -su
mkdir -p /usr/lib/systemd/resolved.conf.d/
touch /usr/lib/systemd/resolved.conf.d/40_no-fallback.conf
nano /usr/lib/systemd/resolved.conf.d/40_no-fallback.conf
and add:

[Resolve]
FallbackDNS=

save then exit

P69664
nano will create the new file there is no need to touch.

>Always select full-disk encryption during install.
Isn't that a horrible idea on SSDs?

P69883
No? What kind of glownigger FUD gave you that idea?

P69909
It just sounds like wear-leveling algorithms would get in the way.

P69696
...if you know what I mean.

P70042
Wear leveling doesn't care what data is stored.
Some people argue that TRIM should be disabled with encryption, because it reveals which parts of the SSD are used. But I'd say that's a minor issue and obviously still better than no encryption.

P70842
10/10 mom

P7169
Void Linux doesn't accept Librewolf in official repositories as it is a fork. It will need to be built using xbps-src.
https://github.com/index-0/librewolf-voidlinux/tree/master
is used for this. The readme has all of the steps that are needed to start from scratch and everything can be done in /home directory. What these steps are doing is cloning the void-packages repository which includes all of the templates to build void packages from source, adding the Librewolf template to cloned repository, building Librewolf package, and installing it system-wide. The downside to this is that, without any further intervention, you will need to manually update Librewolf upon new releases.

P70364
how do i enable or disable TRIM
fucking aye i hate partioning disks
i was trying partition disk so i can create backups
now i got restart why doesn't gui installer on debian come with the option to ask if user wants snapshots

P74394
>void
why use trash

P74423
>why use trash
>has to use a gui installer
>using distribution with the slowest package manager ever created
reps just use alpine for server
>how do i enable or disable TRIM
add it to your crontab

P74446
>using electricity

P74447 (palindrome of based)
This too.

P74627
t. coward who is too scared to say anything helpful in case somebody proves him wrong

P74629
"t. _______" means you're associating it with yourself, usually in a positive way.
">t. _______" means you're associating it with the person you're replying to, almost always in a negative (specifically derogatory) way.
t. your minder

P74643
You spend too much time online. You need to try going into the big room with the green carpet and yellow day star.

P74647
it is finnish language. simple as

P61569
OpenBSD and Alpine are shitty meme operating systems that barely add any real security features: https://isopenbsdsecu.re/

P84541
SHUTUP JD!

give me gettyimages watermark!

P84541
what are good ones then and what real security features do they add?

>>P84593

None use WHONIX or KICKSECURE!!!

P84793

only dumb orb farmers

P84800
Can I use OpenBSD as host and then use Whonix gateway in a VM?
Or does OpenBSD not support virtualization software like VirtualBox or other?

P61569


KISS should KYS


use TENS

P84929
>use TENS
based