Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Looking for a distribution to replace Ubuntu
- Date: Mon, 24 Nov 2008 23:24:01 +0900
- From: Edward Middleton <emiddleton@example.com>
- Subject: Re: [tlug] Looking for a distribution to replace Ubuntu
- References: <20081124021334.GI17040@lucky.cynic.net>
- User-agent: Thunderbird 2.0.0.16 (X11/20080815)
Curt Sampson wrote:
Ubuntu has a fair number of annoyances for me, as folks are probably gathering from my posts here. It's finally got enough stuff wrong that can't be fixed as easily as installing a new window manager package that I'm looking for a new distribution. I'd like to solicit *suggustions*.
use more e's ;)
I don't know whether it will fit all your criteria but based on your collective contributions to the list so fare I would have to say I think you are the sort of user who will brake any, even half decent binary distribution, so I would suggest you ditch them and go with Gentoo. There might be other source based distributions that are leaner and more to your liking but Gentoo is pretty mainstream and has lots of package support, and is trivial to add new packages.
Here are my criteria, in approximate order of importance.
* Support for "full-disk encryption," or as close as Linux gets (which I guess is an unencrypted boot partition), and an enter-passphrase-on-boot system usable by a non-sysadmin.
Possible, I have done this in the past.
* A working DNSSEC resolver, preferably using the BIND 9 library. This should be used by the standard OpenSSH package to use authenticated SSHFP records.
If this is possible in any simple way it will be possible in Gentoo, and if it isn't (i.e. you have to make the source changes yourself) then it will be easier to do in Gentoo.
* All network-facing services off by default. Well, within reason: disabling ICMP echo replies would be a PITA. But installing an Apache httpd package should certainly not start a server. Ideally, too, services are configured securely by default, e.g., sshd is configured to disallow all root logins over the network and password logins for any account.
I don't know about default images because I usually build specifically for the hardware I am using and that involves installing from a basic stage1 install. Generally services don't run unless added to a runlevel so this shouldn't be a problem.
* Good driver support for desktop systems, particularly in the ability to use modern graphics cards to some basic level of performance. I can live with Aqua-style stuff being slow and not being able to run games, but I do need a basic 2-D window manager and programs such as Firefox to work well, and I need multiple-head support. ACPI suspend and power management working well would be a good bonus.
I haven't had problems with nvidia binary drivers, except when using hardened kernels with PAX support, but that is a driver issue not a distribution issue.
* A reasonably broad range of binary packages available, and having the latest production-ready releases available sooner, rather than later. Automatic updates and all that, too. A fairly coarse package granularity is fine; I have little concern about how much disk space the system uses.
Binary packages are available but I have never used them so can't comment on whether they are useful. It is possible to generate binary packages on one machine and distribute them to other hosts. This might be a useful approach for you if you have similar hardware and don't want to compile packages on each host.
To be honest, from a practical point of view it doesn't make much difference whether packages are binary or source based. At least not to me, and I think you will find the same. CPU cycles are cheap its the user cycles that aren't. I have in the past wasted far more time fighting with binary package based systems then with source based systems. Binary systems can be convenient when they do what you want but when they don't you end up either installing unstable packages i.e. Debian Sid or creating an unmaintainable mess by installing directly from sources.
* Some reasonable default configuration for window manager and so on that office staff comfortable with Windows and the Gnome environment will be comfortable with, and a set of graphical system management tools that enable these folks to, e.g., easily find and install programs such as the Gimp.
From a security perspective, Should office staff with windows background, who are unable to use a console, be installing applications on a secure machine. Set them up with reasonable/generous defaults and make it a support issue if they need more.
There are also graphical installers for Gentoo but I am not familiar with them.
* Including include files and any other basic tools one needs to compile against a library with the library itself, rather than as a separate "dev" package. I don't mind if they want to put the profiling libraries and suchlike in a separate package, though I'd prefer they do not.
:)
If I can find a good candidate, we'd like to replace Ubuntu on all of the desktops at our office, and on several notebooks.
Edward
- References:
- [tlug] Looking for a distribution to replace Ubuntu
- From: Curt Sampson
- [tlug] Looking for a distribution to replace Ubuntu
- Prev by Date: Re: [tlug] Looking for a distribution to replace Ubuntu
- Next by Date: Re: [tlug] Looking for a distribution to replace Ubuntu
- Previous by thread: [tlug] Full-disk encryption (was: Looking for a distribution to replace Ubuntu)
- Next by thread: Re: [tlug] Looking for a distribution to replace Ubuntu
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |