DistroWatch Weekly, Issue 720, 10 July 2017

Feature Story (by Jesse Smith)

Peppermint OS 8 Peppermint OS is a lightweight Linux distribution built primarily from Ubuntu 16.04 LTS packages. The latest release of Peppermint, version 8, ships with support for booting on UEFI-enabled computers. Peppermint also supports loading on computers protected by Secure Boot. The distribution ships with version 4.8 of the Linux kernel with Ubuntu's Hardware Enablement (HWE) drivers so the distribution should run on most modern computers.



Perhaps the most interesting item Peppermint ships with, and what sets it apart from other lightweight Ubuntu-based projects such as Lubuntu and Linux Lite, is a feature called Ice. The Ice software helps users set up short-cuts to websites and web-apps. These short-cuts can be added to the Peppermint application menu and launched in a streamlined web browser window, giving the web-resource the appearance of a natively run application.



Peppermint 8 is available in 32-bit and 64-bit builds. I opted to download the 64-bit version which is 1.2GB in size. Booting from the downloaded media brings up a menu giving us the chance to load the distribution's live desktop environment, launch the system installer, begin an OEM install or verify the integrity of the installation media.



Peppermint's live session boots to a desktop environment which contains a mixture of Xfce and LXDE components. The hybrid desktop uses LXDE's LXSession software while running the Xfwm4 window manager and Xfce's panel. The panel -- with its application menu, task switcher and system tray -- sits at the bottom of the screen. An icon on the desktop can be used to launch the distribution's system installer. The application menu is divided into two panes with the left side displaying categories of software and the right side showing specific application launchers.



Installing



Peppermint uses Ubuntu's Ubiquity system installer. Ubiquity is a graphical application that walks us through a streamlined series of option screens. We're asked to select our preferred language from a list and given a chance to install media support. The installer can automate disk partitioning or provide us with a simple interface for partitioning our hard drive. Ubiquity then gets us to select our time zone from a map of the world, confirm our computer's keyboard layout and we are asked to provide a name and password for our user. Peppermint's installer works fairly quickly and concludes by offering to restart the computer.



The installer is the same whether launched from the live desktop session or from the boot menu. I also ran through the OEM install option once. The process is exactly the same, except the OEM install provides a default user account with the name "oem".





Peppermint 8 -- Enabling the firewall with Gufw

(full image size: 964kB, resolution: 1280x1024 pixels)



Hardware



I tested Peppermint in two environments, a VirtualBox virtual machine and on a desktop workstation. The distribution worked very well when running on the desktop computer. The system booted quickly, was responsive and all of my hardware was detected. Peppermint ships with a local printer manager application which made it fairly easy to set up my networked HP printer and the distribution used approximately 200MB of RAM when logged into its hybrid desktop environment.



When running in VirtualBox, Peppermint started out well. The operating system ran smoothly in VirtualBox, but was unable to make use of the host computer's full screen resolution. I installed VirtualBox guest modules through Peppermint's Additional Drivers tool, but this did not help. I then tried installing the latest VirtualBox guest modules from the project's repositories and this did not work out well either as it caused the system to no longer recognize keyboard input. A little investigation revealed that installing VirtualBox modules had removed several HWE driver packages, disabling my keyboard.



Once I got things put back the way they had been via a re-install, I played around with display settings and found I was unable to change my screen resolution through the Monitor configuration module in the Peppermint settings panel. The Monitor module always sets the VirtualBox monitor to its disabled setting, which means we cannot change screen resolution without disabling all visual output. I later found Peppermint has a second display configuration module called ARAndR which did allow me to adjust the screen's resolution settings. In the end, using a combination the Additional Drivers tool to install VirtualBox modules and the ARAndR tool to change screen resolution gave me the display settings I wanted.



Applications



Something I noticed when I first started using Peppermint was the organization of the application menu. While fairly easy to navigate, the menu has a few characteristics I found hard to get used to. The first is the application menu contains a mixture of local applications and web-based applications. Which software is run locally and which is run through a web browser is not clear and some experimenting is required to discover the items that run on-line. The second concern I faced was some applications are listed under their name while others are listed with a description. For example, in the application menu the entry called Files is the Nemo file manager and the Bittorrent Client entry is the Transmission bittorrent application. On the other hand, "ImageMagick (display Q16)" and "guvcview" are presented with their names only and no description. I think I would be fine with either approach, but I would prefer the application menu's entries to be consistent in their naming scheme.



Looking through the menu we find the Chromium web browser (with Flash support), the Transmission bittorrent software and the Evince document viewer. There is a Dropbox client which, when opened, launches a web browser to help us sign up for a Dropbox account. The VLC multimedia player is available along with a full range of media codecs. There is no dedicated audio player. We are supplied with the Xviewer image viewer, an archive manager, calculator and a tool for scanning images. We can get on-line using Network Manager and partition disks with the GNOME Disks application.



Peppermint supplies us with several web-app launchers, including the Pixlr image editor, GMail, Google Calendar and Google Drive. There are also several small games available through the application menu. Each of these launchers opens a web page in a dedicated web browser with a minimal interface. When working from the command line we find Peppermint supplies us with the GNU Compiler Collection. The distribution uses the systemd init software and runs on version 4.8 of the Linux kernel.



Most of the applications that shipped with Peppermint worked well for me. The default collection of software, while small, tends to be effective. My one big issue came from the Chromium web browser. After browsing for a few minutes, Chromium would simply stop displaying web pages. I could type in URLs and the browser would indicate the page had loaded, but fail to display anything. This happened several times and I found, when the bug occurred, Chromium would fail to even display its own settings page. I installed the Firefox web browser and found it worked smoothly without the display issue Chromium experienced, even when browsing the same pages.



Ice



Launchers for accessing web-apps are managed by a desktop tool called Ice. The Ice application is divided into two tabs. The first tab helps us create new short-cuts to web-apps and simply requires that we provide a URL for the desired website and a name. Ice can then look up an icon for the web-app and create a short-cut to the on-line resource in the application menu. Ice's second tab lists existing web-app launchers on our system and gives us the option of removing them. Web-apps opened from Ice launchers are presented in a window that shows us the requested web page without any of the usual web browser controls cluttering the interface.





Peppermint 8 -- Managing web-apps with Ice

(full image size: 1.2MB, resolution: 1280x1024 pixels)



Settings



Peppermint features a custom settings panel with five vertical tabs displayed down the left side of the window: User, Tweaks, Hardware, Network and System. Each tab contains a handful of configuration modules which help us adjust the user interface and underlying operating system. The User tab contains settings that adjust the look of the desktop, our keyboard's settings and language support. The Tweaks tab offers settings for adjusting system sounds, notifications, Flash settings and software update options. The Hardware tab includes modules for working with printers, monitor settings and power management. The Network tab covers setting up network connections, adjusting the firewall, setting up Samba network shares and enabling Bluetooth. The System tab handles user accounts, managing software packages, the system clock and disk partitions. Apart from the issue with screen resolution I mentioned earlier, each of these configuration modules worked well for me. The settings panel mostly launches very simple, single-purpose graphical modules which makes manipulating the individual settings straight forward.





Peppermint 8 -- The Peppermint settings panel

(full image size: 907kB, resolution: 1280x1024 pixels)



Software management



Peppermint provides its users with two graphical package managers. The first is called Software Manager (aka mintInstall). The mintInstall application begins by showing us a grid of software categories. We can click on a category to see a list of available applications, sorted with the most popular items first. Clicking on an entry brings up a longer description of the application, some screen shots and user reviews. We can click a button to install the selected software in the background while we continue to browse other items. I found mintInstall to be easy to navigate and the interface was responsive.





Peppermint 8 -- The software manager

(full image size: 670kB, resolution: 1280x1024 pixels)



The second graphical package manager is Synaptic. While mintInstall divides software into categories and focuses on desktop applications, Synaptic simply presents us with a list of available packages without concern for their role on the system. Synaptic works quickly, can handle upgrading installed packages and is quite flexible. Synaptic's interface is less modern looking, but it is a stable and capable package & repository manager.



When software updates are available, Peppermint displays a blue shield icon in the desktop's system tray. Clicking on the icon launches the mintUpdate update manager. Updates are listed along with a safety rating. A safety rating of 1 indicates a package is tested and safe while a score of 5 suggests the updated package is likely to cause stability issues. By default all updates are displayed and selected for us, but we can adjust mintUpdate to exclude updates with a high (unsafe) ranking if we value stability over security updates. I found the update manager worked well for me and, even with all potentially dangerous updates installed, my copy of Peppermint continued to work smoothly.





Peppermint 8 -- The update manager

(full image size: 714kB, resolution: 1280x1024 pixels)



Conclusions



I think the Peppermint OS distribution has a lot going for it. The distribution provides users with several years of support along with many software packages, thanks to its Ubuntu LTS base. The distribution is fairly light, requiring relatively little RAM and the desktop was very responsive in my test environments. For someone looking for a light operating system with a classic desktop environment, Peppermint is a good choice and it is one of the reasons I tend to recommend the distribution to people trying to prolong the life of older computers.



I did run into a little trouble with one settings module and the default Chromium web browser. However, I was able to work around both of these issues. I installed Firefox and used a second display module and that sorted out my problems nicely.



Peppermint's main claim to fame is the way it mixes web-apps with native applications and whether you love the distribution or not will likely hinge on this feature. If you like the idea of running some applications on-line in a streamlined browser window, making them look and act like locally run programs, then Peppermint is ideal. The Ice launcher manager makes it easy to set up links to on-line resources and present them in a way that is nearly like a native application. On the other hand, if you wish to draw a distinct line between the programs you run locally and the on-line resources you access (the way most Linux distributions do) then Peppermint's main feature may not appeal.



Personally, while I am not a fan of web-apps in general, I do like Peppermint's minimal style. The distribution ships with a low-resource desktop and not many applications to clutter up its menu. This combination makes the operating system fairly attractive, even if I don't plan to use on-line image editors and games. * * * * * Hardware used in this review



My physical test equipment for this review was a desktop HP Pavilon p6 Series with the following specifications: Processor: Dual-core 2.8GHz AMD A4-3420 APU

Storage: 500GB Hitachi hard drive

Memory: 6GB of RAM

Networking: Realtek RTL8111 wired network card

Display: AMD Radeon HD 6410D video card * * * * * Visitor supplied rating



Peppermint OS has a visitor supplied average rating of: 9/10 from 275 review(s).

Have you used Peppermint OS? You can leave your own review of the project on our ratings page.





Miscellaneous News (by Jesse Smith)

New features coming to openSUSE, Tails fixes networking bug, Ubuntu 16.10 reaching EoL, the FSF certifies new hardware The release of openSUSE 42.3 is expected to be published around the end of July. " The next minor version of openSUSE Leap is version 42.3. The release is mostly a refresh and hardware enablement release that will include more than 10,000 packages coming from both community and enterprise developers. openSUSE Leap 42.3 is extremely stable and hardened because it shares source code from SUSE Linux Enterprise (SLE) 12 Service Pack (SP) 3. Leap also benefits from the bug fixes and maintenance of community developers and SUSE engineers. " The openSUSE team has put together a list of features which will be included in the new version. Some of the highlights include lockless TCP listener handling which will allow for faster and more scalable network servers. The systemd software will include the ability to limit the number of processes in a control group (cgroup), offering protection against runaway process forking and "fork bomb" attacks. Additional changes coming to openSUSE 42.3 can be found on the project's Features page. * * * * * Tails is a Debian-based distribution which connects users to the Internet via the Tor network for anonymous web browsing. Tails recently released an update, Tails 3.0.1, and some users have reported problems with the minor point release. " If you upgraded Tails 3.0 to 3.0.1 with an automatic upgrade you most likely are experiencing problems, one of the most serious being that Tor does not work which makes most Internet activity impossible. If you are affected you can repair your Tails 3.0.1 by doing a manual upgrade to 3.0.1. " Affected users can work around the issue by following the manual upgrade instructions. * * * * * Adam Conrad has sent out a reminder to people running Ubuntu 16.10 (code name "Yakkety Yak") that this version of Ubuntu is nearing the end of its supported life. People currently running Ubuntu 16.10 may wish to upgrade to version 17.04 or switch to a long term support (LTS) release such as Ubuntu 16.04. " Ubuntu announced its 16.10 (Yakkety Yak) release almost 9 months ago, on October 13, 2016. As a non-LTS release, 16.10 has a 9-month support cycle and, as such, the support period is now nearing its end and Ubuntu 16.10 will reach end of life on Thursday, July 20th. At that time, Ubuntu Security Notices will no longer include information or updated packages for Ubuntu 16.10. The supported upgrade path from Ubuntu 16.10 is via Ubuntu 17.04. " Upgrade instructions can be found on this Ubuntu community help page. * * * * * The Free Software Foundation (FSF) has announced the organization has added 15 new devices to the list of hardware that respects user privacy and freedom. The list of newly certified hardware items includes three laptops, a few docking stations, a Bluetooth device and a few wi-fi USB adapters. An announcement on the FSF's website states: " The Free Software Foundation (FSF) today awarded Respects Your Freedom (RYF) certification to fifteen devices from Technoethical (formerly Tehnoetic): the TET-N150HGA, the TET-N300, the TET-N300HGA, the TET-N300DB, the TET-N450DB, the TET-BT4, the TET-X200, the TET-X200T, the TET-X200S, the TET-T400, the TET-400S, the TET-T500, the TET-X200DOCK, the TET-T400DOCK, and the TET-D16. The RYF certification mark means that the products meet the FSF's standards in regard to users' freedom, control over the product, and privacy. " The Free Software Foundation's complete list of certified hardware can be found on the organization's Respects Your Freedom certified products page. * * * * * These and other news stories can be found on our Headlines page.





Tips and Tricks (by Jesse Smith)

Gathering system information with osquery



osquery is an interesting technology that has intrigued me for a while, though I have been slow to try out this cross-platform utility. The osquery software allows the user to query information about the host operating system, gathering data the same way we would pull information from a database. Put another way, osquery lets us treat the operating system like a set of database tables where we can write SQL queries to find out about the system's status.



The osquery documentation reports the utility runs on Windows, macOS, Linux (Ubuntu LTS versions and CentOS 6 & 7 are supported), and FreeBSD. I first tried running osquery on a FreeBSD server, but found the package for FreeBSD was unavailable at the time of writing. (There is a port of osquery for FreeBSD for people willing to compile the software.) Digging through the osquery Downloads page I found a generic Deb file which should work for most modern Linux distributions based on Debian. In my case, I successfully installed the generic osquery Deb package on a Debian 8 "Jessie" system. The software's source code is available under a BSD-style license and enterprising users may wish to try to compile osquery from its source.



The osquery software is divided into two main pieces, the client (osqueryi) and daemon (osqueryd). I chose to focus on the osqueryi client which is a command line program that interprets our questions and displays answers in simple tables of text. Before trying out osquery it will be very useful to be familiar with SQL-style database queries as that is the primary way we interact with the osquery software.



The osqueryi interpreter uses the same commands and syntax as the SQLite database software. We can run the ".schema" command to show a list of tables and fields osquery recognizes. We can then use these listed tables to form questions osquery can answer.



As an example, there is a table called etc_hosts which contains the hostname and IP address information found in the system's /etc/hosts file. To see a list of addresses and hostnames in our system's hosts file we can launch osqueryi and, at its prompt, run the query: SELECT * FROM etc_hosts; There is a table called users which contains information found in the operating system's password (/etc/passwd) file. To see a list of all system accounts (accounts with a user ID of less than 1,000) we can type the following into osqueryi: SELECT username FROM users WHERE uid < 1000; There are some more dynamic commands which osquery will recognize. For example, we can get MD5 fingerprints of any file our user can see on the system by accessing the hash table. SELECT md5 FROM hash WHERE path='/etc/passwd'; If we want to know what version of which operating system osquery is running on we can check the os_version table: SELECT * FROM os_version; There is a processes table that will show us the same information available through the top and ps commands. In this next example, I list all programs being run by my user (UID 1000) which are running with a reduced priority, or "nice" value. SELECT pid, cmdline FROM processes WHERE uid=1000 AND nice > 0 If I wanted to know how long my computer had been on-line, I could check this with another query: SELECT days, hours, minutes, seconds FROM uptime; There are lots of additional tables which will return all kinds of information about what the system, and its processes, are doing. A full list of tables and fields can be found in the osquery documentation.



At this point some people may be thinking that these potential queries are all very well, but why use osquery when there are already well established command line programs which can be used to gather the same information? Why use osquery to get uptime or a list of running processes on the system when we could just use the uptime and ps commands? There are two good reasons I have found so far for using osquery rather than the standard set of Linux/BSD command line tools.



The first is that osquery provides a standard interface across multiple platforms. The available command line programs vary a little across operating systems and we cannot use the exact same commands on Windows, macOS, FreeBSD and GNU/Linux. The osquery software provides us with a set of tables and SQL queries which should work exactly the same across each supported operating system. This makes osquery a great information gathering tool in mixed environments.



The second and, for me at least, more compelling reason to use osquery is it allows the user to run complex queries, linking together separate pieces of data which would be difficult to gather with a simple shell command. The examples I used above have simple command line shell equivalents, however if we want to gather more complex information, osquery's SQL syntax makes it fairly easy for us to put together separate groups of data.



In the following example, I look up a list of programs running on my computer which are listening for network connections, or acting like network services. This information is gathered from the process_open_sockets table. Then I compare that list of programs with all the running programs from the processes table, which includes information on who is running each program. In the end, I get back a list of running programs that are acting as network services on my computer, along with which network port is being used and which user is running the program. In short, I can see not only what programs are acting as network services, but who is running them, opening potential security holes. SELECT port.pid, port.local_port, p.uid, p.cmdline FROM process_open_sockets port, processes p WHERE port.local_port > 0 AND port.pid = p.pid; Once again, this query should work the same way, regardless of which operating system it is run on, making osquery a very flexible information gathering tool. Earlier I mentioned there is a background daemon (osqueryd) which allows us to schedule queries. This enables us to set up automated reports that can check who is using a computer, what programs they are running and even if the digital fingerprint of a file has changed.



One of the few limitations I have run into while using osquery is the software will not alter the underlying operating system. This is, usually, a welcome security feature, but it means I am unable to update my hosts file or a user's information from within the query tool. This is probably for the best as it would otherwise open a potentially large security hole.



The osquery software presents its users with a wide range of tables for gathering, sorting and combining information. And, while these same functions could probably be duplicated with shell scripts, they would not be as cross-platform as what osquery provides. I also like that osquery uses established SQL syntax to present information as this makes the queries we write relatively short and recognizable to anyone who has worked with databases. This is definitely an administrative tool worth looking into. * * * * * More tips can be found in our Tips and Tricks archive.





Released Last Week

Rockstor 3.9.1



Suman Chakravartula has announced the release of Rockstor 3.9.1, an updated build of the project's CentOS-based Linux distribution designed specifically for Network-Attached Storage (NAS) or private cloud storage scenarios: " Rockstor 3.9.1 is now available. Six contributors have come together to close 30+ issues, including major feature updates and bug fixes to make this update happen. Disk encryption with LUKS is the biggest feature we've added and something the community has been wanting for a while. We've also added support for scheduling power management and jumbo frames, just to name a few. This update also comes with a 4.10 kernel from 'elrepo' and a btrfs-progs update from the Btrfs community. For new installs, we created a brand new 3.9.1 ISO image. Please purchase a subscription for Stable updates subscription after install and enjoy these benefits. Stable update subscribers can update from the UI as usual. Here's the list of issues we closed in this issue: support full disk LUKS; schedule power down/up of the system; graceful shutdown with cron job; UI Shares view incorrect sort on size.... " Here is the full release announcement as published on the project's weblog.



Proxmox 5.0 "Virtual Environment"



Proxmox Virtual Environment (VE) is a Debian-based commercial distribution for running containers and virtual appliances. The Proxmox company has announced the release of a new version of the distribution which is based on Debian 9 "Stretch". " We are very happy to announce the final release of our Proxmox VE 5.0 - based on the great Debian 9 (codename 'Stretch') and a Linux Kernel 4.10. Replicas provide asynchronous data replication between two or multiple nodes in a cluster, thus minimizing data loss in case of failure. For all organizations using local storage the Proxmox replication feature is a great option to increase data redundancy for high I/Os avoiding the need of complex shared or distributed storage configurations. With Proxmox VE 5.0 Ceph RBD becomes the de-facto standard for distributed storage. Packaging is now done by the Proxmox team. The Ceph Luminous is not yet production ready but already available for testing. If you use Ceph, follow the recommendations below. We also have a simplified procedure for disk import from different hypervisors. You can now easily import disks from VMware, Hyper-V, or other hypervisors via a new command line tool called 'qm importdisk. Other new features are the live migration with local storage via QEMU, added USB und Host PCI address visibility in the GUI, bulk actions and filtering options in the GUI and an optimized NoVNC console. " Additional information can be found in the company's release announcement.



SharkLinux 2017.07



The SharkLinux project produces a distribution based on Ubuntu and offers frequently updated installation media. The SharkLinux project as announced the release of a new snapshot, built on July 5, 2017. The new build offers improved hardware support through Ubuntu's Hardware Enablement (HWE) kernel, fixes for secure shell key generation and a slimmer default install of LibreOffice: " After a hiatus SharkLinux is releasing a new ISO build introducing several changes of significance. While normally an update to the ISO occurs each week, this will be the first update since mid June as builds were halted until several changes were completed and passed testing. Some of the most notable changes since June's build: Base System no longer supporting 4.4.* Generic kernel and will now be including Ubuntu-HWE-Edge series 4.10.* as the default. Mainline builds are still made available starting from 4.8* to most recent build. Finally offline installs are no longer required. The install media will no longer disable Internet connectivity when the install is started. Now using whiskermenu's 1.7.2 version instead of 1.5.1. Tooltips now show description of application on hover. Slight menu changes although nothing too significant. All configurations remain open to customization. Power/boot options relocated from the menu to the panel. Labeling is more clear with the icon clearly that of an on/off icon, with the location being next to the clock in the bottom right corner of the screen. LibreOffice no longer ships full suite. Base system now ships with word processor and spreadsheet by default with an option to install the remaining applications via dedicated cloud repo. " Additional changes can be found in the project's release announcement.



Pardus 17.0



Pardus is a Turkish desktop distribution based on Debian. The Pardus project has announced the release of Pardus 17.0 which features the Xfce 4.12 desktop environment and version 4.9 of the Linux kernel. Applications such as Firefox 52.2 and LibreOffice 5.2 are also included. An English translation of the project's release announcement reads: Enjoy the most up-to-date and stable versions of software such as Firefox, LibreOffice, Thunderbird, and VLC Media Player while your hardware works smoothly and with high performance in the Pardus operating system that comes with Linux kernel 4.9.0. See the impact of power management on battery life on laptop computers thanks to the integration of these software as well as tlp software into Pardus. " Further information on the software available in Pardus 17.0 can be found in the project's release notes.





Pardus 17.0 -- Running Xfce

(full mage size: 237kB, resolution: 1920x1200 pixels)

* * * * * Development, unannounced and minor bug-fix releases

Bluestar Linux 4.11.7

Raspbian 2017-07-05

Tails 3.0.1

SmartOS 20170706

Container 1409.6.0

OpenMediaVault 3.0.82

SparkyLinux 4.6.1

Antergos 17.7

FreeBSD 11.1-RC2 (Announcement)

Torrent Corner

Upcoming Releases and Announcements

Opinion Poll

Running Debian Stable on laptop and desktop computers



One of our readers suggested the following poll concerning running Debian Stable and repository usage on desktop and laptop computers.



I am very curious about usage patterns among those who use Debian Stable on the desktop/laptop, i.e. excluding servers and enterprise. Those of you who run Debian Stable on your desktops, workstations and laptops, do you use Debian's Stable repositories exclusively? Do you install software from other Debian repositories, use third-party repositories or even compile software from source code? Feel free to share where you get your Debian software in the comments.



You can see the results of our previous poll on single purpose, single platform projects in last week's edition. All previous poll results can be found in our poll archives.



Installing software on Debian Stable



I use official Debian Stable repos only: 243 (11%) I use official Debian Stable repos and Backports only: 265 (12%) I pin at least one app from Testing/Sid/Experimental: 37 (2%) I install at least one app from a third-party repo: 151 (7%) I install at least one package from a third-party website: 92 (4%) I install at least one application from source: 28 (1%) I install at least one Flatpak/Snap/AppImage: 17 (1%) I have done at least two of items 3-7: 269 (12%) I run a Debian flavour other than Stable: 283 (13%) I do not run Debian: 865 (38%)

DistroWatch.com News