DistroWatch Weekly, Issue 846, 23 December 2019

Feature Story (by Jesse Smith)

NomadBSD 1.3 It has been about a year since I last tried NomadBSD, a live operating system based on FreeBSD that is meant to be run primarily from a thumb drive. With the new 1.3 release having just come out, I decided it was time to give the project another test drive. The NomadBSD website describes the operating system as follows: NomadBSD is a persistent live system for USB flash drives, based on FreeBSD. Together with automatic hardware detection and setup, it is configured to be used as a desktop system that works out of the box, but can also be used for data recovery, for educational purposes, or to test FreeBSD's hardware compatibility. Version 1.3 of NomadBSD is based on FreeBSD 12.1 and reportedly supports being installed on both UFS and ZFS filesystems and the installed system now uses MBR instead of GPT disk layouts. The operating system is available in 32-bit (x86) and 64-bit (x86_64) builds. We can download a compressed image of NomadBSD which is about 2.2GB. When this archive is unpacked the resulting image file is 3.8GB in size. This image can be written to a thumb drive or other portable storage.



Early impressions



Since NomadBSD appears to be designed to primarily run as a live operating system, I spent most of my time exploring and using this system by running it from a thumb drive. Later on I also installed it locally, but for now let's look at how the project performs when running on a USB drive.



Nomad boots to a graphical desktop environment. A window immediate opens and asks us a few configuration questions. We are asked to select our current region and language from a list. We are then asked to pick our keyboard's layout from another list and this option window includes a text box where we can test that our keyboard is working properly. We are then asked to pick our time zone from another list and make up a password for administrative functions.





NomadBSD 1.3 -- The default desktop and application menu

(full image size: 1.0MB, resolution: 1280x1024 pixels)



There are a few more questions. We are given the option of enabling encryption on the home directory on the thumb drive. We can also pick a custom command line shell (bash, csh, fish and zsh are available). We may also select our preferred text editor and file manager from two short lists of options. Once these steps have been completed the setup wizard sets up a persistent storage area on the thumb drive and reboots the computer.



When the operating system comes back on-line we are brought directly to a graphical environment powered by Openbox with the Tint2 panel. At the top of the screen is a thin panel which hosts the task switcher and system tray. The dock at the bottom of the desktop acts as a launch bar for popular applications. We can right-click on the desktop to open an application menu. I would have liked to have also had an application menu available on the top panel, but right-clicking on the desktop worked well enough.



The Openbox environment is pleasantly lightweight, distraction free and responsive. I found it pretty easy to navigate and find what I needed and the experience was pleasantly smooth. Usually I don't like having a macOS-style launch bar on the screen as they tend to take up a lot of screen space or get hidden behind windows. On Nomad I found the launch bar worked well, staying in sight and not getting in the way too much.



Included applications



I was expecting Nomad to ship with a fairly minimal offering of desktop applications, but there is a well rounded collection of software in the application menu. We are given copies of Firefox, the FileZilla file transfer application, and LibreOffice. The qdfview document viewer is included along with the HexChat and Pidgin messaging applications. The Mirage image viewer, the GNU Image Manipulation Program, and XSane scanner tool are included.





NomadBSD 1.3 -- Browsing Firefox extensions

(full image size: 141kB, resolution: 1280x1024 pixels)



Along with a full range of audio and video codecs, Nomad offers us the VLC and mpv media players. The Audacity sound editor is included along with the DeadBeef player and Asunder CD Ripper. The Xfburn disc burning software is available too.



Nomad includes a few other useful items such as a brief handbook on how to use, install, and enable networking with NomadBSD. The Clang compiler is installed for us. In the background we find all of the FreeBSD 12.1 userland tools, manual pages, and the FreeBSD kernel.



In the application menu there are a handful of settings modules which will help us adjust the look and style of the desktop. There are not a lot of these tools, just enough to change the display resolution, theme, background and network settings.





NomadBSD 1.3 -- Changing the desktop theme

(full image size: 836kB, resolution: 1280x1024 pixels)



By default we login and run programs as a user called "nomad". To run programs as the administrator we can prefix commands with sudo.



Hardware



I began testing Nomad in a VirtualBox environment. The operating system ran smoothly in VirtualBox, offering good performance and an overall good experience. At first the screen resolution was low, but this could be fixed in one of Nomad's settings modules.



Later I tried Nomad on a laptop computer and had similarly good results. The system was fast and ran smoothly. However, Nomad was unable to detect my laptop's wireless card which introduced a barrier to getting on-line.



The operating system was relatively light on memory, using about 204MB of Active memory and 276MB of Wired RAM. The operating system used about 3.5GB of disk space





NomadBSD 1.3 -- The NomadBSD handbook

(full image size: 168kB, resolution: 1280x1024 pixels)



Installing



Should we wish to install Nomad there is an entry in the application menu called NomadBSD Installer. This launcher opens a graphical program that guides us through the few simple steps required to get NomadBSD installed on our local hard drive.



The installer asks us which hard drive it is allowed to take over. We should be careful here as the installer uses the entire disk and will destroy existing partitions. We are then asked whether Nomad should use the UFS or ZFS, an advanced filesystem. We can then make up a username for ourselves and decide how big our installed system's swap space will be. The installer then confirms our choices (twice) and copies its files to the hard drive. The installer copies any files or directories we have created in the live session too, effectively transferring our live user account to the installed copy of the operating system. When the installer has finished its work it offers to restart the computer.



After Nomad has been installed, the new copy of the operating system boots to a graphical login screen. Here I ran into a problem, namely I could not sign into my account using the username I'd specified at install time. I also couldn't sign in using the account name "nomad" which had worked on the live session.



I ended up switching over to a text console where I discovered a few things. First, I could sign into the "nomad" account and the root account from the text console, the "nomad" account just did not sign in from the graphical login screen. Once I had signed into a text console I could run the startx program to get a working desktop environment. There was no sign of the user I had created at install time in the /etc/passwd file.



Apart from the issue with the login screen, running Nomad from the hard drive was virtually identical to running it from a thumb drive. The hard drive just has more space and tended to offer slightly better performance. However, the functionality, programs, and settings remain the same.



One issue I noticed was that, at install time, I had asked the installer to set up Nomad on a ZFS volume. However, the operating system was installed on a UFS filesystem.



Software management



Whether we are running NomadBSD from a thumb drive or installed on the computer locally, we have two package management options. The first is the graphical package manager which is called Octopkg. The Octopkg front-end is fairly simple in its design. It has toggle buttons at the top of the window which let us switch between viewing locally installed packages and packages available in the repository. We can scroll through this massive list of packages or search for items using keywords. Packages can be queued for installation or removal by clicking on them.





NomadBSD 1.3 -- Using Octopkg to browse available software

(full image size: 455kB, resolution: 1280x1024 pixels)



Octopkg can also check for software upgrades and download new versions of packages. I tested Octopkg a few times and it worked well. The interface is not modern and not particularly friendly compared to some other software managers, but it gets the job done and works quickly.



Our second option is to use the pkg command line package manager. The pkg command works much the same way DNF and APT tools work on Linux distributions. I find pkg to be fast and I like its syntax.



During second upgrade of the week ran into an error with Octopkg where it failed to update an installed package. It turned out there was an underlying pkg error was happening due to a file not being cleaned up properly during the upgrade. So issue was with the package not Octopkg itself.



Conclusions



I was pleasantly taken with how well NomadBSD performs and how easy it is to use. There are not a lot of "plug it in and go" solutions in the BSD communities and NomadBSD is providing a great live environment, with lots of useful desktop software, and polished configuration tools. The operating system runs quickly, it has enough included software to be useful in several scenarios without cluttering the application menu, and it supports a wide range of languages.



The best feature though is easily the persistence built into Nomad's live mode, which allows us to install new software, create files, and change settings which will survive across reboots.



Also, I don't get to say this enough, but it is very nice to see an operating system ship with both on-line and off-line copies of its documentation. The Nomad handbook covers some basic tips on getting on-line, installing the operating system, and performing a few other common tasks.



I encountered only two serious issues while using NomadBSD. The first was the operating system could not use my laptop's wireless card. Everything else worked beautifully, but FreeBSD's support for wireless networking is not up to par yet with Linux. I also found some settings, like my username and which filesystem to use, did not take effect when I installed the operating system locally. When run from the thumb drive everything went smoothly, but a few things went wrong when getting the operating system on my hard drive.



In general, I liked NomadBSD a lot. The project makes it very easy to test drive FreeBSD with new hardware. It has defaults I like and some good documentation. I'm hoping future releases will polish the installer a little more and maybe include more wireless drivers and firmware. Otherwise I have no complaints. This is a great tool for testing a computer for FreeBSD compatibility and browsing or rescuing data. * * * * * Hardware used in this review



My physical test equipment for this review was a de-branded HP laptop with the following specifications: Processor: Intel i3 2.5GHz CPU

Display: Intel integrated video

Storage: Western Digital 700GB hard drive

Memory: 6GB of RAM

Wired network device: Realtek RTL8101E/RTL8102E PCI Express Fast

Wireless network device: Realtek RTL8188EE Wireless network card * * * * * Visitor supplied rating



NomadBSD has a visitor supplied average rating of: 7.8/10 from 32 review(s).

Have you used NomadBSD? You can leave your own review of the project on our ratings page.





Miscellaneous News (by Jesse Smith)

Tails publishes boot fix for Mac hardware, Arch upgrade requires user intervention, Purism introduces freedom-supporting servers The Tails project provides a live, Debian-based distribution which assists the user in communicating and browsing the Web anonymously. The project has released a minor update, Tails 4.1.1, which fixes a boot issue on some hardware. Users who are able to boot Tails 4.1 need not upgrade. " This release fixes a problem when starting Tails 4.1 on some Mac computers. If Tails 4.1 starts successfully on your computer, you do not have to upgrade to Tails 4.1.1. " Additional details can be found in the project's changelog. * * * * * The Arch Linux team have published an advisory, letting people know that a recent package upgrade will require manual intervention on the part of the user. People running Arch, and Arch-based distributions, should read the advisory for instructions before upgrading X.Org related packages. * * * * * Purism is a company perhaps best known for selling open hardware laptops which can be used with entirely free software Linux distributions. The company has also captured attention over the past two years with its plans for the Librem 5 smartphone which runs GNU/Linux distributions and a custom, GNOME-based interface. The company is continuing to expand, this time entering the server market. The Librem Server line will ship with a secure boot process and remove non-free or non-accessible components, such as the Intel Management Engine. " Purism has taken some of the best off-the-shelf server hardware and made it better with Pureboot, Purism's complete secured boot process with a neutralized and disabled Intel Management Engine, coreboot BIOS replacement and BIOS, kernel and boot tamper detection. " Additional details on the company's server hardware can be found in their announcement. * * * * * These and other news stories can be found on our Headlines page.





Questions and Answers (by Jesse Smith)

Hiding and protecting files with a password Keeping-files-out-of-view asks: How can I hide files on my computer behind a password? Like if someone gets access to my computer how can I prevent him from being able to read my files?



DistroWatch answers: First, before we dive into how to protect your files from prying eyes, I'd like to clarify something. Usually when people talk about "hidden files" or "hiding files" they are referring to making a change to a file's name or attributes which causes it not to show up in regular directory listings. On Linux distributions, and other operating systems in the Unix family, this is accomplished by making the first character in a file's name a period.



Making a file hidden in this way does nothing to secure it, but does make the output of directory listings less cluttered. This can be useful when dealing with file transfer tools and file managers as hidden configuration files are typically not shown, letting us focus on our important data files.



The above question though is not about hiding a file from a directory listing, but protecting files from being discovered and read by someone who has access to the operating system. In this case what we want to use is password protected encryption. Encryption will allow us to hide the contents and, typically, the names of files on our hard drive. Only people who know (or can guess) the password will be able to look through our files.



There are two distinct routes we can take to encrypt our files, depending on what kind of scenario we are trying to guard against. The first approach encrypts your partition's filesystem, which protects your data if your computer is stolen. The thief will need your partition's encryption password to look at your files. However, if you are less worried about someone stealing your computer and more worried about someone who has legitimate access to your machine looking through your files, perhaps when you forget to logout, then you will want to use an encrypted file vault.



Setting up an encrypted partition is usually very straight forward. Most mainstream Linux distributions have an option in their installer where we can check a box to enable an encrypted filesystem on any or all partitions. Then all we need to do is make up a password and our data is secure against the computer (or hard drive) being stolen. This makes partition encryption easy to use.



There are three main drawbacks to partition encryption. The first is it means that every time our system mounts the partition (usually at boot time) we need to type in our encryption password. This is inconvenient and slows down the boot process. The second potential problem is it is much easier to enable encryption during install time than it is to add encryption to a partition later. It is possible to created a new encrypted partition after your operating system has been installed and we have covered how to do this in a previous column. The third issue is the encrypted partition is almost always mounted when the computer boots. This means that while you are using the machine, other people who have access to it (possibly remotely or who are in the same room) may be able to see and access your files. Encrypted partitions guard against theft, when the computer is off-line or will be restarted, but not against attacks when the other person has access to your running machine.



To protect your data from people who also have access to your computer you can use an encrypted file vault. Basically a vault is a file or area of your hard drive that acts like a separate storage container or partition. The contents are encrypted and can be temporarily accessed when needed. This means most of the time the data stays encrypted and out of sight. You only need to supply your password and make the files visible for short periods of time.



There are a number of desktop applications which facilitate working with encrypted vaults. Two easy ones to use are the GNOME Encfs Manager and KDE Plasma Vault, the latter is available automatically in modern versions of the Plasma desktop. Both of these tools are easy to set up and make temporarily revealing and working with files hidden inside an encrypted space virtually seamless.



Using file vaults has a few benefits. One is that, as long as you remember to close the vault when it is not in use, even people with physical access to your computer while it is running will not see your secret files. Using a vault also means you do not need to enter your encryption password each time the computer boots. There are a few downsides though. Using a vault means the rest of your operating system is not encrypted so people will be able to peek at your non-secret files. Usually this is not a problem, but it does leave the system and your normal files more exposed. The other issue is, after the initial time you supply a partition's encryption password, accessing all the files on that partition is seamless. The operating system automatically treats files as though they were unencrypted for you. However, with a vault you need to unlock the vault with your password every time you want to access it.



Of course you could use both forms of encryption, giving a layer of protection to all of your files via partition encryption, and a second layer of encryption to your really secret files by placing them in a vault. Most people probably do not need this much security, but both types of encryption will work together.



One final suggestion I have is to consider how you are going to backup your encrypted files. Anything important enough to encrypt is probably also important enough to warrant a backup copy. You may want to make sure the backup is also secret somehow, either in a physical safe, or on another encrypted external disk. You don't want your second copy to be easier for other people to access than the one on your main computer. * * * * * Additional answers can be found in our Questions and Answers archive.





Released Last Week

4MLinux 31.0



Zbigniew Konojacki has announced the release of 4MLinux 31.0, a new stable version of the project's minimalist distribution with focus on four capabilities: maintenance (as a system rescue live CD), multimedia (for playing video DVDs and other multimedia files), mini-server (using the inetd daemon) and mystery (providing several small Linux games). This is the distribution's first release without the i686 flavour: " 4MLinux 31.0 STABLE released. This is a milestone release due to the fact that 4MLinux has finally dropped 32-bit support. It is now a fully 64-bit operating system. For this reason one must perform a fresh installation. There are two editions available for download - desktop and desktop with LAMP server. If you need a pure server environment (i.e. without desktop), you can try an official 4MLinux fork called TheSSS which is only about 120MB in size. " The release comes with Linux kernel 4.19.86, LibreOffice 6.3.4, AbiWord 3.0.2, GIMP 2.10.14, Gnumeric 1.12.44, DropBox ‬85.4.155,‭ Firefox 71.0, Chromium ‬78.0.3904.108,‭ Thunderbird 68.3.0, Audacious 3.10.1, VLC 3.0.8 and many popular server packages and development tools. See the complete release announcement for more information and a screenshot of the default desktop.



Linux Mint 19.3



The Linux Mint team has published an update to the project's 19.x series, which is based on Ubuntu 18.04 LTS. The distribution's newest release is Linux Mint 19.3 which is available in three editions (Cinnamon, MATE, and Xfce). One of the big new features in this release is proactive System Reports which will notify the user of potential problems. " You'll notice something new in your system tray after you install Linux Mint 19.3. A little warning icon tries to catch your attention and indicates there are a few things for you to review. In the past, we worked on improving documentation (such as the installation guide) and the welcome you get when you first log in (the first steps section of the Welcome Screen for instance). In Linux Mint 19.3, we're going a step further and we're trying to detect potential issues in your computer. If you're missing a language package, a multimedia codec, if a hardware driver or a new version of Linux Mint is available, this little icon will let you know and provide solutions. " Further details can be found in the release announcements (Cinnamon, MATE, Xfce).





Linux Mint 19.3 -- Running the Cinnamon desktop

(full image size: 304kB, resolution: 1920x1080 pixels)



Peppermint OS 10-20191210



Peppermint OS is a lightweight, desktop distribution based on packages from Ubuntu which merges components of the Xfce and LXDE desktop environments. Peppermint OS also tries to integrate web-based applications into the desktop, using site-specific browsers, and local programs. The project's latest release is an update to its existing version 10, offering new packages and updated hardware support. " Team Peppermint are pleased to announce Peppermint 10 Respin (20191210), the latest iteration of our operating system. Based on the 18.04 LTS (long-term support) code base, Peppermint 10 Respin still comes in both 64bit and 32bit flavours so older hardware is still supported. We hope you enjoy using it half as much as we did putting it together. Peppermint 10 Respin main changes: all 18.04 base updates to 10 December 2019, including the 5.0 kernel and HWE X.Org stack, Firefox 71; added a cursor resize utility to the settings panel; added a web browser manager GUI utility to aid with the installation and removal of some of the more common web browsers; reverted to an earlier Xenial version of pulseadio-equalizer; added a Peppermint 6 (LXDE) style xfpanel-switch profile which swaps out the Whisker menu for an old-school hierarchical menu. " Additional details can be found in the project's release announcement.



Emmabuntüs DE2-1.06



Emmabuntüs is a lightweight, Debian-based distribution designed to run on older computers. The project has published a new update to its Debian 9 "Stretch" branch, Emmabuntüs DE2-1.06. The new release offers several package updates from Debian 9 repositories along with many fixes. " This Debian Edition 2-1.06 version includes the following fixes and enhancements: Based on Debian 9.11 Stretch. Added utilities: Orage, NdisGTK. Added some French soundtracks for KTuberling. Added OpenBoard. Added open-vm-tools-desktop. Removed Minitube. Improved settings and Emmabuntüs tools windows. Improved explanations of post-installation configuration options. Fixed non-free firmware support during installation. Fixed country and keyboard selection windows during installation. Fixed security issues. Fixed information icons when updating packages for Revival-blue and Moka themes. Fixed XScreenSaver slideshow launch. Fixed network share via Samba. Updates of HPLip 3.19.11, TurboPrint 2.49-1, Teamviewer 14.5.1691, Firefox ESR 68.3.0. " Additional details can be found in the project's release announcement.



Alpine Linux 3.11.0



Alpine Linux is a community developed operating system designed for routers, firewalls, VPNs, VoIP boxes and servers. The C library used is musl and the base tools are all provided by BusyBox. The project's latest version is Alpine Linux 3.11.0. It features a new kernel and initial support for installing the GNOME and KDE Plasma desktops. Most Python 2 packages have been removed. " We are pleased to announce the release of Alpine Linux 3.11.0, the first in the v3.11 stable series. New features and noteworthy new packages: Linux 5.4 kernel (linux-lts). Support for Raspberry Pi 4 (aarch64 and armv7). Initial GNOME and KDE support. Support for Vulkan. MinGW-w64 and DXVK support. Rust is available on all architectures except s390x Significant updates: Linux 5.4.5, GCC 9.2.0, Busybox 1.31.1, musl libc 1.1.24, LLVM 9.0.0, Go 1.13.4, Python 3.8.0, Perl 5.30.1, Postgresql 12.1, Rust 1.39.0, Crystal 0.31.1, Erlang 22.1, Zabbix 4.4.3, Nextcloud 17.0.2, Git 2.24.1, Xen 4.13.0, Qemu 4.2.0. " Further details can be found in the distribution's release announcement.



NuTyX 11.3



NuTyX is a French Linux distribution (with multi-language support) built from Linux From Scratch and Beyond Linux From Scratch, with a custom package manager called "cards". The project's latest release, NuTyX 11.3, features several package updates, including new versions of Firefox, Falkon, KDE Plasma, and the MATE desktop. " NuTyX 11.3 available with cards 2.4.108: I'm very pleased to announce the new NuTyX 11.3 release. The 64-bit version contains about 850 package upgrades. The 32-bit version of NuTyX is still actively supported. In the newest release, base NuTyX comes with the Long-Term Support (LTS) kernel 4.19.90 (4.9.206 for the 32-bit version). For 64-bit systems, the kernel release 5.4.4 is also available. The GNU C library, glibc, is now glibc 2.30. The graphical server is xorg-server 1.20.6. The mesa lib is 19.2.7, GTK3 is 3.24.13, and Qt has been updated to 5.13.2. Python interpreters 3.7.4 and 2.7.17 have been included in this release.The MATE desktop environment comes in 1.22.2, the latest version. The KDE Plasma desktop is now 5.17.4, the Framework is now 5.64.0 and applications are now 19.12.0. " Additional details can be found on the NutyX news page.



SUSE Linux Enterprise 12 SP5



Raj Meel has announced the availability of the fifth service pack for SUSE Linux Enterprise 12, the current legacy branch of the company's commercial, enterprise-class distribution with long-term support for over 10 years. " SUSE Linux Enterprise 12 Service Pack 5 is now generally available. This release consolidates all the fixes and updates that were introduced since SUSE Linux Enterprise 12 Service Pack 4. As you know, SUSE Linux Enterprise service packs are released on a yearly cadence. Service Pack 5 is the next service pack since the release of Service Pack 4 in Dec 2018. In addition, Service Pack 5 is also the last service pack for SUSE Linux Enterprise 12 release. With the release of SUSE Linux Enterprise 12 Service Pack 5 on December 9th, general support for SUSE Linux Enterprise 12 Service Pack 4 will end on June 30th, 2020. Customers wishing to maintain support of their SUSE Linux Enterprise 12 Service Pack 4 installations after June 30, 2020 can continue support through the purchase of Long Term Service Pack Support. " Further detaisl can be found in the company's release announcement and in the release notes. * * * * * Development, unannounced and minor bug-fix releases

PCLinuxOS 2019.12

Absolute Linux 20191216

Tails 4.1.1

SmartOS 20191219

KDE neon 20191219

Volumio 2.692

AUSTRUMI 4.1.3

ArcoLinux 19.12.16

EasyOS 2.1.11

LinuxConsole 2019

Torrent Corner

Upcoming Releases and Announcements

Opinion Poll (by Jesse Smith)

Disk encryption and file vaults In our Questions and Answers article we talked about a few ways to keep files private and protected by a password. One approach uses a file vault, a way to hide files, even from the user, when the data is not being accessed. The other approach uses encryption to hide the contents of a hard drive or partition, handy for keeping data out of the eyes of people who have physical access to the computer. We would like to hear whether you use either of these approaches, or maybe both together? Let us know which file vault and encryption tools you like to use in the comments.



You can see the results of our previous poll on install media and methods in last week's edition. All previous poll results can be found in our poll archives.



Disk encryption and file vaults



I use disk/partition encryption: 289 (22%) I use a file vault: 117 (9%) I use another form of encryption: 68 (5%) I hide files without encryption: 47 (4%) I use a combination of the above options: 131 (10%) I use none of the above options: 663 (50%)