DistroWatch Weekly, Issue 654, 28 March 2016

Feature Story (by Jesse Smith)

PCLinuxOS 2016.03 "MATE"



PCLinuxOS is a rolling release distribution which was originally forked from Mandriva. Though its roots are in Mandriva, PCLinuxOS is currently maintained as an independent distribution. The project is unusual in two regards. First, PCLinuxOS has a relatively conservative approach for a rolling release distribution. PCLinuxOS maintains desktops with classic layouts, still uses the SysV init software while most Linux-based systems have moved to systemd, and PCLinuxOS tends to have a stronger emphasis on stability than other distributions which employ the rolling release model. The second feature that sets PCLinuxOS apart is that it uses RPM packages with Debian's APT package management tools, an uncommon combination.



At the beginning of March, the PCLinuxOS project published snapshots, one of which was for the MATE Community edition. So far as I could tell, the MATE snapshot was only available for the 64-bit x86 architecture. The ISO I downloaded was 785MB in size and it functions as both a live CD and as installation media for PCLinuxOS.



Booting from the live disc brings up a menu asking if we would like to load the MATE desktop, boot to a command line or run the distribution's system installer. Taking the desktop option brings up a graphical window where we are asked to select our keyboard's layout from a list. With our selection made, the system presents us with the MATE desktop. The desktop has a vibrant blue background and we find an application menu, task switcher and system tray at the bottom of the display. The application menu is laid out in a classic tree structure. On the desktop we find icons for browsing the file system, accessing documentation and launching the PCLinuxOS system installer. Clicking the documentation icon opens the Firefox web browser and displays a local page which explains how to use the distribution's system installer with screen shots of each step in the process. Shortly after the MATE desktop loads, a window appears and provides us with a list of user names and passwords for the accounts on the live disc. This can be helpful if we need to run a program with root access.





PCLinuxOS 2016.03 -- Configuring the look of the MATE desktop

(full image size: 412kB, resolution: 1280x1024 pixels)



PCLinuxOS features a graphical system installer that begins with a disk partitioning screen. The partition manager supports guided and manual partitioning. Opting to manually manage the disk ourselves gives us the ability to work with ext2/3/4, Btrfs, JFS and XFS partitions along with LVM volumes. The partition manager has a friendly interface and I found it easy to navigate its options. Initially I tried to set up PCLinuxOS on a Btrfs volume and a message appeared, letting me know additional packages would need to be downloaded in order to set up the Btrfs volume. A few seconds later, a second message appeared and let me know the required Btrfs packages could not be found and I would need to work with a different file system. My second choice in file systems was ext4 and the partition manager set up the ext4 partition without any problems. Once we have finished with the partition manager, we are given the chance to remove software packages that will not be required, such as unused video card drivers. The system installer then copies its files to our hard drive. Once all the necessary packages have been installed, we are asked if we would like to install the GRUB2, GRUB Legacy or LILO boot loader and we can optionally set a password on our boot loader. I decided to use GRUB Legacy for my installation. When the installer is finished, we reboot the system and are presented with a graphical configuration wizard.



The configuration wizard asks us to select our time zone from a list and gives us the option of enabling network time synchronization. We are then asked to make up a password for the system's root account and create a user account for ourselves. When the wizard has run out of questions for us we are brought to a graphical login screen where we can sign into our newly created account.





PCLinuxOS 2016.03 -- Accessing MATE's documentation

(full image size: 323kB, resolution: 1280x1024 pixels)



Once we get signed into our account, we are brought back to the MATE desktop. The interface is fairly quiet, content to stay out of the way and let us discover things on our own. There is an icon in the system tray which notifies us when new software updates are available. One thing I appreciate about PCLinuxOS is that the update notification program waits until we have been logged in for five minutes before it checks for updated packages. This helps to prevent the system from getting bogged down when we login. We can change the length of this initial pause and the interval between checks for new packages by right-clicking the update icon and selecting "Configuration window". Right-clicking the notification icon also gives us the option of launching the Synaptic package manager which will help us install software updates.



Synaptic is both the update manager and general purpose package manager for PCLinuxOS. The application enables us to search for packages by name and to organize the distribution's list of available software using a number of filters. We can add, remove or upgrade software by clicking a box next to a listed package. Synaptic performs its installation and removal actions in batches, locking its interface while it is working.





PCLinuxOS 2016.03 -- The Synaptic package manager

(full image size: 383kB, resolution: 1280x1024 pixels)



I found Synaptic worked quickly and generally worked well. The one issue I ran into came about when I discovered that just because the software update notification program was aware of new packages in the distribution's repositories it did not mean Synaptic's software information was up to date. For example, the first day I was running PCLinuxOS, the update notification program let me know there were 62 software updates waiting. When I opened Synaptic, the package manager informed me just 17 packages were waiting in the PCLinuxOS repositories. I had to manually refresh Synaptic's package list before it was able to download and install the waiting software updates.



On the topic of software, PCLinuxOS ships with quite a collection of useful programs. Browsing the application menu we find the Firefox web browser with Flash support. We also find copies of the Pidgin instant messenger application and the qBittorrent client. The Thunderbird e-mail application is included along with the Atril document viewer. KeePassX is available to guard our passwords and PCLinuxOS ships with a calculator, dictionary, text editor and simple image viewer. The GNU Image Manipulation Program is included too. The Clementine music player and the VLC media player are included and the distribution ships with a full array of media codecs. We also find SimpleBurn, a disc burning and copying application. PCLinuxOS offers us the Vokoscreen Recorder for making videos of our desktop. The Caja file manager is featured along with a program called "Help" which provides documentation on how to use the MATE desktop environment. There is a tool called Dupeclean-gui which finds and removes duplicate RPM packages on the system. Digging further we find the GNU Compiler Collection and SysV init (version 2.88). In the background, PCLinuxOS runs on version 4.4.3 of the Linux kernel, though given the distribution's rolling nature the kernel will be regularly updated.



One odd characteristic of PCLinuxOS is that there are some popular applications, such as LibreOffice and VirtualBox, which are not included in the distribution and are not available in the project's software repositories. Instead, PCLinuxOS provides graphical installers designed specifically to install these extras. The VirtualBox Manager and LibreOffice Manager programs can be found in the distribution's application menu. Running either "Manager" program launches a download wizard which installs the desired application for us. This gives us quick access to the latest versions of both applications, but it means we cannot install or upgrade these programs through the distribution's software manager.





PCLinuxOS 2016.03 -- Running various desktop applications

(full image size: 490kB, resolution: 1280x1024 pixels)



There were a few additional characteristics of PCLinuxOS which stood out during my trial. One was that the distribution uses a root account and does not enable sudo by default. This classic approach to separating root access from other users is becoming less common and it was interesting, for me, to use a project which not only has stayed with using SysV init, but has also decided to maintain classic account permissions rather than adopt sudo. Another feature which I appreciated was PCLinuxOS uses large, thick fonts for its menus, terminal, clock and windows. I often find myself adjusting fonts to be larger or higher contrast on other distributions, especially in virtual terminals. It was a pleasant experience for me to find all the PCLinuxOS fonts were already set up to be easy to read. It is a little thing, but one which made using PCLinuxOS feel just a little nicer, a little more natural.



One of PCLinuxOS's most appealing features is the distribution's Control Centre. The operating system's Control Centre acts as a central location for managing the underlying operating system. The Centre is organized into categories of configuration modules. Each module is presented in a newcomer friendly fashion and it is pleasantly straight forward to work with the operating system's settings. From the Control Centre we can launch the Synaptic package manager, configure FTP and Apache web services, configure the network, enable the OpenSSH secure shell service and set up a local time sync protocol server. We can use modules to browse hardware information, configure and trouble-shoot the sound system and tweak the X display server. There are also modules for configuring the mouse, keyboard, printers and UPS devices. Something I found interesting was that the hardware configuration tools, like the printer and scanner modules, generally required that we install additional software packages to provide hardware support. The Control Centre also provides tools for setting up network proxies, VPN connections and network shares. There are modules for working with user accounts, importing documents from Windows partitions and managing background services. Plus we can work with disk partitions, set up automatic account logins and configure the boot loader.





PCLinuxOS 2016.03 -- The Control Centre

(full image size: 436kB, resolution: 1280x1024 pixels)



There is a wide range of functionality to be found in the Control Centre and I was pleased to note that all of the configuration modules worked well. The Control Centre works quickly and is quite friendly. This configuration panel is definitely a feature I would love to see ported to other Linux distributions.



I explored running PCLinuxOS in a virtual machine and on a desktop computer. On the desktop machine PCLinuxOS ran smoothly and was stable. My hardware was properly detected and everything worked as expected. The distribution was quick to boot and responsive while logged into the MATE desktop. When running in VirtualBox, I had a similarly good experience. The only drawback to running PCLinuxOS in a VirtualBox environment was that the distribution does not feature VirtualBox's guest modules which allow the operating system to take advantage of the computer's full display resolution. Since PCLinuxOS does not offer VirtualBox modules through its software repository, we need to install the generic VirtualBox modules from Oracle if we want to run PCLinuxOS with high screen resolutions. In both test environments, PCLinuxOS used surprisingly small amounts of RAM, requiring just 210MB of memory to log into the MATE desktop.



Conclusions



I greatly enjoyed my time with PCLinuxOS. The project offers a fairly small download, there is a lot of functionality available out of the box. I like the classic layout of the MATE desktop and the easy to read fonts. I especially like using the project's Control Centre which allows us to configure virtually every aspect of the operating system without touching the command line.



I might have preferred a more modern software manager over Synaptic or having LibreOffice in the project's software repositories instead of available through a separate installer. The way PCLinuxOS handles software works and I did not experience any problems doing things the PCLinuxOS way, but it did feel strange, to me, to use different installers for different pieces of software.



Mostly though, I like that PCLinuxOS is taking a conservative approach while still offering a rolling release model. We have up to date desktop applications and hardware support while using classic technologies like MATE, GRUB Legacy and SysV init. Cutting edge software with a classic style may seem like an odd pairing, but it created a very pleasant experience for me. * * * * * Hardware used in this review



My physical test equipment for this review was a desktop HP Pavilon p6 Series with the following specifications: Processor: Dual-core 2.8GHz AMD A4-3420 APU

Storage: 500GB Hitachi hard drive

Memory: 6GB of RAM

Networking: Realtek RTL8111 wired network card

Display: AMD Radeon HD 6410D video card

Miscellaneous News (by Jesse Smith)

Edubuntu to skip 16.04, Arch updates Pacman, GuixSD packages GNOME and Red Hat's financial success



The launch of Ubuntu 16.04 is coming up in a few weeks and, with it, the release of Ubuntu's many community editions. The Edubuntu project will not be releasing a new version of its distribution along with the other community projects. Stéphane Graber has announced, on behalf of the Edubuntu team, there will be no Edubuntu 16.04. " We've both moved on to new projects, with the hope that we would one day find some time to work on Edubuntu again. That's why we decided to make Edubuntu LTS-only after the 14.04 release, hoping that over the course of two years we would find the needed time to make a good Edubuntu 16.04 LTS. This plan didn't quite work out as we're now a month away from the 16.04 release with little to no work having been done on Edubuntu. " The existing Edubuntu 14.04 release will continue to receive support through to the year 2019, but additional volunteers will be required if the project is to have future releases. * * * * * The Arch Linux developers have released a significant update to the Pacman software manager. The new version, Pacman 5.0, offers improved performance and should both speed up software transactions and reduce the work required to maintain some packages. The Arch developers are recommending all users update their copy of the Pacman software manager prior to April 23rd. The Arch Linux website has full details: " The release of pacman-5.0 brought support for transactional hooks. These will allow us to (e.g.) run font cache updates a single time during an update rather than after each font package installation. This will both speed up the update process, but also reduce packaging burden for the developers and trusted users. In order for the use of hooks to be started, we require all users to have updated to at least pacman-5.0.1 before 2016-04-23. Pacman-5.0.1 was released on 2016-02-23, so this will have given everyone two months to update their system. " * * * * * The developers of the Guix System Distribution (GuixSD) have announced their distribution now includes packages for the GNOME desktop environment. While GNOME has been packaged for many distributions over the years, the GuixSD team discovered that the task of packaging GNOME and all of its dependencies is not a simple feat. " The more interesting parts were system integration. Modern GNOME/Freedesktop environments rely on a number of daemons, most of which talk over D-Bus, and extending each other's functionality: udev, udisks, upower, colord, geoclue, and polkit, to name a few. Being able to compose all these system services was one of the driving use cases behind the design of GuixSD's new service composition framework. With this design, we knew we were able to have fine control over the service composition graph. Challenge #1 overcome! Since GuixSD uses the GNU Shepherd and not systemd as its init system, we needed a way to provide the logind functionality that systemd implements, and which allows GNOME to know about users, sessions, and seats. " The many trials and trouble-shooting steps are outlined in this post. The end result of all this work is that GuixSD users can install GNOME and all its dependencies by adding one line to their system configuration file. * * * * * A question that gets asked a lot with regards to open source software is: "If you give away your product's source code for free, how do you make money?" Red Hat has successfully demonstrated over the years that selling support and charging consulting fees for their enterprise oriented operating system can be quite profitable. Last week, Red Hat published a statement which placed their revenue for 2015 at just over two billion dollars. Some of Red Hat's money goes toward sponsoring the Fedora distribution as well as working with the CentOS project. Red Hat also funds upstream software development, particularly the Linux kernel, making their financial success good news for the Linux community as a whole.





Questions and Answers (by Jesse Smith)

Using signatures and creating a web of trust



Checking-signatures asks: There is much confusion about how the "web of trust" can and should work, and how a non-technical person could do that reliably (and, preferably easily).



I'd like to request that a future article discuss the difference between a SHA256 "checksum" and a digital signature, and how to verify a digital signature. For the latter, which are the more authoritative sites, and how should a user use those sites? A bonus would be whether there are tools to help that process.



DistroWatch answers: A checksum, which is sometimes called a hash, is basically a digital fingerprint. Every file has a fingerprint and we can find this fingerprint by running the contents of a file through something called a hash function.



This might be easier to understand by way of example. Let us assume we have a file called hello.txt and this file contains just one line: Hello World If we run the hello.txt file through the SHA256 hash function, it gives us the file's fingerprint. When I run this command: sha256sum hello.txt My computer tells me the fingerprint of the hello.txt file: d2a84f4b8b650937ec8f73cd8be2c74add5a911ba64df27458ed8229da804a26 That long string of letters and numbers is the checksum or fingerprint of the hello.txt file. This fingerprint is unique to the contents of the file. This means if we have another file that also says "Hello World" in it, that second file will have the same fingerprint since the contents of the two files are identical. We can test this by making a copy of hello.txt and taking the fingerprint of the second file. cp hello.txt copy.txt

sha256sum copy.txt This sequence of commands makes a copy of our file and fingerprints the new copy. The copy.txt file has this fingerprint: d2a84f4b8b650937ec8f73cd8be2c74add5a911ba64df27458ed8229da804a26 When two files are identical in their contents they have the same checksum. This information is useful when we want to download a large file, like an ISO. Most Linux distributions publish checksum information for their ISO downloads. Once we download the file, we can check its fingerprint and make sure it matches the published checksum on the distribution's website. When the project's checksum matches the checksum of our copy of the file, we know the ISO downloaded successfully without being corrupted. It is a lot faster to find the checksum of a large file than download it a second time.



Except in some extremely rare cases, two files which have different contents will have different checksums. If I create a new file called different.txt that contains the text Hello World! it will have a different checksum than the earlier file which did not include the trailing exclamation mark. Here is the checksum of the new file with the exclamation mark: 03ba204e50d126e4674c005e04d82e84c21366780af1f43bd54a37816b6ab340 As you can see, different.txt has only a small change in its contents, but it has a unique fingerprint.



The term "SHA256" describes one method to finding a file's fingerprint. There are other methods which will provide different digital fingerprints of a file. Some other popular methods are MD5, SHA1 and SHA512. If this seems confusing, we can think of each checksum method as providing a fingerprint for a specific finger of the same hand. So we might take separate prints from a thumb, index and middle finger to identify one person. Likewise MD5, SHA1 and SHA256 provide different ways of identifying the same data.



I think that covers all we can of checksums without getting into the mathematics of the process. The important things to remember are that any two files with the same contents should have matching checksums. Files with different contents will have unique checksums.



In theory it has been shown to be possible to make two different files have matching checksums, but it is not practical in most real world scenarios.



Next, let's look at signatures. A digital signature is basically a unique way to identify ourselves and things we create. Using a digital signature is a lot like using a written signature in real life. It should be unique, identify us and be attached to documents we want to prove were created by us.



A file can be signed with a person's digital key. The signature can be used to do two things: identify the person who signed the file and confirm the contents of the file has not been altered. Signing a file digitally is a little like closing an envelope with a wax seal and writing our name on the envelope. If someone else comes along and changes the file, or corrupts it in some way, the seal is broken and the signature is no longer valid.



Files are signed (and verified) by using bits of data called encryption keys. A private key, known only to one person, is used to sign documents. A public key is known to the whole world and can be used to verify a signature created with a private key.



A little while ago we provided an example of how to verify a file and its signature using a public key. However, as some people have pointed out, the next step is how do we know which keys to trust? How do we know a key came from the person we think it came from?



When it comes to verifying a public key is valid, we sort of fall out of the realm of technical issues and into the fuzzy realm of trust. Open source developers usually publish their public keys on special servers, called key servers. Developers who know each other, and have met in person, will often sign each other's public keys. This indicates a level of trust, that these two people know each other and are willing to vouch for each other. These signed keys are made public on the key servers.



There are several key servers. MIT maintains one. The Debian project maintains a collection of keys for its contributors. There are many other key servers around the world.



We, the public, can look at keys on a key server and see who has vouched for each other. If we know someone who has published a public key, we can follow their key, see whose key they have signed. This means if we know Alice and Alice has signed Bob's key, then we can be pretty certain Bob's key really does belong to Bob. There is a chain of trust from us, to Alice to Bob.



The problem with all of this is we need a place to start. We need to be able to say "I know that person, therefore I trust their key." And that will, in turn, allow us to trust other keys that person has signed. If we do not know anyone with a public key, then we are just hoping the person who uploaded their key is who they say they are.



The original question asked if there are authoritative websites we can use and how those sites can be used. This highlights a problem: There isn't a central authority for this issue. Keys (and signatures) can only be trusted if we trust someone. It's a personal matter more than technical. If you trust my key came from me, then you can trust people I trust, forming a "web of trust". But you need to have a starting point, one key you know came from the right person.



How do you do that? You create keys of your own and share them with people. You encourage others to share their keys with you. Especially people you know, or people at Linux/BSD conventions. Subscribe to mailing lists as developers will often sign their messages and share their keys through announcements. The more people share keys, the more we can grow the web of trust and the harder it is for someone to falsely pass themselves off as someone they are not with a fake key.



As to what tools are available, I highly recommend starting with two tools: Kgpg and the Enigmail Thunderbird add-on. Kgpg is a great desktop tool for creating, managing and exploring keys. It can be used to publish your own keys and import someone else's. Enigmail is a wonderful tool that makes it very easy to set up encrypted and signed e-mail. Enigmail will also automatically offer to import keys when possible and verify the signatures on messages you receive in Thunderbird. I would go into how to use KGpg to manage keys, but I think the application's documentation does a fine job of that. Enigmail also has good documentation in their wiki.



In the end, trust is not something that can be just looked up or proved mathematically. It is the result of a process. The process of getting to know people, confirming they are who they say they are, collecting publicly available keys and checking to see who has signed which keys.



So let's all make sure we create our own keys, using Kgpg or another key management program. Then send those keys out into the world, let people know we want them to sign our keys and offer to verify the keys of others. Let's be part of the solution and build a web of trust. Here is my public key, feel free to send me yours. * * * * * Past Questions and Answers columns can be found in our Q&A Archive.





Torrent Corner

Weekly Torrents



Bittorrent is a great way to transfer large files, particularly open source operating system images, from one place to another. Most bittorrent clients recover from dropped connections automatically, check the integrity of files and can re-download corrupted bits of data without starting a download over from scratch. These characteristics make bittorrent well suited for distributing open source operating systems, particularly to regions where Internet connections are slow or unstable.



Many Linux and BSD projects offer bittorrent as a download option, partly for the reasons listed above and partly because bittorrent's peer-to-peer nature takes some of the strain off the project's servers. However, some projects do not offer bittorrent as a download option. There can be several reasons for excluding bittorrent as an option. Some projects do not have enough time or volunteers, some may be restricted by their web host provider's terms of service. Whatever the reason, the lack of a bittorrent option puts more strain on a distribution's bandwidth and may prevent some people from downloading their preferred open source operating system.



With this in mind, DistroWatch plans to give back to the open source community by hosting and seeding bittorrent files. For now, we are hosting a small number of distribution torrents, listed below. The list of torrents offered will be updated each week and we invite readers to e-mail us with suggestions as to which distributions we should be hosting. When you message us, please place the word "Torrent" in the subject line, make sure to include a link to the ISO file you want us to seed. To help us maintain and grow this free service, please consider making a donation.



The table below provides a list of torrents we currently host. If you do not currently have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.



Operating System Torrent MD5 checksum FreeNAS 9.10 FreeNAS-9.10-RELEASE.iso 3cc02ac3f67ededaa17c34ecae4a421f Alpine Linux 3.3.3 alpine-3.3.3-x86_64.iso b21f2b01b3dcd3ce51b07f9430772155 LXLE 14.04.4 lxle-14.04.4-64bit/lxle-14.04.4-64bit.iso.md5 9dc371a02843a3a11b5bbfa5d317290b



Archives of our previously seeded torrents may be found here. All torrents we make available here are also listed on the very useful Linux Tracker website. Thanks to Linux Tracker we are able to share the following torrent statistics.



Torrent Corner statistics:

Total torrents seeded: 177

Total data uploaded: 32.8TB

Released Last Week

Upcoming Releases and Announcements

Opinion Poll

Video chat software



Video chat software is a great way to stay in touch with people over long distances. The usefulness of being able to see and talk to people using video chat/conferencing software has led to many solutions, both open and proprietary, to be developed.



This week we would like to know what sort of video chat software, if any, you use to keep in touch with family, friends and business colleagues. Do you use popular, yet closed, solutions like Skype; web-based solutions like Google Hangouts; or a free/open source application?



You can see the results of our previous poll on testing new distributions here. All previous poll results can be found in our poll archives. Video chat software



I use free/open source applications (eg Ekiga): 87 (5%) I use proprietary applications (eg Skype): 452 (26%) I use web-based solutions (eg Hangouts): 169 (10%) I use a combination of the above: 244 (14%) I do not use video chat software: 776 (45%)

DistroWatch.com News