DistroWatch Weekly, Issue 772, 16 July 2018

Feature Story (by Jesse Smith)

Hyperbola GNU/Linux-libre 0.2.4 Hyperbola GNU/Linux-libre is a curious project that takes a number of interesting approaches which set it apart from other distributions. The Hyperbola distribution is based on snapshots of Arch Linux. While Arch Linux is a rolling release distribution, Hyperbola maintains fixed releases taken from Arch snapshots and then, according to the project's website, the Hyperbola developers mix in security updates from Debian. The idea is to create an Arch-like operating system with a fixed base and minor patch updates.



The distribution is dedicated to free software ideals and ships only libre software as defined by the Free Software Foundation. Finally, Hyperbola makes a special edition called Hypertalking which is based on TalkingArch and provides accessibility software for visually impaired users.



I downloaded the distribution's main edition which is available as a 672MB ISO. The distribution media will boot on both 32-bit and 64-bit systems with the option to select which architecture we want from the ISO's boot menu. When the disc boots we are presented with a text console where we are advised we can see documentation for getting on-line using the Lynx web browser by typing "lynx network.html".



The default, text-based interface on the disc is quite minimal, but it's enough to partition our hard drive and set up a local copy of the operating system. I don't think it's intended to do much more than that.



Installing



Instead of providing users with a system installer, Hyperbola follows the example of Arch Linux and provides an on-line install guide. The guide walks us through creating disk partitions, mounting them, making sure a network connection is enabled and setting up security keys. It's a bit of manual work, but for the most part new users will be able to copy the command line examples from the manual into their terminal to get a working system.



The guide concludes by getting us to install packages on our hard drive, set up a language locale, install the GRUB boot loader and create a password for the root user. After that, we can reboot the computer to start exploring Hyperbola. The manual steps are not difficult to follow for people familiar with the command line, but will probably deter Linux newcomers from trying the distribution.



First impressions



Hyperbola starts off as a minimal operating system. The snapshot I was using ran version 4.9 of the Linux-libre kernel, a flavour of Linux that has had non-free components removed. Instead of Arch's default systemd init software, Hyperbola ships with OpenRC as its init implementation. At the moment, Hyperbola ships with the OpenSSL security library, but there are plans to switch to LibreSSL in a future snapshot.



Otherwise the base system features the standard GNU command line tools, manual packages and little more. There is no compiler, by default, no Java, and no desktop environment. Hyperbola very much holds to the idea that we need to build and customize our operating system from the ground up.



We can add new users to the system via the useradd command and we can use pacman to add new software to the distribution. Hyperbola does not have documentation nearly as extensive as Arch's famous wiki, but we can use most of Arch's documentation on Hyperbola. I say "most" because not everything translates over to Hyperbola's environment. Since Arch allows software published under non-free licenses and uses systemd to manage services, its approach varies in small ways from Hyperbola's. This means some steps in setting up services, trouble-shooting issues and getting a desktop environment set up will be different under Hyperbola. Users should be aware they will need to adjust some examples that use systemd to get them working with the OpenRC service manager and work around not having some packages.



Software and package management



Like its parent, Hyperbola uses the pacman command line package manager to install, remove and upgrade software. pacman works quickly and I encountered no problems while using it. Software appears to all be pulled from the distribution's own collection of custom repository mirrors.



Earlier I mentioned Hyperbola uses an unusual combination of Arch software with Debian patches, which is explained on the distribution's FAQ page: " libre. Also Hyperbola is using Debian patches, therefore all packages are being stabilized with improvements through its development. Hyperbola is a long-term support distribution based on Arch GNU/Linux plus stability and security from Debian GNU/Linux. It isn't a rolling release distribution like Arch because Hyperbola is using Arch snapshots for its versions and Parabola blacklist as base to keep it 100%. Also Hyperbola is using Debian patches, therefore all packages are being stabilized with improvements through its development.



I'm not certain of the details of this update process. Arch and Debian name some software differently or may use slightly different versions of packages, leaving me to wonder exactly how patches get transferred from Debian into Hyperbola. At the moment I am not entirely clear on how long Hyperbola's "long-term support" cycle lasts. One might guess for as long as Debian Stable is supported, but I was not clear on this from the documentation provided. At the moment, Hyperbola is still a fairly young project so it may take time before users get a clear idea of the length of support cycles and how many versions will be supported at a time.



Hardware



At first my trial with Hyperbola started out well. The dual-architecture CD was able to start in on my laptop in both Legacy BIOS and UEFI modes. The distribution, once installed, required less than 50MB of RAM with the default configuration and used around 1GB of disk space. The distribution was wonderfully fast, mostly because it runs so little software by default.



The main issues I ran into revolved around hardware support. When trying to run the distribution on my laptop, Hyperbola was unable to use my wireless network card. Given the situation I was in at the time, this basically turned my laptop into a typewriter as a wired connection was not always available, making it difficult to get on-line or install new software.



When running in VirtualBox, Hyperbola started off well, but ran into a snag with displaying a desktop. The distribution does not appear to include VirtualBox modules and this meant I struggled to get a fully functional desktop working in the virtual machine. Given more time I might have managed, but since setting up Hyperbola takes extra steps (compared to other distributions) I was running short on time to work around the driver issues.



Conclusions



My big concern with Hyperbola was the documentation. We can use the Arch wiki for most tasks, but there are enough little things that are different between Arch and Hyperbola (like using systemd versus OpenRC) that I think this project needs its own fork of the documentation. I also ran into an unfortunate oversight early on. When I launched the distribution on my laptop and found my wireless network wasn't detected, I ran "lynx network.html" to see the steps required to get it working. In the document there is a link to show trouble-shooting steps for when networking does not operate as expected. The link doesn't work because it points to an on-line resource. It is little details like this which will hopefully be addressed in future snapshots.



What drew me into trying Hyperbola is the distribution is just such an unusual mixture of design choices. It tries to be a fixed release, but is based on Arch Linux, a rolling release platform. The distribution tries to be convenient for visually impaired users through its Hypertalking edition, but also slows me down by effectively disabling some hardware devices by not including non-free drivers and firmware.



The distribution wants to be stable, free, near the cutting edge, accessible and minimal. It also pulls in ideas and software from at least four other projects. It's quite an odd combination and as a result I'm not entirely sure what use cases Hyperbola is targeting. People who want a libre distro like Trisquel, but prefer pacman for package management? People who love the manual approach of setting up Arch, but with Debian-like security updates? Hyperbola is so weird I can't help but appreciate it, but I'm not sure under what circumstances I would consider it the best tool for the job. * * * * * Hardware used in this review



My physical test equipment for this review was a de-branded HP laptop with the following specifications: Processor: Intel i3 2.5GHz CPU

Display: Intel integrated video

Storage: Western Digital 700GB hard drive

Memory: 6GB of RAM

Wired network device: Realtek RTL8101E/RTL8102E PCI Express Fast

Wireless network device: Realtek RTL8188EE Wireless network card * * * * * Visitor supplied rating



Hyperbola GNU/Linux-libre has a visitor supplied average rating of: 7.8/10 from 4 review(s).

Have you used Hyperbola GNU/Linux-libre? You can leave your own review of the project on our ratings page.





Miscellaneous News (by Jesse Smith)

UBports running desktop applications, Arch reacts to AUR malware, OpenBSD gaining ability to auto-join wireless networks, Debian publishes new install media, Tails makes it easier to work with encrypted volumes One of the potential benefits to running a GNU/Linux operating system on a mobile device is it opens the door for running desktop applications on the mobile platform, greatly expanding the numbers of apps available on the device. The UBports community (who have continued the development of Ubuntu Touch) may soon be able to run desktop Ubuntu packages on mobile devices. In a Reddit post, one developer comments on the state of running desktop Ubuntu applications in a container on a UBports phone: " Libertine Manager is now in the system settings and makes installing 'desktop' apps easier (creates a container and installs apps inside with APT). Some apps work better than the others, in the video GNOME Calculator doesn't work that great yet, Solitaire seems to work ok and is quite usable on a phone. " The video demonstrating installing desktop apps on the phone is included in the Reddit post. * * * * * People who run Arch Linux, or one of its many derivatives, received a reminder last week that while the Arch User Repository (AUR) is a convenient way to access a large number of software packages, the packages in that repository can come from anywhere and should not be blindly trusted. Sensors Tech Forum reports: " Linux users of all distributions have received a major warning not to explicitly trust user-run software repositories following the latest incident related to Arch Linux. The project's user-maintained AUR packages (which stands for Arch User Repository) have been found to host malware code in several instances. Fortunately a code analysis was able to discover the modifications in due time - only several days after the dangerous code was placed in the app installation instructions. The security investigation shows that a malicious user with the nick name xeactor modified in June 7 an orphaned package (software without an active maintainer) called acroraed. The changes included a curl script that downloads and runs a script from a remote site. This installs a persistent software that reconfigures systemd in order to start periodically. While it appears that they are not a serious threat to the security of the infected hosts, the scripts can be manipulated at any time to include arbitrary code. Two other packages were modified in the same manner. " Most Linux distribution have optional add-on repositories where community members can upload scripts or packages. These third-party items should be audited before being installed. * * * * * The OpenBSD operating system is getting a new feature which many people running on other platforms probably take for granted: automatically connecting to wireless networks. Peter Hessler has published code which allows OpenBSD to connect to known wi-fi networks automatically when there is no current network connection. " Introduce 'auto-join' to the wi-fi 802.11 stack. This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available. " * * * * * The Debian project has published new install media for Debian 9 "Stretch". The new media does not represent a new version of Debian, but does include security fixes that have become available since Debian 9 was originally released. " The Debian project is pleased to announce the fifth update of its stable distribution Debian 9 (codename Stretch). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old stretch media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. " More information can be found in the project's news post. * * * * * The Tails project is working to make accessing encrypted volumes easier. The developers are a testing new features which would make it easier for users to access VeraCrypt volumes from the GNOME desktop. " We worked to integrate VeraCrypt support into the existing GNOME workflow for unlocking encrypted volumes. As a result, most of the features already provided for LUKS volumes are now also provided for VeraCrypt volumes. This includes unlocking volumes via the GNOME Disks application and integration into the places sidebar in GNOME Files. If your file containers have the ".hc" file extension, they will be recognized as VeraCrypt volumes and can be easily unlocked in GNOME Files. Additionally, we created a small application, VeraCrypt Mounter, which makes it easier to unlock VeraCrypt volumes, especially file containers that do not have the ".hc" extension. " The project's news page has further details. * * * * * These and other news stories can be found on our Headlines page.





Tips and Tricks (by Jesse Smith)

Managing boot environments with zedenv Boot environments are handy tools for a system administrator to have. A boot environment is basically a snapshot (or copy) of the operating system which was taken at a point in time when the operating system was (presumably) working properly. Having a snapshot of the operating system stored on the disk means we can make all kinds of changes to the system, safe in the knowledge that we should be able to revert back to the working snapshot at any time. This means we can update the system, delete files, and change working configurations, safe in the knowledge that we will be able to reboot the computer and switch back to a working snapshot if anything goes wrong.



Boot environments are made possible by advanced file systems, such as Btrfs and ZFS. Typically Btrfs is used on Linux systems (like openSUSE) and ZFS is used by platforms such as FreeBSD. While these advanced file systems provide the underlying ability to create a snapshot of our working system, we still need tools to create and manage the snapshots. On FreeBSD-based systems the beadm command line tool is typically used to manage boot environments. On openSUSE the snapper tool is used.



In May a new, cross-platform boot environment manager was launched. The new tool is called zedenv and is still in its early development stage (it is still considered an alpha release at the time of writing). The zedenv command reportedly supports the same functions and has a similar syntax to beadm, but has the advantage of being designed to work across multiple operating systems and should work anywhere where ZFS and Python are available. The zedenv software also supports plugins which should make it possible to use the same code across a range of operating systems with different boot loaders.



Since I have already used beadm to manage ZFS snapshots on FreeBSD, I thought it would be fun to see if this new utility could manage ZFS boot environments on a Linux distro. This posed a bit of a problem though because very few Linux distributions support running from a ZFS root file system. There are possible workarounds to make Linux boot on ZFS, but most distributions do not offer an easy way to do this. Antergos appears to be one of the few exceptions. So I installed Antergos, opting to run the operating system from a ZFS volume.



Antergos makes it fairly easy to set up a ZFS volume, it is one of the check boxes on the installer's partitioning screen. The process of setting up ZFS takes a while though as the installer needs to build ZFS components, this added around twenty minutes to my install process, during which time the installer appeared to be locked up. However, the process did complete and I happily rebooted the computer to start working with Antergos running on ZFS.



There was a hiccup to overcome first. It appears as though the Antergos installer does not properly export (a special form of unmounting) the ZFS file system after it is set up. This meant my new ZFS root file system (called "mydata") could not be accessed, or "imported", when I first tried to boot my copy of Antergos. Getting a rescue prompt and running the following command worked around the issue: zpool import -f mydata From there, I made sure the git source control program was installed so I would be able to set up zedenv. sudo pacman -Sy git Then I followed the step-by-step instructions in the zedenv documentation to install the utility. git clone https://github.com/johnramsden/pyzfscmds

git clone https://github.com/johnramsden/zedenv

cd pyzfscmds

sudo python setup.py install

cd ../zedenv pyzfscmds

sudo python setup.py install At this point the installation appeared to have succeeded and I thought I should be able to create, list and activate boot environments by running the zedenv command. However, I soon found I was unable to create snapshots using zedenv. I could manually create snapshots using the lower level zfs command, but not new boot environments.



With a little trouble-shooting it turned out the problem was zedenv expects ZFS datasets to be created when the file system is set up. FreeBSD does this automatically, but Antergos does not. The zedenv author pointed out there are ways to work around this problem. However, given the nature of changing the ZFS datasets and boot settings, the user will probably want to create backups of their data before attempting the workaround. Long-term, I am hoping the Antergos team will be able to bring their ZFS setup more in line with that of other operating systems. * * * * * Speaking of other systems, I also tried zedenv on FreeBSD to see how the utility would compare to the popular beadm boot environment manager. FreeBSD is relatively quick to set up and also makes it possible to just check a box to automate placing the root file system on a ZFS volume.



Once FreeBSD's installation is complete we will need to install three packages to work with zedenv. We will need to install Python 3.6, the git source control tool and the Python setuptools package. These can be added to FreeBSD by running: pkg install python36 git py36-setuptools Then I ran the same git and Python commands as I did above to install zedenv on Antergos. At first zedenv failed to run, reporting a series of locale errors. I was able to quiet these errors and get zedenv to run without crashing by setting the LANG shell variable: setenv LANG en_US.UTF-8 With these steps completed, I was able to create boot environments, list them, and activate them so the system would automatically boot into the one I wanted. The zedenv command also makes it possible to mount an existing environment to edit it. Let's look at an example of the command in use. Here we create a new environment snapshot, called "safe": zedenv create safe We can confirm the snapshot was created by listing all our snapshots: zedenv list There should be two snapshots listed, with one called "default" which is currently active. The other is the new one we created, called "safe". Now, suppose we did something foolish, like delete a bunch of programs we will need later. For example, suppose I deleted every program starting with the letter "d" in my /bin directory. We can then try to rescue the system by switching from our active (default) file system, to our good snapshot (safe). zedenv activate safe

reboot When the system reboots, the programs in /bin I recklessly deleted will have been restored because the "safe" snapshot was created before I removed the files. If I want to, I can then try to fix the default boot environment, where I deleted the programs. I can do this by mounting the default boot environment and copying the missing programs into it. This can be done as follows: zedenv mount default /mnt

cp /bin/d* /mnt/bin/

zedenv umount default With the default snapshot repaired, I can activate it and boot into it again. zedenv activate default

reboot Experienced FreeBSD users will note zedenv has a syntax and output virtually identical to beadm. The main differences are zedenv is designed to (hopefully) work the same on other platforms and it can be extended using plugins. Though this extra flexibility does come at the cost of having a dependency on Python.



Right now zedenv works. It does not yet hold an advantage over beadm on FreeBSD, but its goal of cross-platform use certainly sounds promising. I think the only thing holding back zedenv from being a big hit with Linux users is most distributions still have not embraced advanced file systems like ZFS and Btrfs. This will likely change over time, but right now most Linux distributions are still using more traditional file systems like XFS and ext4. It may take a while before boot environments catch on, outside of the openSUSE community. * * * * * Additional tips can be found in our Tips and Tricks archive.





Released Last Week

Scientific Linux 6.10



Pat Riehecky has announced the availability of Scientific Linux 6.10, the final build of the Red Hat-based distribution's legacy branch, supported until November 2020: " Scientific Linux 6.10 i386/x86_64. According to the upstream lifecycle guide, 6.10 is expected to be the final release of EL6, with only important security errata or critical bug fixes going forward. Please run yum clean expire-cache. Major Differences from SL 6.9: sl-release - updated to use the 6.10 repositories; OpenAFS - updated to 1.6.22.3. Changed compared to Enterprise 6: httpd - changed the default index.html to remove upstream's branding; Plymouth - removed the red colors for text mode; redhat-logos - changed all trademarked icons and pictures from upstream, changed styles of items such as background, GDM and KDM to change the tradedress style; Anaconda - add the Scientific Linux install classes, DVD installs do not ask for the network unless needed; redhat-rpm-config - changed to recognize Scientific Linux as an Enterprise Linux; xorg-x11-server - changed to remove TUV's support URL.... " See the release announcement and release notes for further information.



ArcoLinux 6.9.1



ArcoLinux (formerly known as ArchMerge), is an Arch-based project developing several ready-to-use distributions that feature a number of popular desktop environments. ArcoLinux 6.9.1 was pre-announced earlier this week, but the main Xfce edition was only made available yesterday. From the release announcement: " We decided to trim down our ISO images and remove elements we either don't use or which might be considered a security liability. You can install them if you want them after the installation of the ISO image. Our goal is to stay around 2 gigabytes for the ArcoLinux ISO image. Improvements: new logo has been included in the logos of the conkies; font display has been improved and resized to 11; added VMware configuration file to include 1920x1080 resolution; Neofetch has been upgraded from v4 to v5, we follow the official configuration and change it to our own ArcoLinux configuration; 000- script to use all cores now also includes 6 cores; new alias vbm to mount the Public folder when on VirtualBox; old alias 'update' is now 'sudo pacman -Syyu'.... "





ArcoLinux 6.9.1 -- The default ArcoLinux desktop

(full image size: 1.5MB, resolution: 1280x1024 pixels)

* * * * * Development, unannounced and minor bug-fix releases

Bluestar Linux 4.17.4

Greenie Linux 18.04.0.2

AUSTRUMI 3.8.2

Pardus Topluluk 4.2

Debian 9.5.0

feren OS 2018.07

ReactOS 0.4.9

Ultimate Edition 5.1.2

Torrent Corner

Upcoming Releases and Announcements

Opinion Poll

Boot environments This week, in our Tips and Tricks column we discussed how to use a tool called zedenv to manage ZFS boot environments. Some operating systems, such as openSUSE and FreeBSD ship with built-in tools for managing and running the operating system from boot environments - file system snapshots that let us access past states of the operating system.



We would like to know how many of our readers currently use boot environments. And, if you do, which file system are you using?



You can see the results of our previous poll on how people are reacting to CPU security bugs in last week's edition. All previous poll results can be found in our poll archives.



Boot environments



I am using boot environments with Btrfs: 121 (9%) I am using boot environments with ZFS: 58 (5%) I am using boot environments with another file system: 173 (13%) I am not using boot environments: 935 (73%)