Slashdot Mirror
Unusual, Obscure, and Useful Linux Distros
angry tapir writes "Most people will be familiar with some of the big names when it comes to Linux — distributions like Ubuntu, Red Hat Enterprise Linux, Debian, and Mandriva. Most of the well-known Linux distros are designed to be used as general-purpose desktop operating systems or installed on servers. But beyond these distros are hundreds of others either designed to appeal to very specific audiences or to fulfill the somewhat niche needs of some users. We rounded up some of the most interesting Linux distributions that you might not have heard of."
... the live CD you have with you.
After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.
We need a new instant mirror site for slashdot. Any suggestions?
"One of the benefits of open source software that many people are most familiar with is that it's free to download.
This means you can grab great applications — such as Mozilla's Firefox Web browser, the OpenOffice.org office suite or the GIMP photo editing program — without paying a cent.
However, the other major benefit of truly open source software (some "open source" software licences are more restrictive than others) is that you're allowed to modify a program and redistribute your altered version so other people can enjoy it.
Linux is a classic example of this: there are hundreds (at least!) of different Linux-based operating systems. Most people will be familiar with some of the big names — distributions like Ubuntu, Red Hat Enterprise Linux, Debian and Mandriva.
Most of the well-known Linux distros are designed to be used as general purpose desktop operating systems or installed on servers. But beyond these distros are hundreds of others either designed to appeal to very specific audiences or to fulfil the somewhat niche needs of some users.
We rounded up some of the most interesting Linux distros out there that you might not have heard of.
Insecure by design: Damn Vulnerable Linux
Damn Vulnerable Linux is "The most vulnerable and exploitable operating system ever" according to its Web site.
It's designed for security training; it includes training material and exercises (as well as a whole bunch of flaws to exploit). As Mayank Sharma notes: "Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn't. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks."
Indulge in paranoia: Tinfoil Hat Linux
Tinfoil Hat Linux is pretty much the opposite of Damn Vulnerable Linux: it's designed for the paranoid among us.
"It started as a secure, single floppy, bootable Linux distribution for storing PGP keys and then encrypting, signing and wiping files.
At some point it became an exercise in over-engineering." According to its developers, a possible reason for using it is that that "Illuminati are watching your computer, and you need to use morse code to blink out your PGP messages on the numlock key." They're joking. Probably. (In case you want more tinfoil protection, there are some links to a site about aluminium foil deflector beanies and tinfoil suits.)
CSI Linux: CAINE
CAINE (Computer Aided INvestigative Environment) is probably one of the coolest niche Linux distributions around. It's designed for digital forensics (so sadly, no blood spatter analysis) and was developed at the Information Engineering Department of the University of Modena e Reggio Emilia in Italy. It includes software such as TheSleuthKit and Autopsy Forensic Browser for examining file systems, data recovery applications, steganography tools and utilities for securely wiping drives (you know, in case someone else has a copy of CAINE).
Open source engineering: CAELinux
Eminently embeddable: Zeroshell
Zeroshell Linux gets its name from being designed to be solely administered through a Web interface. It's intended to be used on servers and embedded devices.
Its features include load balancing, support for 3G mobile broadband connections and RADIUS support.
Ditch Windows Media Centre: Mythbuntu
Mythbuntu is not really a niche distribution, but it is designed for a specific task rather than being a general desktop distro.
Mythbuntu is used to run PVRs and media centre PCs. As its name indicates, it's derived from Ubuntu Linux.
However, it's ditched the Gnome and by default utilises the relatively barebones Xfce desktop environment.
Damn Small Linux is damn cool
Damn Small Linux (DSL) is actually quite a well known distribution. It's not nearly as small as the amazing MenuetOS (which is a non-Linux OS writ
Domestic spying is now "Benign Information Gathering"
These distros should become meta-packages for larger distros. You should not need to install a specialized OS because you need specialized applications or specialized configurations. The application developer would be better served working with the larger Linux community, to ensure that the usefulness of the given applications is compatible and availible across all distros and platforms. Linux should always have a diverse ecosystem, but Linux should also have a universality about it, that a given meta-configuration can be established to a given Linux with automatic dependency resolution.
Replying to undo moderation. pfSense is based on FreeBSD, not Linux.
Can't get to the site but if your list is complete I'm surprised there's no mention of Scientific Linux. The distro created by the Fermi National Accelerator laboratory and CERN has to be high on the list of unusual and interesting Linux distributions. Actually, works pretty well as a standard desktop too...
Coral Cache:
http://www.goodgearguide.com.au.nyud.net/article/351651/12_most_interesting_unusual_useful_linux_distros/
List of the distros:
steveha
lf(1): it's like ls(1) but sorts filenames by extension, tersely
According to its developers, a possible reason for using it is that that "Illuminati are watching your computer, and you need to use morse code to blink out your PGP messages on the numlock key."
Nice. For the uninitiated, this is (spoiler alert) an allusion to one of the coolest (realistic) hacks in all of fiction, which occurs in the novel Cryptonomicon by Neal Stephenson. Required reading for computer and cryptography geeks.
"This algorithm runs in constant time. Come on, 2,147,483,648 is a constant..."
My favorite, but no longer obscure. Puppy is now v. 5.0 and # 10 in page hit ranking on Distrowatch. Puppy is arguably the cutest distribution, the most sincere distribution, and the most beloved distribution. Not to mention very compact, very capable, very easy to install or run live, and very extensible. Try some now! Try some today! Puppy is good for you! Everyone should know about it!
What surprises me is no SLAX. When i first found it SLAX was a very usable live-cd which would fit on those tiny 8cm CDs (before large enough USB sticks were affordable enough to just have a few in your bag) and had an easy startup option to load the entire image into ram
Then i check it a few months ago, it now offers an interface on the website to select from a very large library of software, click the boxes you want and presto, instant live-image completely to your own taste
People, what a bunch of bastards
At first reaction, I laughed quite hard. Upon further examination, the software included in the distro looks to be quite useful. I have forwarded Xiphos (a piece of bible study software included in the distro) on to my grandfather, who immerses himself in study of scripture. If that's your thing, I would check it out. Guess I learned about a new project today. Look at that, Slashdot taught me something.
That was how I read the title at first glance. So disappointed.
1. Jesus saves - early and often. Or maybe you could just configure him to auto-save?
2. Who needs backups when you have faith?
3. Wait until you see our "firewall"!
4. Well, good, at least they're trying to convert those Linux heathens.
5. Some tools not included: head, finger, fsck...
6. "missionary" the only available filesystem (mount -t missionary - and then only for procreation)
7. Good news! Jesus healed the Gimp! Zombies raised from the dead!
8. Thou shalt not take the hostname in vain.
9. Honor thy PPID.
10. Thou shall not kill -9.
11. Those are penguins, not nuns!
Known bugs:
Sometimes Jesus thinks he's Richard Stallman.
vlc only plays G-rated AVIs.
$ mesg y
$ write god
write: god is not logged in
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
It only took 12 hours for the site to load, but lets have a look at the "distro" and their roots.
Damn Vulnerable Linux unknown
Tinfoil Hat Linux unknown
CAINE Ubuntu
CAELinux Ubuntu
Ubuntu Christian Edition Ubuntu
live.linuX-gamers.net unknown
Parted Magic Ubuntu
GMusix GNU+Linux Debian
Zeroshell Linux LFS methods (i.e., actually rolled themselves)
Mythbuntu Ubuntu
Damn Small Linux Debian
Tiny Core Linux unknown
Ubuntu 41.6%
Debian 16.6%
--------------
Known Distros 58.3%
Unknown distros 33.3%
Original works 8.3%
Feel free to reply with updates if you know the origin of the unknown's.
I know from personal experience, rolling your own distro is hard work. I tried, using other distros (Slackware and LFS methods) as a guide. Just taking someone elses patched beyond usefulness sources and calling them your own isn't your own work. You aren't building, and you can't go back to the original author and submit a fix. Mine was to stay true to the original author's work, since I've seen so many problems which are directly (correctly) attributed to some distro haphazardly patching (and breaking) things.
I spent a lot of spare time writing and rewriting build scripts, hunting down sources (real quick, where is the authors site for the most current version of "ps"?), building a build environment, building the sources into installable packages. It sounds like an awful lot of fun, until you've already spent a month putting things together, and you've just gotten past the low level stuff (basic system utilities, filesystem utilities, compilers, major required libraries, and the boot loader of your choice). Wow, a month later, and we don't even have X, a desktop manager, or occasionally useful things like a web browser. Now you have to go back and check all your versions against the current version available from the author. Unless you have a rather dedicated team of folks with no day jobs nor personal lives, you'll spend your days just verifying that your packages are built from current sources.
God forbid there's a change in say glibc, which breaks some other application. Now you're notifying the author of the application, which can be a job in itself to go back and forth with them about what distro you're running (built it myself). Oh, you're own? That's good and bad. What versions of the compiler and required libraries are you using? "Sign up to my mailing list, so we can all work on it." Two weeks later, you may have a patch which may become a released version two more weeks later. If you're a good guy, and somehow have way too much time on your hands, well versed in every programming language and methodology, a genetic disposition to not sleeping, and a serious speed habit, you may be patching it yourself, and handing that patch up to the author. What? Your patch was refused because it didn't follow his methodology? It doesn't work in recursion and will break older distros (like the one right before the glibc update). Now you've fallen into what others do. I'll patch mine, but just this one, I swear. It'll be the authors true code when he releases the right fix. On to the next!
Serious? Seriousness is well above my pay grade.
Surely BackTrack needs a mention. One stop shop for Penetration Testing, Ethical Hacking, Security Analysis and pretty much anything else security-related. It might not qualify as a fully-blown "distro" depending on your definition, but it's a lot more customised than your standard "Clonebuntu" variants.
If you are even remotely interested in Network Security or Penetration Testing, it's a really invaluable tool.
Curse you, mod point allocation bot! I need to mod parent 'eye-opening if, like me, you never considered how much work goes into a distro'.
They whose government reduces their essential liberties for temporary security, receive neither liberty nor security.
" Damn Vulnerable Linux unknown"
It's based on Debbian and Knoppix. See: http://distrowatch.com/table.php?distribution=damnsmall
" Tinfoil Hat Linux unknown"
Not listed on Distrowatch, or at least I couldn't find it :(
" live.linuX-gamers.net unknown"
It's based on Arch, see: http://distrowatch.com/table.php?distribution=linuxgamers
" Tiny Core Linux unknown"
Independent (self-rolled). See: http://distrowatch.com/table.php?distribution=tinycore
If you want details about Linux Distributions there's no better place I know of, or more comprehensive, than distrowatch.com. Really surprised Tinfoil is not listed!
hehe. Thanks. :)
Really, I hadn't thought it was so hard until I tried. I'm glad I did. It's something every really serious senior Linux admin should try at least once. Besides a very interesting understanding of how things work beyond "type this command, watch this happen", it taught me to respect my elders, and watch for mistakes that are made (like the patching chaos that is the Redhat/Debian/derivatives world).
After that dive in, I pray to the Slackware god, since he does things pretty damned close to the way I like. There are several finer points that I could probably argue with Patrick about over beers sometime (assuming we're ever in the same place at the same time, and he'd accept a free drink or three). Not that the argument would get anywhere, but it would be a nice discussion, and a fun excuse to drink. Bah. Who needs excuses for that? :)
Serious? Seriousness is well above my pay grade.
Thanks. Since the only one left is tinfoil, I grabbed it, and did a little poking around. Just based on the mentions in the readme.txt, it may be a self-rolled distro. It to be Busybox based. I was thinking of rolling one of those up myself, except busybox annoys me when it can't do particular things because it doesn't understand posix flags (my biggest annoyance is with cp). That can be corrected easily enough with some select static binaries, rather than symbolic links to busybox. :)
... Target
... Target
... and over ... and over ...
The busybox "cp" flags are:
cp [-a] [-d] [-p] [-R] Source
The posix "cp" flags are:
cp [-f] [-H] [-i] [-p] [-r | -R] [--] Source
There are others, I've just had quite a few occasions to boot to a Busybox based CD, and then my commands don't work. Or worse, a script on the machine doesn't work because the flags don't work.
So the distro tally is up to:
Damn Vulnerable Linux Debian
Tinfoil Hat Linux self-rolled (?)
CAINE Ubuntu
CAELinux Ubuntu
Ubuntu Christian Edition Ubuntu
live.linuX-gamers.net Arch
Parted Magic Ubuntu
GMusix GNU+Linux Debian
Zeroshell Linux self-rolled - LFS methods
Mythbuntu Ubuntu
Damn Small Linux Debian
Tiny Core Linux self-rolled
Ubuntu (5) 41.6%
Debian (3) 25.0%
Arch (1) 8.3%
--------------
Known Distros (9) 75.0%
Original (3) 25.0%
That's still a long way from a list of distros to check out, unless you like checking out the same thing over
BTW, sorry for the code formatting. I wanted to keep my columns straight in the data parts of the post, and I don't know of a better way on here to do it.
Serious? Seriousness is well above my pay grade.
I only did it to differentiate between those who have chosen to use Ubuntu, and those who didn't. I know Ubuntu is a pretty skinned Debian with some extra patches. Ubuntu patches on top of Debian patches, on previously good code, what could possibly go wrong. Oh, lots.
It's similar to CentOS being a patched derivation of RHEL. It's another layer of people messing with perfectly good code, and making it not so perfectly good. In the list provided, there were no CentOS, RHEL, nor Fedora variations, so I didn't mention them.
I'm anything but a fan of messing with someone else's code, unless it's for internal use. Sure, I'll make my own changes to your code, but I won't then distribute it as if it was as good as the original. I know there are a lot of authors and software companies/groups who agree with me on that. My changes are usually performance patches (as necessary), and usually commented in the code that the change may be acceptable. For example, here's one I use on Apache for my web servers:
cd apache_$apache/src/include ; cat httpd.h | sed -e s/HARD_SERVER_LIMIT\\ 256/HARD_SERVER_LIMIT\\ 4096/g > httpd.h.new ; mv httpd.h.new httpd.h.
(that's just one line of my 152 line Apache/PHP/mod_ssl build script. It's 76 lines without the comments and stdout messages showing the status of the build)
I don't pass it off my Apache as the official Apache version though. It's known if you use my Apache/PHP/mod_ssl build script, it will make some minor changes like this. If you use my build of Apache, it's a given I've made some changes. It's amazing, I can drop this on just about any server, and it's blazing fast compared to the RH provided one. I can't comment on what changes Debian or Ubuntu make to their installed version of Apache, I haven't needed to deal with that yet for a high load production environment.
Serious? Seriousness is well above my pay grade.
What is it with Slackware that attracts so many wannabe "hacker" types like yourself? Those "Wannabe-Windows clones" you speak of can all be just as "hardcore" (as if compiling a kernel is hardcore in any way), and the only notable architectural difference between Slack and "Wannabe-Windows clones" is that Slack uses a BSD style init instead of the not exactly Windows-like SysV.
Yes, Slack is good and well respected, but I swear that among the clueless faux-elitist morons I've come across, more are using Slack than all the other OSes combined.
I think the implication about the "Wannabe-Windows clones" was that there are a lot of "1337" Ubuntu users who go around preaching about how awesome Linux is even though they lack any in-depth knowledge of it, they just popped in a Live-CD and installed it using the GUI installer (which is pretty much just a matter of hitting Next until it's done).
Now, I'll admit that back in the 90s I was a bit of a Open Source evangelist but at least I had some basic knowledge of *nix, these days I keep ending up in conversations with friends of mine who have never used a terminal emulator where they try to convince me of how awesome Ubuntu is (because it's Linux!) and even when I point out that my day job involves keeping a load-balanced Linux cluster running and that I have no Windows machines at home they will keep badgering me with teh awezoomnes of Ubuntu and telling me how I should move from FreeBSD, OS X, Debian and other distros to Ubuntu. Without trying to brag about my own skills it does feel a bit like a random recently converted christian of the protestant kind trying to convert a catholic bishop to his brand of christianity even though he himself knows little of the bible beyond "jesus and god good, satan bad"...
These are the kind of users who almost exclusively run "Wannabe-Windows clones" and apply cargo-cult solutions to any problem they may have. I can understand the frustration with them.
Greylisting is to SMTP as NAT is to IPv4
Debian patches are usually kept to a miniumum, as long as upstream is still active. (Debian has become the de facto upstream for some packages, including a few GNU packages.)
The most common changes include adding a manpage if one does not exist, and tweaking the install paths so the system conforms to the FHS. Now sometimes larger changes do occur, but usually that is because upstream has not yet accepted the patch, or is sometimes a cherry picked back-ported patch from the development branch, but we try to keep these to a minimum.
Let us look at Debian's apache2 patches for an example.
The first patch adjusts "httpd --version" to display LSB_release information (i.e. identify the build as a Debian patched build).
The next patch changes an example script's she-bang line to use "/usr/bin/perl" instead of "/usr/local/bin/perl".
The next patch tweaks configuration include globbing so as not to include extra files that dpkg may create in /etc/apache2 while asking the user if they want to use the the shipped configuration file (if it has changed since the version installed, or use the customized file the user has created, or merge the changes.) This is clearly specific to dpkg-based distros.
The next patch tweaks the apxs script to not bother checking if Apache was compiled with shared library support, because Debian always configures it with shared library support, and Debian allows apxs to be used even when the "httpd" binary is not installed.
The next patch tweaks the config.layout file (which is explicitly designed to be customized by distributions!) to conform to the FHS. It also adjusts the configure script so the correct directories are used, and finally adds a #define to ap_config_layout.h.in that specifies the location of the default PID log.
The next patch further adjusts the apxs script to use httpd.conf rather than apache2.conf, tweaks the permissions it uses, and a few other path related adjustments.
It patches unixd.c to work correctly is suexec is built as a a shared library module.
The next patch changes the dbmmanage script to support both hash and btree based DBM files.
The next patch tweaks how the apxs script calls libtool to keep it from issuing an inappropriate warning.
The next patch tweaks envvars-std.in so that LD_LIBRARY_PATH is not propagated, since Debian has no need to for that, and copying in the building user's personal LD_LIBRARY_PATH is undesirable.
The next patch fixes prevents a buffer overflow attack on the htdigest executable.
The next patch changes suexec.c to use the close-on-exec flag for file descriptors, allowing the resulting error to be logged, which the existing code does not properly support (despite the claimsin the comments). This patch has also been comitted upstream.
The next patch tweaks the usage message to exose the -X flag.
The next patch tweaks logresolve to support line lengths greater than 1024 bytes. Many distos have this patch, but I am unsure if upstream has fixed it. I don't see any bug for it in Apache's bugzilla database.
The next patch is one for the configure script to permit the option "--enable-modules=none" to build an httpd with no optional modules enabled.
The next patch fixes a known security vulnerability (CVE-2007-1742) in suexec.c
The next patch fixes a segfault caused by inaproprtiately freeing memory in ab.c. This patch has been accepted upstream.
The next patch disbabled mod_deflate for HEAD requests to mitigate a ptential DOS attack.
There are more, but I am getting tired of typing them up.
Stylish sheet to fix many problems in Slashdot's D3: https://gist.github.com/801524