Minimalistic setup

Hello tek syndicate and Linux enthusiasts

I have some questions about making a minimalistic, lightweight, secure Linux system for myself, how might one go about doing this.

Distro wise, what should i go with maybe Gentoo/sabayon(Sabayon so i don’t have to spend time compiling and instead get work done), Arch(since it does it so this concept beautifully), Fedora(because the great Wayland support) Opensuse (because of Factory and 13.2 are rather good being more community involved then Fedora and as it has se Linux). How stable is factory or should i stick to 13.2? I’ve recently tried out Opensuse 13.1 and Factory and it’s a rather good distro but still experimenting with it. But I’ve found it to be a bit bloated/full featured using the Kde edition. Also 13.2 with plasma 5 should make the plasma experience better. What packages could I remove? I will be mainly using the system for school work so a browser such as ff, a terminal Libre office, a text editor and a file manager should suffice. I really enjoy always being on the latest and up to date software.

Do i need SELinux??? How else do i secure my Linux box?  A nice firewall maybe, a PFsense box or something along those lines for securing my home network?

How would i make sure my system is updated automatically for patches such as the bash vulnerability as an example?

Would i best achieve this type of setup through doing a base/ x session install?

What packages do i need or should have?

What processors should i have on start-up and when my comp first boots up and is idling.

How would you achieve a 100 mb or even less then 60mb system at idle setup.(Is this too little or insecure?)

What would be the optimal de/wm, i was thinking along the lines of i3, bspwm, open box or enlightenment for that fps increase in games due to no compositor. Lxqt looks like a good competitor to xfce. Kde could also be an option with activities or just switch between i3 for work and ob for games? Gnome 3.14 also looks a compelling desktop environment due to its workflow and the rest that goes with it.

i hope i haven’t bored you along the way. Overall i think it’s just time to migrate and move on and gain more experience and knowledge of the Linux atmosphere though Manjaro has been a very good stable distribution for starting out.

 

Go gentoo, strip everything including kernel, use Tinywm or for a DE use LXDE-core, dont use a terminal use tty, or you could just remove X completely.

Keep SELinux, while not really needed, it can help defend against attacks, I would also recommend PaX for security, but thats just me.

Also have only what you need, need a browser, look for the smallest around, need a terminal, go either tty or use TinyWM.

put grub in quiet mode, shaves a few seconds off startup.

Personally I would use Debian testing and follow this guide.

http://forums.debian.net/viewtopic.php?f=16&t=111588

Arch will more than likely have a following, and so will gentoo.

Just evaluate what you need, and pick a distro then go nuts. 

 

Alight then thanks man for your help

Later on when I try the Gentoo way, how would I strip everything including then kernel?

I’ll give Tinywm and Lxde-core a try, how do I use a tty other/instead of  a terminal.

How do I setup a install without x, are there many disadvantages over not using X?

Yea ill keep SELinux and use Pax for extra security.

Is luakit or midori low enough I can I go further?

Can I tile TinyWm or write a script so I can have two terminals side by side so im using all of my screen.

How do I put Grub in silent mode I couldn’t find any recent info on doing so.  

Thanks for the link to the Debian guide, im currently trying this out and ill see how it goes.

 

Okay so if you are using Gentoo, its stripped by default, you do this in your setup, Gentoo and Arch by default are very minimal, stripping the kernel is done in the initial setup, you can also do this on Debian using targetd in the expert install mode.

to use TTY you press ctrl alt F1, or F2 as X normally assigns window 1 to F1.

if you dont use X you wont get a graphical display, X is the server that does all your graphical stuff, you need that for LXDE or TinyWM, or you will be just running TTY all the time.

Dillo is the upmost lightest browser on linux as far as I know, but its very very basic, no HTML5 or other functionality, so just go with something like Chromium.

In TinyWM you have 50 lines of code, you edit them to shape the system to how you personally wish, personally I would go to the effort of getting BSPWM, it looks better, but for pure small size, edit TinyWM.

use this sudo vi /etc/default/grub (Or nano if you want something easier) turn the grub timeout to 0 (this will make the menu pass so quick it wont appear) remove the # from #grub_hidden_timeout=0.

I personally wouldn't use quiet mode, more so if you are still tweaking the system, it can help you get into recovery mode and fix your system, also it can display some useful messages, if your system hangs during boot, you can see where with grub not on silent.

 

Alrighty then ill go play with Gentoo,Arch and Debian in vb  some more and see how i go.

Whats the best way for configuring Bspwm? brennanriddell how to install bspwm guide?, http://www.reddit.com/r/bspwm/wiki/index or https://github.com/windelicato/dotfiles/wiki/bspwm-for-dummies

 What can i do about Firefox and Chromium crashing, i believe i still have flash on this rig which i probably don't need.

If i went the Gentoo or Arch route how do i compile my own kernel with proprietary graphics drivers like Zoltan said he does. I currentley have nvidia cards being a 210,530,550 and 640 but hope to upgrade soon.

So i use git to compile things such as Xonotic or something on Github, but how do i do that?

I would follow brenns guide, he was very good when it came to guides, he wrote the guide that taught me Arch Linux.

How do you mean crashing? What is it giving out, it is a crash and then system printing something like "The process has stopped responding" or something else?

For gentoo follow this - https://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1&chap=7
I can't comment on Nvidia as I don't have a Nvidia card, I run only AMD.

Arch you use ABS (Arch Build System) - https://wiki.archlinux.org/index.php/Arch_Build_System
This will provide you with more information I could give, basically on both, you have to recompile the kernel, I would base it on mainstream kernel (3.16) also if you can get away with it, don't use proprietary drivers, I have seen issues in all systems with them in the past, normally on a kernel upgrade, more around the time of 3.12 to 3.13, from then I only ran KVM drivers, unless your gaming, stick to kvm.

for git you use git clone, you basically clone the folders on the site, using the git clone command of course, I presume you mean this for BSPWM - https://github.com/windelicato/dotfiles/wiki/bspwm-for-dummies
I find it strange how BSPWM is not in the AUR, would be a lovely package to have in AUR.

for your GPU kernel thing, email Zoltan on site and ask him about it, or just post another forum question, most people on here are more knowledgeable than me when it comes to compiling kernels :)

@GoldTurtle

You could use brennanriddel's guides but he's very new to linux himself (to be kind) so I'd recommend using source.

Linky & Gentoo/Arch specifics Also the bspwm developer is an Arch/Gentoo user (bloom) who has posted his wm details. Linky

If you're keen to try out Gentoo you'll need to read the handbook XDroidie626 linked you and AH5's Install Guide.

Any issues post them here as there are a few Gentoo users around.

My advice for basic baby steps;

  • Compile a vanilla/gentoo kernel and initramfs as a failsafe with "genkernel."
  • Once you're up and running install and sync "eix" so you can do instant local package queries.
  • Find whatever kernel sources you're going to build from with "sys-kernel" assuming you're using ~amd64 - bleeding edge.
  • Install the source, then eselect the new kernel to symlink usr/src/linux

 

As you are aiming at a minimal install you will need to use "make config" or "make menuconfig" for kernel configurations which can be time consuming compared with using X.

You can reuse multiple configs. So for example when genkernel builds your default config you can copy it overto a new kernel (or whatever kernel you decide to use) - so on and such ad infinitum; cp /boot/config-(kernel-naming-structure) /usr/src/linux/.config

Building a kernel to include modules from your custom config in Gentoo can be as simple as;

  • root # make -j9     (-j -number of cpu cores +1)
  • root # make modules_install
  • root # make install
  • root # genkernel --install initramfs


If for some reason updates over time from a tainted kernel kill your system (from binary blobs).

  • root # emerge --ask @module-rebuild

Have fun ;)

Madd thanks guys!!!

I was unable to couldn't access the chapter of the Gentoo handbook Xdroid linked me to due to a 404. (I couldn't find which part of the handbook it was ;( )

As for building kernel modules eg this one root # make -j9   (-j -number of cpu cores +1) Would i choose 4 as my i3 as two cores and 4 threads? or just 2 +1?

 

As for my browsers both FF and chromium like to crash randomly either when i open a new tab or when they have had enough. FF just says it may be due to a new tab opening but normally I haven't opened a new tab for a couple of minutes then I have to restore all my tabs :(

Sometimes when watching a You tube or Twitch stream through them also makes them crash is this just flash being a shit? The only extensions I do have is push bullet and ad block. Chromium normally just likes to go aw snap randomly meaning the page died. Firefox still crashes is safe mode and I cant access crash reports due to not existent directory when I look in ~/.mozilla/firefox/Crash Reports/. Nor can I access crash reports in the browser. (when trying about:crashes it just executes invalid address).

When I want to stream Triple J radio(Australian) is wont work as its unable to access flash.

Could I stream it through a music player such as banshee?

 

 

No probs.

Heres the Gentoo handbook linky - Xdroidie was referring to chapter 7 "Configuring The Kernel"

Make -jobs depends on your scheduler; -j5 will be fine, but -j4 will give you some headroom using an i3.

We'd need more info for your browser errors. I'd start with reinstalling all browser dependencies and the browsers themselves.

          ..."Could I stream it through a music player such as banshee?"

Yes you can, but if you want a minimal install just install mplayer and use the command;

    mplayer -playlist http://www.abc.net.au/res/streaming/audio/aac/triplej.pls

Use the abc ip address once you are up and running - I just added the url so you can see it points to a .pls (triplej's itunes option).

Much appreciated :)

i reinstalled the browser dependences ive reinstalled my browsers and their dependences and they seem to be working fine fingers crossed.

Ill report back any with issues with the Gentoo/Arch installations.

@westcoastbadboy

   ..."http://www.linuxfromscratch.org/"

Is that what you like to use?

Speaking of security does anyone know of any RECENT guides to LVM on LUKS? The Arch wiki has this: https://wiki.archlinux.org/index.php/Dm-crypt but it seems vague and doesn't give enough examples of real world situations. It also doesn't give any information on if you have to do anything differently if you have UEFI.

EDIT: I found this nice guide https://gist.github.com/jasonwryan/4618490