Language Selection

English French German Italian Portuguese Spanish

Sidux 2007-03.1 "Gaia": A closer look

Filed under

(Note: gfranken beat me to it. Wink )

Some Background

Debian is one of the oldest, best-known Linux distributions, due to its excellent package management system and its huge pool of pre-compiled software for a large number of architectures. Many other popular distributions (most notably, Ubuntu) are based on it.

You may recall that Debian's releases are named after characters from the Disney film Toy Story; thus the previous stable release was named "Sarge," and the current release, "Etch."

Debian has three branches, or "suites," if you will, of software. New packages enter the "unstable" branch (a.k.a. "Debian Sid," after the Toy Story character who liked to mangle toys). After a period of testing, packages then go into the "testing" branch (currently named "Lenny," which will also be the name of the next stable version). The third, "stable" branch is what's in the current stable release, Debian Etch, and its software won't change except for periodic bug fixes and security updates. (Unlike stable and testing, Debian Sid never changes names.) Although it's got a reputation for having a long, irregular release cycle (one of the main criticisms of Debian), its developers update it with new versions of software all the time. But you usually have to run Sid or testing to get them.

Debian Sid is usually not as unstable as you might think, despite the way the Debian Reference guide puts it: "The advantage of using the unstable distribution is that you are always up-to-date with the latest in the Debian software project – but if it breaks, you get to keep both parts." Unless you're able to deal with such esoteric problems as diagnosing a buggy post-install script, or figuring out how to deal with a major change in the directory structure of, you might occasionally find running a Debian Sid-based system to be more than you can handle. And that's where Sidux comes in.

(In fact, the reason Sidux came out with version 2007-03.1 is due to one of those "bumps" in Sid.)

Introducing Sidux

Sidux's goal is to allow mere mortals the ability to run Debian Sid on the desktop, in order to take advantage of the latest Debian software available. Its development team helps guide its users through the occasional bumps in Sid, via IRC and its user forum. Another goal is to offer a consistent release cycle. Sidux comes with a variety of "convenience scripts" and utilities you won't find in Debian proper, that make it easier to do such things as administer your system and install proprietary software.

The Sidux CDs (which come in "lite" and "full" versions for 32-bit and 64-bit platforms) only includes software that meets the Debian Free Software Guidelines (and, as far as I can tell, German law comes into play as well, since so many of Sidux's developers are German). This means that you won't find such software as Adobe Reader, Adobe Flash, mplayer, Microsft web fonts, or multimedia codecs (including the deCSS codec allows you to play commercial DVDs) on the Sidux CDs. (Also, Sidux only ships with KDE by default.)

Sidux's insistence on DFSG-only software carries over to the repositories enabled by default in /etc/apt/sources.list. You will normally need to add the "contrib" and "non-free" sections manually (although a custom script named "smxi" will do that for you; as will the "metapackage installer" in the "Sidux" menu — read on for more details).

Sidux is packaged as a live CD with a GUI-based installer. It offers a comprehensive user manual, available online and included on the live CD. Unlike Ubuntu, Sidux doesn't shy away from the command line. As with Debian itself, the scripts it offers for your convenience are often command line-based.

Sidux's user manual

Running Sidux

I tested Sidux in live mode on my Presario V2000 laptop, which has an ATI chipset. Sidux booted up using the open-source radeon driver. It didn't configure itself for my widescreen (1280x768) display. Although I could change that using KDE's "Screen resize & rotate" utility, it left too many screen artifacts behind. I used a Sidux "convenience script" named "change-res" to do it for me, and restarted X.

Getting on the network might have been easy if I'd simply plugged in an Ethernet cable, but I wanted to test wireless connectivity. The odd thing is that a kernel module for my Broadcom BCM4318 chipset comes with this kernel, but it doesn't work out of the box. If I'd plugged in an Ethernet cable, I could have installed the "bcm43xx-cutter" utility, which in turn installs more software, and enables the existing bcm43xx kernel module to work.

I decided to use ndiswrapper instead, since I had the Windows drivers for my chipset saved on another partition. But in order to use ndiswrapper, you have to remove the pre-existing bcm43xx kernel module (with "rmmod bcm43xx") before starting. Sidux includes GUI-based utilities to set up ndiswrapper and connect via DHCP, but for some reason they didn't work for me. The tried-and-true command line method ultimately got me online.

Installing the proprietary ATI driver while running the live CD was a simple matter of going to a console with Ctrl-Alt-F1 and running another of Sidux's convenience scripts, "sgfxi," as root. It correctly detected my graphics chipset (it works with NVIDIA cards as well), installed the correct driver, and restarted KDE.

I installed Sidux to a spare partition on my rather low-end AMD Sempron 2200+ test box, which has an NVIDIA GeForce 4 MX 440 graphics card. After installation, everything worked fine. The only "gotcha" came when I used another Sidux script named "get-sidux-binary-gfx" to install the proprietary NVIDIA driver. I probably didn't use the correct script option, because it installed the newest (100.14.11) driver, which doesn't work with my legacy card. However, using the aforementioned "sgfxi" script instead did install the correct driver.


Sidux's installer (more screenshots of the installer are available in the gallery)

Sidux doesn't come with the Synaptic package manager or many games, but it's certainly easy enough to do from the command line with "apt-get".

Some of the more interesting software that comes with Sidux includes:

  • Custom kernel
  • Mozilla Firefox (or, as Debian dubs it, Iceweasel)
  • PDFedit 0.3.1
  • 2.2.1
  • The GIMP 2.2.17
  • WengoPhone 2.1.1

In addition, Sidux comes with a digital video recorder configurator; several custom utilities that live in the KDE control panel, collectively known as "siduxcc," that allow the user to perform common system administration tasks; and quite a few scripts to help the user administer his or her system. The "daddy" of them all is named "smxi," which will take you through everything from the installation of a new kernel, to upgrading your system, to changing your default repositories and installing particular groups of software, to installing proprietary video drivers. It's quite the Swiss army knife of scripts.

"siduxcc" custom administration utilities

Sidux includes a "metapackage installer," along with a manual to go with it, that allows a user to install popular software without having to spend a lot of time hunting it down. The metapackage installer can also adjust your Debian repository list to include the "contrib" and "non-free" pools, so you don't have to edit "sources.list" manually. Sidux also includes an update notifier (named "siduxcc-hermes") that sits in the system tray, and lets you know, among other things, when there are new packages available.


Sidux's metapackage installer and update notifier

For those who like eye candy, a Sidux contributor's set up a Beryl and Compiz Fusion repository.

Beryl running on Sidux

Beyond that, the Sidux manual and the Sidux wiki include quite a bit of information for specialized needs, including instructions on how to set up LAMP, how to use encrypted filesystems, and how to set up anonymous Internet access.

In Conclusion

For those who have no prior experience with Debian, Sidux offers an easy way to get a working system installed quickly, due to its excellent hardware detection. The Debian learning curve might be steep, but is lessened by the excellent documentation and added scripts. Be advised that Debian beginners will be expected to "RTFM" (including searching the forum for answers — the forums, in my opinion, can sometimes exhibit a brusque, "pull no punches" attitude).

Sidux is turning out to be a well-supported, stable system. It's obvious that its contributors have done a huge amount of work, producing a lot of useful documentation and customized scripts and utilities in a relatively short amount of time. Anyone wanting to run Debian Sid should take a close look at Sidux.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Nice review

Nice job--you had to "one-up" me, but I'm glad you did--your review gives folks some real insight into Sidux. Wish I'd had the benefit of reading your review before I tried it.

Oh well, as I said, it was my first real foray with a Debian derived distro.



I wasn't trying to one-up you, really. Smile I started writing that three days ago. The original title was going to be, "Debian Sid Made Easy." (It's been too long since I've contributed something...)

Anyway, the interesting thing about Sidux is, the more you play with it, the more you discover. They've added a lot to it. Call it "Enhanced Debian."


Both are good reviews. sidux is a special distro. It allows a near novice to run Debian Sid and that is no small feat. I have Etch running on my main box with sidux on another box. It's fun to compare performance. The sidux developers have done such a good job that sidux is almost as stable as Etch and Etch is a rock!

Edit: sidux has the most up-to-date hardware drivers. I recently purchased a new mobo. Etch wouldn't recognize the on-board ethernet adapter but sidux did.

Excellent review

Great to see a decent review,I have found sidux stable and fast,"smxi" is brilliant,Gaia is excellent, well worth the d/load,Any Q the Sidux irc forum is most helpfull,Smile

new to linux/sidux ?

then be weary..I know someone who was in their IRC channel, and while maybe ? that 'forum' can be more hostile I dont think she deserved what she got..she asked a question about her USB device that could not be read and while I wasn't there I felt that what she 'showed me' of her logs seemed void of a helpful nature, but insteads seemed a bit scolding that she should have known what to do if she had maybe done her 'homework'.

Her main Operating System is vista so I guess she should have known better than to expect linux/sidux to just magicallly 'work' for what she was doing, but honestly I guess what she learned yesterday, was that Sidux indeed isn't ready for USB ( amoung other things; I think she liked what she was hearing from what she said was the distrowatch interview ).

She feels she wasted her time installing it and now must find something else. She once liked gnome but says she wont go anywhere near it because of what friends tell her is a dangerous move by gnome to embrace mono project and the apps that come from that development platform; hence she wont use Ubuntu and why she thought Sidux with kde sounded enticing, but now that is up in smoke for her due to the treatment she received by the IRC team.

Way to go Sidux for yet another venture into the linux is only for geeks spectacular.


Re: new to linux/sidux ?

I haven't spent any time with the Sidux support folks--but Sidux is really an intermediate distro--easier than Debian, certainly, but not really a newbie distro.

If your friend is looking for the perfect linux KDE distro for one new to linux, I'd recommend PCLinuxOS. Not only is installing and using PCLOS turnkey, it has a friendly and helpful community. It also has a large repository of installable packages, and generally, everything just works.

Debian is one of the oldest,

Debian is one of the oldest, best-known Linux distributions, due to its excellent package management system and its huge pool of pre-compiled software for a large number of architectures. Many other popular distributions (most notably, Ubuntu) are based on it.

You may recall that Debian's releases are named after characters from the Disney film Toy Story; thus the previous stable release was named "Sarge," and the current release, "Etch."

More in Tux Machines

Linux 4.8.4

I'm announcing the release of the 4.8.4 kernel. And yeah, sorry about the quicker releases, I'll be away tomorrow and as they seem to have passed all of the normal testing, I figured it would be better to get them out earlier instead of later. And I like releasing stuff on this date every year... All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git:// linux-4.8.y and can be browsed at the normal git web browser: Read more Also: Linux 4.7.10 Linux 4.4.27

New Releases: Budgie, Solus, SalentOS, and Slackel

  • Open-Source Budgie Desktop Sees New Release
    The pet parakeet of the Linux world, Budgie has a new release available for download. in this post we lookout what's new and tell you how you can get it.
  • Solus Linux Making Performance Gains With Its BLAS Configuration
    - Those making use of the promising Solus Linux distribution will soon find their BLAS-based workloads are faster. Solus developer Peter O'Connor tweeted this week that he's found some issues with the BLAS linking on the distribution and he's made fixes for Solus. He also mentioned that he uncovered these BLAS issues by using our Phoronix Test Suite benchmarking software.
  • SalentOS “Luppìu” 1.0 released!
    With great pleasure the team announces the release of SalentOS “Luppìu” 1.0.
  • Slackel "Live kde" 4.14.21
    This release is available in both 32-bit and 64-bit architectures, while the 64-bit iso supports booting on UEFI systems. The 64-bit iso images support booting on UEFI systems. The 32-bit iso images support both i686 PAE SMP and i486, non-PAE capable systems. Iso images are isohybrid.

Security News

  • Free tool protects PCs from master boot record attacks [Ed: UEFI has repeatedly been found to be both a detriment to security and enabler of Microsoft lock-in]
    Cisco's Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks. The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub. The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems. Since the MBR code is executed before the OS itself, it can be abused by malware programs to increase their persistence and gain a head start before antivirus programs. Malware programs that infect the MBR to hide from antivirus programs have historically been known as bootkits -- boot-level rootkits. Microsoft attempted to solve the bootkit problem by implementing cryptographic verification of the bootloader in Windows 8 and later. This feature is known as Secure Boot and is based on the Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.
  • DDOS Attack On Internet Infrastructure
    I hope somebody's paying attention. There's been another big DDOS attack, this time against the infrastructure of the Internet. It began at 7:10 a.m. EDT today against Dyn, a major DNS host, and was brought under control at 9:36 a.m. According to Gizmodo, which was the first to report the story, at least 40 sites were made unreachable to users on the US East Coast. Many of the sites affected are among the most trafficed on the web, and included CNN, Twitter, PayPal, Pinterest and Reddit to name a few. The developer community was also touched, as GitHub was also made unreachable. This event comes on the heels of a record breaking 620 Gbps DDOS attack about a month ago that brought down security expert Brian Krebs' website, KrebsonSecurity. In that attack, Krebs determined the attack had been launched by botnets that primarily utilized compromised IoT devices, and was seen by some as ushering in a new era of Internet security woes.
  • This Is Why Half the Internet Shut Down Today [Update: It’s Getting Worse]
    Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.
  • Major DNS provider Dyn hit with DDoS attack
    Attacks against DNS provider Dyn continued into Friday afternoon. Shortly before noon, the company said it began "monitoring and mitigating a DDoS attack" against its Dyn Managed DNS infrastructure. The attack may also have impacted Managed DNS advanced service "with possible delays in monitoring."
  • What We Know About Friday’s Massive East Coast Internet Outage
    Friday morning is prime time for some casual news reading, tweeting, and general Internet browsing, but you may have had some trouble accessing your usual sites and services this morning and throughout the day, from Spotify and Reddit to the New York Times and even good ol’ For that, you can thank a distributed denial of service attack (DDoS) that took down a big chunk of the Internet for most of the Eastern seaboard. This morning’s attack started around 7 am ET and was aimed at Dyn, an Internet infrastructure company headquartered in New Hampshire. That first bout was resolved after about two hours; a second attack began just before noon. Dyn reported a third wave of attacks a little after 4 pm ET. In all cases, traffic to Dyn’s Internet directory servers throughout the US—primarily on the East Coast but later on the opposite end of the country as well—was stopped by a flood of malicious requests from tens of millions of IP addresses disrupting the system. Late in the day, Dyn described the events as a “very sophisticated and complex attack.” Still ongoing, the situation is a definite reminder of the fragility of the web, and the power of the forces that aim to disrupt it.
  • Either IoT will be secure or the internet will be crippled forever
    First things first a disclaimer. I neither like nor trust the National Security Agency (NSA). I believe them to be mainly engaged in economic spying for the corporate American empire. Glenn Greenwald has clearly proven that in his book No Place to Hide. At the NSA, profit and power come first and I have no fucking clue as to how high they prioritize national security. Having said that, the NSA should hack the Internet of (insecure) Things (IoT) to death. I know Homeland Security and the FBI are investigating where the DDoS of doomsday proportions is coming from and the commentariat is already screaming RUSSIA! But it is really no secret what is enabling this clusterfuck. It’s the Mirai botnet. If you buy a “smart camera” from the Chinese company Hangzhou XiongMai Technologies and do not change the default password, it will be part of a botnet five minutes after you connect it to the internet. We were promised a future where we would have flying cars but we’re living in a future where camera’s, light-bulbs, doorbells and fridges can get you in serious trouble because your home appliances are breaking the law.
  • IoT at the Network Edge
    Fog computing, also known as fog networking, is a decentralized computing infrastructure. Computing resources and application services are distributed in logical, efficient places at any points along the connection from the data source (endpoint) to the cloud. The concept is to process data locally and then use the network for communicating with other resources for further processing and analysis. Data could be sent to a data center or a cloud service. A worthwhile reference published by Cisco is the white paper, "Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are."
  • Canonical now offers live kernel patching for Ubuntu 16.04 LTS users
    Canonical has announced its ‘Livepatch Service’ which any user can enable on their current installations to eliminate the need for rebooting their machine after installing an update for the Linux kernel. With the release of Linux 4.0, users have been able to update their kernel packages without rebooting, however, Ubuntu will be the first distribution to offer this feature for free.
  • ​The Dirty Cow Linux bug: A silly name for a serious problem
    Dirty Cow is a silly name, but it's a serious Linux kernel problem. According to the Red Hat bug report, "a race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."
  • Ancient Privilege Escalation Bug Haunts Linux
  • October 21, 2016 Is Dirty COW a serious concern for Linux?
  • There is a Dirty Cow in Linux
  • Red Hat Discovers Dirty COW Archaic Linux Kernel Flaw Exploited In The Wild
  • Linux kernel bug being exploited in the wild
  • Update Linux now: Critical privilege escalation security flaw gives hackers full root access
  • Linux kernel bug: DirtyCOW “easyroot” hole and what you need to know
  • 'Most serious' Linux privilege-escalation bug ever discovered
  • New 'Dirty Cow' vulnerability threatens Linux systems
  • Serious Dirty Cow Linux Vulnerability Under Attack
  • Easy-to-exploit rooting flaw puts Linux PCs at risk
  • Linux just patched a vulnerability it's had for 9 years
  • Dirty COW Linux vulnerability has existed for nine years
  • 'Dirty Cow' Linux Vulnerability Found
  • 'Dirty Cow' Linux Vulnerability Found After Nine Years
  • FakeFile Trojan Opens Backdoors on Linux Computers, Except openSUSE
    Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed in live attacks. Russian antivirus vendor Dr.Web discovered this new trojan in October. The company's malware analysts say the trojan is spread in the form of an archived PDF, Microsoft Office, or OpenOffice file.

today's howtos