Language Selection

English French German Italian Portuguese Spanish

In praise of KANOTIX -- A biased introduction

Filed under
Reviews

There are almost too many Linux distros to count, and many live Linux CDs. So what is KANOTIX, and what's so great about it?

KANOTIX is two things. First, it's a live Linux CD, based on Debian Sid, with plumbing -- excellent hardware detection scripts -- based on the well-known Knoppix live CD. In "live CD" mode, you can do many things, including:

  • Experimenting with Linux without installing it to your computer's hard drive
  • Connecting to the Internet and other computers
  • Fixing broken Linux and Windows installations
  • Computer forensics
  • You can also install the proprietary nVidia driver (although not the ATI driver) while running off the live CD, if you use one of the two latest "preview" releases, KANOTIX-2006-VDR-RC6 (link to ISO)
But KANOTIX's main raison d'être is to be a simple way to get a robust, enhanced version of Debian Sid installed on your computer. In order to do that, it includes an installation program that's fairly simple and straightforward to use. The installer can also be used to upgrade an existing KANOTIX installation.

It also provides the benefits of:

  • Customized kernels, with support for specialized hardware
  • Versions for 32- and 64-bit CPUs
  • Many cusomized scripts (e.g. an easy way to install accellerated nVidia or ATI drivers)
  • End-user documentation, in the form of a FAQ; a Wiki; and an Installation Manual
  • A forum and an IRC channel (link goes to a Web-based interface) for quick answers to problems
A bit of background is in order for those unfamiliar with Debian. Debian is an excellent, if somewhat geek-oriented, version of Linux to use, mainly due to its package management system, APT. I remember trying to install a new version of Pan, the newsreader, on a 7.x version of Red Hat (before the days of Fedora), and getting stuck in RPM dependency hell. Long story short, I ended up having to upgrade to version 8 (which had, thankfully, just come out) in order to get the mess sorted out. Nowadays, with front ends such as YUM, this isn't such a big issue. But the benefit of having an APT-based system is that dependencies are normally all sorted out for you, and running the command apt-get install pan would be all it takes to get pan, and all its dependencies, either installed for the first time, or upgraded to the latest version. (And there's a huge amount of software available in Debian's repositories, around 15,500 packages.)

Debian software comes in three distributions: Debian Stable ("Sarge"); Debian Testing ("Etch"), and Debian Unstable ("Sid"). (The nicknames are based on characters from the movie Toy Story.) As mentioned earlier, KANOTIX is based on Debian unstable. "Unstable" is a bit of a misnomer; generally speaking, it's as stable as any other bleeding-edge distro out there. However, as the Debian Reference notes, "The advantage of using the unstable distribution is that you are always up-to-date with the latest in the Debian software project—but if it breaks, you get to keep both parts. :-)"

And sometimes, changes do break things. For example, X.org was recently updated from version 6.9 to 7.0, with major changes to existing directory structures and configuration files. As any Linux user has experienced, documentation often doesn't keep up with changes, and that's especially true of Debian Sid. Fortunately, the KANOTIX team was there with advice on when it was OK to upgrade and how to upgrade; and they wrote custom scripts to make things work correctly.

Since KANOTIX is based on Debian Sid, you can upgrade all packages to current by running apt-get update && apt-get dist-upgrade Of course, you can always run KANOTIX without making any updates whatsoever, and just upgrade when a new version of KANOTIX comes out.

Debian has a repuation for being a bear to get working, especially for the newbie. And if CDs are only available for Debian Sarge, how do you install Debian Sid? As they say, you don't; you install Debian Sarge and upgrade to Sid -- or, you can install KANOTIX.

Some are put off by the fact that the KANOTIX forum has a large German section, and that a lot of the conversation on the IRC channel takes place in German. The reason for this is that KANOTIX's largest user base is in Germany, where it's produced. However, the English section of the forum is large and growing, and all the KANOTIX developers speak (and answer questions in) English.

Also, don't be put off by KANOTIX's latest offering being called a "preview" release. It's installation-ready.

So, please try KANOTIX and see what you think. Hopefully you'll end up liking it, and its community, as much as I do.

More in Tux Machines

today's leftovers

  • MX Linux Review of MX-17 – For The Record
    MX Linux Review of MX-17. MX-17 is a cooperative venture between the antiX and former MEPIS Linux communities. It’s XFCE based, lightning fast, comes with both 32 and 64-bit CPU support…and the tools. Oh man, the tools available in this distro are both reminders of Mepis past and current tech found in modern distros.
  • Samsung Halts Android 8.0 Oreo Rollouts for Galaxy S8 Due to Unexpected Reboots
    Samsung stopped the distribution of the Android 8.0 Oreo operating system update for its Galaxy S8 and S8+ smartphones due to unexpected reboots reported by several users. SamMobile reported the other day that Samsung halted all Android 8.0 Oreo rollouts for its Galaxy S8/S8+ series of Android smartphones after approximately a week since the initial release. But only today Samsung published a statement to inform user why it stopped the rollouts, and the cause appears to be related to a limited number of cases of unexpected reboots after installing the update.
  • Xen Project Contributor Spotlight: Kevin Tian
    The Xen Project is comprised of a diverse set of member companies and contributors that are committed to the growth and success of the Xen Project Hypervisor. The Xen Project Hypervisor is a staple technology for server and cloud vendors, and is gaining traction in the embedded, security and automotive space. This blog series highlights the companies contributing to the changes and growth being made to the Xen Project and how the Xen Project technology bolsters their business.
  • Initial Intel Icelake Support Lands In Mesa OpenGL Driver, Vulkan Support Started
    A few days back I reported on Intel Icelake patches for the i965 Mesa driver in bringing up the OpenGL support now that several kernel patch series have been published for enabling these "Gen 11" graphics within the Direct Rendering Manager driver. This Icelake support has been quick to materialize even with Cannonlake hardware not yet being available.
  • LunarG's Vulkan Layer Factory Aims To Make Writing Vulkan Layers Easier
    Introduced as part of LunarG's recent Vulkan SDK update is the VLF, the Vulkan Layer Factory. The Vulkan Layer Factory aims to creating Vulkan layers easier by taking care of a lot of the boilerplate code for dealing with the initialization, etc. This framework also provides for "interceptor objects" for overriding functions pre/post API calls for Vulkan entry points of interest.

Logstash 6.2.0 Released, Alfresco Grabbed by Private Equity Firm

  • Logstash 6.2.0 Release Improves Open Source Data Processing Pipeline
    The "L" in the ELK stack gets updated with new features including advanced security capabilities. Many modern enterprises have adopted the ELK (Elasticsearch, Logstash, Kibana) stack to collect, process, search and visualize data. At the core of the ELK stack is the open-source Logstash project which defines itself as a server-side data processing pipeline - basically it helps to collect logs and then send them to a users' "stash" for searching, which in many cases is Elasticsearch.
  • Alfresco Software acquired by Private Equity Firm
    Enterprise apps company taken private in a deal that won't see a change in corporate direction. Alfresco has been developing its suite of Enterprise Content Management (ECM) and Business Process Management (BPM) technology since the company was founded back in June of 2005. On Feb. 8, Alfresco announced that it was being acquired by private equity firm Thomas H. Lee Partners (THL). Financial terms of the deal are not being publicly disclosed.

Servers and GPUs: Theano, DevOps, Kubernetes, AWS

  • Open Source Blockchain Computer Theano
    TigoCTM CEO Cindy Zimmerman says “we are excited to begin manufacturing our secure, private and open source desktops at our factory in the Panama Pacifico special economic zone. This is the first step towards a full line of secure, blockchain-powered hardware including desktops, servers, laptops, tablets, teller machines, and smartphones.” [...] Every component of each TigoCTM device is exhaustively researched and selected for its security profile based especially on open source hardware, firmware, and software. In addition, devices will run the GuldOS operating system, and open source applications like the Bitcoin, Ethereum and Dash blockchains. This fully auditable stack is ideal for use in enterprise signing environments such as banks and investment funds.
  • Enterprises identify 10 essential tools for DevOps [Ed: "Source code repository" and other old things co-opted to promote the stupid buzzword "devops"]
    Products branded with DevOps are everywhere, and the list of options grows every day, but the best DevOps tools are already well-known among enterprise IT pros.
  • The 4 Major Tenets of Kubernetes Security
    We look at security from the perspective of containers, Kubernetes deployment itself and network security. Such a holistic approach is needed to ensure that containers are deployed securely and that the attack surface is minimized. The best practices that arise from each of the above tenets apply to any Kubernetes deployment, whether you’re self-hosting a cluster or employing a managed service. We should note that there are related security controls outside of Kubernetes, such as the Secure Software Development Life Cycle (S-SDLC) or security monitoring, that can help reduce the likelihood of attacks and increase the defense posture. We strongly urge you to consider security across the entire application lifecycle rather than take a narrow focus on the deployment of containers with Kubernetes. However, for the sake of brevity, in this series, we will only cover security controls within the immediate Kubernetes environment.
  • GPUs on Google’s Kubernetes Engine are now available in open beta
    The Google Kubernetes Engine (previously known as the Google Container Engine and GKE) now allows all developers to attach Nvidia GPUs to their containers. GPUs on GKE (an acronym Google used to be quite fond of, but seems to be deemphasizing now) have been available in closed alpha for more than half a year. Now, however, this service is in beta and open to all developers who want to run machine learning applications or other workloads that could benefit from a GPU. As Google notes, the service offers access to both the Tesla P100 and K80 GPUs that are currently available on the Google Cloud Platform.
  • AWS lets users run SAP apps directly on SUSE Linux
  • SUSE collaborates with Amazon Web Services toaccelerate SAP migrations

Chrome and Firefox

  • The False Teeth of Chrome's Ad Filter.
    Today Google launched a new version of its Chrome browser with what they call an "ad filter"—which means that it sometimes blocks ads but is not an "ad blocker." EFF welcomes the elimination of the worst ad formats. But Google's approach here is a band-aid response to the crisis of trust in advertising that leaves massive user privacy issues unaddressed. Last year, a new industry organization, the Coalition for Better Ads, published user research investigating ad formats responsible for "bad ad experiences." The Coalition examined 55 ad formats, of which 12 were deemed unacceptable. These included various full page takeovers (prestitial, postitial, rollover), autoplay videos with sound, pop-ups of all types, and ad density of more than 35% on mobile. Google is supposed to check sites for the forbidden formats and give offenders 30 days to reform or have all their ads blocked in Chrome. Censured sites can purge the offending ads and request reexamination. [...] Some commentators have interpreted ad blocking as the "biggest boycott in history" against the abusive and intrusive nature of online advertising. Now the Coalition aims to slow the adoption of blockers by enacting minimal reforms. Pagefair, an adtech company that monitors adblocker use, estimates 600 million active users of blockers. Some see no ads at all, but most users of the two largest blockers, AdBlock and Adblock Plus, see ads "whitelisted" under the Acceptable Ads program. These companies leverage their position as gatekeepers to the user's eyeballs, obliging Google to buy back access to the "blocked" part of their user base through payments under Acceptable Ads. This is expensive (a German newspaper claims a figure as high as 25 million euros) and is viewed with disapproval by many advertisers and publishers.
  • Going Home
  • David Humphrey: Edge Cases
  • Experiments in productivity: the shared bug queue
    Over the next six months, Mozilla is planning to switch code review tools from mozreview/splinter to phabricator. Phabricator has more modern built-in tools like Herald that would have made setting up this shared queue a little easier, and that’s why I paused…briefly
  • Improving the web with small, composable tools
    Firefox Screenshots is the first Test Pilot experiment to graduate into Firefox, and it’s been surprisingly successful. You won’t see many people talking about it: it does what you expect, and it doesn’t cover new ground. Mozilla should do more of this.