Arch Linux

I am thinking about installing Arch because Fedora feels like bloat. I guess if I do not install too many programs it wont break. How is arch from security point of view? Will it be pretty secure if no one has physical access to my computer?

Other urls found in this thread:

manjaro.github.io/download/
twitter.com/NSFWRedditImage

It's Linux, so same as every other distro.

I'm running Arch with 919 packages and have had it running for about a year with no problems. Security is okay, but you have to take a little bit more responsibility setting it up. You gotta set up iptables and firejail stuff accordingly like anything else.

What about SElinux or other PAMs? Are the permissions set properly or do I have to worry about that?

Then you are looking in the wrong place.

I have another question. Can the base packages of pacstrap be installed from the arch live CD without having to getting in from the internet?


why

Because Arch is even less customizable than fucking Debian unstable from a netinstall, which has more fragmented packages. It's a meme distro, it has no purpose whatsoever other than its wiki and baiting people into believing the AUR is awesome.
Hell I don't know much about Fedora but you can probably do the same with it, just go for a minimal install and build up from there.

Fedora does not have a minimal install. The most basic you can probably get is with LXDE.

I quit using Arch during the problems arising from pacman overwriting configuration files during upgrades. If you're not familiar, look into the multiple occurrences of one of the Arch devs being compromised through SSH.

tl;dr pretty much this

assuming they fixed pacman.

On one hand, you're going to get fixes before anyone else.
On the other hand, you're likely to be running software that hasn't been thoroughly tested.

I don't know enough to be able to credibly call it more or less secure.

link?

I don't know. I don't use SElinux. And yes, you should pay attention to permissions.


>It's a meme distro, it has no purpose whatsoever...
That's not true whatsoever. Its a familiar package manager with an extremely large repository. It's a great multitool, client OS.


try manjaro.github.io/download/


You try NoExtract?

Arch is sort of KISS, but not unbloated. Debian would actually be better for that, if you do a minimal netinstall and configure APT to automatically --no-install-recommends. It splits development libraries into separate packages, officially supports non-systemd init systems and has a sane way of removing obsolete packages (Arch's solution involves piping).

For true lack of bloat, use Alpine.

Enjoy your SystemD.

Also, not source based like Gentoo. Repos do have a lot of packages though. In my experience, roughly 1 in 7 AUR packages installation scripts will be misconfigured.

Has been accused of not caring about freedom.

The wiki is unmatched, as far as I know.

I hear Void and hardened Gentoo/Funtoo are generally better alternatives from a security point of view, but might be less convenient.

How is Arch not unbloated? Bulky? sure. Since it packages libraries and headers together. But it uses less programs and is easy on RAM.

Uses less programs when, and compared to what?

For security, it's hard to dispense with compiling everything with a hardened toolchain.

OK. I fired up my VM and arch has 79 tasks taking 71.6MiB RAM. How is debian compared to that?

I don't think I've ever counted tasks (I assume you mean processes?), but I have a system that takes 80 MB of RAM after starting X.

A minimal Debian system is about as large, process-wise, as a minimal Arch system. A bit smaller if you replace systemd.

I should add that it's a system I actually use, not something in a VM. It has a fuckton of packages installed, with some non-base daemons disabled.

Odd how 1/7 don't work for you. I haven't had a single issue with any AUR package

Always a great indicator for someone who doesn't know what he's talking about, when you arbitrarily capitalize unix daemons.