| 1 |
On Tue, Jul 04, 2017 at 01:37:38PM -0400, james wrote |
| 2 |
|
| 3 |
> W. Dnes is the king of minimalist here, so when he gives advise |
| 4 |
> realize it has decades of experimentation to get to where he is on |
| 5 |
> minimization. |
| 6 |
|
| 7 |
Not exactly "decades". I first started linux in late 1999 or early |
| 8 |
2000. The minimalist approach was a side-effect of me being cheap. |
| 9 |
Even though I have a newer machine as my "hot backup" waiting in the |
| 10 |
wings, I want to run my older machine into the ground first. 10 years |
| 11 |
ago I was running a 450 mhz pentium3 with 256 megabytes of ram. Today |
| 12 |
I'm running a 2008 Dell with Core2 Duo and 3 gigs of ram today. I have |
| 13 |
a newer i6 with 8 gigs of ram as the hot backup. Running an older |
| 14 |
limited machine forces you to optimize. The Gentoo USE flags give me |
| 15 |
the control to do the utmost minimization. |
| 16 |
|
| 17 |
I run the plain default/linux profile, and ICEWM as my WM and no |
| 18 |
"desktop environment" (as per my sig). The less attack surface, the |
| 19 |
better. Do not run the Flash plugin or the Java plugin. If you |
| 20 |
absolutely have to do so, use it inside a VM (e.g. QEMU). I have an |
| 21 |
aggressive handcrafted iptables firewall. In addition, my little LAN |
| 22 |
sits behind a NAT-ing router, and I disable UPNP. That covers my |
| 23 |
approach to security. |
| 24 |
|
| 25 |
I run mostly stable, except where an app I want/need is only unstable. |
| 26 |
Gentoo currently defaults to gcc-5.4.0. I've enabled 6.3.0. I have to |
| 27 |
enable ICEWM 1.3.12-r1. The regular stable version built under gcc |
| 28 |
6.3.0 segfaults 1 or 2 seconds after starting. |
| 29 |
|
| 30 |
I used to run with USE="-* blah blah blah". I no longer do that, but |
| 31 |
I aggressively disable USE flags, until something breaks, then I back |
| 32 |
off. My current USE line (it's actually one long line)... |
| 33 |
|
| 34 |
USE="X apng bindist ffmpeg jpeg opengl png szip truetype x264 x265 xorg |
| 35 |
threads webp -acl -berkdb -caps -cracklib -crypt -filecaps -gallium |
| 36 |
-gdbm -graphite -gstreamer -iconv -introspection -ipc -iptables -ipv6 |
| 37 |
-libav -llvm -manpager -nls -openmp -pam -pch -sendmail -tcpd -udev |
| 38 |
-udisks -unicode -xinerama" |
| 39 |
|
| 40 |
Some of the above is over-ridden in package.use. |
| 41 |
|
| 42 |
-- |
| 43 |
Walter Dnes <waltdnes@××××××××.org> |
| 44 |
I don't run "desktop environments"; I run useful applications |
Archives