LastOSLinux and General Progress update

Linux is only a kernel. The kernel is a layer to let the operating system control the hardware, it is needed so people who make apps and games don't have to write their own ways to interact with every piece of hardware. So instead they can use "load-file path/filename" and the kernel can read the data from a file.

After the kernel is the tool chain. This is required to give expected tools that can be used from the terminal, it handles security and low level calls.

Above that is the package manager (installed at the end of the tool chain), this allows anyone to add or remove packages on top of the kernel and tool chain, including a login screen, display manager and everything really, it is used to pick which of the following things are used.

Login manager, this can be one of many available, but it's job is to allow picking the user, set which display manager and then the desktop environment.

The display manager is the software that shows what's on the screen etc.

The desktop environment is what the user interacts with. Panels, desktop icons, context menus, widgets, start menus, clocks etc.

The final piece is the file manager, this is what the user can browse the HDDs and move, copy, paste, delete, view thumbnails, make shortcuts etc.

In windows and Mac all these are picked for you. In Linux you are offered over 10 of each and can use multiples and choose from the login screen.

So to break it down:

Distros are the kernel, tool chain and package manager.

Flavour is the login manager, display manager, desktop environment and file manager.


But your not trapped, you can actually change any piece of the OS after its installed, but it can have conflicts or overwritten settings, which is why people tell you to download the distro closest to your needs.

Lastly ARCH and SUSE allow you to start with a terminal and pick each of the above at install time and it will download and set it up fresh. Manjaro has an edition called Architect that can do this, it's on their download page.


This isn't the whole story, but should help people. The main point is choice is a good thing. Windows is like a 16 piece hand held tool kit, able to do most things for the masses. Linux is a mechanics entire tool collection. Unless you know what a tool does and doesn't do, it's nearly useless to you until you take the time to research it or see others using it the correct way.
 

This video sums up the difference between a rolling and static release at the start and says a bit about Arch and how Manjaro is a good choice at the end.

Static releases are like windows - Say windows 7 8, 8.1, 10 and 11 are all static releases and show how they put new updates and features into each OS, some features may get back ported to older releases, but generally the OS version are moving forward and the user is meant to be running the latest once they have their workflow updated and tested in the newer one.

Rolling releases are pretty great though, you can install any version of the OS from ISO or the net or clone an image to another PC and as you run the standard update tool, it'll get all the new versions of each layer of the OS, meaning you never have to reinstall the OS again, it'll just constantly update to the latest tools and features, if KDE or Cinnamon were to release a major version update, Rolling Distro's will offer the newer packages in the updater and if you pick them, they'll upgrade. You may end up with some remnants of previous settings and tools, BUT most packages have a list of installed items in their installer, so when you uninstall them they get triggered for removal, some newer packages will also include a list of conflicting files/settings and move/create backups of them which the package manager allows you to trigger a cleanup once your happy. This said, occasionally if you customise your OS a lot and then do some updates it can cause breakages, this is for example if you change your file manager from their default included one, it may still attempt to revert it back to theirs or add packages you wont use. this is uncommon on mainline distro's, this is the reason I keep things stock and only customise their behaviour and themes etc. that way they wont cause any conflict for you end users.

I hope more people get interested in their OS as Windows can do the task fine, but to me it feels more like watching a movie on free to air TV with ads every 15 minutes (up-sales) and a horrible interface where the buttons rename or move about/change icons etc, or watching a blueray. I do understand their is workflows and hardware that require windows, if you make money or don't have time, then staying on windows is probably the default choice. Still Linux is a nice skill to have.

-EDIT-

There is a Glitch with the Install button in the Manjaro Welcome Screen on the Live OS, it still works but it's got stacked Labels on it, I am not sure what caused this, but it's affecting the Cinnamon and KDE versions. I am not looking to fix it as I expect it to be one of the many changes I did to the build as I don't want to go back through them all one at a time, instead I'll just use my new found knowledge to build from scratch when the time comes to do it again and hope it doesn't reoccur.
 
I wonder if I should move this to another thread, I don't want to crud this one up on the Secure Boot discussion.
I like to use Secure Boot for some of the reasons you mentioned, but I do not for local exploits.
I agree it's a false sense of security if you don't understand what secure boot does.
I remember what steps I had to take to sign VirtualBox to work properly, but it was also a learning lesson to me as well. My drives are encrypted as well, as we have discussed before.
"to date there has not been a public hack that attacks that level" - that does not mean it could happen in the future. But also I've read about how easy it would be to comprimise Secure Boot, but that would just add another layer also. Just a thought.
I found https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot
I'll decide this week if it's worth the bother of going through the steps.
It's a good discussion Glenn. You know how much respect I have for you. Keep up the good work!
I can't stand GNOME.
 
Well the point of this thread was to keep people updated, as your concerns are to do with Secure Boot they are still relevant, if we decide upon a solution then I would be making another thread so that it isn't lost in the discussions and is easy to find by others (and myself in the future when I forget things :D) I often open up LastOS.org to find something I know has been solved but I forgot the specifics of it - even the name of Addons I use in Chrome, or how to enable Dark Mode stuff etc - that is all written here and easy to search for to find, so just make sure if you feel you have a topic with a solution or information that the title of the thread is searchable. I mean I see on other forums titles like "I need help" or "This isn't working for me", these are useless titles as they don't let you know the topic within.

until I know personally know of someone who has had their Boot Loader hijacked, I am not worried about it. there is so many attack vectors, it just doesn't seem like something "required" especially now I am using Linux and it limits access to anything without needing sudo, so right now I am in Windows 10, but I am not planning on downloading anything or installing things. it's purely to use VirtualBox with my Windows Build scripts to automate the creation of my latest Windows 10 IoT x64 build. Meaning I don't have any chance at all of anything infecting my boot loader. now if I was downloading warez and installing them or running patches, cracks or pre patched adminable .exe's, then I'd consider running secure boot, instead I use a Vitrtual Machine inside Linux to patch and build things and I use a Laptop for building Game ppGames etc. so really I don't have to worry about secure boot at all. Plus I keep USB backups of my important stuff and share all my OS modding publicly online and on git, my payment methods are on my phone and require 2FA and my bank is almost always fully empty, so the worst they could do to me is make me feel bad that I was wrong about how easy it is to install a bootkit rootkit :)

What I am saying is, what are you protecting? it's the same as running Antivirus software, I haven't ran it (even defender since it was introduced in XP and 7), the fact is if I got a virus, I'd never trust the OS again and fully nuke the whole HDD and start fresh. only once in all my years have I had anyone hack me, they managed to buy 2 lots of $499 in bitcoins in 2021, I noticed it 6 hours later and my bank refunded me the money and stopped the transaction, I got them to fully disable online banking, which was the vector point they used to do this. My guess was it was a 0-day issue with google chrome and I just happened to be redirected to a dodgy website that used it to info dump my saved password list, google has changed many things since then and I've continued to use them. The goal is to separate your important docs and payment methods from your devices and have Authenticator apps as well as 2FA, I am not worried about my main PC being tampered with as soon as I sense something is off with it, I nuke it and start fresh, even if it's just a dodgy MS update, I do keep a backup image after my fresh installs that I have fallen back to (when I know the OS I would install fresh would be the same version I have in the image anyway).

The best thing I've done is use USB 3.2 M.2 2TB that has my main backups on, this gets synced with freefilesync and goodsync as well as manual backups as needed. In fact none of my documents are on the PC at all, they live on USB and I keep backups of those on 2nd USB's, usually with one unplugged from my system except when I do the new backup.

The way I see it all is I'd rather do things right with backups and if someone hacks my system, they'll not find much. I do understand other people do have money in their bank or have very important files. But then really should you be playing about with Modded Windows/Linux on that machine or should you grab a 2nd PC/Laptop to do it? I mean you don't have to protect every PC you use, just the vault PC with your sensitive info on.


So the fact I know and have done so myself, the bypasses of secure boot and disabling password protected BIOS's/HDD's, knowing that a User level hack is sufficient to extract sensitive data means protecting the device your using isn't as important as protecting the way you authenticate it. This means, keep backups, don't use a single PC for everything and if you do only ever run other OS's in VM's. The fact you can use a KVM and use the exact same screen and mouse etc seems like a bad idea to risk it with. what you can buy a Laptop with it's own screen that offers HDMI output etc for a couple hundred dollars 2nd hand and put a SSD in it for under $100 and have yourself a 2nd machine.


Look I may be way off base, but to me, Secure Boot is only for Business, Enterprise and Education etc. Home users do NOT need it, they don't need full drive encryption and they don't need all their files being moved off their PC into the cloud (like onedrive / backup) does. it's all going to end badly, I am expecting to read more and more tragedy stories in the near future. The cons for this tech can be more devastating than the things they so called "protect" you from. I don't care if others have my data, so long as I have access to my own data. If you think your BIOS dying or your HDD going read only wont happen to you. I've seen both these problems a few times each in the last 12 months - even more often for Phones - these things are dying all the time - so many photos lost.

Sorry this post is everywhere, was a big couple of days making 4 new ISO distro's, updating LLStore to have proper GUI Sudo requests and testing it on 15 different Distro's as well as making sure windows all works fine with it still, then Updating Linux Mint ISO, Windows 10 ISO. That's just my PC stuff I've been doing. So a little fried.
 
Just a small update, I am trying out Debian 13 Trixie - For whatever reason instead of the $XDG_SESSION_DESKTOP being cinnamon or cinnamon-wayland or cinnamon2d like every single other distro I've tested, it set to lightdm-xsession

Meaning the scripts get ignored for the themeing, not sure if I should report it or what, Debian make the standards, so have they put the wrong data into it - or has everyone else?

Anyway, the LLStore works great EXCEPT for the auto setting the theme for cinnamon doesn't occur, I'll update it with a fix soon, might do a 2nd test within lightdm and if the OS is debian, I'll assume it's debian cinnamon if that's the issue, in fact maybe I should just skip testing the OS in the theme scripts and just apply them to all of it, wont hurt to use gsettings to set a wallpaper, mouse cursor etc, even if they get ignored.

I just found it works fine if you pick Wayland or "Cinnamon (Default)", just not "Default Xsession". so this is a non issue, just make sure you pick the correct one. I won't add the lightdm-xsession to the bash scripts as it would probably show the same for KDE and Gnome also. In other words, it was user error
 
Well I brought a 1TB M.2 NVME to put in my laptop (was 512) and put 16GB of ram instead of 8. Now it is running 12 Linux distro's and Windows 10 and 11. So if I need to test something, I can. No need to rely on only VM testing when I can have a AIO machine that has a grub menu with them all available to pick from.

I've also bought 2 more UGreen M.2 NVME enclosures to place the old 512gb one in and a spare for when I am working with other peoples laptops/pc's. I have been using my existing enclosure to fit a 512GB that has ventoy and all the iso installers I could need, it also contains all the builders for my Windows and Linux OS's, so I can fire it up on any OS and pass it through to my VM's to test the latest LLStore (which is kept on there too), it has the ssTek apps and ppGames plus the LLTek Apps and LLGames. it has all my apps etc. I then cloned it to my USB backup HDD to be able to easily make a new USB stick using FreeFileSync or GoodSync or manually just copy things out of it. I no longer build my Windows with all the apps included, it was too much effort, I just have the one cloned USB and once I make a windows installer on my ventoy enabled disk I can boot from partition 1 to access windows BCD or pick partition 2 to boot Ventoy, My BCD menu has SavePE x86, SavePE x64 and the default PE's from 10 x86 and x64 with my job selector AutoIt that replaces setup.exe, meaning it gets ran instead of the real setup.exe, you can pick partition tools, winntsetup, cmd or the real Setup.

In other words I am very happy with the results of all my work and having a USB with everything on a ultrafast M.2 is the best. I even have 100GB of space to do backups of peoples data when I boot to the PE or Live Linux OS's.

I noticed over the last 2 weeks that there is a dew more LastOSLinux Youtube reviews and even a new written review at Distrowatch.

There will always be more work to do, but it feels very usable for me and I've not had an major issues since enabling the GUI Sudo request in LLStore. I have noticed many desktops do NOT update until you log out and back in (or reboot) after installing LLStore, what;s weird is the items installed from LLStore have no problem showing up (except flatpaks that require the reboot too).

During my installing 12 Linux Distro's on my Laptop I only found 3 issues:

SUSE still wont install using Ventoy
Nobara will not boot the installed OS
Zorin can't update GRUB and wont boot to the desktop

So nothing major and they aren't LastOSLinux related at all.
 
I spent the day customising the CachyOS Builder to make a near perfect LiveOS, only as I went to test how it goes installing to the HDD did I realise that it downloads the WHOLE OS from the internet as it installs, so all my cusomisations don't apply to the installed OS - DOH!!!

Well I am gonna not bother with it, the installing of Wine and LLStore post install is simple enough for those who want to use CachyOS as it isn't a beginner friendly OS as such. Looks like I'll stick to Mint and Manjaro as these offer offline installers and that is my preferred method anyway.

-EDIT-

I just noticed that the time passed checked that would stop it re-downloading the online DB's was actually skipping loading the existing downloaded databases at all, it would only show the pre downloaded items in the cache... All fixed now.
 
Glenn said:
near perfect LiveOS
Click to expand...

Do you really mean 'live OS'? Unless I might need to troubleshoot OS I already installed, the live OS is just a brief stop on the way to install permanent OS on disk.

Couldn't you separate those two processes, the live OS and installing on the disk?
I mean why not have just a live OS boot ISO and an installation ISO which when launched would open on that panel where you choose region, keyboard and choose the installation partitions? Am I missing something?

In the past with LastOS Win installs, it made some sense since the idea was to select which apps to have automatically installed post install but probably most of us experienced some glitches and chose to run it manually later on after first reboot (glitches like D: disk letter was taken by the installation usb key and such like).

This way you could make a nice windows user friendly LastOSLiveLinux boot ISO and it would only be used for troubleshooting, or if it was really nice, you could boot into in if you wanted to do some computer work on somebody's machine as it would be full featured linux OS that would look and feel like windows OS.

Maybe it would work with reserved space for permanent file storage too, so if you ran it from fast USB3 NVME M.2 1TB disk, it would be very reasonably fast and you might not even notice you are on live linux.

----------

But I take it, the problem with Cachy OS has noting to do with live OS but with the actual installation on disk where it downloads the whole thing...
In that case, I wonder if you could make a snapshot of the installed and configured Cachy OS using Terrabyte or other disk imaging program which offers 'bare metal' restoration - restoring OS image to a new hardware...

Maybe something to look into? I have never used bare metal restoring, maybe it requires the same hardware and will not work on different computers? But then, maybe linux might be more forgivable in this respect?

"
...This means that, if you create an image on one machine and try to recover it to another system with dissimilar boot-critical devices, the boot process may fail since the drivers do not match.

However, this can be easily fixed using dissimilar hardware restore technology — Acronis Universal Restore, which can restore bare-metal backups to the same physical machine, new, dissimilar hardware, or a virtual machine (virtual server).
"
So if you put effort into creating CachyOS and it won't install as you configured it, maybe you could offer it for restoration as VM or with this Acronis program just here among us.
 
Last edited:
The squishfs was made by Linux about 10 years before windows used wim and esd, the issue with capturing Linux is the configuring the boot loader as all my releases use calamares to extract the squishfs to the disk, but the grub setup fails, I’d need to learn a lot more and make my own calamares module to install the boot loader properly. As cachyos download whichever desktop you download, I could in theory make the install scripts put LLStore and install wine and tweak etc, but the fact it would take 10 minutes and require internet, seems silly when wine is available from LLStore.

I am thinking I need to make LLStore available in the repositories, then you can easily install it to install my apps and games etc. then I can just keep focus on Manjaro and Mint builds as any distro can install LLStore but it’s not very successful if the distro doesn’t have repositories because it’s semi atomic/immutable and can only run user space games and apps via flatpaks, AppImages and the likes.

I will figure out something, even if I just make a universal script that does it all, then you can use curl to download the script and it’ll run with bash. I think I have the skills I need to do this now, will give it a go.
 
I've uploaded a RC1 of Debian13 LastOSLinux, it is a release candidate as I have to update the Wine Mono and Gecko as Mint used Wine v9 and Trixie uses Wine 10 and the version I included in my first build mono doesn't seem to be working so I'll update them, you can tell because the XFA framework on first login fails to install due to missing dot net. The other minor issue is xed text editor is missing and the readme on the desktop of LiveOS is attempted to open with xed, so I'll need to make it use gedit on Debian.

I'll leave it until the first batch of fixes come out as Debian has a habit of pushing a few post release fixes once more of the general public move from the previous versions. Like most releases actually.
 
Ok I got it, had to kill off some mods and disable static excludes for Penguins eggs, now it can build a ISO again. I do have some mess to clean up, but it can make a fully functional ISO, the only issue left is you need to type the password "live" to run the installer currently. I am working on it.

Also, you can not use the LLStore version of Penguins Eggs to make the newer v22.2 OS, you have to install the deb version, not sure why, but I just updated the scripts to do so. it works 100% of the time now. Still has the LiveOS password to run Calamares, so I'll have to try something else to fix that, or wait for the main dev to fix that :)

-EDIT-

I think I found the fix

# Allow Calamares to run without password
echo "$LIVEUSER ALL=(ALL) NOPASSWD: /usr/bin/calamares" > /etc/sudoers.d/calamares
echo "$LIVEUSER ALL=(ALL) NOPASSWD: /usr/bin/env" > /etc/sudoers.d/env
# Make sure permissions are correct
chmod 440 /etc/sudoers.d/calamares
chmod 440 /etc/sudoers.d/env
echo "Configured Calamares to not require sudo password for user $LIVEUSER"

PenguinsEggs uses pkexec to run calamares and due to him adding wayland support he needs to set env before he calls calamares, so my script above adds env to the list of not needing passwords list, should fix, will know soon.

-EDIT-

Nah I killed that fix, it's causing other issues

instead I changed the install-system.sh, it now exports DISPLAY and XAUTH and calls pkexec calamares stand alone. not sure it'll fix the xwayland issue, but as Mint doesn't run wayland default, we'll see how it goes.
 
Last edited:
I have updated the theme on Manjaro and plan on doing the same with Debian 13.

The goal is to have all the OS's look the same - eventually I'll make my own custom theme instead of someone else's but at the moment, I am only focused on getting any remaining bugs found and fixed with the new versions.

I've really not had the free time to give major updates as I'd planned, but still been using it and fixing niggles as I go.

On a good note Mint team just updated the Mint Updater, they do this just before the final ISO is released. so we are days away at most.

-EDIT-

I've made a final Debian 13 and a final Manjaro with the fixes in place and the new theme, updated wine dependencies. I have decided to keep the Windows 10 Icon theme by default as it's how I prefer to use it, BUT there is extra icon themes available for the LastOSLinux theme, you can also revert to LastOS theme if you want the old look.
 
You must log in or register to reply here.
Back
Top