Without corporate backing or advertising, Puppy
Linux has become one of the world’s ten most popular Linux distributions. In the
past few months
Puppy has whelped a litter of like systems, each with its own unique
DNA. This article summarizes Puppy and then describes the
new brood.
What’s Puppy?
Puppy
Linux was first released by Australian developer Barry Kauler in
2005. Since
then this community distribution has gone through five releases, with
the current crop of 5.x versions coming out starting in late 2010.
Puppy is a general purpose distro that bundles a full range of apps.
It’s easy to use. What makes it unusual is that it offers high
performance on minimal hardware. It is fully functional on
lightweight netbooks, thin clients, and older computers.
Puppy uses specific technologies to make this happen. For example,
it runs from memory by default; it excludes all but the mandatory
functions, services, and daemons; its default GUI is the lightweight
JWM; and its bundled
apps are all selected for low resource consumption.
While there are competing distros that run on low-end hardware — such
as Lubuntu, SliTaz, Tiny Core, and others — Puppy is probably unique
in that it specifically tests and runs on
older equipment. If you’ve ever tried running Linux on an aging
computer,
you know that lightweight
distribution and older
computer
are two different requirements. Puppy fulfills both. It runs on
machines you
won’t see running other current distros, including P-III’s and P-II’s.
(Some even run Puppy — with GUI — on P-I’s.) Puppy offers a secure,
up-to-date replacement OS for Windows XP, 98, ME, and 2000.
Puppy boots from any bootable device and stores
its state on any writeable device. It can span writeable CD’s or
DVD’s when saving its state. Got a computer with a broken optical
drive? Or a dead hard disk?
Puppy runs fine on such systems. This flexibility makes it
popular as a “live” operating system bootable from thumb
drives and optical discs. Many use it as a rescue system or as a
portable OS.
For more background on Puppy, see this
OS News article from May 2011.
My Favorite Puppy Features
Puppy is uniquely effective with
slow or unreliable internet connections. It manages connections and
prompts servers when
problems occur. I have a friend who has poor line quality — and few
options, living in a rural area. He runs Ubuntu 10.04 LTS, Windows XP
SP3, and Puppy 5. He favors Puppy because of its more reliable internet
connectivity.
Puppy continues to use GRUB instead of GRUB 2. I use it
to install GRUB on multi-boot systems so that I can alter the OS menu
simply by editing the menu.lst
file. This is great when I set up computers for end users.
And GRUB 2? I installed Ubuntu 11 on an end user’s system recently and
was
embarrassed in front of the client by its unintelligible boot-time
menu. It’s not easy to change this menu. This
discussion shows how to
remove unwanted entries. If you want to change the entry titles, you’re
forced to edit the
bash scripts. See this
tutorial.
Puppy’s not perfect. It has its shortcomings. But I like that its
design decisions for ease of use hit the nail on the head more often
than not.
Puppy Whelps a Litter
This year’s big news is that lead
Puppy developer Barry Kauler developed a system called Woof.
Woof automates
building a
Puppy live-CD ISO file. Woof can build Puppy from the packages of other
distros, including Ubuntu, Slackware, Debian, Arch, and T2. This
means that Puppy supports the applications
and software repository of the system from which it’s created.
So far the major Puppy releases that have come out of Woof are:
| Name: |
Current Version: |
ISO Size: |
Built From: |
Focus: |
| Wary Puppy |
5.2.2 |
132 m | T2 |
Main release for older hardware |
| Racy Puppy |
5.2.2 |
112 m | T2 |
Main release for current hardware |
| Lucid Puppy |
5.2.8 |
130 m | Ubuntu |
Ubuntu compatibility |
| Slacko Puppy |
5.3 |
125 m | Slackware |
Slackware compatibility |
Wary Puppy
Wary Puppy is
designed
specifically for older computers. Wary runs the older 2.6.32.45 kernel,
uses X.org 7.3 to support older video, and retains support for dial-up
modems. The lack of these features is why competing
lightweight distros often fail to run on older hardware. Many older
computers won’t support the current kernel or newer video drivers.
Wary combines its knowledge of older hardware with current applications
and support for modern peripherals (printers,
cameras, scanners, digital modems, etc.).
Wary Puppy is guaranteed for long-term support. It is the Puppy
community’s assurance that users of older computers will not be
abandoned.
This
is critical because so many lightweight distros fall inactive and
strand their users (eg: Damn Small Linux, Feather, Beatrix,
Tiny Linux, others). Wary
should be your Puppy of choice if you have a uniprocessor.
Racy Puppy
Racy Puppy is “Wary on steriods” for those who have current hardware.
It
features the 3.0.7 kernel and X.org 7.6. Racy boots straight into X on
first boot and launches its Quick Setup facility. (In contrast, Wary
Puppy runs text-mode configuration dialogs and the Xorg Wizard before
starting X.) Racy is a tad smaller ISO than Wary because it strips out
dial-up modem support. Racy and Wary share a common package repository,
so current apps
are common to both systems.
Lucid Puppy
Lucid Puppy was built with Woof from Ubuntu packages. Since it has
binary compatibility with Ubuntu’s .deb
packages, Puppy’s own Puppy Package Manager can install apps from the
huge Ubuntu software repositories.
Where Lucid differs from Ubuntu is that it retains Puppy’s lightweight
advantage. Though it’s compatible with
Ubuntu software, you still get Puppy’s performance.
Some who like Ubuntu but need a more performant system opt for its
lightweight variant, Lubuntu. In an OS
News article
on Lubuntu in March 2011, I described Lubuntu and why I like it. But
considered purely from the standpoints of performance and resource
consumption, Puppy beats Lubuntu hands-down. Lucid Puppy presents
another way to gain better performance than Ubuntu while using the
Ubuntu software repositories.
Slacko Puppy
Just as the main reason for Lucid Puppy is Ubuntu
compatibility, the main reason for Slacko Puppy is Slackware
compatibility. Slacko gives you Puppy’s small size and speed while
allowing you to install any Slackware application.
One question you’re sure to have by this point is
dependency-checking. Does Puppy provide it against the Slackware
software
repositories, the Ubuntu repositories, and its own repositories? Yes.
This job is split between Woof and the improved Puppy Package Manager
(PPM). Woof provides the clean initial build, and the PPM does
dependency-checking when you install additional packages. The PPM
notifies you when a pre-requisite package is missing, and
you click a button to get full dependency lists. Then you click to
start the automated download-and-install process. This
webpage shows how it works via screen snapshots. I’ve had 100%
success with Puppy’s dependency-checker but I tend to stick to
basic
configurations. Anyone have more extensive experience with it?
Puplets
Puppy has long provided user-friendly software for mastering your own
Puppy live
CD. Puppy comes with a desktop remastering tool that allows you to take
a
“snapshot” of your current system and instantly make a live CD of it. Woof is an alternative mastering
tool. (It effectively replaces Puppy
Unleashed,
an earlier tool to create ISO images.) Beginners will prefer the simple
CD-Remaster tool while those with more expertise will opt for Woof.
The result of these easy-to-use tools has been an explosion in Puppy
Linux variants, commonly called Puplets.
There’s a Puplet for every interest, demographic, and
taste. There are Puplets that default to specific GUIs, Window Managers
and browsers; Puplets optimized for specific hardware; stripped down
and
barebones Puplets; Puplets for different languages and countries; and
so on. This webpage lists 20
new Puplets with another 65 available. Pick from the list or develop
your own. That’s the fun of Puppy.
Is Puppy for You?
Puppy’s diversity and flexibility make it a great community-driven
system for
computer
enthusiasts, hobbyists, and tinkerers. They also make for a somewhat
disorderly world. You
might have to read a bit to figure out which Puppy release or Puplet is
for you. Puppy’s
online documentation is extensive but can be confusing. It’s
not always clear which docs pertain to which releases. Most users rely
on the active, friendly forum for support. I’ve used Puppy for five
years and have never posted a single question that
wasn’t answered.
What I like best about Puppy is that you can install it on somone’s old
P-III or P-IV, and they can use that machine to perform any task they
could on a current computer. No need to buy new hardware! As long as a
knowledgeable person does the initial set-up and configuration, Puppy
makes aging hardware useful to the average consumer.
Those of us who enjoy computers sometimes forget that many view them
with disdain. What’s wrong with it now?
Why
do I have to buy a new one every four years? Why on earth do they
change the
interface in every release? Can’t it just work?
Puppy is a great solution for these folks. It’s up-to-date, free, and
easy to use. And now, it supports free applications from the Ubuntu,
Slackware, or Puppy repositories. Now that’s
user-friendly.
– – – – – – – – – – – – – – – – – – – – – –
Howard Fosdick (President, FCI) is an independent consultant who
supports
databases and operating systems. His hobby is refurbishing computers as
a form of social work and environmental contribution. Read his other
articles here.
I hesitate to make this comment because I know exactly what’s going to happen, but here goes…
Puppy always runs as root without a password. Yes, it is possible (if you open a terminal and use the command line) to login as unprivileged user “spot” (again, without a password). “Spot” can launch apps at the command line, but the graphic desktop will always belong to root. And most users will not go to the trouble to become spot, they will just launch apps as root. Many have pointed out that this is a risky strategy in terms of security. Puppy lacks the tools to configure it as you would most distros – running the desktop and all apps as an unprivileged user.
This issue has been mentioned about a million times already in numerous Linux forums. Usually within minutes after somebody raises the issue, Puppy fans jump in and insist that Puppy is perfectly secure, surfing the Internet as root poises no security risk at all, and if you don’t agree with them you are a “Puppy-hater” and deserve to die. I’ve found myself in this argument so many times now that it’s gotten weary, which is why I hesitate to post this.
Nevertheless, reality is that surfing the net as root carries some real risks, whether Puppy users wish to admit it or not. I would never do online banking or credit card purchases with Puppy for this reason.
This does not mean I hate Puppy. I used it for quite a while on my netbook, though lately I’ve found other alternatives which I prefer. I still keep a Puppy CD and USB stick around just in case I need an emergency boot-up device to rescue data or fix a broken installation. Puppy does have many endearing features – I understand why people like it.
Now, if somebody would just fix this security problem, I’d probably be using it on an everyday basis.
My advice about ANY distro is that people should not get emotional about it. I’ve used quite a few distros since I started with Linux over 10 years ago. Every distro has some flaw – either you learn to live with it, or ask the developers to fix it (if you can’t fix it yourself), or move on to another distro. But denying the flaw won’t make it go away, even if the denial makes you feel better.
Edited 2011-12-17 01:34 UTC
Everytime someone makes a comment like this, a puppy dies!
That’s a bit of an odd design decision, to say the least.
While always logging in as root is indeed not a good idea it has little to do with compromising your personal data. Your personal data is just as vulnerable when you surf the net as an unprivileged user.
I know this is a stretch, but if you have a secondary user account for more important, confidential things like online banking and use the UNIX user/group/permissions system properly, then your banking stuff is pretty damn safe while browsing the web for porn or something on your standard everyday account. Just be sure to be safe and wear a NoScript condom and keep your vaccinations (system updates) up to date. Heh.
Yeah, I know that’s completely not funny, but I just had to twist it in that direction. Hey, it still gets the point across.
Use ‘chmod 600 filename’ (for owner rw) or ‘chmod 400 filename’ (for owner ro) on files that you intend to keep private. Do ‘chmod 700 dirname’ on directories whose entire contents you want to keep private.
Hell, you can even just put your “confidential” user account in its own group; if you run Debian and don’t change the defaults, this is automatically done for you… instead of, for example, user ‘uz64’ being in group ‘users’ he will be in a group of the same name, ‘uz64’. Completely segregates users and all of their data. Might still be good practice to properly set permissions though, and if you’re really extreme about security you’ll want to consider encrypting your files.
Has there ever… ever… ever… been an actual documented case of a Puppy system being compromised due to this issue? Ever?
Running as root on Unix systems is anathema for any real use. It subverts the entire model of security and goes well beyond the browser itself. It’s what made Windows ridiculously insecure to begin with, and that platform still hasn’t entirely shaken the consequences.
Puppy: something to run off of a flash drive occasionally. Look elsewhere for a general-purpose system.
clearly it’s anathema, that’s obvious from pretty much every post on the issue. But I wasn’t asking about emotions. My question was: is there any actual data?
No idea, but anyone knows it’s insane to always run as root for real work where security is even a slight concern, and for that reason Puppy is nothing more than a toy to them. If you asked a security person to do real-world tests on Puppy to get this data and they’ll probably laugh and think you’re joking. They’d probably think it’s retarded to even do such a test targeting Puppy specifically when there is plenty real-world data to go through on the act of just running as root/admin alone. It’s well documented; it’s bad no matter what, just because it’s Puppy and its users seem to be crazy rabid fanboys doesn’t make it better.
Edited 2011-12-19 15:14 UTC
Most likely not as usually Puppy is used just as a temporary solution and usually not run as a server. However, something not being documented does not equal that it has never happened.
Edited 2011-12-18 03:11 UTC
yes, yes I know absence of evidence is not evidence of absence.
But some actual *data* to base opinions on would be nice, wouldn’t it?
Well I’d guess, at the least, it breeds people who think running as root is fine …that alone is a bad thing, a bad idea to propagate.
(also: another reason for the more sensible all around Kitten Linux)
I do mostly agree with but this is something I don’t understand: why would doing online banking or credit card purchases as root be any less secure than as a regular user? Your local user account bears no significance to the security of the data that leaves the machine, it doesn’t carry over.
Running as root is bad because of LOCAL privileges, ie. a root user can modify system files, access other operating systems’ disks and/or partitions etc. whereas a non-privileged user can’t. But a non-privileged user can still access his or her own files, and a keylogger won’t need root privileges to log what you’re typing.
My point being that running as non-root is not some damn magic bullet after which you can just blindly trust anything anywhere.
Good answer.(actually the best answer i read so far). Even though the % of fraud is lower from computing, i tell my anyone when the subject comes up to not do “Online Banking”. So, lets say you cannot get to “your bank” when you want/need.You can run Puppy from a CD-R quickly. Puppy was meant as a personal O/S. An alternative. You could spend your money, or someone elses, but, suit yourself.
*Sent from this old clunker P550 Intel 810 chipset with 192mb RAM.
If someone is interested here is the official security statement off the Puppy Wiki:
In Puppy Linux your user account is called root, but is not root. In puppy root is user.
More here: http://puppylinux.org/wikka/security
Also AFAIK some Puppy distros have (in addition to that) a special user named spot that is used when starting internet apps. (The distro I know that does that is FatDog64 – 64 bit Puppy Linux)
In addition Puppy always runs in ram not hard disk…
Edited 2011-12-19 19:52 UTC
Seems like a good candidate for running in a VM. I found that FatDog64 is all 64bit. I’m downloading and will check how well this might work for a commercial software build environment. I really don’t need that much, just basic 64bit but with a c++11 capable compiler.
That might be a good subject for a small article on this site. I will be curious about your results.
I will soon be migrating my system from a single OS to a VM environment with many small single-purpose VMs, so I am interested in lightweight, small footprint OSes. Even more than usual. ;^)
It does what now? Prompts the *servers*? Some explanation regarding this seemingly fantastical technology might be called for.
Unintelligible? Really? 3 clearly labeled entries is unintelligible? There’s almost no difference between grub and grub2 when it comes to using the actual menu.
“Puppy is uniquely effective with slow or unreliable internet connections. It manages connections and prompts servers when problems occur. I have a friend who has poor line quality — and few options, living in a rural area. He runs Ubuntu 10.04 LTS, Windows XP SP3, and Puppy 5. He favors Puppy because of its more reliable internet connectivity.”
I was also wondering what this meant.
I’ve found that Puppy’s package manager is more reliable for downloads. Of course all you have to do on other systems is install a free Download Manager and you’ve got the same thing, so no big feature IMHO.
I’m going to agree with the original author on this point – GRUB (legacy) was much better than GRUB2. I tip my hat to the Puppy developers for sticking with the old GRUB. I never understood why it was necessary to make GRUB2 so complicated to configure. Simplicity is bliss.
Edited 2011-12-17 05:43 UTC
Perhaps but there’s little difference when it comes to how the gui works when selecting boot entry. Saying that it is unintelligible is nonsense because menu in grub looks and works pretty much the same way.
If it is cluttered then the same menu would be cluttered in grub.
Your point is well taken. However, the nice thing about GRUB legacy is that to reconfigure your menu entries, you simply have to edit file /boot/grub/menu.lst. GRUB2 is far messier – in fact, every time I’ve had to rework the menus, I needed to go back and read the documentation on how to do it. I actually find it easier to just nuke GRUB2 and install GRUB legacy, which is still available in Ubuntu and Debian (though GRUB2 is now the default).
Edited 2011-12-17 05:55 UTC
Yeah, configuring grub 2 is a horrible mess. Who’s brilliant idea was it that the config directory should contain 1000’s of files?
grub2 has one nice feature though, the rescue prompt. When grub1 fails to load you’re left up shits creek without a paddle while in grub2 you get the rescue prompt and can actually remedy the situation and manage to boot.
That’s a good point. Although GRUB is very reliable, it’s possible to break it if you fool around (with root privileges). With GRUB legacy, if things get buggered, you might need a rescue disk. Well, that’s actually one of the things I still use Puppy for (a rescue disk).
Edited 2011-12-17 05:58 UTC
‘yeah’ they did move it, so now it is harder? /boot/grub/grub.cfg is containing all the menu.lst stuff.
> Puppy Linux has become one of the world’s ten most
> popular Linux distributions
No. It just means that its link it’s one of the most clicked in a particular website. That doesn’t mean that is one of the “world’s ten most popular Linux distributions”
Good point. As per Distrowatch:
“The DistroWatch Page Hit Ranking statistics are a light-hearted way of measuring the popularity of Linux distributions and other free operating systems among the visitors of this website. They correlate neither to usage nor to quality and should not be used to measure the market share of distributions. They simply show the number of times a distribution page on DistroWatch.com was accessed each day, nothing more.”
Also why would I as a happy Arch/Debian user ever visit those distros on Distrowatch?
Not to mention, Puppy has been releasing on new versions on a regular basis (monthly, from a quick glance on DistroWatch using the news filter) and recently made a release. On top of that, DistroWatch themselves ran a story/review… so duh, obviously it’s going to get more page hits at their site.
Face it, the more often a distro puts out a new version, the more often DistroWatch puts it on its front page, the more often it’s listed in DistroWatch Weekly, the more often that distro’s page gets visited. More news means more visibility, and therefore more clicks. People like news, it interests them… simple. It’s human nature.
Thanks for another good article, Howard.
I have some aging hardware that I want to resurrect, and I don’t have as much time as I used to for non-work research, so I find these articles to be very helpful.
After reading the article, I tried it on Virtual Box.
The UI seems at least 15 years behind from an aesthetic point of view.
It did not support resolutions greater than 800×600, and so many windows were not fully visible. I had to press enter blindly in order to continue the installation. Other Linux distributions running under VBox don’t have a problem with higher resolutions.
The installation GUI was horrible. There were little buttons/icons everywhere that have extremely non-descriptive pictures on them. I just tried them all to see what they do.
The installation forced me to partition the hard disk manually. It did not make any suggestions on possible partitions, like other distros.
After playing with it for a while, I erased it and installed Kubuntu, which is light years ahead of Puppy, in almost every domain. In fact, Kubuntu 11.10 is so polished, it can be easily compared to Windows 7, and perhaps be found better than Windows 7.
Just right. I wish I could mod you up.
If you are used to a KDE UI, you might try a Puplet for newer H.W. . Teenpup 2010 beta has some KDE elements builtin and is better for P4 on up. And, you wont have to go out and “fetch” anything to do most of your stuff.