Sabayon Community

[Autonomen]

Sabayon seems to be a great well functioning distro. It works great on its own, but it is also a bridge to Gentoo. Sabayon is great because you can 'practice' working with Portage, but if you mess up then you can fix it with a simple emerge world from entropy....sometimes. Assuming you configured it right.

At this point I generally prefer using Portage for updates and avoiding entropy. I would probably continue to use Entropy because its somewhat faster.....Nor Arch Linux fast, but faster than compiling from source. I feel like it can be a bit of a weakness that Entropy overwrites and refuses to remember many of my user changes. If I go out of my way to remove Avahi daemon or rpc.statd, I want them to stay gone. They seem to come back with updates.....Which is great if you like the default settings, and great if you want to cut your teeth on portage and still upgrade back to a fresh and functional Sabayon install....but it might be an improvement if entropy could upgrade on a 'per package' basis, without removing user changes. Being able to retain user choices, at least those done with entropy and equo, should really be a goal of the project. Being able to retain package choices from Portage would be even better..Obviously you cannot change the USEflags on a binary package, but even a binary system should be able to remember when you chose to remove something.

I am not sure if I am 'advanced' or not....That is relative, and vanilla Gentoo is probably at the upper ends of mainstream Linux for complexity. I am experienced enough to know that I like the flexibility of portage, despite its quirks and 'fixes'.

Sabayon I think has a lot going for it. It is one of maybe 3 or 4 Gentoo distros that are easy to install, supports proprietary graphics and wifi, has a great selection of software (more appropriate for younger people and gamers and p2p users compared to Calculate), performs well, and is fairly stable as far as Gentoo goes. The fact that it can intelligently repair a near broken system is great. 'Emerge world' does not exist in a lot of other binary distros.....The trade off being that a lot of my changes from portage simply vanish at update time, when I would rather my personal choices have more power than the defaults.


And as far as defaults go, Sabayon is probably the single most polished looking Gentoo distro out of the box. Even XFCE is looking nice these days, and I like XFCE now that Gnome is gone. There are a few issues though.

I have had just a little problem with Sabayon masking. It is a lot less restrictive than Calculate who also messes with the config files so you cannot even find where to change them. However, when I FINALLY figured out where stuff was actually being kept in calculate, it at least remembered when I added or commented out USE flags....Overall however I give the edge to Sabayon because I at least have the option of not updating with Entropy and your config files are in the right place. Portage itself still remembers my choices and flags, but only if I make Portage my only package manager.

Overall, that is pretty decent. Even if I go for Portage I still start with a workable system out of the box, which means less time wasted and more time doing real work and goofing off.

But why do I need to have rcp.statd running as a daemon by default? Of all the defaults, these daemons listening and broadcasting on open ports feels the most invasive. I prefer to keep that kind of stuff to a minimum, or at least not automatically executed without being evoked. Not everyone is running a server or doing 'home networking', and some of these settings could be a security threat against local spying or exploited for data mining, even with the hardened security settings. That was a bit of a deal breaker for me (in regard to staying with Entropy, not Sabayon as a distro in general). I would rather not look like such a juicy target to people doing port scans and would prefer to close all of those ports until they are actually being used for something I intentionally evoked. The fact that these settings keep coming back makes it worse.

Hardened systems and open networking with zeroconfig seems contradictory to me. I can block it with a firewall, but if I lower my firewall for a second I do not need a bunch of new services advertising themselves. I can remove the packages, possibly with portage if I want to use --nodeps, but then they come back after updating....I would really prefer that the new system not advertise those services on those ports unless asked to, and also that it would not allow remote login unless you TELL the installer or manager that you want to enable remote login. If there was an option to enable remote login at installation, then it would still be possible to do network installations and maintain remote control of them. I think most Sabayon users are desktop users and not running servers. I personally do not like to enable remote access on anything but my server and my media-center. The convenience is not worth the stress of attempted ssh logins.


Other issues include that the installer often fails. Usually at partitioning. If you used an outside app like Gparted, it might work better....At least you can hit 'back' and try again without starting over. Not a big deal. Having the installer in a Gentoo system is awesome.


I have recommended Sabayon for a lot of people. A lot of people who graduate from Ubuntu consider Sabayon as a good alternative. If Sabayon was just a little more flexible in being able to remember a limited scope of user preferences at upgrade, within a binary context, and also took a more minimalist approach to the network demons, I think I would give it my full endorsement for people looking for a new distro.

Overall, there is a lot of great work here. A few things are buggy, but overall I feel it provides a better experience than Windows or Mac and many other Linux distros out of the box.

Somebody needs to write a program that controls system daemons a little better. If I want to stop something as simple as network time from calling the server or Avahi from revealing my credentials, I should be able to seal them up in a container and STOP the daemons from working until I let them out......As opposed to relying on firewalls, which do not always work. Also, something like SElinux is too cumbersome. This is something you can easily use on a per daemon basis the moment it causes a problem. If a program needs it then it can request that I let it out, and I can consider it. It needs to exist.

[micia]

Hi, welcome to the Sabayon Linux forums

Sabayon is great because you can 'practice' working with Portage, but if you mess up then you can fix it with a simple emerge world from entropy....sometimes. Assuming you configured it right.

It's not if you configured it right, it's if you are able to understand how entropy and portage operate one with the other.
An experienced user can always use both of the package manager consistently, but it needs experience.
By the way, to update packages from entropy it would be most likely:

Code: Select all

equo upgrade


as opposed to emerge world, or, if you want to replace entirely your system with entropy packages:

Code: Select all

equo install --ask $(equo query installed --quiet)


provided that you ran equo rescue spmsync.

I feel like it can be a bit of a weakness that Entropy overwrites and refuses to remember many of my user changes.

Entropy won't overwrite any changes you make, it doesn't even automerge configuration files if you modified them.
If you are referring to it trying to replace portage packages with its own and computing dependencies accordingly, that cannot be avoided, since entropy tries to ensure system consistency.
You can reduce this kind of behaviour with package masks and customizing the /etc/entropy/client.conf file.

But why do I need to have rcp.statd running as a daemon by default? Of all the defaults, these daemons listening and broadcasting on open ports feels the most invasive.
[...]
I personally do not like to enable remote access on anything but my server and my media-center. The convenience is not worth the stress of attempted ssh logins.
[...]
Somebody needs to write a program that controls system daemons a little better.

Last time I installed Sabayon (quite some time ago) ssh could be disabled during installation, by the way daemons won't come back if you deactivate them, you can manage easily and efficiently any daemon with rc-update.

Code: Select all

man rc-update


Hardened systems and open networking with zeroconfig seems contradictory to me.

Why? Hardened kernel and system has little to do with that, having a hardened kernel doesn't mean you must have some paranoid security policies and setup. Of course, if you want, you can enforce them, nothing prevents you from having the system setup and configured as you like, and, again, Sabayon will remember your configuration, probably you just need to familiarize a bit with its utilities and with the configuration files layout, which is the same as Gentoo.
On the other hand, if you didn't have a hardened kernel setup, you would have a little more troubles and headaches trying to achieve a secure system

Other issues include that the installer often fails. Usually at partitioning. If you used an outside app like Gparted, it might work better....At least you can hit 'back' and try again without starting over.

This I quite agree with... a better partitioner would be very nice.

All in all, enjoy Sabayon, and if you want any help with how to configure your system as you like, don't hesitate to ask