- This topic has 5 replies, 5 voices, and was last updated Aug 14-6:32 pm by stevesr0.
-
Posts
-
anticapitalista
This is just a quick starter for those who prefer to avoid dbus,dbus-x11 and elogind.
Tested in Virtualbox. English only.Stage 1: Installation
1. Download antiX-21 net (runit or sysVinit)
2. Boot the iso and at the prompt login as root (password=root) and type cli-installer
3. Follow the instructions.
4. Make sure you answer Yes to ‘Is this a net install?’
5. When asked if you want to install elogind dbus etc, choose No (default)
6. Continue until antiX-21-net has been installed – reboot to installed version.Stage 2: Getting a basic ‘desktop’.
1. login as user then either use sudo or su to root. I prefer the latter.
2. Update packages apt update && apt dist-upgrade
3. Install X apt install xorg
4. If you are going to use startx instead of a login manager, you need to apt install xserver-xorg-legacy
5. Install your window manager of choice eg apt install openbox
6. exit root (if you were using su) and as user type startx
7. You now have a very minimal openbox ‘desktop’Stage 3: Adding (gui) apps
This is the difficult part as far as avoiding dbus, dbus-x11 and elogind is concerned.
Suggestions below – feel free to add your own.
rxvt-unicode (terminal)
leafpad (text editor)
rox-filer or zzzFM
mpv (video/audio)
smtube (it works without dbus etc!)
ytfzf (youtube videos)
libreoffice-writer
libreoffice-impress
lxappearance (lazy way to customise looks)
mupdf (pdf reader)
links2 (browser)
dillo (browser)Note: All the big browsers will install dbus and dbus-x11
Stage 4: Beautify
Purely subjective, but I installed
adwaita-icon-theme-antix
arc-evopro2-theme-antix
dmz-cursor-theme
papirus-mini-antixLogin Managers:
If you want a login screen, you have these options
lxdm
xdm
wdmFor slimski or slim, you will need to install seatd first
apt install seatd
You might need to tinker some config files, but it’s good fun.
Philosophers have interpreted the world in many ways; the point is to change it.
antiX with runit - leaner and meaner.
ModdIt
Looks like you are not busy enough π
Interesting projectregarding browsers
Maybe worth trying Librewolf as appimage
Full Firefox from Mozilla is also as far as I can tell pretty much self contained
like an appimage so might work.
Xaver
So far I have not thought about getting rid of dbus too. Inspired by this thread I have done some research.
Dbus seems to be a severe security risk: https://vulmon.com/searchpage?q=dbus&sortby=byriskscoreTherefore I have checked, if my antiX-21-runit-sid (no elogind, polkitd policykit-1 or gvfs) would run without dbus too.
[compare: https://www.antixforum.com/forums/topic/antix-21-net-runit-sid_x64-with-seatd-3-problems-encoutered/ ]First step was do put the runit debus service down. But this did not change much. dbus-daemon and dbus-launch were still running after reboot. Then I simulated a purge of dbus-daemon and dbus-x11:
# apt purge -s dbus-daemon dbus-x11
This would deinstall all xorg and most of my system β obviously not a good idea.
dbus-daemon and dbus-launch are running independently from the runit dbus service. How can I stop them.?
I have used a quite brutal method: disable them by changing their names:renamed in /usr/bin/ dbus-launch β> dbus-launch_X dbus-run-session β> dbus-run-session_X dbusdaemon β> dbusdaemon_X then: # apt-mark hold dbus dbus-daemon dbus-x11
Now no dbus is running, but all the dependencies to it are fufilled. Most software can be installed.
If needed, I can easily switch back to dbus.What are the limitations?
Connman had to be replaced by Ceni. XFCE4-panel would not start (too bad β nice panel apps). Plank does work, but cannot be configured. Concerning the openbox desktop these are all the limitations which I have discovered so far.
My desktop consists of openbox, tint2, rofi, wmdrawer (a good and lighter replacement for plank) and spacefm (gtk2-version) with udevil.
Jgmenu does work fine too, but I prefer the openbox menu configured with obmenu2.
Login only works with .xinitrc β lxdm does not work.Poweroff/Reboot with desktop-session-exit does not work regularly. I have to logout first and then shut down:
$ bash -c "openbox --exit && sudo poweroff"
Since polkitd is absent, there are dummies needed to fulfill policykit dependencies.
For that I have created and installed two dummies: policykit-1_99.9.9-9dummy and libpolkit-qt5-1-1_99.9.9-9dummy.
Most application can be installed now, even KDE stuff. But k3b cannot be installed, because it needs libsystemd0 and udisks2, which needs dbus.Iso snapshot and persist do not show any problems.
Firefox-ESR and even Falkon are working fine and seem to be faster than on my antix-sysv-sid with dbus.
The whole system is a fully functional antiX and semms to be very fast and stable.Only a few questions are still unresolved:
(1) Is there a more elegant way to keep dbus-daemon and dbus-launch from running than by renaming them?
(2) If I boot an iso-snapshot from usb, there is no network connection. I have to run Ceni in order to connect. Which setting have I missed?
(3) @ anticapitalista
You have stated, that LXDM would work without dbus. I get an error message:
[“Warning: dbus disabled by local settings”]
What is your trick to make LXDM work?(4) lightdm gave me a hard time to deinstall it (pre-install script error). ‘dpkg-reconfigure lxdm’ still lists lightdm as an option. Where is this stored?
(5) Running from usb I sometimes notice high cpu load, when the system should be idle. The cause: lxtask indicates multiple instances of udevd. A restart of udevd service and then starting udevd again brings the system back to normal.
Research in the web clarfies, that this is a general udevd problem.
Is there any general cure?- This reply was modified 8 months, 3 weeks ago by Xaver.
- This reply was modified 8 months, 3 weeks ago by Xaver.
- This reply was modified 8 months, 3 weeks ago by Xaver.
iznit
Dbus seems to be a severe security risk
Whoa, read again more carefully from the link you pasted
” dbus/gattlib.c because strncpy is misused…. ”
Most if not all of the affected vulnerable files listed on that page are not part of the dbus package. “gattlib.c” is a project file. It just coincidentally sits in a source tree subfolder named “dbus”. A folder name that was arbitrarily chosen by the gatt [[[gattlib???]]] developers.
Take care, worrying about every low-level thing [[[ dbus, Xorg server, etc ]]] being “insecure” can become an absurd ad infinitum obsession.
Xaver
@ iznit
Thanks. I apolgize for not reading that list thoroughly.
It appears, that for desktop use there hardly are any vulnerabilities of dbus:
https://www.cvedetails.com/product/15108/?q=Dbus1.1.0Thank you for pointing this out.
stevesr0
Hi Xaver,
Thanks for your post.
I am runnning a Sid (hard disk install) and am running Pipewire as a sound server in order to be able to switch inputs and outputs easily. Working well, but does require libelogind0 (although not IIRC elogind, maybe because I have seatd installed).
Mine is a somewhat minimalist system built from (IIRC) net and I use OpenBox and startx. My init is sysvinit.
I plan to follow your lead in building a minimalistic live usb, that I can try to get Pipewire running without libelongind0.
I have read that some people running nonsystemd distros have found ways of running Pipewire; but I am not sure whether they have run “pure” nonsystemd versions with seatd or other approach NOT involving elogind or libelogind0.
One particular aspect is whether the “dependency” PIpewire has on systemd/elogind is only for launching and stopping. Supposedly,if that is the case, environmental statements that set a default user run directory might allow Pipewire to work.
My first attempts will involve creating a dummy file for libelogind0 and elogind and setting the recommended environmental variable and seeing whether that works at all.
I will post a follow up with my results.
**N.B. I have started a thread “Pipewire without systemd”, so I will post there rather than hijack your thread.
As an aged noobie, I imagine my path forward will be rather slow and prolonged, so any input from others with a similar interest in runnning Pipewire without systemd or elogind are very welcome.
**N.B.2 As anticapitalista has emphasized in several posts, only Pipewire in the Sid and testing repositories is considered to be ready for routine use, not the versions in older repositories (stable, old stable).
stevesr0
- This reply was modified 8 months, 3 weeks ago by stevesr0.
- You must be logged in to reply to this topic.
