Firmware-like OS, SLAX and NomadBSD

A friend explained that they use Linux on the desktops and -obviously- on the servers at their workplace. But what rang the bell is that their employer periodically automatically re-installed both desktops and servers to avoid potential undetected advanced persistent threats (APT). On the desktop, what is not on their home directory, is wiped.

I think that is a brilliant approach. More in general, I would like to see the possibility to have a sort of “read-only”, “firmware-like” operating system, that is easier to update, like it happens on smartphones and tablets, and just users’ data is saved. Plus, I love something that can be run on old hardware: we have enough compute power that it would be wasted by programmed obsolescence. I like Nina’s approach as I quoted in the Hermit Project Part 2 post.

I have a bunch of low-spec x86 hardware that I somehow bought in the past years. It’s a pity that they sit in a corner because they don’t have enough RAM or disk space for many modern Linux/Unix distributions.

There are immutable distributions that ensure that the operating system’s core remains unchanged. The root file system for an immutable distro remains read-only, making it possible to stay the same across multiple installations. Some examples are Fedora Silverblue, NixOS or GUIX. The concept is very much the one I have in mind, and I believe the might be great on the server side, as they allow for easier container-based software deployements while providing with better security and reliable updates for the operating system. And perhaps for some modern desktop/laptops.

But … they are not exactly what I had in mind, and they aren’t usually lightweight for older machines.

I like the idea behind the SLAX Linux distribution. It’s a small-footprint distribution that is meant to be run primarily from removable devices/USB sticks and is based either on Debian or Slackware. I love that it is a bunch of files that can be copied on a DOS/FAT partition. Updating is just about copying the new files. Persistence is supported on the whole filesystem.

It’s, so far, the closest to my initial concept. In my opinion, what is missing is an option to persist just the user’s home directory instead of the whole system. With that, and by adding Flatpak as an additional module, it’s easy to install and manage additional user applications, like in an app store, as Flatpack allows applications to be installed in the user’s home directory. And the possibility of encrypting the home directory, for example, with eCryptfs or LUKS, would be a big plus to be included. An update won’t break the unionfs, as it would just mount the home.

I had some trouble booting SLAX on newer machines with UEFI. The image I have (version 12.2.0 Debian-based) is supposed to support EFI boot, but I failed to make it work. Perhaps the code was too old or corrupted. It just stuck on a black screen, not loading the Syslinux bootloader. Luckily, it was just a matter of overwriting the provided EFI boot loader with the one coming straight from Syslinux.

At first glance of the SLAX official website, its sources are unavailable. If you ever boot SLAX once, you might notice that during the boot process “Live Kit init” is mentioned. As a matter of fact, the same maintainer of SLAX offers a Linux Live Kit, published on GitHub, which is clearly behind the SLAX project. I believe this would be the best way to contribute and add changes to the project.

I was recently made aware of NomadBSD. As SLAX, it’s a small footprint FreeBSD meant to run from a USB stick. I was used to custom small-footprint Linux distributions, but as I’m new to the FreeBSD world, I was really positively impressed by such a project. I somehow felt that the FreeBSD community was always behind its Linux counterpart. I love how they customised FreeBSD to auto-detect a lot of peripherals, which would require additional configuration steps on a standard FreeBSD installation. And it has a lot of out of the box tools. NomadBSD offers persistence on the whole system, similar to what SLAX does. And I love that the installer offers to encrypt the persistence partition with Geli. I also appreciate that NomadBSD has an installer that can be used on hard drives. However, although I haven’t collected tangible data, it seems that NomadBSD is slower than SLAX on its boot. But that could be explained as NomadBSD is a full OS, while SLAX has been reduced in its footprint.

NomadBSD has its building scripts open and available on GitHub, should you want to customise it or contribute to the project. While NomadBSD uses unionfs similarly to SLAX, its raw representation on the drive is a complete installation on a read-only partition. Which means that you can’t upgrade the system by just copying a bunch of files to a FAT filesystem. I understand you can’t upgrade NomadBSD if you not through a standard FreeBSD upgrade or flashing the USB stick again. Of course, I’m stretching the purpose of NomadBSD, which -as the name suggests- is meant for someone using multiple machines, having its own habitual system on the removable drive.

As per many OpenSource projects, both SLAX and NomadBSD are understaffed. Despite the 14 contributors to the Live Kit project as listed on GitHub, only the core maintainer has committed code in the last two years. While NomadBSD is more active than SLAX, and has on paper only 10 contributors (according to GitHub), it’s mostly in the same situation of SLAX: most of the commits in the last two years are made by a single person.

Both projects are very valid and it’s a pity that such amazing projects are relying on a single person who has everything on their shoulder. Recent history of the xz library showed the world how valid OSS projects are understaffed.

Do I have a solution? Of course not! Will I create one? Nope! Thank you, but I’ve made my fair share of contributions to Linux distributions, and I feel there are valid people out there who can do a better job.

What will I do then? I don’t like to install the full Linux or FreeBSD distribution on those devices, and I have just a few of them, so I think I am fine with what is available. I’ll use SLAX for those machines that I just want to use, like a kiosk, or mainly for web browsing activities. I have an excellent Samsung Galaxy TabPro S 12" (Intel m3, 4GB RAM, 128GB SSD) tablet and an Intel i3 “compute on a stick” I bought ages ago that might be the perfect fit for it.

But NomadBSD had genuinely left a sign on my heart. I’ll definitely flash it on a USB stick, which I might use on special occasions. For the moment, I’m currently enjoying my Hermit Project: as a matter of fact, this article has been written in such a distraction-free environment.

The photo below is SLAX running on my Samsung Galaxy TabPro S:

SLAX running on a Samsung Galaxy TabPro S

2024-05-06