Kevux Systems - Turtle Kevux Distribution

Turtle Kevux - 0.9.0

Fixes of Turtle 0.8.12 Problems

A large number of random crashes and deadlocks have vanished with the switch to uClibc-nptl
Details documenting how to utilize encrypted booting are now added

New Software

Removed Software

acpitool has been temporarily removed, due to bugginess and lack of maintainance
perl is no longer present in the desktop build (but does exist in the toolchain and thus is only semi-removed)

Network Changes

The system now supports the resolution options timeout and retry
To better cope with how the internet has grown, the system now supports up to 6 DNS nameservers

This allows one to have their ISP provided nameservers (2), googles nameservers (2), and still have two nameserver slots left over for any private DNS uses
Theoretically one could further utilize this to have a large number of nameservers that are queried at once and cross-referenced for security purposes

Other Changes

As a direct result of using the latest shadow utils, blowfish is no longer supported; instead sha512 is used
To simplify things on my end, there are now two primary kernels (desktop-pc and server-pc)

The server-pc is the same as the smp-pc and has all SCSI drivers.
The desktop-pc is almost identical to the server-pc except the SCSI drivers have been removed to favor a smaller footprint and faster boot times
The failsafe kernel is not being built anymore

The grub boot process now references kernels without the version numbers and symbolic links are used

This should help make kernel updates much easier
Doing this means that the menu.lst will never need to be edited by some script and can be changed in any way by the end-user

Turtle Kevux - 0.8.12

Fixes of Turtle 0.8.11 Problems

dhcpclient no longer unconfigures a network device when the connection is lost (which caused nightmares on wireless connections or loose ethernet cables).
grub has been patched so that long command line arguments can be sent into userspace; previously, the commandline would get truncated by grub and /proc/cmdline would be incomplete
when properly rebooting or shutting down from xorg, a short sleep is applied before reboot or shutdown is made to allow xorg a little time to properly close the display
Fixed long standing bug with X11 forwarding, apparently -X is not enough to tell ssh to forward X11 trusted; One must explicitly set ForwardX11Trusted to yes in addition to -X
Somewhere along the way I accidently started setting the permissions to /share/fonts to public instead of the fonts group.
Change default behavior of deluser script to only delete the home directory and not all files on the system owned by that user, I've screwed myself over too many times already forgetting about this.

New Software

Abiword has beem added now that the (major) font issue has been resolved
Seamonkey has had a major upgrade from 1.0 series to the just released 2.0 series
Add distributable firmware, including the OLPC firmware which has now been identified as redistributable (Takes up more space but now more things are closer to being actual plug and play)
The Featureless Linux Library is in use, namely with the firewall program

Removed Software

Removed the 100dpi and 75dpi fonts, they were causing issues. (particularly with abiword)

Some SCSI Modules are now modular

Because the QLogic SCSI cards tend to need external firmware to work, don't waste resources compiling them in.
This avoids long boot processing waiting on something that cannot exist until at least the initrd is reached.
The down side would be that one cannot boot to these, but thats the fault of the developers of the board for using puttyware instead of real firmware.
There are probably other drivers similar to this, but I can only fix them if I come across them (I am only one person afterall).

Boot Process Overhaul

Network Code Overhaul

Now completely uses FSS for all custom network settings data
Centralized the path of all networking setting files to be in /etc/network. This includes the hosts, resolv.conf, protocols, and services files that normally exist in /etc/.
Completely rewrote firewall settings data; Now uses FSS
The default firewall rules should produce no open ports when scanned by a standard nmap/zenmap network probe
WPA support has been added and is handled almost automatically. NOTE: automated wireless network scanning and connection has not yet been implemented.

New Firmware and Modules Path

The firmware directory of /lib/firmware has been moved to /firmware
The kernel module directory of /lib/modules has been moved to /modules
The boot system now selects the appropriate modules and firmware by default (for live boots), saving memory
This allows for updating kernel modules and firmware without having to regenerate new lib.squash files

Security Enhancements

In previous versions, some security practices were removed in favor of stabilizing the system, now that the system is stable these enhancements are being put back.
SSP has returned, but the SSP is only compiled in by default for a small set of programs as more testing needs to be done.
Texrels have been removed as much as possible almost every binary on the system is texrel free.
Partial relro is now enabled by default and every binary on the system is at least partial relro enabled.