Iv been experimenting heavily with Linux for the last 5 months or so. I have tried many desktop environments much to many disappointments and excitements. Its been quite ride. Overall as a relatively new user my impressions are mixed across the board. In the end XFCE was my desktop of choice and Mint being the most fluent and stable during my experiences. However im a big fan of Ubuntu mate as well. Since using mint I have applied a few tweaks that I will share, please share your own so that someone else may find them useful. Tip 1. -Install Grub Customiser to edit the size of font shown during boot. I found that the text was very small for some reason. You can also hide other attributes that you do not want to show during boot. I have hidden everything except for Mint and Windows 10. Tip 2. - Use a software called Disks to hide all the NTFS volumes and stop them from auto mounting. This will hide all the other partitions that you do not want to see in your file explorer or side pane. Simply click the disk you want to hide, click more actions, edit mount options and turn off automatic mount options. Tip 3. -You can speed up the interface if find it a bit slow for some reason. Simply copy and paste the following to /home/username/gtkrc-xfce to improve the menu delay times. This only works for XFCE as far as I know. Code: gtk-menu-popup-delay = 0 gtk-menu-popdown-delay = 0 gtk-menu-bar-popup-delay = 0 gtk-enable-animations = 0 gtk-timeout-expand = 0 Tip 4. -Disable smbd if you have no use for it. Go to /etc/init Open as root to access and create a new file Label the file "smbd.override" Open newly created file add one line of text "manual" close, Reboot. No ports to smbd should be open. Tip 5. -Disable Avahi/cups if you have no use for Linux Windows interconnected shared printers etc Go to /etc/avahi/avahi-daemon.config Open as Root user to edit the config Where is says where it says; use -ipv4 yes change to no use -ipv6 yes change to no reboot. Should be disabled from accessing ports Tip 6. -Create an easy access drop down terminal without using Guake Simply use application finder to edit the launcher on Xfce-terminal. add the " --drop-down " switch to the end. So the whole launch code is " xfce4-terminal --drop-down ". Then create a shortcut key of your choice. Tip 7. - Linux Swappiness to minimise swap writes if you have a large amount of RAM available. The "swap tendency" is way to high in Linux Mint imo. Open a terminal as root and type: cat /proc/sys/vm/swappiness It is probably set as '60', much more suitable servers by what I read, Type in terminal: gksudo gedit /etc/sysctl.conf (in mate you use pluma instead of gedit) add at the bottom of that text file, the following lines (copy and paste): # # Reduce the swap tendency vm.swappiness = 10 save the file and restart the computer. The rule is: 1GB RAM or more: set the swappiness to 10 Less then 1GB: set the swappiness to 1 End Applying all these themes and tweaks, system resources are very low. Shy of 350 MB. It is impressive that memory/cpu/disk usage can be so low, comparative to other distros. Its a pleasure to use. In fact I have not booted into my Windows OS for months. Although I bet I will 1GB of patches waiting for me when I do. So please share your tweaks as im sure there is many when it comes to Linux. Be it interface, security or usability tweaks and tools, im sure it will be interesting to see a great summary here. regards.
Cleaning up xev's output from https://wiki.archlinux.org/index.php/Extra_Keyboard_Keys#In_Xorg Code: xev | awk -F'[ )]+' '/^KeyPress/ { a[NR+2] } NR in a { printf "%-3s %s\n", $5, $8 }'
I do no tweak at all Actually, the only thing I change is SDDM's default login theme, but that's basically it. Linux already has the performance I look for. Security-wide, though, I install an anti-rootkit tool called "rkhunter", right after installing the system (it wouldn't make much sense to do long after system installation). Then I do an OS fingerprint and use it to compare it on the future; this basically creates hashes of all important system files and see if there's any change on them. The command for this is "rkhunter --propupd" (proper update). Then I install linux-grsec, paxd, checksec, pax-utils, and paxtest. This is, obviously, for Kernel protection. Oh, and before anything else, I change the crypto cipher from AES to Twofish and make iterations for 2,5 seconds, thus reducing the brute-force capabilities from 1 billion passwords/second to 24 passwords/minute. And let's not forget my Firewall which is located at my signature. Then I use Firejail for most programs, reducing the attack surface even more.
Swappiness value "should" be accompanied with a decrease value of vm.vfs_cache_pressure https://rudd-o.com/linux-and-free-s...land-why-linux-feels-slow-and-how-to-fix-that https://www.digitalocean.com/community/tutorials/how-to-add-swap-on-ubuntu-14-04 http://www.codero.com/knowledge-bas...ving-performance-on-low_memory-linux-vms.html Changing I/O Scheduler to "cfq" or even better to "bfq" is another good speed tip http://algo.ing.unimo.it/people/paolo/disk_sched/results.php http://algo.ing.unimo.it/people/paolo/disk_sched/extra_results.php and of course defrag your linux system, why? because you can. https://www.howtoforge.com/tutorial/linux-filesystem-defrag/
Thank you for these links, I learned something new. Ill be sure to apply to these. These should be a great way to further minimise unnecessary SSD writes. Great idea creating essentially a snapshot. Sounds like a very secure configuration you have there. Im sure many others have stated, its questionable to apply such a heavy security configuration layer on a desktop home user level. Similarly for myself using apparmor and firejail together but not overlapped for the one application however, but if you can use all those/these without any performance/stability or usability issues then why not.. I hope to be able to get to the stage with Linux as to understand what that is supposed to mean lol Regards to all.
No performance loss at all. rkhunter only runs when you want. The grsec kernel doesn't have any noticeable impact on performance, neither firejail
Using Arch xfce, there's almost nothing I've done to tweak, other than under Settings Manager->Windows Manager Tweaks->Composting = disabled. Arch is already so lightweight upon installation, it needs next to nothing to improve its performance. I think I may have also disabled one or two startup items as well.
As I posted in another thread, I've removed from Ubuntu Geoclue, Zeitgeist and some other intrusive and unnecessary Unity components along with their installation files. I've added the Bumblebee graphics driver which is the Linux equivalent of the Nvidia Optimus hybrid graphics driver for Windows. I wouldn't call that a tweak as much as a rite of initiation into the depths of Linux. It took three tries before I was successful and getting it to work involved adding and updating repositories, updating the system and purging it of all traces of old Nvidia drivers, manually editing a couple of configuration files and then finally adding the GUI components so it was accessible from the desktop. Mint hasn't required much tweaking but I have installed additional security components like GUFW and Firejail. I set up one Mint VM with multiple DEs so it can switch between Cinnamon, Mate, Xcfe and KDE.
xev is a command that, among other things, helps identify keypresses: for example, the (left) Windows key shows up as Super_L. What the code I posted does, is to remove a lot of extraneous output making it easy to identify the key code.
I did the same with Ubuntu, installed 4 DE's in addition to the default Unity, just for variety mostly. Is Firejail in the Mint repositories? Or do you need to use a PPA?