Fedora23 – First Impressions

When you read my blog posts, you know that I switched not that long ago from Manjaro, an Arch-based distribution to Arch. And now I switched again – this time to [Fedora]. Even so I was really satisified with Arch. It worked, it was fast and the Arch User Repositories are awesome. I rarely had to google how to install a software. I just had to use a wrapper to search them. And when I googled the first hit was often the Arch Wiki. Right now the Arch Wiki is probably the best documentation for Linux-related software.

But, yes there is a but, recently I started to look more into securing my system. Following more and more ITSec-people on Twitter, I got a bit paranoid and want to have a securer system. At work most of my servers run CentOS and usually I deactivated SELinux because it always meant annoyances. To be honest I didn’t know a thing about it and so when it made a problem I just deactivated it. I wanted to play with some new software, not learn how to troubleshoot some security system I do not need for my internal systems. Now I started to look into SELinux and the tools for redhat-based systems are really good and SELinux isn’t that hard and my systems get more secure1.

So I wanted to have more security for my system. I tried Grsecurity but I couldn’t get Chrome to run and hibernation wouldn’t work either. Then I tried to install SELinux but I failed. And when I asked on the forums and on the mailing list, I got not very satisfying answers and felt like I got hit by the infamous pseudo-elitism of the Arch-community. Henceforth I thought I try a redhat-system. CentOS is a bit too stable for me and I want regularly new packages. So I decided to go Fedora.

It has a nice installer which worked out of the box. I could use my full encrypted disk and keep my home-directory. After installation I got booted into Gnome which is ok. I like Gnome but I prefer tiling window managers nowadays. When I opened a terminal and typed vim, I got my first surprise. vim wasn’t available but I got offered that it is available in this and that package and if I want to install it. I did and it got installed. Neat. DNF, the package manager of Fedora, is quite nice. I really like that when I remove software dependencies from that software get usually removed as well. What I don’t like is the available software in the repositories. You need extra repos for non-free software (like codecs with patents), I need to google for a way to install software and sometimes it takes quite some time etc. I really miss the AUR. And I didn’t know that a lot of sotware is available for debian-based distros, but not so much for rpm-based distros. Another problem I didn’t expect was that I had now older software than before with Arch and that this could become a problem. I do encrypted backups with Backintime. For the encryption it uses encFS. Well, Arch has encFS 1.7.5, Fedora 23 1.7.4 and that meant that I couldn’t open my backup. I googled but I couldn’t find a way to install it. Maybe if I compiled it from source. I tried Linux Brew but that stopped when there was a dependency that needed XCode. What the…‽

Then I learned to know about Fedora Rawhide which seems to be some kind of beta-channel for Fedora and is closer to a rolling distribution. But when I wanted to switch to it, I would have lost Handbrake and the repo I am using offers only packages for Fedora 23. Probably it is for the better.

Another problem I had was with Japanese input. It was a lot of hassle and I thought it is the beginning of the 2000s. According to the internet it should have been easier, but it wasn’t for me. さて、 今日本語を入力できます2

Other small things are that I switched my login-shell to zsh but all the terminal emulators didn’t respect that and that some packages or the software they provide have strange names. For example the package that provides gvim (graphical vim) is called vim-X11. Or I installed “rxvt-unicode-256color-ml” because I wanted a urxvt with 256color-support. It isn’t started with urxvt like I am accustomed to but with urxvt256c-ml. And I wondered what went wrong when my mutt complained about missing colors. I understand the reason because then you can have standard urxvt also installed, still it is a bit weird imho.

So far, it doesn’t sound well. But, and here is a but again, there is some stuff I really enjoy. Using SELinux is a breeze. There are great tools that show you that something went wrong and how to fix it. IPtables is installed and pre-configured. There is a graphical tool to configure it further and it makes it really easy, even if you have no knowledge about IPtables. I like DNF as a package manager so far. Easy to use, good search, I like that it also removes unneeded dependencies by default etc. Fedora also uses Gnome-software which is like an App Store for Linux-software. It looks really nice and is easy to use. I will not really need it, since I like the command line but for browsing and finding new software it is nice.

I will need more time to get to a final conclusion. Thanks to the AUR Arch feels a bit more easier to use for me. But I like that I have now a more secure system. And I can experiment with stuff on my home machine I can later use at my job. Arch is nice for a desktop but I’d never install it on a server. There it will always be CentOS or Debian I guess…or some BSD. Thus for the time being I will stay with Fedora and I wonder how the upgrade to 24 will work out.

Some more experiences one week later.


  1. I really recommend to watch the talk Security-enhanced Linux for mere mortals. And I actually need it also for my internal systems. If there is a breach, this could make life harder for the intruder.

  2. Well, now I can type in Japanese.

Kommentar verfassen