Looks great, thanks. I have also been using 2007.1 for some time now without the feezes that you have mentioned. Is Pardus the only distro that you have this problem? It would be great if you could file a bug report including all the details so that the developers can identify the problem and fix it.
Cheers

You are right. Pardus needs more recognition than it is getting now. I have been using Pardus from its earlier Beta stage and i have been updating it through PISI. I have not had any major problem that could be a show stopper.

Their forums are also very responsive. (though not a large forum).

Great work PARDUS TEAM. Keep up the good work.

I discovered Pardus some months ago, but after that I’ve not changed the distro running on my pc.
beyond the things you said I just want to add that Pardus runs incredibily fast, even faster then the fastest distros xfce based
and it’s very rock solid too
ciao
max

Yes, you’re right, Pardus needs more attention from the community, it’s a fine distro, very complete, fast and funny some times with the various cat cartoons here and there. The only minus i see is that needs a lot more packages in the repos to be just half complete. You can install tarballs but i really hate to lose my time that way.

There is also a contrib repository which contains made-by-user packages including e.g. XFCE 4.4 and developer version of e17, unfortunately without GNOME

You will be able to install packages from Contrib as binary via package-manager soon. Just follow pardus planet[0]

[0] http://planet.pardus.org.tr/

Oh. Contrib repository does not fully contain made-by-user packages. Only developers have access to commit to Contrib.

The one thing this review seems to have left out is the fact Pardus deliberately relieves the user of the obligation to log in before deploying its powerful admin tools;

http://bugs.pardus.org.tr/show_bug.cgi?id=5313
http://www.beranger.org/index.php?fullarticle=2677
http://beranger.org/index.php?fullarticle=2825

If you really want a fast, rock solid, KDE-centric distro, but one which doesn’t wilfully confuse membership of the wheel group with the ability to exercise a wide range of root privileges without password authorization, there’s always PCLinuxOS and Mepis (to name but two).

I tried Pardus, but was really disappointed.

1. I have dual 19″ wide-screen LCD. All distributions without propitiatory drivers duplicate the image at 1280×1024, and none of them ever refused to display the installer; except Pardus. I tried to install Pardus and whoa, on installer screen my monitor says “Input out of sync”. I tried to edit the xorg.conf form another tty with despare, there was no editor available (not even old vi).

2. I tried with another machine with 17″ normal LCD. the installation went through like a breeze and i was exited to to see my wireless card detected. But while searching for wireless network, pardus froze. I did a hard reboot after 45 mins. and whoa pardus refuses to boot. I installed second time and after working for 5 mins on the desktop it again froze. And i gave up.

As per my opinion pardus is not ready for the showtime. (if you have a gui installer you should make sure that is works). It might be a good distro, but i never got a chance to test it.

simplyjat: Not that I want to disappoint you but.. do you have hardware that comes with free open source drivers? Cause if you use proprietary drivers, do not be astonish when things don’t work. Only free drivers that have been developed having access to the specification guarantee that your hardware will be well handled by Linux.

I was very impressed with Pardus 2007. I let it go, because I am more of a Slackware/Debian/FreeBSD BASHing kind of guy. Having said that, I have recommended Pardus more than once, and I think it is one of the most promising projects, especially since it is tied to both a community and a Turkish research institute with a powerful open source profile.
Personally, I had ACPI problems with the previous version of Pardus. The KDE laptop indicator would say that I was constantly plugged and ran full fan all the time.

pardus is great!!

COMAR — the control center

TASMA

This is really a great review of Pardus. Thank you.
Here is the some fixes:

1- The init system is not “Madur” which sounds like “mağdur” (aggrieved) in Turkish

2- The control center’s name is not COMAR, it is TASMA.

3- The packages under contrib repository are not made/maintained by only users but most of them are made/maintained by developers. The reason that the packages under contrib don’t go to the stable repository is not that those packages are unstable or broken, but the main reason is that we don’t want to add packages that have the same or similar usage to the stable repository in order to avoid duplicate packages in usage.

Thank you for the beautiful article again…

Ah, my bad. the init system is called “Mudur” not “Maður”…. really, my bad, sorry for that. And the configuration manager is called TASMA not COMAR (COnfiguration MAnageR).

Does anyone know the security issue as posted by Stepelevich been addressed?

Although Pardus is very nice (I have it installed on one of my test PC, I am afraid it would be too much like Windows if the first created user can do pretty much what root can, as far as installing and removing packages are concern.

If the first user can act like an admin, then user need to be advised to create another account for day-to-day work. This should be made clear during the initial installation.

I am looking forward to a better implementation of security model.

Congrats to the neighbors from the over side of the Aegean Sea…

> If the first user can act like an admin, then user need to be advised to create another account for day-to-day work. This should be made clear during the initial installation.

The problem there is that Pardus is marketed explicitly at newbies who find the business of logging on as root puzzling and a chore. To quote one of Pardus’s lead developers: “a) current Linux security model is complex, b) complexity brings desktop abandoning.” So essentially they’ve no intention of addressing the issue.

To make matters worse, 2007.2 is to feature optional auto-login!

The most detailed justification for Pardus’s security policy can be found here: http://liste.pardus.org.tr/pardus-users/2007-April/000031.html

Remote malicious exploits aside (and that’s one hell of an aside!) there’s the matter of what can happen to your PC when you step out of the room for a few minutes. Pardus’s response? Don’t!

Even if Pardus’s arguments held true, they still have a fairly miserable record on security updates. To take some recent examples:

tcpdump vulnerability
CVE-2007-1218

Ubuntu: 2007-03-06
Pardus: 2007-03-16

- - - -

thunderbird: Multiple vulnerabilities
CVE-2007-0775, CVE-2007-0776, CVE-2007-0777 etc.

Ubuntu: 2007-03-07
Pardus: 2007-03-16

- - - -

gnupg: Signed message forgery
CVE-2007-1263

Ubuntu: 2007-03-08
Pardus: 2007-03-16

- - - -

file: Integer overflow vulnerability
CVE-2007-1536

Ubuntu 2007-03-21
Pardus 2007-04-03

- - - -

firefox: Vulnerability in handling FTP responses
CVE-2007-1562

Ubuntu 2007-03-27
Pardus 2007-04-03

- - - -

inkscape: Multiple format string vulnerabilities
CVE-2007-1463, CVE-2007-1464

Ubuntu 2007-03-21
Pardus 2007-04-03

- - - -

nas: Multiple vulnerabilities
CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546, CVE-2007-1547

Ubuntu 2007-03-28
Pardus 2007-04-03

- - - -

kdelibs: port scanning via ftp protocol
CVE-2007-1564

Ubuntu 2007-03-29
Pardus 2007-04-03

Still, not to worry. In the words of one fanboy, “Pardus developers do the updates in bulks every couple of weeks. They don’t put every update on the net, as soon as it is there, but do some testing of it. And I think it’s better that way”.

> Even if Pardus’s arguments held true, they still have a fairly miserable
> record on security updates. To take some recent examples:

Stepelevich;

This is unfair, believe me. If you were a person who knows anything about how security updates are processed by distros, you’ll just check source repository to see the _exact_ security response time of packages [http://svn.pardus.org.tr/pardus/2007/] but instead you just complain.

And yes every package compiled and sent into -test repository after every svn commit automatically and merged into -stable after all testing/auditing done.

Instantly merges only allowed for if the problem is a security one, and _if and only if_ its severity is high. This is a clear policy.

But if we start to argue this has that, and that has these problems series i have lots and lots of arguments also for orhers. As a result you didn’t have to use Pardus if you didn’t the way it runs, just find a distro which is good for you and keep going it with it. But please don’t complain about things that you have no idea at all.

> This is unfair, believe me.

Hardly. I simply compared the dates on which security updates became available to Pardus users via its graphical package manager with the dates equivalent patches became available to Ubuntu users.

> _if and only if_ its severity is high. This is a clear policy.

Or, to put it another way, the Ubuntu Security Team is more conscientious about patching vulnerabilities (regardless of their perceived level) in a timely fashion!

> just find a distro which is good for you and keep going it with it.

A fast, stable KDE desktop with rolling updates. Security updates generally uploaded to the repositories within 2 days or less. Yep, it has to be PCLinuxOS!

> But please don’t complain about things that you have no idea at all.

I’m quite content to leave this thread to the fanboys (who am I to stand in the way of viral marketing?), but it would be interesting to find out what Bruce Schneier thinks about all this.

I second that opinion above. Pardus is a great operating system for the desktop.

Perhaps not the best for paranoid system administrator types keen to control multiple users of their computer, but for the other 99% I’d be happy to recommend it.

I’ve noticed a pattern of often unjustified criticism of ‘non-american’ operating systems - usually from USA citizens who feel their own efforts must be, by default, superior. Not surprisingly, Pardus seems to have attracted some of this negative attention.

Glasiad o Gymru (from Wales)

Since when has complaining about someone grafting Windows XP security practices onto Linux been “unjustified”?

If there’s a trade-off between rudimentary Linux security culture and ease-of-use, the millions using Ubuntu, Kubuntu, SUSE, Fedora, MEPIS, Mandriva and Zenwalk have yet to spot it, I would suggest.

And for your information, Ubuntu’s headquartered on the Isle of Man, and PCLinuxOS enjoys contributions from several continents.

Your humble North of England correspondent
(who’s been on innumerable Iraq war marches, has several Welsh relatives, but is not currently running as root),

Stepelevich

If someone asks “Which linux distrubition is the best?” i will just say PARDUS. I have tried, fedora, suse, mandrake then mandriva, debian and some others. I have lots of problems with their free versions. If you don’t want to pay, pardus is the best distro of my own.

> I have tried, fedora, suse, mandrake then mandriva, debian and some
> others. I have lots of problems with their free versions. If you
> don’t want to pay, pardus is the best distro of my own.

If the unavailability of proprietary software and codecs is your only problem with these distros, install Automatix2 (in the case of Debian, [K]Ubuntu and Mepis), Fedora Helper, or, in Mandriva’s case, the PLF repositories using EasyURPMI.

Newbies don’t have to put up with Pardus’s nonsensical security philosophy for the sake of (alleged) convenience!

Pardus is a good choice for linux dummies who wants to learn linux basics.
Maybe some experienced users find some security holes i find them as a feature.
If you want to use linux and can not fit on any linux system use pardus then.
after one or two months you will see that: ” hey look im understanding it ”
you can use more secure systems like debian fedora…
im using pardus for 2 weeks and achieved some things. you see? its working for me.

> Pardus is a good choice for linux dummies who wants to learn linux basics.

So’s Mepis and PCLinuxOS.

> Maybe some experienced users find some security holes i find them as a feature.

Heck, it’s all subjective!

> im using pardus for 2 weeks and achieved some things. you see? its working for me.

So Pardus works to the extent that you’re never going to use it again?

Yes Pardus is coming with new innovations which may makes it unsecure. But they are designing comar and user manager. In future we will see new feature which is not exist in other Linux distro. I think Pardus needs more time and also more developer for these innovations. Pardus is very promising. They use pyhton language and it makes their developing faster.

> Yes Pardus is coming with new innovations which may makes it unsecure.

Doesn’t that make you question their motivations and competence, though?

No It doesn’t. I tried suse (I couldnt install), I tried ubuntu (After 3 trial, I hardly installed and I got many bugs and couldn’t connect to internet because of DNS bug, sound card didn’t work, couldn’t watch movies etc..). I tried fedora and same problems. With Pardus, I did everything that I wanted: Connected to Internet, All codecs was already installed, watched DVD/VCD, I listened musics, Played games, Burned CDs. Even Firefox came with all necessary plugins. With other distros it was nightmare, But with Pardus, everthing is ready after simple short single CD installation :).

So security simply isn’t a consideration?

Thanks for your candour.

I didn’t had a problem about securty yet. And I don’t think some hacker will attack me. Thanks for your securty reports. Pardus team must have taken into consideration your comments I think.

> I didn’t had a problem about securty yet.

But how exactly do you know, Erhan?

> Pardus team must have taken into consideration your comments I think.

When I last looked, Pardus’s security architecture was still a farce and the update arrangements for “non-critical” vulnerabilities “leisurely”.

Still, we can but live in hope.

Stepelevich, do you have an e-mail? You know mine, it’s info@ you-know-where.

I’m curious whether you think we should try Pardus 2007.2 (Beta) or not.

(It seems it’s a rolling release anyway.)

Hi Stepelevich,

>But how exactly do you know, Erhan?

I am not using Pardus as a server. I am using ADSL router which there is NAT, no one can connect to my computer or can do DNS attack.

> I am using ADSL router which there is NAT

That hardly abolishes the necessity of providing a sane security architecture and timely security updates at all levels, I’m afraid (unless you seriously believe that Red Hat, SuSE, Debian, Gentoo, Ubuntu and Mandriva are all alarmists).

Pardus developers are on the ATM over ppp ADSLcase. I raised it on their bugzilla together with a suggested solution. They even sent me a modified ppp.pisi that includes the pppoatm plugin. Read the bugzilla “speedtouch” at Pardus to follow the progress. I’ve provided a couple of command line python scripts which could be used to get either live CD or distro connected…

When I first tried 2007.1, I was amazed that I could get my wifi to work right out of the box. Sure there were some hitches, at first, but Pardus has always been a stable, secure platform for me, even through beta testing 2007.2. I run into trouble trying to install drivers for peripherals and haven’t had much luck. All and all, I recommend Pardus for many people.