I finally bit the bullet and I’m giving Linux a second try, installed with dual boot a few days ago and making Linux Mint my default from now on.
There are a lot of guides and tips about the before and during the transition but not for after, so I was hoping to find some here.
Some example questions but I would like to hear any other things that come to mind:
I read that with Mint if you have a decent computer you don’t need to do a swap partition? So I skipped that, but I’m not sure if I’d want to modify that swap file to make it bigger, is that just for giving extra ram if my hardware one is full? Because I have 48GB of ram and if I look into my System Monitor it says Swap is not available.
Was looking at this other post, and the article shared (about Linux security) seems so daunting, it’s a lot. How much of it do I have to learn as a casual user that’s not interested in meddling with the system much? Is the default firewall good enough to protect me from my own self to at least some degree? I was fine with just Windows Defender and not being too stupid about what I download and what links I click.
I was also reading about how where you install your programs or save your data matters, like in particular partitions or folders, is that just like hardcore min-maxing that’s unnecessary for the average user that doesn’t care to wait half a second extra or is it actually relevant? I’m just putting stuff in my Home folder.
Connected to the last two points: in that Linux Hardening Guide lemmy post I shared the TL;DR includes “Move as much activity outside the core maximum privilege OS as possible”… how do I do that? is that why people have separate partitions?
Downloaded the App Center (Snap Store) and I was surprised there was even a file saying to not allow it… why is that? Is it not recommended? Is it better to download stuff directly from their websites instead?
One of the forums regulars, Pjotr, made this website exactly for questions like that: https://easylinuxtipsproject.blogspot.com/p/1.html
–> see “B. Right after the installation of Linux Mint”
omg thank you! that’s exactly the kind of stuff I was looking for!
Best practices?
Don’t copy paste commands into the terminal you don’t understand.
RTFM
Use the computer like a computer. Linux is not a lifestyle; it’s a tool you use to shitpost, watch videos, play games, etc.
But I LOVE copy/pasting complex commands
Man files are your best friend
Linux is not a lifestyle
I have to disagree about this point.
@three@piefed.social wow 5 upvotes already but the comment is quite unhelpful tbh
Her third tip is gold. You don’t hear that often. Linux doesn’t have to be your life. It supports it but you don’t have to live around it.
it’s also quite obvious though? Just like the other two. It’s common sense with a condescending tone
also I’m literally saying “casual”. I said I’m a casual user like at least twice in there. Does that strike you like someone that needs to hear that Linux is “not a lifestyle” ? It’s in the title.
Thanks for asking this question, it’s really amazing and helpful for us old Linux people to see the experience of somebody who’s coming over fresh. I think you are asking the right kinds of questions and I wish you the best of luck.
Specifically about Windows Defender, I haven’t seen any tool like that on Linux, but I am curious to see what you find out.
Thank you, I just wish people weren’t so critical about how I word my questions when it’s still clear what the core question is anyway, man it’s like being a casual is not welcome or something x_x
Some people are really welcoming and some others are so… unnecessarily strict? Condescending? Harsh?
I don’t get it either. But welcome!
Downloaded the App Center (Snap Store) and I was surprised there was even a file saying to not allow it… why is that? Is it not recommended?
Use the inbuilt Flatpack '“store”. Install what you jeed from there. occasionally you wont and you’ll need to dable with the comand line. Installingng .Signal springs to mind
Dual booting with W ? W will fuck up GRUB (your dual booting sysyem) eventually. Run a Windows VM inside Mint instead
I swapped 2 years ago (moved to LMDE eventually from Mint though), and luckly i have no idea wtf I am doing.
Did you try dual boot with one drive? Windows will fuck that up.
Don’t worry about swap, you’ll be fine unless you’re usually working with huge chunks of data like big 4k video files or something.
The firewall built into mint is the kernels included nftables the same one built into Debian and Ubuntu (I think, I don’t fw Ubuntu). It’s fine. Don’t touch it. When you need to mess with it you can figure out how to open ports or split routes or whatever really easy because there’s lots of documentation out there.
Putting everything in your home folder is fine. Programs will install automatically to /bin or /usr/bin or something like that and if you want them in your home directory you could make a ~/.bin/ directory and add it to your path and have your private programs there, but:
Stop using flatpaks or snaps unless it’s your only choice! You have a built in package manager with decades of testing and development behind it and a very capable team of maintainers who watch over the packages, use that instead! That’s why they say not to use the snap store, it’s a vector for using Joes Weird Program that no one has tried before and requires Joes Special Version of a normal system library.
Use your package manager.
You’re not at the point where you understand enough to do the stuff in the linux hardening guide without making decisions that unexpectedly cause you pain somehow. That’s not an insult, sometimes you just don’t recognize the “universal” symbols for engine oil as opposed to coolant and ruin your car by the side of the road because you just don’t know. You can learn that stuff later, but it’s best not to mess with it yet. Speaking of:
If you don’t have a backup solution setup and you haven’t recovered using it and aren’t periodically checking to make sure it’s still running right, turn off disk encryption. It’s much harder, sometimes impossible, to recover data off an encrypted disk. If you don’t have a backup and you don’t know how you’d access the files on the disk without booting the computer then turn disk encryption off.
you can always add eg. a swap file later if needed - apparently not as good as a swap partition, but it is more flexible. With 48 GB of ram I hardly think you’re going to have issues, but that depends entirely on what do you do with the system.
Firewall isn’t really helping the system against you, it’s to block ousiders getting in - more or less.
install locations: if you just use what’s in mint’s repositories, you don’t really need to think about it. Out-of-repository stuff like steam games etc generally live in ~/.steam or so. Or in some dedicated path you configure in steam/whatever.
As for snap/flatpaks/whatever, haven’t used a single one. But in general: I’d favor the distribution’s repos, if at all possible for installs. If the app isn’t there, but is in snap… fine, I guess? As long as it’s managed by some kind of package manager for easy install/update/uninstall. But having to manually download and install from a website? Rather not, that’s when the maintenance becomes manual.
And of course, opinions are opionated. Your system, your rules. :P
oh with the firewall saving me from myself I meant if I download something thinking it’s safe but isn’t
Thank you! :) @Malix@sopuli.xyz
oh with the firewall saving me from myself I meant if I download something thinking it’s safe but isn’t
A firewall would not save you from that.
A firewall stops random incoming connections. But if you download and run something bad, that’d be an outgoing connection, since the malicious program is then already on your system.
Windows Defender warns you if a file seems malicious and then you have to accept a window to use it anyway or to keep it, isn’t that also part of what a firewall does? I know it’s silly and one should just do that mentally for every file but it’s nice to have a reminder sometimes for sketchy files. Anyway, I was not asking specifically for that, just asking generally about virus protection and whatnot
Defender is antimalware/antivirus. There at least used to be a separate firewall in windows, but not sure if it’s a part of defender or not.
Either way, “firewall” is traffic control, antimalware/virus is the execution guardian.
potato potato, I just meant some software thing to warn me when I have downloaded something sketchy and I should re-think my choices
You should try to avoid executing files that you downloaded from somewhere online, it’s best if you canget it either from the system package manager( i.e apt ) or get it from flatpak/snap. If you have to get it from a website it depends on what the website is and the usual suspicious features. If you are unsure if something from github or similar is safe you can always google it first to see reviews from other users. Antivirus software like on windows is not that common for linux and most of the time it is enough not to run software you don’t trust as sudo or admin as they don’t have permission to change files without those.
I’m aware of the guidelines to follow to not download viruses, I was just asking if there’s another line of defense like Windows Defender, I see now there isn’t, thank you. The only things I download online are things I can’t find in that store, things made by individuals and individually published… like Material Maker for example.
Well, not really po-tay-toh/po-tah-toh. They’re 2 different utilities that do 2 different things. If you ask the wrong question, you’re not going to get the answer you’re looking for.
What you’re asking about is an antivirus. It’s been awhile since I messed with this on my Linux systems, but last I looked, ClamAV was most commonly recommended. You can probably search for “Linux antivirus” and find some recommendations.
Generally speaking, the earlier recommendations to stick with official repos is excellent. When you venture outside of that, you increase your administrative overhead because those manually installed apps won’t stay patched with a simple “apt upgrade.” That said, a well written cron job could keep them up to date for you.
As for where to install things, it’s personal preference. I prefer using my home directory. If that doesn’t work, my fallback in /usr/local, which is either its own partition or symlinked to the /home partition). I mention the partitions because having separate /home and possibly /usr/local makes it easy for these customizations you install to survive a reinstall. Backups will also help with this.
You have to ask yourself what this system will be used for. If it’s a daily driver that you want to “just work” I would stick to official repos, and minimize customizations. Windows makes a lot of choices for you. Linux expects you to know what you want to do.
Yeah but it seems like some people (not you) take it personal geez… Of course a “casual” will mix firewall with anti-virus, like…? I am literally saying I don’t know shit.
Thank you for actually explaining things in a helpful and chill manner without getting so stuck about one word I use wrong while still being an understandable question.
And I’m telling you a firewall won’t do that.
It won’t have anything to say at all about something you download and run.
It’s a completely different security feature. It handles potentially malicious network activity. Not software on your computer.
and I’m telling you I didn’t mean just firewall… I wasn’t trying to be accurate or right, I was just asking a broad general question with a term that would get other people understand what it is that I want to know, not that I know exactly what a firewall does or does not do…
You understood what the question was about, did you not? That was my whole goal
I know there is lots of guides and things because for clicks people like to write guides. However all the defaults on mint are sensible. You can pretty much install is stock and be done. You can use these guides if you want but they are optional. You can use flatpak, .deb, snap or whatever else you want to install things. I tend to use .debs when available and flatpaks as my backup. As a Linux user I haven’t had to do all that much tweaking in years to be honest.
Most Linux distros are already hardened. You can use “extreme” distros but as long as there’y no need, stick to a “normal” distro first. You can switch whenever you want.
oh nice, that’s good to know, thanks!
Advice from personal experience as a simple user - you don’t need dual boot. One machine = one system. Run win apps with wine. Win upgrades can and will break your bootloader and make you normal Linux partition unbootable. Multiboot is used by professionals for specific tasks.
I tried installing a windows software with wine and it didn’t work. Shrug.
Have also dualbooted for ages with no problem. The one thing I had to do was set windows to the UTC timezone so it would stop fucking up the Linux clock.
This kind of experience is very personal and I guess depends a lot on our hardware - I’m having an opposite of what you’re describing, never had any problems with running and installating software under wine (although I don’t use any windows programs anymore) but had lots of problems with dual booting. I honestly don’t understand anymore why anyone would install windows in general and why does one need two or more OSs installed on a single machine, if I want to tinker with another OS I can run it in a VM or run it from a Live environment from a CD or USB stick. One system is enough to operate a computer and it makes sense to use one that respects our freedom.
Yeah that is the reverse for me. VMs and wine have been nothing but trouble and dual booting just works.
It is annoying to have two OSes but it is literally the lowest-stress option for me lol.
Random question, for games that require kernel level anti cheat or competitive games that just need anti, would wine work or should I use dual boot
Dual boot for sure, with the caveat that you will have to deal with the complexity and problems this may give you.
For me the only perennial problem is the system clock but ymmv
Who says I’m not a professional that needs windows for specific tasks? haha
There are many reasons why one would benefit from dual-boot, regardless of being a professional or not. You’re assuming a lot of things by saying “you don’t need dual boot”.
But I appreciate the warning of win updates being capable of breaking my linux partition, I’ll keep it in mind. I don’t intend to keep the dual-boot forever but for now I’ll keep it.
Now try to install Gentoo!
what for?
Don’t. Not yet at least, since you’ve picked a distro.
Remember when you first started using Windows? All that new learning?
Remember that this is new learning again. Take your time to understand things, and like another poster said, d don’t blindly copy and paste.
Since you’ve picked Mint, utilize their community as there may be “Mint specific” solutions to many problems.
Good hunting!
Yeah, I’m not new to Linux, I just couldn’t put in the work to learn how to actually use it safely and efficiently until now, also because it’s gotten much easier than last time I tried many years ago with more software compatibility. I have no intention of switching distros any time soon and there would need to be a massively good reason for me to even consider it. But I’m just curious why would you recommend a newbie to install Gentoo ?
If you have 48GB you don’t need a swapfile. To min-max you could lower the “swappiness” so it uses swapfiles way less. It’s just bonus memory that lives on the SSD. Swap files and swap partitions behave the same unless you run out of SSD space.
Linux system has better architecture than Windows so your system is safe unless you install a virus (of which there are way fewer).
Where you install programs? Just use the app store or terminal, the location doesn’t matter.
The “hardening” is interesting though, you can go really far into security if you want. If things are installed in user-space it can’t fuck with your computer on a fundamental level so it’s preferred. You don’t have to worry about it though unless your installing some niche programs from someone you know nothing about.
Almost everything you do on desktop linux is already “outside the core os”.
This is mostly relevant for server software configuration, where you should run services with as few system privileges as possible. Preferably you isolate them entirely with a separate user with access to only the bare minimum it needs.
This way, if a service is compromised, it can’t be used to access the core system, because it never had such access in the first place. Only what it needed to do its own thing.
By default, nothing you run (web browser, steam, spotify, whatever) should be “running as admin”.
The only time you’ll do that on desktop linux, is when doing stuff that requires it. Such as installing a new app, or updating the system. Stuff that modifies the core os and hence needs access.
Basically, unless you needed to enter you password to run something, then it’s already “outside” the core os.
ooooh I seee, thank you for explaining that!
Do not press the hidden button.
which hidden button? O:
You can’t see it because it’s hidden.
What I suggest. Dont look at hardening yet. Only do so if you feel like your ready to touch the Internal workings of the OS. I do suggest using full disk encryption if this is a laptop.
Saving your files in your home folder just like how you did on windows is fine. Nothing wrong their.
Personally I would familiar your self with the terminal. It is not scary at all. sudo apt install program is how I would install software on mint (or any Debian based system).
Oh and above all. Use the system and try to do your normal task. See what you run in to and ask help where needed. We are here to help you along the way if needed.
@kylian0087@lemmy.dbzer0.com I’ve got a desktop but I think I ticked on the drive encryption while installing anyway
With “files” you also mean programs, right? The ones that I download and don’t install with the terminal or an app store?
I’m not scared of the terminal myself, I’m scared of accidentally overwriting stuff or downloading something I didn’t intend to because of a typo, etc… I’m careful but there’s only so much one can fight the adhd. Plus I just really prefer visual interfaces
Thank you! :)
Half a dozen people said so already but I’ll repeat :
backup your stuff.
You are like a tightrope walker on a high line without security. Sure the view is amazing, yes you feel free… but a misstep and that’s it.
How? Well depends what your data is but start simple, copy your most important files, e.g. family photos, personal notes, etc (NOT HD movies from the Internet… not anything you can get elsewhere) on a USB stick you go stuffed in a drawer.
Once you DO have your stuff saved though, please, pretty please DO go crazy! Have fun, try weird stuff, bork your installation… and restart from a neat safe place. It’s honestly amazing to learn, so deeply empowering for yourself and those around you. Just make sure your data don’t suffer from it.
