Those who don’t have the time or appetite to tweak/modify/troubleshoot their computers: What is your setup for a reliable and low-maintenance system?
Context:
I switched to Linux a couple of years ago (Debian 11/12). It took me a little while to learn new software and get things set up how I wanted, which I did and was fine.
I’ve had to replace my laptop though and install a distro (Fedora 41) with a newer kernel to make it work but even so, have had to fix a number of issues. This has also coincided with me having a lot less free time and being less interested in crafting my system and more interested in using it efficiently for tasks and creativity. I believe Debian 13 will have a new enough kernel to support my hardware out of the box and although it will still be a hassle for me to reinstall my OS again, I like the idea of getting it over with, starting again with something thoroughly tested and then not having to really touch anything for a couple of years. I don’t need the latest software at all times.
I know there are others here who have similar priorities, whether due to time constraints, age etc.
Do you have any other recommendations?
I’ve been running Manjaro for the last 4 months and it’s been incredibly reliable and smooth. I haven’t done any serious tweaking beyond installing a realtime audio kernal. I run updates every few days and I haven’t had a single issue so far.
Are you using the liquorix kernel?
I can only see one downvote and four upvotes from here - I think you’re good!
You simply don’t do any maintenance whatsoever.
t. Got a arch linux install that I (rarely) perform “sudo pacman -Syu --noconfirm” and it works like a champ.
Same with fedora. Just run the upgrade once in a while and it work.
I used to lose my keys all the time. I don’t want to spend so much time looking for my keys, nowadays I mostly just leave them in the front door, I rarely lock it and it works like a champ.
Comparing a PC maintenance to leaving the keys outside the front door is too dramatic, to not say the least…
…unless you work at NASA and/or your PC is holding something too valuable/sensitive/high-priority for others to want to hack it “that badly” – which I (highly) doubt it.
No it is
https://www.pandasecurity.com/en/mediacenter/consequences-not-applying-patches/
And:
You’re allowing for more attack vectors that would not be there if the system were to be patched. Depending on the severity of the vulnerability, this can result in something like crashes or something as bad as remote code execution, which means attackers can essentially do whatever they want with the pwned machine, such as dropping malware and such. If you wanna try this in action, just spin up a old EOL Windows machine and throw a bunch of metasploit payloads at it and see what you can get.
While nothing sensitive may be going to or on the machine (which may seem to be the case but rarely is the case), this acts as an initial foothold in your environment and can be used as a jumpbox of sorts for the attacker to enumerate the rest of your network.
And:
Not having vulnerability fixes that are already public. Once a patch/update is released, it inherently exposes to a wider audience that a vulnerability exists (assuming we’re only talking about security updates). That then sets a target on all devices running that software that they are vulnerable until updated.
There’s a reason after windows Patch Tuesday there is Exploit Wednesday.
Yes, a computer with vulnerabilities can allow access to others on the network. That’s what it means to step through a network. If computer A is compromised, computer B doesn’t know that so it will still have the same permissions as pre-compromise. If computer A was allowed admin access to computer B, now there are 2 compromised computers.
Nice cherry picking/moving the goalpost, but that is not how refuting works. A PC at NASA has a much higher “threat level” than my Orange pi zero 3, just chilling on the background. Which means, a potential “security hole” may prove harmful for these pcs… but it’ll definitely not hurt me in the slightest.
And before you parrot with other links and/or excuses… yes, I’m not negating their existence. I’m just saying they are there… but, well… “who cares”? If anything, its much faster to set up my distro back up “just like never happened before” than performing any “maintenance” whatsoever. Again, “Common sense antivirus” reigns supreme here – know what you are doing, and none of these things will matter.
You keep using the word “maintenance”. All I’m worried about is not installing any security patches for months.
The problem that I tried to highlight with my “cherry picking” is:
- Running a machine with open vulnerabilities for which patches exist also “paints a target on your back”: even if your data is worthless, you are essentially offering free cloud compute.
- But mostly, a single compromised machine can be an entrypoint towards your entire home network.
So unless you have separated this Orange Pi into its own VLAN or done some other advanced router magic, the Orange Pi can reach, and thus more easily attack all your other devices on the network.
Unless you treat your entire home network as untrusted and have everything shut off on the computers where you do keep private data, the Orange Pi will still be a security risk to your entire home network, regardless of what can be found on the little machine itself.
Depends on the environment surrounding the door, as well as the environment surrounding the computer.
Some people simply care less about their computer security. The debate stops there. Security operates on a foundation of what you want to secure.
By comparing two environments of someone’s life you know little about, you are commenting from ignorance.
Wait your previous comment was not sarcastic? 😱
same
All you have to do is to install “Common sense antivirus”, pretty much.
If you like debian and just need a newer kernel you could just add backports to your debian install then install the kernel during the install process.
Debian XFCE or Xubuntu LTS.
xfce is stubbornly slow at introducing new features, but it is absolutely rock-solid. Hell I don’t think they’ve changed their icon set in some 20 years.
Debian and *buntu LTS are also likewise slow feature updaters that focus on stability.
The fact that you’re even saying such things as “time constraints” or “to learn new software” suggests an attitude to computing shared by about 0.01% of the population. It cannot be re-stressed enough to the (sadly shrinking) bubble that frequents this community: the vast majority of people in the world have never touched a laptop let alone a desktop computer. Literally everything now happens on mobile, where FOSS is vanishingly insignificant, and soon AI is going to add a whole new layer of dystopia. But that is slightly offtopic.
It’s a good question IMO. Choosing software freedom - to the small extent that you still can - should not just be about the freedom to tinker, it should also just be easy.
The answer is Ubuntu or Mint or Fedora.
My desktop has been running debian for 5 years no problem including 2 major debian version upgrades, and a new(er) GPU.
I had an old laptop that ran the same debian install for 8 years. All upgrades in place, no reinstalls.
boring, and works. Stable + backports should cover the majority of people with new hardware support needs.
Peppermint , based on debian. “Everything you need and nothing you don’t”
Linux Mint Debian Edition (LMDE) is my pick.
I’ve got two study laptops and apart from Tailscale giving me some grief very recently with DNS resolution, I literally haven’t had any problems with either machine. Both have been going for 1.5 years.
I like the LMDE route for the DE already having pretty decent defaults and not requiring much tweaking from the get-go. Xfce (as it ships by default in Debian) absolutely works, but I end up spending an hour theming it and adding panel applets and rearranging everything so that it… ends up looking similar to Cinnamon anyway, because default Xfce looks horrible in my opinion
avoid nixos
The thing with Debian is that yes, it’s the most stable distro family, but stable != “just works”, especially when talking about a PC and not a server (as a PC is more likely to need additional hardware drivers). Furthermore, when the time comes that you DO want to upgrade Debian to a newer version, it’s one of the more painful distros to do so.
I think fedora is a good compromise there. It’s unstable compared to RHEL, but it’s generally well-vetted and won’t cause a serious headache once every few years like Debian.
What makes Debian 12 a painful distro to upgrade?
The problem is when it comes time for a major version upgrade. Debian 12.10.0 to 12.11.0 probably won’t be a big deal. But upgrading from Debian 11 to 12 was a pain. Debian 12 to 13 will probably be a pain as well.
In what way? I haven’t upgraded between major releases on Debian before.
Here’s the official documentation for upgrading from Debian 11 to 12. The TL;DR is that it takes 8 chapters to describe the process.
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-upgrading.html
I don’t understand that comment either. I’ve been using Debian for years on my server, and it just keeps up with the times (well with Debian times, not necessarily current times).
It’s way easier than Kubuntu was for me, for example, which required reinstalling practically every time I wanted to upgrade. A few times the upgrade actually worked, but most of the time I had to reinstall.
Debian as a server is fine and probably the best ! However as a daily drive OS I don’t think it’s the best choice.
I have always seen Debian as server distro and that’s probably what they meant ?
I have debian as my server distro since the beginning of my Linux journey (NEVER failed me !) However I can’t see how Debian as daily drive is a good idea. Sure they try to catch up with testing repo for those who wan’t a more up to date distro, but it’s seems harder to keep up when something breaks along the way.
That’s where Arch and derivatives shine, if something goes wrong it’s fixed in a few days.
I’ve been daily driving it on my desktop and laptop for several months now, seems fine. But I don’t need the bleeding edge either.
But that’s not what the comment was about… The top level comment said Debian was hard to upgrade, and I have not had that experience.
Specifically upgrading major versions. See the official documentation for upgrading Debian 11 to 12. It’s far more involved than minor version upgrades.
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-upgrading.html
This is what I’ve always done. It has worked fine for me every time.
Even then, there’s a warning that the upgrade process can take several hours. Even if it’s largely hands off, that’s not exactly my image of an easy upgrade.
You’re not going to believe this, but I’ve found Arch is it. My desktop install was in December 2018: Sway with Gnome apps. Save for Gnome rolling dice on every major update, it’s been perfectly boring and dependable.
There are two camps of Arch users:
- Use it despite it breaking on every update, because of AUR and other benefits
- What? Arch breaks?
Use timeshift, It saved my ass like 3 times
I’ve been distro hopping for decades. I got exhausted with things constantly breaking. I’ve been using mint for the past six months with zero issues. It’s so refreshing that everything just works.
Every time I stray from Mint I am reminded why I go back to it.
Same here. I got to a point I wanted to use the OS rather than play with and fix it. Went back to Mint and stayed there.
I second Mint. I’ve installed it on my laptop with zero issues, although that thing is pretty old so your mileage may vary on newer hardware. But mint comes with pretty up to date kernels these days so it’s definitely worth a try.
My Arch Linux setup on my desktop and my servers are low-maintenance. I do updates on my servers every month or so (unless some security issue was announced, that will be patched right away) and my desktop a few times a week.
Nearly anything can be low-maintenance with the proper care and consideration.
For your constraints I would use just use Debian, Alma Linux or Linux Mint and stick with the official packages, flathub and default configuration on the system level. Those are low-maintenance out of the box in general.
Ubuntu. Or, get a Mac - which is even more “boring”.
As someone who just had to bandaid an unexplained battery draw on his wife’s MacBook - no, Mac OS no longer “just works”. Apple buries some of the most basic settings inside a command line-only tool called
pmset, and even then those can be arbitrarily overridden by other processes.And even after a fresh reinstall and new battery, it still drains the battery faster in hibernation mode than my Thinkpad T14 G1 running LMDE does while sleeping. Yeah, that was a fun discovery.
That Thinkpad is by far one of my most dependable machines.
If you have battery drain, make sure you’ve disabled the option to regularly wake up and do some background processing (check for emails, sync photos, etc.). Settings → Battery → Options… → Wake for network access. (Or search for “Power Nap” in the System Sertings dialog.)
No need to use
pmsetfor that.So here’s the thing - if you can think of it, I’ve already tried it 😅 I spent a week and a half sifting through countless forum posts on Apple’s own support center, Macrumors, reddit, and a host of other forums.
The “Wake for network access” setting was the first thing I disabled after I wiped and reinstalled the OS. Among a number of other settings, including “Power Nap”. Still got the fucking “EC.DarkPME (Maintenance)” process firing off every ~45 seconds, no matter what I did, causing excessive insomnia and draining the battery within 12 hours.
What I ended up doing was using a little tool called “FluTooth” to automatically disable wifi/Bluetooth on sleep (the built-in OS settings did fuck-all), set
hibernationmodeto 25, and a few other tweaks withpmsetthat currently escape me (edit: disablednetworkoversleep,womp,ttyskeepawake, and a couple others I can’t remember as it’s not here in front of me).I put a solid 7 full charge cycles on the brand new battery before it finally calmed the fuck down.
I feel you. I still use an intel macbook with tweaks i cannot remember plus 3rd party utils like Turbo Boost switcher. That experience alone has kept me from upgrading to newer models.
In retrospect my powerbook g4 (Ti) and os 9 was peak computing.
My Thinkpad T14 running Linux Mint (LMDE) gets better battery life on “Suspend” than that damn MBP does when hibernated. It’s the 2017 A1706, too - out of ALL the variants it had to be that one 😂
Oh no. Maybe some Incense to cleanse the demons? (⊙_⊙)
That thread was a godsend. Turning off
tcpkeepalivewas the other one that I couldn’t remember, but that seemed to help out as well.My wife has had multiple MacBooks over the years (I set up her old 2009-era A1278 with Linux Mint for the kids to do homework), and after I “fixed” it and talked about the longer wake-up process, she told me that’s what she was used to already and the “super fast wake up” was a very new thing for her when she bought it. So no complaints from her, and the battery performs better. Win/win.
