CoolRune - Pre-configured and Hardened Artix Linux

Topic: CoolRune - Pre-configured and Hardened Artix Linux (Read 4181 times) previous topic - next topic

0 Members and 1 Guest are viewing this topic.

CoolRune - Pre-configured and Hardened Artix Linux

10 December 2024, 20:14:43

https://github.com/Michael-Sebero/CoolRune

CoolRune Includes:

A Modified Kernel & Performance Tools
- CachyOS Kernel
- Earlyoom
- GameMode

Security Software
- AppArmor
- Chkrootkit
- ClamAV
- DNSCrypt
- Fail2Ban
- Linux Hardening Script
- Lynis
- USBGuard
- UFW

Tools & Utilities
- Arch Package Dictionary
- Archivist Tools
- Audio Frequency Tools
- Document Tools
- Fix Arch Linux
- Media Tools

Additional Features
- A comprehensive manual.
- MAC address randomization.
- Configured sysctl and limits for security enhancements, system performance, and network efficiency.
- Low latency PipeWire audio processing.
- ALHP, Chaotic-AUR and Flatpak repositories.
- Steam Proton GE prefix.
- ZFS compatibility.
- Optional pre-configured PipeWire audio profiles.
- Custom Windows-like XFCE theme.
- Booster (mkinitcpio replacement).
- Battery life optimizations for laptops via TLP.
- Mimalloc (high-performance memory allocator)
- Uses ZRAM and tmpfs to speed up temporary directories by compressing RAM and reducing disk I/O.

Performance & Security Expectations
- 10-25% FPS boost in gaming.
- 15-40% faster system responsiveness.
- 20-50% improved network efficiency.
- A Lynis system hardening rating of 80.

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #1 – 11 December 2024, 15:22:21

Another nonsense that ruins the idea of Artix Linux.
For example, in the default Debian installation a Lynis system hardness rating is 86.

Quote

ALHP, CachyOS, Chaotic-AUR and Flatpack repository integration.

I beg you, God, to protect users from such a super secure system.

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #2 – 02 March 2025, 18:08:15

> provides no explanation of why he doesn't like my configuration besides "he doesn't like it"

Alright cool, I'm just sharing my configuration I use with others. Base Artix isn't hardened and I've put a lot of work into making a secure but usable system. I've achieved all my goals of making a configuration which is both performant and secure.

Also the base Lynis system hardness rating of Debian isn't 86 it's much lower.

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #3 – 02 March 2025, 19:03:09

> Another nonsense that ruins the idea of Artix Linux.
> For example, in the default Debian installation a Lynis system hardness rating is 86.

Lol.

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #4 – 23 April 2025, 14:05:46

Does it use systemd?
Does the firewall block Xorg server in the default configuration?
Does it block remote connections to/from sddm/gdm/lgihtdm?
Does it block Avahi-daemon?
Is Auditd capable of being enabled before ever connecting to the internet?

Edit:
Do you include most of these recommended structures?
https://www.rootusers.com/23-hardening-tips-to-secure-your-linux-server/

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #5 – 24 April 2025, 20:44:01

CoolRune is a hardened preset for Artix s6. Whatever Artix does by default this does too. You can see what's hardened by looking at the hardening script + sysctl.conf.

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #6 – 25 April 2025, 00:41:34

dinit was right there

does it use rEFInd?

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #7 – 25 April 2025, 23:41:54

I've thought about replacing grub with rEFInd but it's lacking some features I'm looking for. Recently I've been looking into Limine but I haven't had any success with it yet.

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #8 – 20 June 2025, 19:10:56

The script breaks Xorg on legacy NVIDIA GPUs, also i think it still uses rootful Xorg (LightDM doesn't support rootless Xorg, only TUI display managers, SDDM and GDM support login into a rootless X session).

The fact that blocks access to all TTYs is also pretty bad, making troubleshooting unnecessarily difficult.

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #9 – 16 July 2025, 22:36:19

This configuration isn't meant for a legacy system. I specified that this is meant for systems which were released post 2015. As for the core dumps they're disabled for security and performance reasons, also dmesg is still available for troubleshooting.

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #10 – 13 August 2025, 15:52:35

After running the shell executable I came back to find a grub menu with only memtest as an option. Having another go while watching this time!

it would be good to have the option to delete posts. This probably isn't very interesting.

Re: CoolRune - Pre-configured and Hardened Artix Linux

Reply #11 – 13 August 2025, 18:07:57

I'm guessing you're using the NVIDIA variant in a VM? If so I'm not sure what's causing that issue yet. If you picked the open source NVIDIA driver make sure your card is at minimum a GTX 1660 (the open source driver doesn't support older hardware). My main system uses NVIDIA hardware and I did a clean install yesterday without any issues.